From 9b49423aad0a45ec9c0f8e711d1c638fde8e2c91 Mon Sep 17 00:00:00 2001
From: Federico Di Pierro <nierro92@gmail.com>
Date: Wed, 26 Jun 2024 09:48:06 +0200
Subject: [PATCH 1/2] new(ci): enable kernel testing on PRs.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
---
 .github/workflows/drivers_ci.yml | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/drivers_ci.yml b/.github/workflows/drivers_ci.yml
index 29238df125..a25aabe734 100644
--- a/.github/workflows/drivers_ci.yml
+++ b/.github/workflows/drivers_ci.yml
@@ -185,7 +185,7 @@ jobs:
         run: echo "GIT_BRANCH=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_ENV
 
       - name: Build and test drivers on ppc64le node via ssh
-        if: needs.paths-filter.outputs.driver_needs_rebuild
+        if: needs.paths-filter.outputs.driver == 'true' || needs.paths-filter.outputs.libscap == 'true' || needs.paths-filter.outputs.libpman == 'true'
         uses: appleboy/ssh-action@v1.0.3
         with:
           host: ${{ secrets.PPC64LE_HOST }}
@@ -325,3 +325,13 @@ jobs:
           cd build
           source /opt/rh/devtoolset-9/enable
           make scap-open -j6          
+
+  # Only runs on pull request since on master branch it is already triggered by pages CI.
+  kernel-tests-dev:
+    needs: paths-filter
+    if: github.event_name == 'pull_request' && (needs.paths-filter.outputs.driver == 'true' || needs.paths-filter.outputs.libscap == 'true' || needs.paths-filter.outputs.libpman == 'true')
+    uses: ./.github/workflows/reusable_kernel_tests.yaml
+    with:
+      # Use real branch's HEAD sha, not the merge commit
+      libsversion: ${{ github.event.pull_request.head.sha }}
+    secrets: inherit
\ No newline at end of file

From c179fe35f8cc8bb1b3d1cb13af092822138059a2 Mon Sep 17 00:00:00 2001
From: Federico Di Pierro <nierro92@gmail.com>
Date: Wed, 26 Jun 2024 10:22:50 +0200
Subject: [PATCH 2/2] new(ci): create a comment with kernel testing matrixes on
 PRs.

Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
---
 .../create-comment-kernel-testing.yml         | 54 +++++++++++++++++++
 .github/workflows/create-comment.yml          |  2 +-
 .github/workflows/drivers_ci.yml              | 41 +++++++++++++-
 3 files changed, 95 insertions(+), 2 deletions(-)
 create mode 100644 .github/workflows/create-comment-kernel-testing.yml

diff --git a/.github/workflows/create-comment-kernel-testing.yml b/.github/workflows/create-comment-kernel-testing.yml
new file mode 100644
index 0000000000..28cea9dfa3
--- /dev/null
+++ b/.github/workflows/create-comment-kernel-testing.yml
@@ -0,0 +1,54 @@
+# NOTE: This has read-write repo token and access to secrets, so this must
+# not run any untrusted code.
+# see: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+name: Comment with Kernel testing resulsts on pull requests
+
+on:
+  workflow_run:
+    workflows: ["Drivers CI Build"]
+    types:
+      - completed
+
+jobs:
+  upload:
+    runs-on: ubuntu-latest
+    if: github.event.workflow_run.event == 'pull_request'
+    steps:
+      - name: 'Download artifact'
+        uses: actions/github-script@v7.0.1
+        with:
+          script: |
+            var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               run_id: ${{github.event.workflow_run.id }},
+            });
+            var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
+              return artifact.name == "pr"
+            })[0];
+            var download = await github.rest.actions.downloadArtifact({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               artifact_id: matchArtifact.id,
+               archive_format: 'zip',
+            });
+            var fs = require('fs');
+            fs.writeFileSync('${{github.workspace}}/pr.zip', Buffer.from(download.data));
+
+      - name: 'Unpack artifact'
+        run: unzip pr.zip
+
+      - name: 'Comment on PR'
+        uses: actions/github-script@v7.0.1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            var fs = require('fs');
+            var issue_number = Number(fs.readFileSync('./NR'));
+            var comment_body = fs.readFileSync('./COMMENT');
+            await github.rest.issues.createComment({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: issue_number,
+              body: comment_body.toString('utf8')
+            });
\ No newline at end of file
diff --git a/.github/workflows/create-comment.yml b/.github/workflows/create-comment.yml
index 8960d6d449..008729c71a 100644
--- a/.github/workflows/create-comment.yml
+++ b/.github/workflows/create-comment.yml
@@ -1,7 +1,7 @@
 # NOTE: This has read-write repo token and access to secrets, so this must
 # not run any untrusted code.
 # see: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
-name: Comment on the pull request
+name: Comment with Perf diff on pull requests
 
 on:
   workflow_run:
diff --git a/.github/workflows/drivers_ci.yml b/.github/workflows/drivers_ci.yml
index a25aabe734..04ffeac9bb 100644
--- a/.github/workflows/drivers_ci.yml
+++ b/.github/workflows/drivers_ci.yml
@@ -334,4 +334,43 @@ jobs:
     with:
       # Use real branch's HEAD sha, not the merge commit
       libsversion: ${{ github.event.pull_request.head.sha }}
-    secrets: inherit
\ No newline at end of file
+    secrets: inherit
+
+  kernel-tests-upload:
+    needs: kernel-tests-dev
+    if: github.event_name == 'pull_request' && (needs.paths-filter.outputs.driver == 'true' || needs.paths-filter.outputs.libscap == 'true' || needs.paths-filter.outputs.libpman == 'true')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Download X64 matrix
+        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        with:
+          name: matrix_X64
+          path: matrix_X64
+
+      - name: Download ARM64 matrix
+        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        with:
+          name: matrix_ARM64
+          path: matrix_ARM64
+
+      - name: Save PR info
+        run: |
+          mkdir -p ./pr
+          echo ${{ github.event.number }} > ./pr/NR
+          touch ./pr/COMMENT
+          echo "# X64 kernel testing matrix" >> ./pr/COMMENT
+          echo "$(head -n $(grep -n -v -m1 '^|' matrix_X64/matrix.md | awk -F':'  '{ print $1 }') matrix_X64/matrix.md)" >> ./pr/COMMENT
+          echo "" > ./pr/COMMENT
+          echo "# ARM64 kernel testing matrix" >> ./pr/COMMENT
+          echo "$(head -n $(grep -n -v -m1 '^|' matrix_ARM64/matrix.md | awk -F':'  '{ print $1 }') matrix_ARM64/matrix.md)" >> ./pr/COMMENT
+          echo Uploading PR info...
+          cat ./pr/COMMENT
+          echo ""
+
+      - name: Upload PR info as artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: pr
+          path: pr/
+          retention-days: 1
+          if-no-files-found: warn
\ No newline at end of file