pohui_pohui/firmware
1
0
Fork 0
mirror of https://github.com/meshtastic/firmware.git synced 2025-06-14 17:12:08 +00:00
Code Issues Actions 5 Packages Projects Releases Wiki Activity

Update CI runner versions from Node 16 to 20. (#3872)

Browse Source
This commit is contained in:
Thomas Göttgens 2024-05-13 10:47:40 +02:00 committed by GitHub
parent 859fd7c251
commit 4d8c98c23d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
15 changed files with 72 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/actions/setup-base/action.yml vendored
View File

@ -5,7 +5,7 @@ runs:
using: "composite" using: "composite"
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v4
with: with:
submodules: "recursive" submodules: "recursive"
ref: ${{github.event.pull_request.head.ref}} ref: ${{github.event.pull_request.head.ref}}
@ -30,12 +30,12 @@ runs:
sudo apt-get install -y libyaml-cpp-dev sudo apt-get install -y libyaml-cpp-dev
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v4 uses: actions/setup-python@v5
with: with:
python-version: 3.x python-version: 3.x
- name: Cache python libs - name: Cache python libs
uses: actions/cache@v3 uses: actions/cache@v4
id: cache-pip # needed in if test id: cache-pip # needed in if test
with: with:
path: ~/.cache/pip path: ~/.cache/pip

9
.github/workflows/build_esp32.yml vendored
View File

@ -11,13 +11,13 @@ jobs:
build-esp32: build-esp32:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: Build base - name: Build base
id: base id: base
uses: ./.github/actions/setup-base uses: ./.github/actions/setup-base
- name: Pull web ui - name: Pull web ui
uses: dsaltares/fetch-gh-release-asset@a40c8b4a0471f9ab81bdf73a010f74cc51476ad4 uses: dsaltares/fetch-gh-release-asset@master
with: with:
repo: meshtastic/web repo: meshtastic/web
file: build.tar file: build.tar
@ -41,7 +41,7 @@ jobs:
run: bin/build-esp32.sh ${{ inputs.board }} run: bin/build-esp32.sh ${{ inputs.board }}
- name: Pull OTA Firmware - name: Pull OTA Firmware
uses: dsaltares/fetch-gh-release-asset@a40c8b4a0471f9ab81bdf73a010f74cc51476ad4 uses: dsaltares/fetch-gh-release-asset@master
with: with:
repo: meshtastic/firmware-ota repo: meshtastic/firmware-ota
file: firmware.bin file: firmware.bin
@ -54,9 +54,10 @@ jobs:
id: version id: version
- name: Store binaries as an artifact - name: Store binaries as an artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip
overwrite: true
path: | path: |
release/*.bin release/*.bin
release/*.elf release/*.elf

9
.github/workflows/build_esp32_c3.yml vendored
View File

@ -13,13 +13,13 @@ jobs:
build-esp32-c3: build-esp32-c3:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: Build base - name: Build base
id: base id: base
uses: ./.github/actions/setup-base uses: ./.github/actions/setup-base
- name: Pull web ui - name: Pull web ui
uses: dsaltares/fetch-gh-release-asset@a40c8b4a0471f9ab81bdf73a010f74cc51476ad4 uses: dsaltares/fetch-gh-release-asset@master
with: with:
repo: meshtastic/web repo: meshtastic/web
file: build.tar file: build.tar
@ -41,7 +41,7 @@ jobs:
run: bin/build-esp32.sh ${{ inputs.board }} run: bin/build-esp32.sh ${{ inputs.board }}
- name: Pull OTA Firmware - name: Pull OTA Firmware
uses: dsaltares/fetch-gh-release-asset@a40c8b4a0471f9ab81bdf73a010f74cc51476ad4 uses: dsaltares/fetch-gh-release-asset@master
with: with:
repo: meshtastic/firmware-ota repo: meshtastic/firmware-ota
file: firmware-c3.bin file: firmware-c3.bin
@ -54,9 +54,10 @@ jobs:
id: version id: version
- name: Store binaries as an artifact - name: Store binaries as an artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip
overwrite: true
path: | path: |
release/*.bin release/*.bin
release/*.elf release/*.elf

9
.github/workflows/build_esp32_s3.yml vendored
View File

@ -11,13 +11,13 @@ jobs:
build-esp32-s3: build-esp32-s3:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: Build base - name: Build base
id: base id: base
uses: ./.github/actions/setup-base uses: ./.github/actions/setup-base
- name: Pull web ui - name: Pull web ui
uses: dsaltares/fetch-gh-release-asset@a40c8b4a0471f9ab81bdf73a010f74cc51476ad4 uses: dsaltares/fetch-gh-release-asset@master
with: with:
repo: meshtastic/web repo: meshtastic/web
file: build.tar file: build.tar
@ -39,7 +39,7 @@ jobs:
run: bin/build-esp32.sh ${{ inputs.board }} run: bin/build-esp32.sh ${{ inputs.board }}
- name: Pull OTA Firmware - name: Pull OTA Firmware
uses: dsaltares/fetch-gh-release-asset@a40c8b4a0471f9ab81bdf73a010f74cc51476ad4 uses: dsaltares/fetch-gh-release-asset@master
with: with:
repo: meshtastic/firmware-ota repo: meshtastic/firmware-ota
file: firmware-s3.bin file: firmware-s3.bin
@ -52,9 +52,10 @@ jobs:
id: version id: version
- name: Store binaries as an artifact - name: Store binaries as an artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip
overwrite: true
path: | path: |
release/*.bin release/*.bin
release/*.elf release/*.elf

5
.github/workflows/build_nrf52.yml vendored
View File

@ -11,7 +11,7 @@ jobs:
build-nrf52: build-nrf52:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: Build base - name: Build base
id: base id: base
uses: ./.github/actions/setup-base uses: ./.github/actions/setup-base
@ -24,9 +24,10 @@ jobs:
id: version id: version
- name: Store binaries as an artifact - name: Store binaries as an artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip
overwrite: true
path: | path: |
release/*.uf2 release/*.uf2
release/*.elf release/*.elf

5
.github/workflows/build_raspbian.yml vendored
View File

@ -11,7 +11,7 @@ jobs:
runs-on: [self-hosted, linux, ARM64] runs-on: [self-hosted, linux, ARM64]
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v4
with: with:
submodules: recursive submodules: recursive
ref: ${{github.event.pull_request.head.ref}} ref: ${{github.event.pull_request.head.ref}}
@ -37,9 +37,10 @@ jobs:
id: version id: version
- name: Store binaries as an artifact - name: Store binaries as an artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: firmware-raspbian-${{ steps.version.outputs.version }}.zip name: firmware-raspbian-${{ steps.version.outputs.version }}.zip
overwrite: true
path: | path: |
release/meshtasticd_linux_aarch64 release/meshtasticd_linux_aarch64
bin/config-dist.yaml bin/config-dist.yaml

5
.github/workflows/build_rpi2040.yml vendored
View File

@ -11,7 +11,7 @@ jobs:
build-rpi2040: build-rpi2040:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: Build base - name: Build base
id: base id: base
uses: ./.github/actions/setup-base uses: ./.github/actions/setup-base
@ -24,9 +24,10 @@ jobs:
id: version id: version
- name: Store binaries as an artifact - name: Store binaries as an artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip name: firmware-${{ inputs.board }}-${{ steps.version.outputs.version }}.zip
overwrite: true
path: | path: |
release/*.uf2 release/*.uf2
release/*.elf release/*.elf

49
.github/workflows/main_matrix.yml vendored
View File

@ -28,7 +28,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- id: checkout - id: checkout
uses: actions/checkout@v3 uses: actions/checkout@v4
name: Checkout base name: Checkout base
- id: jsonStep - id: jsonStep
run: | run: |
@ -51,14 +51,14 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: Build base - name: Build base
id: base id: base
uses: ./.github/actions/setup-base uses: ./.github/actions/setup-base
- name: Trunk Check - name: Trunk Check
if: ${{ github.event_name != 'workflow_dispatch' }} if: ${{ github.event_name != 'workflow_dispatch' }}
uses: trunk-io/trunk-action@782e83f803ca6e369f035d64c6ba2768174ba61b uses: trunk-io/trunk-action@v1
- name: Check ${{ matrix.board }} - name: Check ${{ matrix.board }}
run: bin/check-all.sh ${{ matrix.board }} run: bin/check-all.sh ${{ matrix.board }}
@ -120,7 +120,7 @@ jobs:
build-native: build-native:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- name: Build base - name: Build base
id: base id: base
uses: ./.github/actions/setup-base uses: ./.github/actions/setup-base
@ -143,16 +143,17 @@ jobs:
id: version id: version
- name: Store binaries as an artifact - name: Store binaries as an artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: firmware-native-${{ steps.version.outputs.version }}.zip name: firmware-native-${{ steps.version.outputs.version }}.zip
overwrite: true
path: | path: |
release/device-*.sh release/device-*.sh
release/device-*.bat release/device-*.bat
- name: Docker login - name: Docker login
if: ${{ github.event_name != 'pull_request_target' && github.event_name != 'pull_request' }} if: ${{ github.event_name != 'pull_request_target' && github.event_name != 'pull_request' }}
uses: docker/login-action@v2 uses: docker/login-action@v3
with: with:
username: meshtastic username: meshtastic
password: ${{ secrets.DOCKER_TOKEN }} password: ${{ secrets.DOCKER_TOKEN }}
@ -184,7 +185,7 @@ jobs:
needs: [check] needs: [check]
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v4
with: with:
ref: ${{github.event.pull_request.head.ref}} ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}} repository: ${{github.event.pull_request.head.repo.full_name}}
@ -207,14 +208,15 @@ jobs:
] ]
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v4
with: with:
ref: ${{github.event.pull_request.head.ref}} ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}} repository: ${{github.event.pull_request.head.repo.full_name}}
- uses: actions/download-artifact@v3 - uses: actions/download-artifact@v4
with: with:
path: ./ path: ./
merge-multiple: true
- name: Display structure of downloaded files - name: Display structure of downloaded files
run: ls -R run: ls -R
@ -223,16 +225,14 @@ jobs:
run: echo "version=$(./bin/buildinfo.py long)" >> $GITHUB_OUTPUT run: echo "version=$(./bin/buildinfo.py long)" >> $GITHUB_OUTPUT
id: version id: version
- name: Move files up
run: mv -b -t ./ ./*tbeam-2*/littlefs*.bin ./*tbeam-2*/bleota.bin ./*tbeam-s3*/bleota-s3.bin ./*esp32c3*/bleota-c3.bin ./**/firmware*.bin ./*t-echo*/Meshtastic_nRF52_factory_erase_v2.uf2 ./**/firmware-*.uf2 ./**/firmware-*-ota.zip ./**/*.elf ./*native*/*device-*.sh ./*native*/*device-*.bat ./firmware-raspbian-*/release/meshtasticd_linux_aarch64 ./firmware-raspbian-*/bin/config-dist.yaml
- name: Repackage in single firmware zip - name: Repackage in single firmware zip
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: firmware-${{ steps.version.outputs.version }} name: firmware-${{ steps.version.outputs.version }}
overwrite: true
path: | path: |
./*.bin ./firmware-*.bin
./*.uf2 ./firmware-*.uf2
./firmware-*-ota.zip ./firmware-*-ota.zip
./device-*.sh ./device-*.sh
./device-*.bat ./device-*.bat
@ -240,9 +240,10 @@ jobs:
./config-dist.yaml ./config-dist.yaml
retention-days: 90 retention-days: 90
- uses: actions/download-artifact@v3 - uses: actions/download-artifact@v4
with: with:
name: firmware-${{ steps.version.outputs.version }} name: firmware-${{ steps.version.outputs.version }}
merge-multiple: true
path: ./output path: ./output
# For diagnostics # For diagnostics
@ -258,9 +259,10 @@ jobs:
run: zip -j -9 -r ./firmware-${{ steps.version.outputs.version }}.zip ./output run: zip -j -9 -r ./firmware-${{ steps.version.outputs.version }}.zip ./output
- name: Repackage in single elfs zip - name: Repackage in single elfs zip
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: debug-elfs-${{ steps.version.outputs.version }}.zip name: debug-elfs-${{ steps.version.outputs.version }}.zip
overwrite: true
path: ./*.elf path: ./*.elf
retention-days: 30 retention-days: 30
@ -282,10 +284,10 @@ jobs:
needs: [gather-artifacts, after-checks] needs: [gather-artifacts, after-checks]
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v4
- name: Setup Python - name: Setup Python
uses: actions/setup-python@v4 uses: actions/setup-python@v5
with: with:
python-version: 3.x python-version: 3.x
@ -293,13 +295,15 @@ jobs:
run: echo "version=$(./bin/buildinfo.py long)" >> $GITHUB_OUTPUT run: echo "version=$(./bin/buildinfo.py long)" >> $GITHUB_OUTPUT
id: version id: version
- uses: actions/download-artifact@v3 - uses: actions/download-artifact@v4
with: with:
name: firmware-${{ steps.version.outputs.version }} name: firmware-${{ steps.version.outputs.version }}
merge-multiple: true
path: ./output path: ./output
- uses: actions/download-artifact@v3 - uses: actions/download-artifact@v4
with: with:
merge-multiple: true
name: artifact-deb name: artifact-deb
- name: Display structure of downloaded files - name: Display structure of downloaded files
@ -313,9 +317,10 @@ jobs:
- name: Zip firmware - name: Zip firmware
run: zip -j -9 -r ./firmware-${{ steps.version.outputs.version }}.zip ./output run: zip -j -9 -r ./firmware-${{ steps.version.outputs.version }}.zip ./output
- uses: actions/download-artifact@v3 - uses: actions/download-artifact@v4
with: with:
name: debug-elfs-${{ steps.version.outputs.version }}.zip name: debug-elfs-${{ steps.version.outputs.version }}.zip
merge-multiple: true
path: ./elfs path: ./elfs
- name: Zip Elfs - name: Zip Elfs

2
.github/workflows/nightly.yml vendored
View File

@ -11,7 +11,7 @@ jobs:
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v4
- name: Trunk Check - name: Trunk Check
uses: trunk-io/trunk-action@782e83f803ca6e369f035d64c6ba2768174ba61b uses: trunk-io/trunk-action@782e83f803ca6e369f035d64c6ba2768174ba61b

10
.github/workflows/package_raspbian.yml vendored
View File

@ -17,14 +17,14 @@ jobs:
needs: build-raspbian needs: build-raspbian
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v4
with: with:
submodules: recursive submodules: recursive
ref: ${{github.event.pull_request.head.ref}} ref: ${{github.event.pull_request.head.ref}}
repository: ${{github.event.pull_request.head.repo.full_name}} repository: ${{github.event.pull_request.head.repo.full_name}}
- name: Pull web ui - name: Pull web ui
uses: dsaltares/fetch-gh-release-asset@a40c8b4a0471f9ab81bdf73a010f74cc51476ad4 uses: dsaltares/fetch-gh-release-asset@master
with: with:
repo: meshtastic/web repo: meshtastic/web
file: build.tar file: build.tar
@ -36,9 +36,10 @@ jobs:
id: version id: version
- name: Download artifacts - name: Download artifacts
uses: actions/download-artifact@v3 uses: actions/download-artifact@v4
with: with:
name: firmware-raspbian-${{ steps.version.outputs.version }}.zip name: firmware-raspbian-${{ steps.version.outputs.version }}.zip
merge-multiple: true
- name: Display structure of downloaded files - name: Display structure of downloaded files
run: ls -R run: ls -R
@ -68,8 +69,9 @@ jobs:
depends: libyaml-cpp0.7, openssl, libulfius2.7 depends: libyaml-cpp0.7, openssl, libulfius2.7
desc: Native Linux Meshtastic binary. desc: Native Linux Meshtastic binary.
- uses: actions/upload-artifact@v3 - uses: actions/upload-artifact@v4
with: with:
name: artifact-deb name: artifact-deb
overwrite: true
path: | path: |
./*.deb ./*.deb

7
.github/workflows/sec_sast_flawfinder.yml vendored
View File

@ -16,7 +16,7 @@ jobs:
steps: steps:
# step 1 # step 1
- name: clone application source code - name: clone application source code
uses: actions/checkout@v3 uses: actions/checkout@v4
# step 2 # step 2
- name: flawfinder_scan - name: flawfinder_scan
@ -27,14 +27,15 @@ jobs:
# step 3 # step 3
- name: save report as pipeline artifact - name: save report as pipeline artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: flawfinder_report.sarif name: flawfinder_report.sarif
overwrite: true
path: flawfinder_report.sarif path: flawfinder_report.sarif
# step 4 # step 4
- name: publish code scanning alerts - name: publish code scanning alerts
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v3
with: with:
sarif_file: flawfinder_report.sarif sarif_file: flawfinder_report.sarif
category: flawfinder category: flawfinder

7
.github/workflows/sec_sast_semgrep_cron.yml vendored
View File

@ -17,7 +17,7 @@ jobs:
steps: steps:
# step 1 # step 1
- name: clone application source code - name: clone application source code
uses: actions/checkout@v3 uses: actions/checkout@v4
# step 2 # step 2
- name: full scan - name: full scan
@ -29,14 +29,15 @@ jobs:
# step 3 # step 3
- name: save report as pipeline artifact - name: save report as pipeline artifact
uses: actions/upload-artifact@v3 uses: actions/upload-artifact@v4
with: with:
name: report.sarif name: report.sarif
overwrite: true
path: report.sarif path: report.sarif
# step 4 # step 4
- name: publish code scanning alerts - name: publish code scanning alerts
uses: github/codeql-action/upload-sarif@v2 uses: github/codeql-action/upload-sarif@v3
with: with:
sarif_file: report.sarif sarif_file: report.sarif
category: semgrep category: semgrep

2
.github/workflows/sec_sast_semgrep_pull.yml vendored
View File

@ -11,7 +11,7 @@ jobs:
steps: steps:
# step 1 # step 1
- name: clone application source code - name: clone application source code
uses: actions/checkout@v3 uses: actions/checkout@v4
with: with:
fetch-depth: 0 fetch-depth: 0

2
.github/workflows/trunk-check.yml vendored
View File

@ -16,7 +16,7 @@ jobs:
steps: steps:
- name: Checkout - name: Checkout
uses: actions/checkout@v3 uses: actions/checkout@v4
- name: Trunk Check - name: Trunk Check
uses: trunk-io/trunk-action@v1 uses: trunk-io/trunk-action@v1

2
.github/workflows/update_protobufs.yml vendored
View File

@ -7,7 +7,7 @@ jobs:
steps: steps:
- name: Checkout code - name: Checkout code
uses: actions/checkout@v3 uses: actions/checkout@v4
with: with:
submodules: true submodules: true