Skip to content
CI/CD Pipeline

protobuf messaging layer #23

Sign in to view logs

protobuf messaging layer

protobuf messaging layer #23

Workflow file for this run

.github/workflows/ci.yml at ce66e3f
name: CI/CD Pipeline
on:
pull_request:
branches: [ main ]
push:
branches: [ main ]
workflow_dispatch:
inputs:
board:
description: 'Target board'
required: false
default: 'xiao_ble'
type: choice
options:
- xiao_ble
- adafruit_feather_nrf52840
jobs:
build-and-test:
runs-on: ubuntu-latest
container:
# Zephyr toolchain from here:
# https://github.com/zephyrproject-rtos/docker-image/pkgs/container/ci
image: ghcr.io/zephyrproject-rtos/ci:v0.26.6
env:
# Tell cmake where to find the zephyr sdk
CMAKE_PREFIX_PATH: /opt/toolchains
strategy:
matrix:
board: [xiao_ble, adafruit_feather_nrf52840]
include:
- board: xiao_ble
description: "Seeed XIAO nRF52840"
- board: adafruit_feather_nrf52840
description: "Adafruit Feather nRF52840 Express"
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- name: ♻️ Initialize Zephyr Workspace
# Set up the Zephyr workspace exactly as specified
run: |
mkdir -p /zephyr_workspace
cd /zephyr_workspace
west init -m https://github.com/nrfconnect/sdk-nrf.git --mr main
west update --narrow -o=--depth=1
- name: 📁 Copy App to Workspace
run: |
cp -r app /zephyr_workspace/app
- name: 💾 Cache ~/.cache/ccache
uses: actions/cache@v3
with:
path: ~/.cache/ccache
key: ccache-v1-${{ runner.os }}-${{ hashFiles('west.yml') }}
restore-keys: |
ccache-v1-${{ runner.os }}-
- name: 🔨 Build Project
run: |
cd /zephyr_workspace
ccache -z
west build \
--board ${{ matrix.board }} \
--pristine=always app
ccache -sv
- name: 📦 Rename and Upload UF2 Artifacts
run: |
cd /zephyr_workspace
COMMIT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
# Copy and rename UF2 files with commit hash
cp build/app/zephyr/zephyr.uf2 mouthpad^usb_${{ matrix.board }}_${COMMIT_SHA}.uf2
echo "✅ ${{ matrix.board }} UF2: mouthpad^usb_${{ matrix.board }}_${COMMIT_SHA}.uf2"
ls -la *.uf2
# Export COMMIT_SHA for use in next step
echo "COMMIT_SHA=${COMMIT_SHA}" >> $GITHUB_ENV
- name: 📦 Upload Individual UF2 File
uses: actions/upload-artifact@v4
with:
name: mouthpad^usb_${{ matrix.board }}_${{ env.COMMIT_SHA }}
path: /zephyr_workspace/mouthpad^usb_${{ matrix.board }}_*.uf2
retention-days: 30
- name: 🔍 Verify Build Artifacts
run: |
cd /zephyr_workspace
echo "Checking for UF2 file..."
[ -f build/app/zephyr/zephyr.uf2 ] && echo '✓ zephyr.uf2 found' || echo '✗ zephyr.uf2 missing'
echo 'UF2 file size:'
ls -lh build/app/zephyr/zephyr.uf2
echo 'Renamed UF2 files:'
ls -lh mouthpad^usb_*.uf2
security-scan:
runs-on: ubuntu-latest
needs: build-and-test
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run security scan
run: |
echo "Running security analysis..."
# Check for common security issues in C code
find app/src -name '*.c' -o -name '*.h' | xargs grep -l 'strcpy\|sprintf\|gets' || echo 'No obvious security issues found'
release:
runs-on: ubuntu-latest
needs: [build-and-test, security-scan]
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
steps:
- name: Set commit hash
run: |
COMMIT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
echo "COMMIT_SHA=${COMMIT_SHA}" >> $GITHUB_ENV
- name: Download all artifacts
uses: actions/download-artifact@v4
with:
path: artifacts
- name: Create release package
run: |
mkdir -p release
# Copy all UF2 files from board-specific artifacts
for board in xiao_ble adafruit_feather_nrf52840; do
if [ -d "artifacts/mouthpad^usb_${board}_${COMMIT_SHA}" ]; then
cp artifacts/mouthpad^usb_${board}_${COMMIT_SHA}/*.uf2 release/ 2>/dev/null || true
fi
done
echo "Release package created:"
find release -type f
- name: Upload release package
uses: actions/upload-artifact@v4
with:
name: mouthpad^usb_${{ env.COMMIT_SHA }}
path: release/
retention-days: 90