kernel/.github/workflows/check-config.yml at 93cecaf5bf803f01661b930a5c20302f2a5e15ca · deepin-community/kernel · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
name: Check defconfig Consistency

on:
  push:
  pull_request:

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  check-defconfig:
    runs-on: ubuntu-latest

    steps:
    - name: Checkout repository
      uses: actions/checkout@v4

    - name: Install build dependencies
      run: |
        sudo apt-get update
        sudo apt-get install -y bc build-essential zstd flex bison libssl-dev make libelf-dev git debhelper pahole libncurses-dev

    - name: Backup original defconfig
      run: |
        cp arch/x86/configs/deepin_x86_desktop_defconfig defconfig.orig

    - name: Generate new defconfig
      run: |
        make ARCH=x86 deepin_x86_desktop_defconfig
        make ARCH=x86 savedefconfig

    - name: Compare defconfig files
      run: |
        if ! diff -u defconfig defconfig.orig; then
          echo "::error:: deepin_x86_desktop_defconfig 文件不一致，请执行 'make savedefconfig' 并提交更新"
          exit 1
        fi

    - name: Generate config whitelist/blacklist
      run: |
        touch whitelist
        cat .github/workflows/generic_config_whitelist >> whitelist
        cat arch/x86/configs/config_whitelist >> whitelist
        touch blacklist
        cat .github/workflows/generic_config_blacklist >> blacklist
        cat arch/x86/configs/config_blacklist >> blacklist

    - name: Check config whitelist
      run: |
        # Format: CONFIG_XXX with no # prefix
        exit_code=0
        grep -vE '^#|^$' whitelist | while read -r config_item; do
          # Check for positive configuration (CONFIG_XXX=y/m...)
          if ! grep -q "^${config_item}=" .config; then
            # Check for negative configuration (# CONFIG_XXX is not set)
            if grep -q "^# ${config_item} is not set" .config; then
              echo "::error::Whitelist violation: ${config_item} is explicitly disabled in .config"
              exit_code=1
            else
              echo "::error::Whitelist violation: ${config_item} is missing in .config"
              exit_code=1
            fi
          fi
        done
        exit $exit_code

    - name: Check config blacklist
      run: |
        # Format: CONFIG_XXX with no # prefix
        exit_code=0
        grep -vE '^#|^$' blacklist | while read -r config_item; do
          # Check for positive configuration (CONFIG_XXX=y/m/n...)
          if grep -q "^${config_item}=" .config; then
            echo "::error::Blacklist violation: ${config_item} is explicitly enabled in .config"
            exit_code=1
          fi
        done
        exit $exit_code