From acaec501c9fcdcd190595cac1473c87a56b56d01 Mon Sep 17 00:00:00 2001 From: Duc Tri Nguyen Date: Tue, 26 Mar 2024 22:07:53 -0400 Subject: [PATCH 1/9] Add astyle test to Github Workflow Signed-off-by: Duc Tri Nguyen --- .github/workflows/build.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 .github/workflows/build.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 000000000..36da29f98 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,15 @@ +name: Asytle format test +on: + push: + branches: [ '*' ] + pull_request: + branches: [ "main" ] +jobs: + build_test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: install dependencies + run: sudo apt install astyle + - name: Astyle + run: astyle **/*.[ch] --options=.astylerc --dry-run | grep -vq "Formatted" \ No newline at end of file From b6c3e9e9b976c06cb876884e40108bca481381f4 Mon Sep 17 00:00:00 2001 From: Duc Tri Nguyen Date: Tue, 26 Mar 2024 22:39:03 -0400 Subject: [PATCH 2/9] Sync with mlkem-c-embedded build.yml Signed-off-by: Duc Tri Nguyen --- .github/workflows/build.yml | 43 ++++++++++++++++++++++++++++++++----- 1 file changed, 38 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 36da29f98..b89c72a6b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,4 +1,4 @@ -name: Asytle format test +name: Build on: push: branches: [ '*' ] @@ -8,8 +8,41 @@ jobs: build_test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - name: install dependencies - run: sudo apt install astyle + - name: install jq + shell: bash + run: | + if ! (command -v jq) &> /dev/null + then + sudo apt install -y --no-install-recommends jq + fi + - uses: actions/checkout@v4 + - id: nixpkgs + shell: bash + run: | + if [ -f flake.lock ]; then + nixpkgs="flake:$(cat flake.lock | jq -r '.nodes.nixpkgs.locked // empty | .type + ":" + .owner + "/" + .repo + "/" + .rev')" + else + nixpkgs=channel:nixos-unstable + fi + echo "nixpkgs=$nixpkgs" >> "$GITHUB_OUTPUT" + - uses: cachix/install-nix-action@v25 + with: + nix_path: nixpkgs=${{ steps.nixpkgs.outputs.nixpkgs }} + - name: Prepare nix dev shell + shell: nix develop .#ci -c bash -e {0} + run: | + astyle --version - name: Astyle - run: astyle **/*.[ch] --options=.astylerc --dry-run | grep -vq "Formatted" \ No newline at end of file + shell: nix develop .#ci -c bash -e {0} + run: | + err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted) + if [[ ${#err} != 0 ]]; then + echo "$err" | awk '{split($0,a);print a[2]}' | while IFS= read -r file; do + echo "::error file={"$file"},title={checking}::Formatted $file" + done + exit 1 + fi + - name: Build targets + shell: nix develop .#ci -c bash -e {0} + run: | + make \ No newline at end of file From 04807b5b931bc978386817fa733a7680fe5a8859 Mon Sep 17 00:00:00 2001 From: Duc Tri Nguyen Date: Tue, 26 Mar 2024 23:17:34 -0400 Subject: [PATCH 3/9] Removed Nix packages Signed-off-by: Duc Tri Nguyen --- .github/workflows/build.yml | 54 +++++++++++-------------------------- 1 file changed, 16 insertions(+), 38 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b89c72a6b..eb90c18e6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,41 +8,19 @@ jobs: build_test: runs-on: ubuntu-latest steps: - - name: install jq - shell: bash - run: | - if ! (command -v jq) &> /dev/null - then - sudo apt install -y --no-install-recommends jq - fi - - uses: actions/checkout@v4 - - id: nixpkgs - shell: bash - run: | - if [ -f flake.lock ]; then - nixpkgs="flake:$(cat flake.lock | jq -r '.nodes.nixpkgs.locked // empty | .type + ":" + .owner + "/" + .repo + "/" + .rev')" - else - nixpkgs=channel:nixos-unstable - fi - echo "nixpkgs=$nixpkgs" >> "$GITHUB_OUTPUT" - - uses: cachix/install-nix-action@v25 - with: - nix_path: nixpkgs=${{ steps.nixpkgs.outputs.nixpkgs }} - - name: Prepare nix dev shell - shell: nix develop .#ci -c bash -e {0} - run: | - astyle --version - - name: Astyle - shell: nix develop .#ci -c bash -e {0} - run: | - err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted) - if [[ ${#err} != 0 ]]; then - echo "$err" | awk '{split($0,a);print a[2]}' | while IFS= read -r file; do - echo "::error file={"$file"},title={checking}::Formatted $file" - done - exit 1 - fi - - name: Build targets - shell: nix develop .#ci -c bash -e {0} - run: | - make \ No newline at end of file + - uses: actions/checkout@v3 + - name: install dependencies + run: apt-get update && apt install -y astyle jq git + + - name: Astyle version + run: astyle --version + + - name: Astyle test + run: | + err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted) + if [[ ${#err} != 0 ]]; then + echo "$err" | awk '{split($0,a);print a[2]}' | while IFS= read -r file; do + echo "::error file={"$file"},title={checking}::Formatted $file" + done + exit 1 + fi \ No newline at end of file From f29ab0b4bc98080afd9062bf47bd96205abb9193 Mon Sep 17 00:00:00 2001 From: Duc Tri Nguyen Date: Tue, 26 Mar 2024 23:19:13 -0400 Subject: [PATCH 4/9] Add sudo Signed-off-by: Duc Tri Nguyen --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index eb90c18e6..079ff3ba9 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -10,7 +10,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: install dependencies - run: apt-get update && apt install -y astyle jq git + run: sudo apt-get update && sudo apt install -y astyle jq git - name: Astyle version run: astyle --version From 0592c97e8491c4711b0da96bec78b900329e16ab Mon Sep 17 00:00:00 2001 From: Duc Tri Nguyen Date: Wed, 27 Mar 2024 12:00:26 -0400 Subject: [PATCH 5/9] Add falke and use nix package to have stable astyle version Signed-off-by: Duc Tri Nguyen --- .github/workflows/build.yml | 54 ++++++++++++++++++++++---------- flake.lock | 48 +++++++++++++++++++++++++++++ flake.nix | 61 +++++++++++++++++++++++++++++++++++++ 3 files changed, 147 insertions(+), 16 deletions(-) create mode 100644 flake.lock create mode 100644 flake.nix diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 079ff3ba9..f5f21397a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,19 +8,41 @@ jobs: build_test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - name: install dependencies - run: sudo apt-get update && sudo apt install -y astyle jq git - - - name: Astyle version - run: astyle --version - - - name: Astyle test - run: | - err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted) - if [[ ${#err} != 0 ]]; then - echo "$err" | awk '{split($0,a);print a[2]}' | while IFS= read -r file; do - echo "::error file={"$file"},title={checking}::Formatted $file" - done - exit 1 - fi \ No newline at end of file + - name: install jq + shell: bash + run: | + if ! (command -v jq) &> /dev/null + then + sudo apt install -y --no-install-recommends jq + fi + - uses: actions/checkout@v4 + - id: nixpkgs + shell: bash + run: | + if [ -f flake.lock ]; then + nixpkgs="flake:$(cat flake.lock | jq -r '.nodes.nixpkgs.locked // empty | .type + ":" + .owner + "/" + .repo + "/" + .rev')" + else + nixpkgs=channel:nixos-unstable + fi + echo "nixpkgs=$nixpkgs" >> "$GITHUB_OUTPUT" + - uses: cachix/install-nix-action@v25 + with: + nix_path: nixpkgs=${{ steps.nixpkgs.outputs.nixpkgs }} + - name: Prepare nix dev shell + shell: nix develop .#ci -c bash -e {0} + run: | + astyle --version + - name: Astyle + shell: nix develop .#ci -c bash -e {0} + run: | + err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted) + if [[ ${#err} != 0 ]]; then + echo "$err" | awk '{split($0,a);print a[2]}' | while IFS= read -r file; do + echo "::error file={"$file"},title={checking}::Formatted $file" + done + exit 1 + fi + - name: Build targets + shell: nix develop .#ci -c bash -e {0} + run: | + make diff --git a/flake.lock b/flake.lock new file mode 100644 index 000000000..fc8e038fb --- /dev/null +++ b/flake.lock @@ -0,0 +1,48 @@ +{ + "nodes": { + "flake-parts": { + "inputs": { + "nixpkgs-lib": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709336216, + "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1710695816, + "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-parts": "flake-parts", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 000000000..8c6c3737e --- /dev/null +++ b/flake.nix @@ -0,0 +1,61 @@ +# SPDX-License-Identifier: Apache-2.0 + +{ + description = "mlkem-c-embedded"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + + flake-parts = { + url = "github:hercules-ci/flake-parts"; + inputs.nixpkgs-lib.follows = "nixpkgs"; + }; + }; + + outputs = inputs@{ flake-parts, nixpkgs, ... }: + flake-parts.lib.mkFlake { inherit inputs; } { + imports = [ ]; + systems = [ "x86_64-linux" "aarch64-linux" "aarch64-darwin" "x86_64-darwin" ]; + perSystem = { pkgs, system, inputs', ... }: + let + core = with pkgs; [ + # formatter & linters + astyle # 3.4.10 + + # build dependencies + gcc-arm-embedded-13 # arm-gnu-toolchain-13.2.rel1 + openocd # 0.12.0 + python311Packages.pyserial # 3.5 + ]; + in + { + devShells.default = with pkgs; mkShellNoCC { + packages = core ++ [ + direnv + nix-direnv + + # formatter & linters + nixpkgs-fmt + shfmt + codespell + ]; + + shellHook = '' + export PATH=$PWD/dev-support/bin:$PATH + ''; + }; + + devShells.ci = with pkgs; mkShellNoCC { + packages = core; + }; + + }; + flake = { + # The usual flake attributes can be defined here, including system- + # agnostic ones like nixosModule and system-enumerating ones, although + # those are more easily expressed in perSystem. + + }; + }; +} + From e55890ea93839417830ae6db2b1c7d8e1dc08716 Mon Sep 17 00:00:00 2001 From: Duc Tri Nguyen Date: Thu, 28 Mar 2024 23:18:27 -0400 Subject: [PATCH 6/9] remove unused dependency Signed-off-by: Duc Tri Nguyen --- flake.lock | 6 +++--- flake.nix | 7 +------ 2 files changed, 4 insertions(+), 9 deletions(-) diff --git a/flake.lock b/flake.lock index fc8e038fb..a176a41ff 100644 --- a/flake.lock +++ b/flake.lock @@ -22,11 +22,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1710695816, - "narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=", + "lastModified": 1711460390, + "narHash": "sha256-akSgjDZL6pVHEfSE6sz1DNSXuYX6hq+P/1Z5IoYWs7E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "614b4613980a522ba49f0d194531beddbb7220d3", + "rev": "44733514b72e732bd49f5511bd0203dea9b9a434", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 8c6c3737e..0c6aa5761 100644 --- a/flake.nix +++ b/flake.nix @@ -1,7 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 { - description = "mlkem-c-embedded"; + description = "mlkem-c-aarch64"; inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; @@ -21,11 +21,6 @@ core = with pkgs; [ # formatter & linters astyle # 3.4.10 - - # build dependencies - gcc-arm-embedded-13 # arm-gnu-toolchain-13.2.rel1 - openocd # 0.12.0 - python311Packages.pyserial # 3.5 ]; in { From 25c47f062b5f945aba27eb3ff3532aba4aece237 Mon Sep 17 00:00:00 2001 From: cothan Date: Wed, 27 Mar 2024 12:25:11 -0400 Subject: [PATCH 7/9] Add test (#22) * Add test Signed-off-by: Duc Tri Nguyen * Remove test_vector, because it's not important Signed-off-by: Duc Tri Nguyen * Add MLKEM C reference code (#19) Signed-off-by: Duc Tri Nguyen * Add randombytes (#20) Signed-off-by: Duc Tri Nguyen * Add fips202 (#21) Signed-off-by: Duc Tri Nguyen --------- Signed-off-by: Duc Tri Nguyen --- .gitignore | 5 ++- Makefile | 39 ++++++++++++++++ test/test_kyber.c | 112 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 155 insertions(+), 1 deletion(-) create mode 100644 Makefile create mode 100644 test/test_kyber.c diff --git a/.gitignore b/.gitignore index 3f93c0e80..2db7dfcca 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,7 @@ # (TODO customize .gitignore for project) .vscode -.idea \ No newline at end of file +.idea +test/test_kyber512 +test/test_kyber768 +test/test_kyber1024 diff --git a/Makefile b/Makefile new file mode 100644 index 000000000..d7f3f17bf --- /dev/null +++ b/Makefile @@ -0,0 +1,39 @@ +CC ?= /usr/bin/cc +CFLAGS_FIPS202 = -I fips202 +CFLAGS_MLKEM = -I mlkem +CFLAGS_RANDOMBYTES = -I randombytes +CFLAGS_TEST = -I test +CFLAGS += -Wall -Wextra -Wpedantic -Wmissing-prototypes -Wredundant-decls \ + -Wshadow -Wpointer-arith -O3 -fomit-frame-pointer -pedantic \ + ${CFLAGS_RANDOMBYTES} ${CFLAGS_MLKEM} ${CFLAGS_FIPS202} ${CFLAGS_TEST} +NISTFLAGS += -Wno-unused-result -O3 -fomit-frame-pointer +RM = /bin/rm + +SOURCES = mlkem/kem.c mlkem/indcpa.c mlkem/polyvec.c mlkem/poly.c mlkem/ntt.c mlkem/cbd.c mlkem/reduce.c mlkem/verify.c +SOURCESKECCAK = $(SOURCES) fips202/keccakf1600.c fips202/fips202.c mlkem/symmetric-shake.c +HEADERS = mlkem/params.h mlkem/kem.h mlkem/indcpa.h mlkem/polyvec.h mlkem/poly.h mlkem/ntt.h mlkem/cbd.h mlkem/reduce.c mlkem/verify.h mlkem/symmetric.h +HEADERSKECCAK = $(HEADERS) fips202/keccakf1600.h fips202/fips202.h + +.PHONY: all mlkem clean + +all: mlkem + +mlkem: \ + test/test_kyber512 \ + test/test_kyber768 \ + test/test_kyber1024 + +test/test_kyber512: $(SOURCESKECCAK) $(HEADERSKECCAK) test/test_kyber.c randombytes/randombytes.c + $(CC) $(CFLAGS) -DKYBER_K=2 $(SOURCESKECCAK) randombytes/randombytes.c test/test_kyber.c -o $@ + +test/test_kyber768: $(SOURCESKECCAK) $(HEADERSKECCAK) test/test_kyber.c randombytes/randombytes.c + $(CC) $(CFLAGS) -DKYBER_K=3 $(SOURCESKECCAK) randombytes/randombytes.c test/test_kyber.c -o $@ + +test/test_kyber1024: $(SOURCESKECCAK) $(HEADERSKECCAK) test/test_kyber.c randombytes/randombytes.c + $(CC) $(CFLAGS) -DKYBER_K=4 $(SOURCESKECCAK) randombytes/randombytes.c test/test_kyber.c -o $@ + +clean: + -$(RM) -rf *.gcno *.gcda *.lcov *.o *.so + -$(RM) -rf test/test_kyber512 + -$(RM) -rf test/test_kyber768 + -$(RM) -rf test/test_kyber1024 diff --git a/test/test_kyber.c b/test/test_kyber.c new file mode 100644 index 000000000..cd66fa925 --- /dev/null +++ b/test/test_kyber.c @@ -0,0 +1,112 @@ +#include +#include +#include +#include "kem.h" +#include "randombytes.h" + +#define NTESTS 1000 + +static int test_keys(void) { + uint8_t pk[CRYPTO_PUBLICKEYBYTES]; + uint8_t sk[CRYPTO_SECRETKEYBYTES]; + uint8_t ct[CRYPTO_CIPHERTEXTBYTES]; + uint8_t key_a[CRYPTO_BYTES]; + uint8_t key_b[CRYPTO_BYTES]; + + //Alice generates a public key + crypto_kem_keypair(pk, sk); + + //Bob derives a secret key and creates a response + crypto_kem_enc(ct, key_b, pk); + + //Alice uses Bobs response to get her shared key + crypto_kem_dec(key_a, ct, sk); + + if (memcmp(key_a, key_b, CRYPTO_BYTES)) { + printf("ERROR keys\n"); + return 1; + } + + return 0; +} + +static int test_invalid_sk_a(void) { + uint8_t pk[CRYPTO_PUBLICKEYBYTES]; + uint8_t sk[CRYPTO_SECRETKEYBYTES]; + uint8_t ct[CRYPTO_CIPHERTEXTBYTES]; + uint8_t key_a[CRYPTO_BYTES]; + uint8_t key_b[CRYPTO_BYTES]; + + //Alice generates a public key + crypto_kem_keypair(pk, sk); + + //Bob derives a secret key and creates a response + crypto_kem_enc(ct, key_b, pk); + + //Replace secret key with random values + randombytes(sk, CRYPTO_SECRETKEYBYTES); + + //Alice uses Bobs response to get her shared key + crypto_kem_dec(key_a, ct, sk); + + if (!memcmp(key_a, key_b, CRYPTO_BYTES)) { + printf("ERROR invalid sk\n"); + return 1; + } + + return 0; +} + +static int test_invalid_ciphertext(void) { + uint8_t pk[CRYPTO_PUBLICKEYBYTES]; + uint8_t sk[CRYPTO_SECRETKEYBYTES]; + uint8_t ct[CRYPTO_CIPHERTEXTBYTES]; + uint8_t key_a[CRYPTO_BYTES]; + uint8_t key_b[CRYPTO_BYTES]; + uint8_t b; + size_t pos; + + do { + randombytes(&b, sizeof(uint8_t)); + } while (!b); + randombytes((uint8_t *)&pos, sizeof(size_t)); + + //Alice generates a public key + crypto_kem_keypair(pk, sk); + + //Bob derives a secret key and creates a response + crypto_kem_enc(ct, key_b, pk); + + //Change some byte in the ciphertext (i.e., encapsulated key) + ct[pos % CRYPTO_CIPHERTEXTBYTES] ^= b; + + //Alice uses Bobs response to get her shared key + crypto_kem_dec(key_a, ct, sk); + + if (!memcmp(key_a, key_b, CRYPTO_BYTES)) { + printf("ERROR invalid ciphertext\n"); + return 1; + } + + return 0; +} + +int main(void) { + unsigned int i; + int r; + + for (i = 0; i < NTESTS; i++) { + r = test_keys(); + r |= test_invalid_sk_a(); + r |= test_invalid_ciphertext(); + if (r) { + return 1; + } + } + + printf("CRYPTO_SECRETKEYBYTES: %d\n", CRYPTO_SECRETKEYBYTES); + printf("CRYPTO_PUBLICKEYBYTES: %d\n", CRYPTO_PUBLICKEYBYTES); + printf("CRYPTO_CIPHERTEXTBYTES: %d\n", CRYPTO_CIPHERTEXTBYTES); + + return 0; +} From 6c52e070bf829deb697dbb2606918166978110e4 Mon Sep 17 00:00:00 2001 From: Duc Tri Nguyen Date: Fri, 29 Mar 2024 00:09:39 -0400 Subject: [PATCH 8/9] refactor build.yml Signed-off-by: Duc Tri Nguyen --- .github/actions/setup-nix | 13 +++++++++++++ .github/workflows/build.yml | 33 +++++++-------------------------- 2 files changed, 20 insertions(+), 26 deletions(-) create mode 100644 .github/actions/setup-nix diff --git a/.github/actions/setup-nix b/.github/actions/setup-nix new file mode 100644 index 000000000..6a58d38fb --- /dev/null +++ b/.github/actions/setup-nix @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: Apache-2.0 + +name: Setup nix +description: Setup nix + +runs: + using: composite + steps: + - uses: nixbuild/nix-quick-install-action@v27 + with: {load_nixConfig: false} + - name: Prepare nix dev shell + shell: nix develop .#ci -c bash -e {0} + run: | \ No newline at end of file diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f5f21397a..7f8ef55b2 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,3 +1,5 @@ +# SPDX-License-Identifier: Apache-2.0 + name: Build on: push: @@ -8,36 +10,15 @@ jobs: build_test: runs-on: ubuntu-latest steps: - - name: install jq - shell: bash - run: | - if ! (command -v jq) &> /dev/null - then - sudo apt install -y --no-install-recommends jq - fi - uses: actions/checkout@v4 - - id: nixpkgs - shell: bash - run: | - if [ -f flake.lock ]; then - nixpkgs="flake:$(cat flake.lock | jq -r '.nodes.nixpkgs.locked // empty | .type + ":" + .owner + "/" + .repo + "/" + .rev')" - else - nixpkgs=channel:nixos-unstable - fi - echo "nixpkgs=$nixpkgs" >> "$GITHUB_OUTPUT" - - uses: cachix/install-nix-action@v25 - with: - nix_path: nixpkgs=${{ steps.nixpkgs.outputs.nixpkgs }} - - name: Prepare nix dev shell - shell: nix develop .#ci -c bash -e {0} - run: | - astyle --version + - name: Setup nix + uses: ./.github/actions/setup-nix - name: Astyle shell: nix develop .#ci -c bash -e {0} run: | - err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted) + err=$(astyle $(git ls-files "*.c" "*.h") --options=.astylerc --dry-run --formatted | awk '{print $2}') if [[ ${#err} != 0 ]]; then - echo "$err" | awk '{split($0,a);print a[2]}' | while IFS= read -r file; do + echo "$err" | while IFS= read -r file; do echo "::error file={"$file"},title={checking}::Formatted $file" done exit 1 @@ -45,4 +26,4 @@ jobs: - name: Build targets shell: nix develop .#ci -c bash -e {0} run: | - make + make \ No newline at end of file From 8f15f0069a174e6b8885eef9e3b50a2d264c0198 Mon Sep 17 00:00:00 2001 From: Duc Tri Nguyen Date: Fri, 29 Mar 2024 00:12:47 -0400 Subject: [PATCH 9/9] move to inner folder Signed-off-by: Duc Tri Nguyen --- .github/actions/{setup-nix => setup-nix/action.yml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/actions/{setup-nix => setup-nix/action.yml} (100%) diff --git a/.github/actions/setup-nix b/.github/actions/setup-nix/action.yml similarity index 100% rename from .github/actions/setup-nix rename to .github/actions/setup-nix/action.yml