Add Patina End-to-End Validation Flow [Rebase & FF]#81
Open
makubacki wants to merge 3 commits intoOpenDevicePartnership:mainfrom
Open
Add Patina End-to-End Validation Flow [Rebase & FF]#81makubacki wants to merge 3 commits intoOpenDevicePartnership:mainfrom
makubacki wants to merge 3 commits intoOpenDevicePartnership:mainfrom
Conversation
5 tasks
cfernald
reviewed
Feb 25, 2026
cfernald
approved these changes
Feb 25, 2026
.github/actions/run-patina-qemu-validation/run_qemu_validation.py
Outdated
Show resolved
Hide resolved
Contributor
|
Do we need to place these workflows here, rather than in Patina? I only ask because this will only ever be used in Patina, and by adding it here rather than patina repo, it adds some unnecessary complexity if we wish to make updates. |
cfernald
reviewed
Feb 25, 2026
Collaborator
Author
You're correct but I generally wanted to consolidate workflow and related implementation in this repo because it:
|
95e4dd9 to
b867bbb
Compare
Adds constant used for Patina QEMU workflows to patina-devops so they can be reused in workflows that will build and test patina changes on QEMU. Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Updates action version in `.github/actions/rust-tool-cache/action.yml` to latest (matching what is used in other files in the repo). Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Adds a new workflow that will run changes in the `patina` repository against the latest code and releases from other Patina repositories. The main files to support this workflow are: Workflows: - `.github/workflows/PatinaQemuPrValidation.yml`: The workflow file that defines the steps to run the validation. - `.github/workflows/PatinaQemuPrValidationPost.yml`: A workflow that runs after the main validation workflow to post results in a comment back to the PR. Actions: - `.github/actions/setup-patina-qemu-validation`: A GitHub Action that sets up the environment for running the QEMU validation tests. - `.github/actions/run-patina-qemu-validation`: A GitHub Action that runs the QEMU validation tests. - `.github/actions/extract-build-errors`: A GitHub Action that extracts build errors from the QEMU validation logs and formats them for posting back to the PR. --- `PatinaQemuPrValidation.yml` is expected to be triggered on pull requests into the `patina` repository. A common set of steps are organized in a "Preflight" job. This generates cache keys for different dependencies and determines that there is version compatibility to proceed with the rest of the workflow. This job tries to reduce the likelihood of hitting the GitHub API rate limit through authenticated requests and caching. The platform validation portion builds the Q35 and SBSA binaries in a standalone step instead of in combination with the script invocation that runs the tests. This allows for clear differentiation between build and runtime failures. Special parameters were added to the `build_and_run_rust_binary.py` script in `patina-qemu` to support this. Comments posted back to the patina PR are meant to be as helpful as possible resulting in some overhead to generate them. The parsing and heuristic details might need to be tweaked over time. --- Notes: - Concurrent runs of the workflow for the same PR are prevent in the calling workflow in the patina repository. - GitHub API requests are made using authenticated requests. Reads generally use the default GitHub token while writes use the Patina app-derived token. The secrets necessary to derive the app token are not available every reads are performed or it would be used for everything. - Special handling is added to work within a container. - Actual Rust compilation and runs happen in parallel jobs. - Only one comment is posted by the workflow. It is edited when new updates are posted. The coment revision history can be used to see the history of updates to the comment. - The comment format varies between compilation failures and runtime failures to provide relevant detail for each when they occur. - Succeess comments include execution time (exlcuding build time) to run QEMU and shutdown. - Compilation failures include snippets of failures in the logs and links to the full log artifacts. - Runtime failures similarly include snippets of ERROR messages and links to the full log artifacts. Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
b867bbb to
3b5b075
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
One main commit and a couple of peripheral commits.
Add Patina QEMU validation workflow and actions
Adds a new workflow that will run changes in the
patinarepositoryagainst the latest code and releases from other Patina repositories.
The main files to support this workflow are:
Workflows:
.github/workflows/PatinaQemuPrValidation.yml: The workflow filethat defines the steps to run the validation.
.github/workflows/PatinaQemuPrValidationPost.yml: A workflow thatruns after the main validation workflow to post results in a comment
back to the PR.
Actions:
.github/actions/setup-patina-qemu-validation: A GitHub Action thatsets up the environment for running the QEMU validation tests.
.github/actions/run-patina-qemu-validation: A GitHub Actionthat runs the QEMU validation tests.
.github/actions/extract-build-errors: A GitHub Action thatextracts build errors from the QEMU validation logs and formats
them for posting back to the PR.
PatinaQemuPrValidation.ymlis expected to be triggered on pullrequests into the
patinarepository.A common set of steps are organized in a "Preflight" job. This
generates cache keys for different dependencies and determines that
there is version compatibility to proceed with the rest of the
workflow. This job tries to reduce the likelihood of hitting the
GitHub API rate limit through authenticated requests and caching.
The platform validation portion builds the Q35 and SBSA binaries in
a standalone step instead of in combination with the script invocation
that runs the tests. This allows for clear differentiation between
build and runtime failures. Special parameters were added to the
build_and_run_rust_binary.pyscript inpatina-qemuto support this.Comments posted back to the patina PR are meant to be as helpful as
possible resulting in some overhead to generate them. The parsing
and heuristic details might need to be tweaked over time.
Notes:
calling workflow in the patina repository.
generally use the default GitHub token while writes use the Patina
app-derived token. The secrets necessary to derive the app token
are not available every reads are performed or it would be used for
everything.
updates are posted. The coment revision history can be used to see
the history of updates to the comment.
failures to provide relevant detail for each when they occur.
run QEMU and shutdown.
links to the full log artifacts.
links to the full log artifacts.
Additional Information
Preflight and Parallelization
Preflight checks largely operate on cached data as much as possible. Actual build and platform validation occur in parallel as shown below.
Successful Run
Prints the boot time to shell.
Compilation Failure
Force a compilation failure by changing

EFI_PROGRESS_CODEtoEFI_PROGRESS_CODE2:Failure in the workflow:

Compilation failure specific PR comment:

Expanded error details include snippets of failure messages:

Boot Failure
Here SBSA execution fails.

The PR comment has runtime details and shows that only SBSA failed:

Other Commits
Update rust-tool-cache cache action version to v5
Updates action version in
.github/actions/rust-tool-cache/action.ymlto latest (matching what is used in other files in the repo).
Add qemu-constants.yml workflow
Adds constant used for Patina QEMU workflows to patina-devops so they
can be reused in workflows that will build and test patina changes
on QEMU.