-
Notifications
You must be signed in to change notification settings - Fork 674
57 lines (54 loc) · 1.5 KB
/
fih_tests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
on:
push:
branches:
- main
pull_request:
name: FIH hardening
concurrency:
group: fih-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
config:
strategy:
fail-fast: false
matrix:
fih_env:
# FIH environment must use the following space separated format:
# BUILD_TYPE SKIP_SIZE DAMAGE_TYPE FIH_LEVEL(optional)
- "RELEASE 2,4,6 SIGNATURE"
- "RELEASE 2,4,6 SIGNATURE LOW"
- "RELEASE 2,4,6 SIGNATURE MEDIUM"
- "RELEASE 8,10 SIGNATURE"
- "RELEASE 8,10 SIGNATURE LOW"
- "RELEASE 8,10 SIGNATURE MEDIUM"
- "MINSIZEREL 2,4,6 SIGNATURE"
- "MINSIZEREL 2,4,6 SIGNATURE LOW"
- "MINSIZEREL 2,4,6 SIGNATURE MEDIUM"
- "MINSIZEREL 8,10 SIGNATURE"
- "MINSIZEREL 8,10 SIGNATURE LOW"
- "MINSIZEREL 8,10 SIGNATURE MEDIUM"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
# Uses Mbed TLS from TFM, and nothing else from here.
submodules: false
- name: Print the environment
run: |
uname -a
lscpu
free
pwd
- name: Signed commit check
if: ${{ github.event_name == 'pull_request' }}
run: |
./ci/check-signed-off-by.sh
- name: FIH hardening test install
run: |
./ci/fih-tests_install.sh
- name: FIH hardening test run
env:
FIH_ENV: ${{ matrix.fih_env }}
run: |
./ci/fih-tests_run.sh