The implicit GITHUB_TOKEN does not trigger further push actions in
the same repo, but in this case we do want the push action to happen
on the `-rebased` branches, so we use an explicit auth token instead.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
The action will abort when no clean rebase is possible, and force-push
the rebased branch when the rebase over origin/master was clean.
The push will trigger proof runs on the rebased branches.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
The worklow_dispatch trigger adds a button in the GitHub UI that lets
one trigger the workflow manually. Useful for testing the workflows.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
The decompilation process (part of binary verification) is more tightly
coupled to the graph-refine repository than l4v, so it makes more sense
to perform decompilation in graph-refine. (It was temporarily performed
here in l4v because the graph-refine branches needed some stabilisation
work.)
This also modifies proof workflows:
- All proof workflows now upload kernel build artifacts. These can be
used as inputs to binary verification.
- Proof workflows other than the one for pull requests (proof.yml)
automatically trigger a decompilation workflow. We can still manually
initiate a decompilation workflow using the uploaded artifacts, but
doint so automatically would consume too many parallel runners.
Signed-off-by: Matthew Brecknell <matt@kry10.com>
Need to check out the ci-actions repo first (where the nl-unescape.sh
script is located).
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
This removes the mcs-export matrix job from the proof-deploy workflow,
as the first step towards solving seL4/l4v#497. This should unblock
verification manifest deployments.
The mcs-export job was added to the proof-deploy workflow to perform
SimplExportAndRefine for binary verification targets. It took a short
cut, using the master branch of l4v to perform SimplExportAndRefine for
MCS configurations, since there were no differences between rt and
master that were relevant to SimplExportAndRefine. This is no longer the
case, because MCS seL4 C code now contains C parser annotations that use
symbols only available in the rt branch of l4v.
We intend to add an equivalent job that uses the rt branch of l4v for
MCS SimplExportAndRefine, but are still working out the best way to do
that.
Signed-off-by: Matthew Brecknell <matt@kry10.com>
This commit will only come into full effect when it is merged into
master, which is also the time AARCH64 tests should run regularly
in the main repository.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
ci-actions/aws-proofs no longer excludes the AutoCorresSEL4 session by
default, so we no longer need to provide a fake argument to the session
parameter to not exclude it.
This is significant, because we now want the default to be non-verbose
since we're running multiple sessions in parallel.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
- Add a new workflow to prepare graph-refine inputs and submit them to a
back end over SSH. Intended to be triggered by the proof-deploy
workflow. Fetches C graph-lang artifacts from the triggering workflow,
and runs the decompiler to generate ASM graph-lang.
- Add a job to the l4v-proof workflow to trigger the decompilation
workflow.
Signed-off-by: Matthew Brecknell <matt@kry10.com>
Add a second matrix job that runs SimplExportAndRefine for MCS C kernel
configurations that support it (currently ARM and RISCV64).
Note that this uses the master branch of l4v to generate the CSpec, and
to run SimplExportAndRefine, not the rt branch. This works because the
rt branch does not yet connect to the CSpec, and there are no meaningful
differences between rt and master in CSpec or SimplExportAndRefine. For
now, this simplifies workflows for binary verification. But when MCS
proofs connect to the CSpec, this will need to be refactored to use the
rt branch.
Signed-off-by: Matthew Brecknell <matt@kry10.com>
Upload an artifact for any C graph-lang generated by
SimplExportAndRefine during a proof-deploy workflow.
Signed-off-by: Matthew Brecknell <matt@kry10.com>
By default GitHub spawns a new test for each push event. To avoid
hitting the maximum number of AWS instances too quickly, we run the PR
and master proof tests only on the most recent push since the last test
finished.
The concurrency exclusion is per git ref, i.e. separate PRs and
separate branches still run tests concurrently.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
The repository_dispatch event will be generated in the
verification-manifest repo when devel.xml is updated by anyone other
than the seL4-ci user.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
This refactors the proof runs into a separate run for the master branch
(which has deployment) and development branches (currently RT and PRs).
For the test on the master branch, we need to make sure that all tests
and the deployment action see the same revisions of all participating
repos.
Signed-off-by: Gerwin Klein <gerwin.klein@proofcraft.systems>
Gerwin Klein
Matthew Brecknell
Peter Chubb