-
Notifications
You must be signed in to change notification settings - Fork 1
208 lines (192 loc) · 7.83 KB
/
dev.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
# The primary point of this workflow is to ensure that the developer experience is good.
# We take a very vanilla ubuntu image, install all necessary dependencies via "normal" means,
# and then run the build and test steps as described in the README.md file.
# The artifacts produced by these builds are not intended to be used for anything other than
# ensuring that the developer experience is good.
# Production artifacts are produced in a sterile environment (in another CI workflow).
name: "dev.yml"
on:
pull_request: {}
push:
branches:
- "main"
merge_group:
types: ["checks_requested"]
workflow_dispatch:
inputs:
debug_enabled:
type: "boolean"
description: "Run with tmate enabled"
required: false
default: false
concurrency:
group: "${{ github.workflow }}:${{ github.event.pull_request.number || github.event.after }}"
cancel-in-progress: true
permissions:
contents: "read"
packages: "write"
id-token: "write"
jobs:
check_changes:
name: "Deduce required tests from code changes"
permissions:
contents: "read"
pull-requests: "read"
runs-on: "ubuntu-latest"
outputs:
devfiles: "${{ steps.changes.outputs.devfiles }}"
steps:
- name: "Checkout"
if: "${{ !github.event.pull_request }}"
uses: "actions/checkout@v4"
with:
persist-credentials: "false"
fetch-depth: "0"
- name: "Check code changes"
uses: "dorny/paths-filter@v3"
id: "changes"
with:
filters: |
devfiles:
- '!(README.md|LICENSE|design-docs/**|.gitignore|.github/**)'
- '.github/workflows/dev.yml'
commits:
name: "Deduce commit history"
permissions:
contents: "read"
pull-requests: "read"
runs-on: "ubuntu-latest"
outputs:
commits: "${{ steps.commits.outputs.commits }}"
steps:
- name: "install jq"
run: |
set -euxo pipefail
sudo apt-get update
sudo apt-get install --yes --no-install-recommends jq
- name: "Checkout"
uses: "actions/checkout@v4"
with:
persist-credentials: "false"
fetch-depth: "0"
- name: "commits"
id: "commits"
run: |
set -euxo pipefail
git rev-list --pretty=oneline ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }} \
| sed -e 's/ /", "msg": "/' -e 's/^/{"ref": "/' -e 's/$/"}/' \
| jq --null-input --raw-output --compact-output '[inputs] | "commits=" + (. | tostring)' \
| tee -a "${GITHUB_OUTPUT}"
build:
needs: [ check_changes, commits ]
if: "${{ needs.check_changes.outputs.devfiles == 'true' }}"
strategy:
fail-fast: false
max-parallel: 4
matrix:
commit: ${{ fromJSON(needs.commits.outputs.commits) }}
rust:
- "stable"
- "beta"
- "nightly"
name: "Developer build (Rust ${{ matrix.rust }}) - ${{ matrix.commit.msg }}"
runs-on: "lab"
timeout-minutes: 45
steps:
- name: "login to ghcr.io"
uses: "docker/login-action@v3"
with:
registry: "ghcr.io"
username: "${{ github.actor }}"
password: "${{ secrets.GITHUB_TOKEN }}"
- name: "install rust"
uses: "dtolnay/rust-toolchain@stable"
with:
toolchain: "${{ matrix.rust }}"
targets: "x86_64-unknown-linux-gnu,x86_64-unknown-linux-musl"
- name: "Checkout ${{matrix.commit.msg}}"
uses: "actions/checkout@v4"
with:
ref: "${{ matrix.commit.ref }}"
persist-credentials: "false"
fetch-depth: "1"
- uses: "cargo-bins/cargo-binstall@main"
- name: "install just"
run: |
cargo binstall --no-confirm just
- name: "install nextest"
run: |
cargo binstall --no-confirm cargo-nextest
- name: "install cargo-deny"
run: |
cargo binstall --no-confirm cargo-deny
- run: |
just debug=true cargo deny check
- name: "install openssl and libssl-dev (needed for markdown-test-report)"
run: |
sudo apt-get update
sudo apt-get --yes --no-install-recommends install pkg-config openssl libssl-dev colorized-logs
- name: "install markdown-test-report"
run: |
cargo binstall --no-confirm markdown-test-report
- name: refresh-compile-env
run: |
just --yes debug=true refresh-compile-env
- run: |
just --yes debug=true fake-nix
# - run: |
# # Run a simple build for each separate commit (for "pull_request")
# # or for the HEAD of the branch (other events).
# set -eu -o pipefail
# COMMITS=${{ github.sha }}
# if [[ "${{ github.event_name == 'pull_request' }}" == "true" ]]; then
# # Get all commits from Pull Request, in chronological order
# COMMITS=$(git rev-list --reverse ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }})
# fi
# for commit in $COMMITS ; do
# git checkout $commit || exit 1
# printf "::group::Build commit %s\n" "$(git log --oneline --no-decorate -n 1)"
# (just debug=true cargo +${{matrix.rust}} build --locked --profile=dev --target=x86_64-unknown-linux-gnu) || exit 1
# printf "::endgroup::\n"
# done
# printf "::notice::HEAD remains at %s\n" "$(git log --oneline --no-decorate -n 1)"
# continue-on-error: ${{ matrix.rust.optional }}
# At this stage, for Pull Requests, we're back to the HEAD of the branch,
# start running tests for different configurations.
- name: "tests: rust ${{ matrix.rust }} profile=dev target=x86_64-unknown-linux-gnu"
run: |
export GITHUB_STEP_SUMMARY
just debug=true rust=${{matrix.rust}} profile=dev target=x86_64-unknown-linux-gnu test
just debug=true rust=${{matrix.rust}} profile=dev target=x86_64-unknown-linux-gnu report
- run: |
just cargo +${{matrix.rust}} build --locked --profile=dev --target=x86_64-unknown-linux-musl
- name: "tests: rust ${{ matrix.rust }} profile=dev target=x86_64-unknown-linux-musl"
run: |
export GITHUB_STEP_SUMMARY
just debug=true rust=${{matrix.rust}} profile=dev target=x86_64-unknown-linux-musl test
just debug=true rust=${{matrix.rust}} profile=dev target=x86_64-unknown-linux-musl report
- run: |
just debug=true cargo +${{matrix.rust}} build --locked --profile=release --target=x86_64-unknown-linux-gnu
- name: "tests: rust ${{ matrix.rust }} profile=release target=x86_64-unknown-linux-gnu"
run: |
export GITHUB_STEP_SUMMARY
just debug=true rust=${{matrix.rust}} profile=release target=x86_64-unknown-linux-gnu test
just debug=true rust=${{matrix.rust}} profile=release target=x86_64-unknown-linux-gnu report
- run: |
just debug=true cargo +${{matrix.rust}} build --locked --profile=release --target=x86_64-unknown-linux-musl
- name: "tests: rust ${{ matrix.rust }} profile=release target=x86_64-unknown-linux-musl"
run: |
export GITHUB_STEP_SUMMARY
just debug=true rust=${{matrix.rust}} profile=release target=x86_64-unknown-linux-musl test
just debug=true rust=${{matrix.rust}} profile=release target=x86_64-unknown-linux-musl report
- uses: "actions/upload-artifact@v4"
if: ${{ always() }}
with:
name: "test-results-${{ matrix.rust }}"
path: "target/nextest/"
- name: "Setup tmate session for debug"
if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }}
uses: "mxschmitt/action-tmate@v3"
timeout-minutes: 60
with:
limit-access-to-actor: true