CreateVault: Fix sign.command
and update signing docs
#2518
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Analyze | |
on: | |
push: | |
pull_request: | |
workflow_dispatch: | |
release: | |
types: [published] | |
env: | |
PROJECT_TYPE: UEFI | |
jobs: | |
analyze-shell-scripts: | |
name: Shell Scripts | |
runs-on: macos-latest | |
env: | |
JOB_TYPE: ANALYZE | |
HOMEBREW_NO_INSTALL_CLEANUP: 1 | |
steps: | |
- uses: actions/checkout@v4 | |
# Due to brew adopting PEP 668 https://github.com/orgs/Homebrew/discussions/3404 pip installs should be in a Python venv | |
- name: Install Dependencies | |
run: | | |
brew install shellcheck | |
python3 -m venv ~/pyenv | |
source ~/pyenv/bin/activate | |
python3 -m pip install pyyaml | |
- name: CI Bootstrap | |
run: | | |
src=$(/usr/bin/curl -LfsS https://raw.githubusercontent.com/acidanthera/ocbuild/master/ci-bootstrap.sh) && eval "$src" || exit 1 | |
- name: Run shellcheck | |
run: find . \( -name "*.tool" -o -name "*.command" -o -name "*.sh" \) -exec sh -c 'for TargetFile; do shellcheck --severity=info "${TargetFile}" || exit 1; done' sh {} + | |
- name: Check AppleModels | |
working-directory: AppleModels | |
run: | | |
source ~/pyenv/bin/activate | |
python3 ./update_generated.py || exit 1 | |
if [ "$(git status --porcelain)" != "" ]; then echo "DataBase desync"; exit 1 ; fi | |
- name: Lint Samples | |
run: | | |
File='Docs/Sample.plist' | |
plutil -lint "${File}" || exit 1 | |
/usr/libexec/PlistBuddy -c 'Save' "${File}" | |
awk ' /<data>$/ {inside=1; printf $0; next} | |
/<\/data>$/ {inside=0; print "</data>"; next} | |
inside {gsub ("\t", "", $0); printf $0; next} | |
{print}' "${File}" > "${File}.tmp" && mv "${File}.tmp" "${File}" | |
if [ "$(git diff ${File})" != '' ]; then echo "Not in Xcode style or not in alphabetical order!!"; exit 1 ; fi | |
File='Docs/SampleCustom.plist' | |
plutil -lint "${File}" || exit 1 | |
/usr/libexec/PlistBuddy -c 'Save' "${File}" | |
awk ' /<data>$/ {inside=1; printf $0; next} | |
/<\/data>$/ {inside=0; print "</data>"; next} | |
inside {gsub ("\t", "", $0); printf $0; next} | |
{print}' "${File}" > "${File}.tmp" && mv "${File}.tmp" "${File}" | |
if [ "$(git diff ${File})" != '' ]; then echo "Not in Xcode style or not in alphabetical order!!"; exit 1 ; fi | |
analyze-python-scripts: | |
name: Python Scripts | |
runs-on: ubuntu-24.04 | |
env: | |
JOB_TYPE: ANALYZE | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Dependencies | |
run: | | |
python3 -m pip install prospector | |
- name: Run prospector | |
run: | | |
/usr/bin/curl -L https://raw.githubusercontent.com/acidanthera/ocbuild/master/prospector/profile.yml -o profile.yml || exit 1 | |
python3 -m prospector . -P ./profile.yml | tee prospector_result.txt || exit 1 | |
- name: Upload prospector result to Artifacts | |
uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: Prospector Artifacts | |
path: ./prospector_result.txt | |
analyze-docs-linux: | |
name: Documentation | |
runs-on: ubuntu-24.04 | |
if: github.repository_owner == 'acidanthera' && github.ref_name == 'master' | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install texlive latexdiff | |
- name: Check documentation | |
run: ./Docs/BuildDocs.tool --check-docs | |
analyze-coverity: | |
name: Coverity | |
runs-on: ubuntu-24.04 | |
env: | |
JOB_TYPE: COVERITY | |
TOOLCHAINS: GCC | |
if: github.repository_owner == 'acidanthera' && github.event_name != 'pull_request' | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Install Dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install curl nasm uuid-dev libssl-dev iasl | |
- name: CI Bootstrap | |
run: | | |
src=$(/usr/bin/curl -LfsS https://raw.githubusercontent.com/acidanthera/ocbuild/master/ci-bootstrap.sh) && eval "$src" || exit 1 | |
- run: ./build_oc.tool --skip-build --skip-package | |
- name: Run Coverity | |
working-directory: UDK | |
run: | | |
src=$(/usr/bin/curl -LfsS https://raw.githubusercontent.com/acidanthera/ocbuild/master/coverity/covstrap-linux.sh) && eval "$src" || exit 1 | |
env: | |
COVERITY_SCAN_TOKEN: ${{ secrets.COVERITY_SCAN_TOKEN }} | |
COVERITY_SCAN_EMAIL: ${{ secrets.COVERITY_SCAN_EMAIL }} | |
COVERITY_BUILD_COMMAND: ../build_oc.tool --skip-tests --skip-package RELEASE |