Skip to content

ci: Build each commit individually #142

ci: Build each commit individually

ci: Build each commit individually #142

Workflow file for this run

# The primary point of this workflow is to ensure that the developer experience is good.
# We take a very vanilla ubuntu image, install all necessary dependencies via "normal" means,
# and then run the build and test steps as described in the README.md file.
# The artifacts produced by these builds are not intended to be used for anything other than
# ensuring that the developer experience is good.
# Production artifacts are produced in a sterile environment (in another CI workflow).
name: "dev.yml"
on:
pull_request: {}
push:
branches:
- "main"
merge_group:
workflow_dispatch:
inputs:
debug_enabled:
type: "boolean"
description: "Run with tmate enabled"
required: false
default: false
concurrency:
group: "${{ github.workflow }}:${{ github.event.pull_request.number || github.event.after }}"
cancel-in-progress: true
permissions:
contents: "read"
packages: "write"
id-token: "write"
jobs:
check_changes:
name: "Deduce required tests from code changes"
permissions:
contents: "read"
pull-requests: "read"
runs-on: "ubuntu-latest"
outputs:
devfiles: "${{ steps.changes.outputs.devfiles }}"
steps:
- name: "Checkout"
if: "${{ !github.event.pull_request }}"
uses: "actions/checkout@v4"
with:
persist-credentials: "false"
fetch-depth: "0"
- name: "Check code changes"
uses: "dorny/paths-filter@v3"
id: "changes"
with:
filters: |
devfiles:
- '!(README.md|LICENSE|design-docs/**|.gitignore|.github/**)'
- '.github/workflows/dev.yml'
build:
needs: [ check_changes ]
if: "${{ needs.check_changes.outputs.devfiles == 'true' }}"
strategy:
fail-fast: false
matrix:
rust:
- toolchain: "stable"
optional: false
- toolchain: "beta"
optional: true
- toolchain: "nightly"
optional: true
continue-on-error: ${{ matrix.rust.optional }}
runs-on: "lab"
timeout-minutes: 45
steps:
- name: "login to ghcr.io"
uses: "docker/login-action@v3"
with:
registry: "ghcr.io"
username: "${{ github.actor }}"
password: "${{ secrets.GITHUB_TOKEN }}"
- name: "install rust"
uses: "dtolnay/rust-toolchain@stable"
with:
toolchain: "${{ matrix.rust.toolchain }}"
targets: "x86_64-unknown-linux-gnu,x86_64-unknown-linux-musl"
- name: "Checkout"
uses: "actions/checkout@v4"
with:
persist-credentials: "false"
fetch-depth: "0"
- uses: "cargo-bins/cargo-binstall@main"
- name: "install just"
run: |
cargo binstall --no-confirm just
- name: "install nextest"
run: |
cargo binstall --no-confirm cargo-nextest
- name: "install cargo-deny"
run: |
cargo binstall --no-confirm cargo-deny
- run: |
just debug=true cargo deny check
- name: "install openssl and libssl-dev (needed for markdown-test-report)"
run: |
sudo apt-get update
sudo apt-get --yes --no-install-recommends install pkg-config openssl libssl-dev colorized-logs
- name: "install markdown-test-report"
run: |
cargo binstall --no-confirm markdown-test-report
- name: refresh-compile-env
run: |
just --yes debug=true refresh-compile-env
- run: |
just --yes debug=true fake-nix
- run: |
# Run a simple build for each separate commit (for "pull_request")
# or for the HEAD of the branch (other events).
set -eu -o pipefail
COMMITS=${{ github.sha }}
if [[ "${{ github.event_name == 'pull_request' }}" == "true" ]]; then
# Get all commits from Pull Request, in chronological order
COMMITS=$(git rev-list --reverse ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }})
fi
for commit in $COMMITS ; do
git checkout $commit || exit 1
printf "::group::Build commit %s\n" "$(git log --oneline --no-decorate -n 1)"
(just debug=true cargo +${{matrix.rust.toolchain}} build --locked --profile=dev --target=x86_64-unknown-linux-gnu) || exit 1
printf "::endgroup::\n"
done
printf "::notice::HEAD remains at %s\n" "$(git log --oneline --no-decorate -n 1)"
continue-on-error: ${{ matrix.rust.optional }}
# At this stage, for Pull Requests, we're back to the HEAD of the branch,
# start running tests for different configurations.
- name: "tests: rust ${{ matrix.rust.toolchain }} profile=dev target=x86_64-unknown-linux-gnu"
run: |
export GITHUB_STEP_SUMMARY
just debug=true rust=${{matrix.rust.toolchain}} profile=dev target=x86_64-unknown-linux-gnu test
just debug=true rust=${{matrix.rust.toolchain}} profile=dev target=x86_64-unknown-linux-gnu report
continue-on-error: ${{ matrix.rust.optional }}
- run: |
just cargo +${{matrix.rust.toolchain}} build --locked --profile=dev --target=x86_64-unknown-linux-musl
continue-on-error: ${{ matrix.rust.optional }}
- name: "tests: rust ${{ matrix.rust.toolchain }} profile=dev target=x86_64-unknown-linux-musl"
run: |
export GITHUB_STEP_SUMMARY
just debug=true rust=${{matrix.rust.toolchain}} profile=dev target=x86_64-unknown-linux-musl test
just debug=true rust=${{matrix.rust.toolchain}} profile=dev target=x86_64-unknown-linux-musl report
continue-on-error: ${{ matrix.rust.optional }}
- run: |
just debug=true cargo +${{matrix.rust.toolchain}} build --locked --profile=release --target=x86_64-unknown-linux-gnu
continue-on-error: ${{ matrix.rust.optional }}
- name: "tests: rust ${{ matrix.rust.toolchain }} profile=release target=x86_64-unknown-linux-gnu"
run: |
export GITHUB_STEP_SUMMARY
just debug=true rust=${{matrix.rust.toolchain}} profile=release target=x86_64-unknown-linux-gnu test
just debug=true rust=${{matrix.rust.toolchain}} profile=release target=x86_64-unknown-linux-gnu report
continue-on-error: ${{ matrix.rust.optional }}
- run: |
just debug=true cargo +${{matrix.rust.toolchain}} build --locked --profile=release --target=x86_64-unknown-linux-musl
continue-on-error: ${{ matrix.rust.optional }}
- name: "tests: rust ${{ matrix.rust.toolchain }} profile=release target=x86_64-unknown-linux-musl"
run: |
export GITHUB_STEP_SUMMARY
just debug=true rust=${{matrix.rust.toolchain}} profile=release target=x86_64-unknown-linux-musl test
just debug=true rust=${{matrix.rust.toolchain}} profile=release target=x86_64-unknown-linux-musl report
continue-on-error: ${{ matrix.rust.optional }}
- uses: "actions/upload-artifact@v4"
if: ${{ always() }}
with:
name: "test-results-${{ matrix.rust.toolchain }}"
path: "target/nextest/"
- name: "Setup tmate session for debug"
if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }}
uses: "mxschmitt/action-tmate@v3"
timeout-minutes: 60
with:
limit-access-to-actor: true
summary:
name: "summary"
runs-on: "ubuntu-latest"
needs:
- build
if: ${{ always() && needs.build.result != 'skipped' }}
steps:
- name: "Flag any build matrix failures"
if: ${{ needs.build.result != 'success' }}
run: |
>&2 echo "A critical step failed!"
exit 1