Adding upstream version 0.46.upstream/0.46 upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-15 16:30:33 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-15 16:30:33 +0000
commit: ec49cfb6170532d6b293a15ecefcfa2b56b4315b (patch)
tree: 53faeda755a861e5491a7a2f30c76f72468647a3 /.github
parent: Initial commit. (diff)
download: spectre-meltdown-checker-ec49cfb6170532d6b293a15ecefcfa2b56b4315b.tar.xz
spectre-meltdown-checker-ec49cfb6170532d6b293a15ecefcfa2b56b4315b.zip
1 files changed, 73 insertions, 0 deletions
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
new file mode 100644
index 0000000..7e5afbe
--- /dev/null
+++ b/.github/workflows/check.yml
@@ -0,0 +1,73 @@
+name: CI
+
+on: [push, pull_request]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v1
+    - name: install prerequisites
+      run: sudo apt-get update && sudo apt-get install -y shellcheck jq sqlite3 iucode-tool
+    - name: shellcheck
+      run: shellcheck -s sh spectre-meltdown-checker.sh
+    - name: check indentation
+      run: |
+        if [ $(grep -cPv "^\t*\S|^$" spectre-meltdown-checker.sh) != 0 ]; then
+          echo "Badly indented lines found:"
+          grep -nPv "^\t*\S|^$" spectre-meltdown-checker.sh
+          exit 1
+        else
+          echo "Indentation seems correct."
+        fi
+    - name: check direct execution
+      run: |
+        expected=16
+        nb=$(sudo ./spectre-meltdown-checker.sh --batch json | jq '.[]|.CVE' | wc -l)
+        if [ "$nb" -ne "$expected" ]; then
+          echo "Invalid number of CVEs reported: $nb instead of $expected"
+          exit 1
+        else
+          echo "OK $nb CVEs reported"
+        fi
+    - name: check docker-compose run execution
+      run: |
+        expected=16
+        docker-compose build
+        nb=$(docker-compose run --rm spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
+        if [ "$nb" -ne "$expected" ]; then
+          echo "Invalid number of CVEs reported: $nb instead of $expected"
+          exit 1
+        else
+          echo "OK $nb CVEs reported"
+        fi
+    - name: check docker run execution
+      run: |
+        expected=16
+        docker build -t spectre-meltdown-checker .
+        nb=$(docker run --rm --privileged -v /boot:/boot:ro -v /dev/cpu:/dev/cpu:ro -v /lib/modules:/lib/modules:ro spectre-meltdown-checker --batch json | jq '.[]|.CVE' | wc -l)
+        if [ "$nb" -ne "$expected" ]; then
+          echo "Invalid number of CVEs reported: $nb instead of $expected"
+          exit 1
+        else
+          echo "OK $nb CVEs reported"
+        fi
+    - name: check fwdb update
+      run: |
+        nbtmp1=$(find /tmp 2>/dev/null | wc -l)
+        ./spectre-meltdown-checker.sh --update-fwdb; ret=$?
+        if [ "$ret" != 0 ]; then
+          echo "Non-zero return value: $ret"
+          exit 1
+        fi
+        nbtmp2=$(find /tmp 2>/dev/null | wc -l)
+        if [ "$nbtmp1" != "$nbtmp2" ]; then
+          echo "Left temporary files!"
+          exit 1
+        fi
+        if ! [ -e ~/.mcedb ]; then
+          echo "No .mcedb file found after updating fwdb"
+          exit 1
+        fi
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-15 16:30:33 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-15 16:30:33 +0000
commit	ec49cfb6170532d6b293a15ecefcfa2b56b4315b (patch)
tree	53faeda755a861e5491a7a2f30c76f72468647a3 /.github
parent	Initial commit. (diff)
download	spectre-meltdown-checker-ec49cfb6170532d6b293a15ecefcfa2b56b4315b.tar.xz spectre-meltdown-checker-ec49cfb6170532d6b293a15ecefcfa2b56b4315b.zip