[openssl] master update
tomas at openssl.org
tomas at openssl.org
Fri May 21 07:43:19 UTC 2021
The branch master has been updated
via 9ad400f788fd4f1e36f0814c1952e2c4cbc3b970 (commit)
from cc9f9b98997ce3aca276dc6dbbe6d98efab4e65d (commit)
- Log -----------------------------------------------------------------
commit 9ad400f788fd4f1e36f0814c1952e2c4cbc3b970
Author: Tomas Mraz <tomas at openssl.org>
Date: Wed May 19 09:50:17 2021 +0200
FIPS label CI: Save PR number and use it
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15345)
-----------------------------------------------------------------------
Summary of changes:
.github/workflows/fips-checksums.yml | 20 +++++++-----------
.github/workflows/fips-label.yml | 40 +++++++++++++++++++++++++++---------
2 files changed, 37 insertions(+), 23 deletions(-)
diff --git a/.github/workflows/fips-checksums.yml b/.github/workflows/fips-checksums.yml
index 973778b62f..17d8b4073d 100644
--- a/.github/workflows/fips-checksums.yml
+++ b/.github/workflows/fips-checksums.yml
@@ -16,8 +16,7 @@ jobs:
run: |
mkdir ./build-pristine
mkdir ./build
- mkdir ./empty
- touch ./empty/placeholder
+ mkdir ./artifact
- name: config pristine
run: ../config enable-fips && perl configdata.pm --dump
working-directory: ./build-pristine
@@ -44,17 +43,12 @@ jobs:
run: touch providers/fips.checksum.new && make update-fips-checksums
working-directory: ./build-pristine
- name: make diff-fips-checksums
- run: make diff-fips-checksums && echo "fips_unchanged=1" >> $GITHUB_ENV || echo "fips_changed=1" >> $GITHUB_ENV
+ run: make diff-fips-checksums && touch ../artifact/fips_unchanged || ( touch ../artifact/fips_changed ; echo FIPS CHANGED )
working-directory: ./build
- - name: save artifact fips_changed
- if: ${{ env.fips_changed }}
+ - name: save PR number
+ run: echo ${{ github.event.number }} > ./artifact/pr_num
+ - name: save artifact
uses: actions/upload-artifact at v2
with:
- name: fips_changed
- path: empty/
- - name: save artifact fips_unchanged
- if: ${{ env.fips_unchanged }}
- uses: actions/upload-artifact at v2
- with:
- name: fips_unchanged
- path: empty/
+ name: fips_checksum
+ path: artifact/
diff --git a/.github/workflows/fips-label.yml b/.github/workflows/fips-label.yml
index a46f213f1c..eb87f200f5 100644
--- a/.github/workflows/fips-label.yml
+++ b/.github/workflows/fips-label.yml
@@ -10,27 +10,47 @@ jobs:
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.event == 'pull_request' }}
steps:
- - name: 'Check artifact and apply'
+ - name: 'Download artifact'
if: ${{ github.event.workflow_run.conclusion == 'success' }}
uses: actions/github-script at v4
with:
- github-token: ${{secrets.GITHUB_TOKEN}}
script: |
var artifacts = await github.actions.listWorkflowRunArtifacts({
- owner: context.repo.owner,
- repo: context.repo.repo,
- run_id: ${{ github.event.workflow_run.id }}
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ run_id: ${{github.event.workflow_run.id }},
+ });
+ var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
+ return artifact.name == "fips_checksum"
+ })[0];
+ var download = await github.actions.downloadArtifact({
+ owner: context.repo.owner,
+ repo: context.repo.repo,
+ artifact_id: matchArtifact.id,
+ archive_format: 'zip',
});
- if ( artifacts.data.artifacts[0].name == 'fips_changed' ) {
+ var fs = require('fs');
+ fs.writeFileSync('${{github.workspace}}/artifact.zip', Buffer.from(download.data));
+ - run: unzip artifact.zip
+ if: ${{ github.event.workflow_run.conclusion == 'success' }}
+ - name: 'Check artifact and apply'
+ if: ${{ github.event.workflow_run.conclusion == 'success' }}
+ uses: actions/github-script at v4
+ with:
+ github-token: ${{secrets.GITHUB_TOKEN}}
+ script: |
+ var fs = require('fs');
+ var pr_num = Number(fs.readFileSync('./pr_num'));
+ if ( fs.existsSync('./fips_changed') ) {
github.issues.addLabels({
- issue_number: ${{ github.event.workflow_run.pull_requests[0].number }},
+ issue_number: pr_num,
owner: context.repo.owner,
repo: context.repo.repo,
labels: ['severity: fips change']
});
- } else if ( artifacts.data.artifacts[0].name == 'fips_unchanged' ) {
+ } else if ( fs.existsSync('./fips_unchanged') ) {
var labels = await github.issues.listLabelsOnIssue({
- issue_number: ${{ github.event.workflow_run.pull_requests[0].number }},
+ issue_number: pr_num,
owner: context.repo.owner,
repo: context.repo.repo
});
@@ -38,7 +58,7 @@ jobs:
for ( var label in labels.data ) {
if (labels.data[label].name == 'severity: fips change') {
github.issues.removeLabel({
- issue_number: ${{ github.event.workflow_run.pull_requests[0].number }},
+ issue_number: pr_num,
owner: context.repo.owner,
repo: context.repo.repo,
name: 'severity: fips change'
More information about the openssl-commits
mailing list