Releases: OpenDevicePartnership/patina-devops
v0.3.7
What's Changed
-
.sync/rust-toolchain.toml: Downgrade cargo-vet to v0.10.0 @Javagedes (#63)
Change Details
cargo-vet does not have a v0.10.1 release on github, which means we fall back to attempting to compile the tool. Compilation fails regularly as we do not keep our toolchain up to date. This commit downgrades to v0.10.0, which does have binaries published that we can download.
-
update cargo-binstall install action @Javagedes (#61)
Change Details
This commit updates the action that installs cargo-binstall to latest, which fixes an issue we were experiencing when attempting to install cargo-binstall during a cache miss.
Closes #60
Fix works as shown here: https://github.com/OpenDevicePartnership/patina/actions/runs/20439368694/job/58728410115?pr=1207
-
.sync/rust-toolchain.toml: Update cargo-deny to v0.18 @makubacki (#59)
Change Details
Update to version 0.18 to pick up the fix for the following issue:
In the v0.18.6 release of cargo-deny:
https://github.com/EmbarkStudios/cargo-deny/releases/tag/0.18.6
Fixes this issue observed in patina-dxe-core-qemu:
Error: -20 00:22:52 [ERROR] failed to load advisory database: parse error: error parsing /home/runner/.cargo/advisory-dbs/github.com-9b36585d9d99f7b3/crates/cap-primitives/RUSTSEC-2024-0445.md: parse error: TOML parse error at line 8, column 8 | 8 | cvss = "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ unsupported CVSS version: 4.0</blockquote> <hr> </details>
-
rust-tool-cache: do not always download cargo-binstall @Javagedes (#58)
Change Details
Update the rust-tool-cache action to only download cargo-binstall if we are actually going to use it in the next command. Otherwise, it is a pointless install.
-
rust-toolchain.toml: use an empty additional\_targets list when no extra targets are needed @vineelko (#57)
Change Details
- Address the failure in processing the nunjucks template introduced in recent https://github.com//pull/55 - Validated on a private fork https://github.com/vineelko/patina-devops/actions/runs/20178244757
-
Update Rust toolchain version to nightly-2025-12-12 @Javagedes (#56)
Change Details
This commit updates rust toolchain version to 2025-12-12, which is one day post 1.92.0 release. This file is sync'd to all applicable repositories via the file syncer.
-
Add template parameter to Rust toolchain file to add additional targets @vineelko (#55)
Change Details
- Ensure validator binary builds for the following target triples: - x86_64-pc-windows-msvc - aarch64-pc-windows-msvc - x86_64-unknown-linux-gnu - aarch64-unknown-linux-gnu - This change enables the patina readiness tool GitHub release to include all supported binary flavors(after a follow up fix in readiness repo). ``` ├───aarch64-pc-windows-msvc │ └───debug │ dxe_readiness_validator.exe │ dxe_readiness_validator.pdb ├───x86_64-pc-windows-msvc │ └───debug │ dxe_readiness_validator.exe │ dxe_readiness_validator.pdb ├───x86_64-unknown-linux-gnu │ └───debug │ dxe_readiness_validator └───aarch64-unknown-linux-gnu └───debug dxe_readiness_validator ```
-
CiWorkflow.yml: Move clippy to the Rust CI job @hashcatHitman (#53)
Change Details
Clippy is dependent on conditional compilation configurations such as the target architecture, which leads to issues such as [patina#1092].
Having clippy be part of the Rust CI job should remedy this since it runs on the
ubuntu-24.04-armrunner.
-
.sync/Makefiles: Add --doctests to test task @makubacki (#54)
Change Details
Runs doc tests during the `test` task to validate doc examples and include their coverage in reports.
-
Files.yml: Add .git\_credentials to .gitignore @makubacki (#52)
Change Details
A recent change in the patina added `.git_credentials` to the `.gitignore` file. This change adds it to the file sync so it is included in the sync to the patina and other repos.
-
Remove build-bin task from Makefile @Javagedes (#50)
Change Details
Removed build-bin task and its related documentation in association with:
OpenDevicePartnership/patina#1090
OpenDevicePartnership/patina#1101
Full Changelog: v0.3.6...v0.3.7
Contributors
Assets 2
v0.3.6
What's Changed
-
Add arm64 CI runner \& fix cache and upload keys @cfernald (#47)
Change Details
- Introduces a ubuntu-24.04-arm runner to the CI workflow to verify compatibility with ARM64 development environments. - Updates cache and artifact keys to include the runner architecture, to prevent conflicts between x86_64 and Arm64.
Tested in forked repo: https://github.com/cfernald/patina/actions/runs/19413067151/job/55537282932?pr=2
Will hold until all dependent repos are fixed for arm64 compilation.
-
Notebooks: Add patina-apps repo @makubacki (#45)
Change Details
Adds the `patina-apps` repo that was recently created to the notebooks.
-
.sync/Makefile-patina-readiness-tool.toml: Add deny task @makubacki (#44)
Change Details
Adds the `deny` task to the makefile so it can be invoked with `cargo make deny`.
-
Files.yml: Add custom patina-readiness-tool settings @makubacki (#43)
Change Details
These repos are using the current deny.toml config file as-is today:
patinapatina-dxe-core-qemupatina-mtrrpatina-paging
patina-readiness-toolneeds a few settings customized. This keeps project-level settings consistent between all repos while allowing common configuration points to be compared and edited in a single location across all repos.
Example syncs on forks with these changes:
-
.sync/Makefiles: Update all to use LF line endings @makubacki (#42)
Change Details
Makefiles have been maintained with different line endings. Update all to have Unix style line endings for consistency.
-
Readiness Tool: Avoid setting target subsystem rules @vineelko (#41)
Change Details
The Readiness Tool generates binaries with differing subsystem types. Forcing the subsystem type to `efi_boot_service_driver` causes UEFI Shell applications to fail.
Produced binaries and their expected subsystem types:
- x64-uefishell - EFI application
- aarch64-uefishell - EFI application
- intel-lnl - EFI driver
- intel-ptl - EFI driver
- x64-uefi - EFI driver
- aarch64-uefi - EFI driver
- validation-binary - Windows console application
-
Dependabot: Update syntax for ignore dependency names. @apop5 (#35)
Change Details
Dependabot action updates ignore syntax needed modified to ignore actions. This was tracked to the following documentation:
-
Makefile.toml: Don't Build Doc Dependencies for CI @os-d (#39)
Change Details
Currently, we run cargo doc in cargo make all and in CI to validate our docs are not broken. However, this automatically builds dependencies, which is slow, needless for this case, and can cause a CI break for us if a dependency has broken docs.
This adds --no-deps to cargo make doc to not build dependencies. On a local system that changed a clean build of cargo make doc from 5m 04s to 38s.
For the locally built docs case, cargo make doc-open will build all docs, including dependencies and open it locally.
Full Changelog: v0.3.5...v0.3.6
Contributors
Assets 2
v0.3.5
What's Changed
-
Add Makefile Sync for All Patina Repos [Rebase \& FF] @makubacki (#37)
Change Details
Closes #36
.sync/Makefile.toml: Clean Coverage Artifacts Before Running Coverage
Currently, this file is only synced to the patina repository. This
change brings in the changes from the following commit in the patina
repository to this copy of the file.OpenDevicePartnership/patina@faae91a
Add all Patina repo Makefile.toml files for sync
Consolidate all Makefile.toml files as they exist in each repo to
be synced from this repo.This makes it easy to audit files against each, leverage potential
shared implementation or templating in the future, and reduce
manual churn to update each makefile manually across repos when a
sweeping change is needed.
Note: The new patina-apps repo does not have a Makefile.toml so this PR does not attempt to create one. Once a Makefile.toml has been created and tested in that repo with the content that needs to build there then a future change can sync it from patina-devops.
-
CiWorkflow.yml: Add artifact upload parameter @makubacki (#40)
Change Details
Allow a caller to specify a list of artifacts to upload. This allows build output to efficiently be uploaded from the build already performed in the job.
-
Files.yml: Sync files to the patina-apps repo @makubacki (#38)
Change Details
Syncs common files to the `patina-apps` repo. The CI workflow and a Makefile.toml are not synced at this time. After content is added to that repo and confirmed to build, then those files can be synced from here with the configuration needed to support that build.
-
Files.yml: Update .gitignore in Rust repos @makubacki (#34)
Change Details
Pull in the changes made to .gitignore locally in the patina repo in: https://github.com/OpenDevicePartnership/patina/commit/228bfbadec6cf478ffe8f7d76bb67be32ee56f49
This should resolve as a no-op to that repo in future file syncs.
Full Changelog: v0.3.4...v0.3.5
Contributors
Assets 2
v0.3.4
What's Changed
-
Update label syntax for actions/labeler v6 @makubacki (#32)
Change Details
The syntax for file paths needs to be updated after updating to v6 of the action in:
Full Changelog: v0.3.3...v0.3.4
Contributors
Assets 2
v0.3.3
What's Changed
-
Version.njk: Update version to v0.3.3 @makubacki (#30)
Change Details
Updates the version for an upcoming patina-devops release.
-
.sync/config.toml: Customize link section inclusion @makubacki (#28)
Change Details
Add a template parameter called `include_uefi_target_rules` to control whether the linker arguments for UEFI targets are defined for `rustflags`.
This is currently only needed for building UEFI binaries in the patina-dxe-core-qemu and patina-readiness-tool repos.
PDB names can be customized for the
PDBALTPATHparameter independently for each target.
File Sync Tests
- Example of a
falsescenario such as thepatinarepo: makubacki/patina@0bfcf83 - Example of a
truescenario such as thepatina-dxe-core-qemurepo: makubacki/patina-dxe-core-qemu@1609181
- Example of a
-
Only run workflows dependent on the ODP app to the org @makubacki (#29)
Change Details
Some workflows use the ODP GitHub app credentials to perform write actions across one or more repos. Since forks will not have secrets to the ODP GitHub app and likely do not want these workflows to run anyway, limit them to `OpenDevicePartnership` organization.
-
Sync label-issues config files @makubacki (#27)
Change Details
The configuration files used in `.github/workflows/Labeler.yml` can be synced to repos to keep label application consistent.
-
Consolidate Current Dependabot PRs [Rebase \& FF] @makubacki (#26)
Full Changelog: v0.3.2...v0.3.3
Contributors
Assets 2
v0.3.2
What's Changed
-
Exclude the patina-automation bot in release notes @makubacki (#24)
Change Details
Add a label to PRs created by the patina-automation bot so they can easily be excluded from release notes.
This change (OpenDevicePartnership/patina@334853c) in the patina repo prevented
patina-automation[bot]from appearing as a contributor but did not prevent its actual PR from being included in the release notes. Now, a labeltype:patina-botis applied to its PRs and those labels are marked for exclusion from the release notes.
Full Changelog: v0.3.1...v0.3.2
Contributors
Assets 2
v0.3.1
What's Changed
-
CiWorkflow.yml: Remove dry-release step @Javagedes (#23)
Change Details
The dry-release step has caused more issues then it has solved and it is not even able to test the main scenario that needs to be tested - when a new crate is added. Due to this, I am removing the dry-release CI step. If something does come up, then we can just create a PR to fix it and perform another release.
Additionally - pre-set patina-devops version to v0.3.1
-
.sync/markdownlint.yaml: Add iframe as an allowed element @makubacki (#22)
Change Details
Allow `iframe` elements to be used in markdown. This is currently used to embed videos in the published mdbook.
-
.sync/publish-release.yml: Remove default token permissions @makubacki (#21)
Change Details
The default token permissions do not need to be modified since a GitHub app-derived token is used for authentication.
-
.sync/ci-workflow.yml: Apply a safe filter to `run-release-dry-run` @makubacki (#19)
Change Details
To prevent quotes from being autoescaped, use the `safe` filter when substituting the parameter value.
Prevents the quotes from being placed like this:
${{ !contains(github.event.pull_request.body, "- [x] Creates a new crate?") }}
Full Changelog: v0.3.0...v0.3.1
Contributors
Assets 2
v0.3.0
Contributors
Assets 2
v0.2.2
Contributors
Assets 2
v0.2.1
What's Changed
- CrateVersionUpdater.yml: bugfix adding Cargo.toml by @Javagedes in #12
Full Changelog: v0.2.0...v0.2.1