Add github workflow to check for wolfboot regressions#10029
Add github workflow to check for wolfboot regressions#10029danielinux wants to merge 4 commits intowolfSSL:masterfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a GitHub Actions workflow to run a curated set of wolfBoot integration checks against the wolfSSL code under test, aiming to catch regressions early.
Changes:
- Introduces a new
wolfboot-integration.ymlworkflow with multiple jobs (keytools, Renode configs, host smoke). - Clones wolfBoot and links the PR’s wolfSSL workspace into wolfBoot for integration validation.
- Uploads Renode execution logs as build artifacts for debugging.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 1 out of 1 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| push: | ||
| branches: [ 'master', 'main', 'release/**' ] | ||
| pull_request: | ||
| branches: [ '*' ] |
There was a problem hiding this comment.
pull_request.branches: ['*'] will not match base branches that contain / (e.g., release/1.2.3), so the workflow may not run on PRs targeting release branches. Use ['**'] or mirror the push branch filters (e.g., ['master','main','release/**']), or omit branches entirely to run on all PRs.
| branches: [ '*' ] | |
| branches: [ 'master', 'main', 'release/**' ] |
| - name: Build and exercise host-side smoke test | ||
| working-directory: wolfboot | ||
| run: | | ||
| set -euo pipefail |
There was a problem hiding this comment.
With set -e enabled, a failing ./test-lib ... inside command substitution will cause the script to exit immediately, so success_status=$? will never be reached and the intended error handling won’t run. Wrap that command substitution with a temporary set +e/set -e, or use an if output=$(...); then ... else ... fi pattern to capture output and status reliably.
| env: | ||
| WOLFBOOT_REPO: https://github.com/wolfSSL/wolfBoot.git | ||
| WOLFBOOT_BRANCH: master |
There was a problem hiding this comment.
Cloning the tip of wolfBoot master makes this workflow non-deterministic and can introduce CI flakiness (failures caused by unrelated wolfBoot changes). Consider pinning to a known-good wolfBoot tag/commit SHA (or a release branch), and optionally allowing an override via workflow_dispatch input when you explicitly want to test against wolfBoot master.
| run: | | ||
| set -euxo pipefail | ||
|
|
||
| git clone --depth 1 --branch "${WOLFBOOT_BRANCH}" "${WOLFBOOT_REPO}" wolfboot |
There was a problem hiding this comment.
Cloning the tip of wolfBoot master makes this workflow non-deterministic and can introduce CI flakiness (failures caused by unrelated wolfBoot changes). Consider pinning to a known-good wolfBoot tag/commit SHA (or a release branch), and optionally allowing an override via workflow_dispatch input when you explicitly want to test against wolfBoot master.
Description
A selection of tests to intercept any changes that would break wolfboot.