hyperlight-dev
diff --git a/‎.devcontainer/Dockerfile‎
Lines changed: 63 additions & 0 deletions b/‎.devcontainer/Dockerfile‎
Lines changed: 63 additions & 0 deletions
diff --git a/‎.devcontainer/devcontainer.json‎
Lines changed: 33 additions & 0 deletions b/‎.devcontainer/devcontainer.json‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎.devcontainer/setup.sh‎
Lines changed: 5 additions & 0 deletions b/‎.devcontainer/setup.sh‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎.github/workflows/Benchmarks.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/Benchmarks.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/CargoPublish.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/CargoPublish.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/CreateDevcontainerImage.yml‎
Lines changed: 71 additions & 0 deletions b/‎.github/workflows/CreateDevcontainerImage.yml‎
Lines changed: 71 additions & 0 deletions
diff --git a/‎.github/workflows/CreateRelease.yml‎
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/CreateRelease.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎.github/workflows/ValidatePullRequest.yml‎
Lines changed: 45 additions & 6 deletions b/‎.github/workflows/ValidatePullRequest.yml‎
Lines changed: 45 additions & 6 deletions
diff --git a/‎.github/workflows/dep_build_guest_binaries.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/dep_build_guest_binaries.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/dep_fuzzing.yml‎
Lines changed: 7 additions & 1 deletion b/‎.github/workflows/dep_fuzzing.yml‎
Lines changed: 7 additions & 1 deletion
@@ -0,0 +1,63 @@
+## Dockerfile for devcontainer
+
+FROM mcr.microsoft.com/devcontainers/base:debian AS base
+
+ARG USER=vscode
+ARG GROUP=vscode
+
+ENV HOME="/home/${USER}"
+ENV PATH="$HOME/.cargo/bin:$PATH"
+
+# Install dependencies
+RUN apt-get update \
+    && apt-get -y install \
+        build-essential \
+        cmake \
+        curl \
+        git \
+        gnupg \
+        gnuplot \
+        lsb-release \
+        make \
+        software-properties-common \
+        sudo \
+        wget
+
+ARG LLVM_VERSION=17
+
+# Install llvm
+RUN wget https://apt.llvm.org/llvm.sh \
+    && chmod +x ./llvm.sh         \
+    && sudo ./llvm.sh ${LLVM_VERSION} all      \
+    && sudo ln -s /usr/lib/llvm-${LLVM_VERSION}/bin/clang-cl /usr/bin/clang-cl \
+    && sudo ln -s /usr/lib/llvm-${LLVM_VERSION}/bin/llvm-lib /usr/bin/llvm-lib \
+    && sudo ln -s /usr/lib/llvm-${LLVM_VERSION}/bin/lld-link /usr/bin/lld-link \
+    && sudo ln -s /usr/lib/llvm-${LLVM_VERSION}/bin/llvm-ml /usr/bin/llvm-ml   \
+    && sudo ln -s /usr/lib/llvm-${LLVM_VERSION}/bin/ld.lld /usr/bin/ld.lld     \
+    && sudo ln -s /usr/lib/llvm-${LLVM_VERSION}/bin/clang /usr/bin/clang
+
+FROM base AS dev
+
+# Make sure the devcontainer user has sudo access
+RUN chown -R "${USER}:${GROUP}" /home/${USER} \
+    && echo "${USER} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers
+
+# Persist bash hystory
+RUN SNIPPET="export PROMPT_COMMAND='history -a' && export HISTFILE=/commandhistory/.bash_history" \
+    && mkdir /commandhistory \
+    && touch /commandhistory/.bash_history \
+    && chown -R "${USER}" /commandhistory \
+    && echo "$SNIPPET" >> "/home/${USER}/.bashrc"
+
+USER $USER
+
+ARG RUST_TOOLCHAIN=1.81.0
+
+# Install rust
+RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \
+    && rustup default ${RUST_TOOLCHAIN} \
+    && rustup target add x86_64-unknown-linux-gnu \
+    && rustup target add x86_64-unknown-none      \
+    && rustup target add x86_64-pc-windows-msvc   \
+    && cargo install just
+
@@ -0,0 +1,33 @@
+// For more info on the configuration below, check out the link:
+// https://code.visualstudio.com/docs/devcontainers/create-dev-container
+{
+  "name": "Hyperlight",
+
+  "image": "ghcr.io/hyperlight-dev/hyperlight-devcontainer:latest",
+
+  "containerUser": "vscode",
+  // Environment for the container also used by the `postCreateCommand`
+  "containerEnv": {
+    "DEVICE": "/dev/kvm",
+    "KVM_SHOULD_BE_PRESENT": "true",
+    "REMOTE_USER": "vscode",
+    "REMOTE_GROUP": "vscode"
+  },
+
+  "runArgs": [
+      "--device=/dev/kvm"
+  ],
+
+  // Use 'postCreateCommand' to run commands after the container is created
+  "postCreateCommand": "bash .devcontainer/setup.sh",
+
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "ms-vscode.cmake-tools",
+        "rust-lang.rust-analyzer",
+        "vadimcn.vscode-lldb"
+      ]
+    }
+  }
+}
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+# Change device ownership
+sudo chown -R $REMOTE_USER:$REMOTE_GROUP $DEVICE
+
@@ -57,7 +57,7 @@ jobs:
 
       - uses: actions/checkout@v4
 
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
         env:
 
@@ -32,7 +32,7 @@ jobs:
           fetch-depth: 0
           fetch-tags: true
 
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
 
 
@@ -0,0 +1,71 @@
+name: Create and publish devcontainer Docker image
+
+on:
+  push:
+    branches:
+      - "main"
+    paths:
+      - ".devcontainer/Dockerfile"
+      - ".github/workflows/CreateDevcontainerImage.yml"
+      - "rust-toolchain.toml"
+
+# Defines two custom environment variables for the workflow. These are used for the Container registry domain, and a name for the Docker image that this workflow builds.
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}-devcontainer
+  USER: vscode
+  GROUP: vscode
+  LLVM_VERSION: 17
+  RUST_TOOLCHAIN_DEFAULT: 1.81.0
+  RUST_TOOLCHAIN_FILE: rust-toolchain.toml
+
+# There is a single job in this workflow. It's configured to run on the latest available version of Ubuntu.
+jobs:
+  build-and-push-image:
+    runs-on: ubuntu-latest
+    # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Read Rust toolchain version from ${{ env.RUST_TOOLCHAIN_FILE }}
+        id: toolchain
+        run: |
+          version=$(cat ${{ env.RUST_TOOLCHAIN_FILE }} | sed -n '/\[toolchain\]/,/^\[/{/^\s*channel = /s/[^"]*"\([^"]*\)".*/\1/p}')
+          cat ${{ env.RUST_TOOLCHAIN_FILE }} | grep $version &> /dev/null \
+            && echo "RUST_TOOLCHAIN=${version}" >> "$GITHUB_OUTPUT" \
+            || echo "RUST_TOOLCHAIN=${{ env.RUST_TOOLCHAIN_FILE }}" >> "$GITHUB_OUTPUT"
+        
+      # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
+      - name: Log in to the Container registry
+        uses: docker/login-action@v1
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+
+      - name: Build and push Docker image
+        id: push
+        uses: docker/build-push-action@v6
+        with:
+          context: ./.devcontainer
+          push: true
+          tags: |
+            ${{ steps.meta.outputs.tags }}
+            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+          labels: ${{ steps.meta.outputs.labels }}
+          build-args: |
+            USER=${{ env.USER }}
+            GROUP=${{ env.GROUP }}
+            LLVM_VERSION=${{ env.LLVM_VERSION }}
+            RUST_TOOLCHAIN=${{ steps.toolchain.outputs.RUST_TOOLCHAIN }}
@@ -21,7 +21,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
         env:
@@ -41,7 +41,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
         env:
@@ -109,7 +109,7 @@ jobs:
           fetch-depth: 0
           fetch-tags: true
 
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
         env:
 
@@ -5,30 +5,66 @@ name: Validate Pull Request
 on:
   pull_request:
     branches: [main, "release/**"]
-    paths-ignore:
-      - '**.md'
-      - '**.txt'
   merge_group:
 
 permissions:
   id-token: write
   contents: read
 
 jobs:
+  docs-pr:
+    runs-on: ubuntu-latest
+    outputs:
+      docs-only: ${{ steps.docs-only.outputs.result }}
+    steps:
+      - uses: dorny/paths-filter@v3
+        id: changes
+        with:
+          filters: |
+            docs:
+              - '**/*.md'
+              - '**/*.txt'
+            all:
+              - '**/*'
+      - uses: actions/github-script@v7
+        id: docs-only
+        with:
+          script: |
+            let docs_file_count = ${{steps.changes.outputs.docs_count}};
+            let all_file_count = ${{steps.changes.outputs.all_count}};
+            return all_file_count === docs_file_count;
+          result-encoding: string
 
   rust:
+    needs:
+      - docs-pr
     uses: ./.github/workflows/dep_rust.yml
     secrets: inherit
+    with: 
+      docs_only: ${{needs.docs-pr.outputs.docs-only}}
   fuzzing:
+    needs:
+      - docs-pr
     uses: ./.github/workflows/dep_fuzzing.yml
     with:
       max_total_time: 300 # 5 minutes in seconds
+      docs_only: ${{needs.docs-pr.outputs.docs-only}}
     secrets: inherit
+  spelling:
+    name: spell check with typos
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+    - name: Spell Check Repo
+      uses: crate-ci/typos@master
 
   #####
   # start build-on-windows
   #####
   build-on-windows:
+    needs:
+      - docs-pr
+    if: ${{needs.docs-pr.outputs.docs-only != 'true'}}
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: true
@@ -57,7 +93,7 @@ jobs:
           systeminfo
 
       # Run this so we can use just targets in this workflow
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
         env:
@@ -72,6 +108,9 @@ jobs:
   # start build-on-linux
   #####
   build-on-linux:
+    needs:
+      - docs-pr
+    if: ${{needs.docs-pr.outputs.docs-only != 'true'}}
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: true
@@ -117,7 +156,7 @@ jobs:
           echo "cat /etc/os-release"
           cat /etc/os-release
 
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
         env:
@@ -129,4 +168,4 @@ jobs:
 
   #####
   # end build-on-linux
-  #####
+  #####
@@ -31,7 +31,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
         env:
 
@@ -7,19 +7,25 @@ on:
         description: Maximum total time for the fuzz run in seconds
         required: true
         type: number
+      docs_only:
+        description: Skip fuzzing if docs only
+        required: false
+        type: string
+        default: "false"
 
 permissions:
   id-token: write
   contents: read
 
 jobs:
   fuzz:
+    if: ${{ inputs.docs_only == 'false' }}
     runs-on: [ self-hosted, Linux, X64, "1ES.Pool=hld-kvm-amd" ]
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
 
-      - uses: hyperlight-dev/ci-setup-workflow@v1.0.0
+      - uses: hyperlight-dev/ci-setup-workflow@v1.1.0
         with:
           rust-toolchain: "1.81.0"
         env: