[bazel,qemu] Add QEMU support for ROM_EXT E2E attestation & DICE chain tests #8806
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright lowRISC contributors (OpenTitan project). | |
| # Licensed under the Apache License, Version 2.0, see LICENSE for details. | |
| # SPDX-License-Identifier: Apache-2.0 | |
| name: Cherry-pick Pull Request | |
| on: | |
| pull_request_target: | |
| types: [closed, labeled] | |
| permissions: | |
| contents: read | |
| jobs: | |
| cherrypick: | |
| # NOTE: We currently need these permissions because we create pull request with the repo-scoped | |
| # default token. We should in the future move to a PAT owned by lowrisc-bot and create pull request | |
| # on its behalf. | |
| permissions: | |
| # Needed for authentication. | |
| id-token: write | |
| # Needed for the action to create branch. | |
| contents: write | |
| name: Cherry-pick Pull Request | |
| if: github.event.pull_request.merged == true && (github.event_name != 'labeled' || startsWith('CherryPick:', github.event.label.name)) | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Obtain token to create PR | |
| id: pr_token | |
| run: | | |
| # Obtain OIDC token from GitHub | |
| ID_TOKEN=$(curl -sSf -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "$ACTIONS_ID_TOKEN_REQUEST_URL&audience=https://ca.lowrisc.org" | jq -r .value) | |
| echo "::add-mask::$ID_TOKEN" | |
| # Exchange for a token to create PR | |
| PR_TOKEN=$(curl -sSf -X POST -H "Authorization: Bearer $ID_TOKEN" "https://ca.lowrisc.org/api/github/repos/${{ github.repository }}/token") | |
| echo "::add-mask::$PR_TOKEN" | |
| echo "pr_token=$PR_TOKEN" >> "$GITHUB_OUTPUT" | |
| - name: Create backport PRs | |
| id: backport | |
| uses: korthout/backport-action@e8161d6a0dbfa2651b7daa76cbb75bc7c925bbf3 # v2.4.1 | |
| with: | |
| label_pattern: "^CherryPick:([^ ]+)$" | |
| pull_title: "Cherry-pick to ${target_branch}: ${pull_title}" | |
| github_token: ${{ steps.pr_token.outputs.pr_token }} | |
| pull_description: | | |
| This is an automatic cherry-pick of #${pull_number} to branch `${target_branch}`. | |
| - name: Apply label for manually cherry picking | |
| if: ${{ steps.backport.outputs.was_successful == 'false' }} | |
| env: | |
| GH_TOKEN: ${{ steps.pr_token.outputs.pr_token }} | |
| run: | | |
| gh pr edit ${{ github.event.pull_request.number }} --add-label 'Manually CherryPick' |