From 7b31177d2019ad578c527b98628018b7dd275795 Mon Sep 17 00:00:00 2001 From: Daniel Noland Date: Tue, 5 Nov 2024 13:33:05 -0700 Subject: [PATCH] Clean up CI --- .../{update-versions.yml => bump.yml} | 56 +++---- ...check-developer-experience.yml => dev.yml} | 101 +++++++------ .../{build-and-deploy-docs.yml => docs.yml} | 13 +- ...sterile-build-and-test.yml => sterile.yml} | 137 ++++++++++-------- 4 files changed, 165 insertions(+), 142 deletions(-) rename .github/workflows/{update-versions.yml => bump.yml} (61%) rename .github/workflows/{check-developer-experience.yml => dev.yml} (61%) rename .github/workflows/{build-and-deploy-docs.yml => docs.yml} (94%) rename .github/workflows/{sterile-build-and-test.yml => sterile.yml} (57%) diff --git a/.github/workflows/update-versions.yml b/.github/workflows/bump.yml similarity index 61% rename from .github/workflows/update-versions.yml rename to .github/workflows/bump.yml index c918ca0c..81561283 100644 --- a/.github/workflows/update-versions.yml +++ b/.github/workflows/bump.yml @@ -8,12 +8,12 @@ # Production artifacts are produced in a sterile environment (in another CI workflow). -name: Update Version +name: "bump.yml" on: workflow_dispatch: inputs: debug_enabled: - type: boolean + type: "boolean" description: "Run with tmate enabled" required: false default: false @@ -24,38 +24,42 @@ on: - cron: '18 3 * * *' concurrency: - group: ${{ github.workflow }}:${{ github.ref }} + group: "${{ github.workflow }}:${{ github.ref }}" cancel-in-progress: true permissions: - contents: write - pull-requests: write - packages: read - id-token: write + contents: "write" + pull-requests: "write" + packages: "read" + id-token: "write" jobs: update: - runs-on: ubuntu-latest + runs-on: "ubuntu-latest" steps: - - name: login to ghcr.io - uses: docker/login-action@v3 + - name: "login to ghcr.io" + uses: "docker/login-action@v3" with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Checkout - uses: actions/checkout@v4 - - run: ./scripts/update-versions.sh - - uses: cargo-bins/cargo-binstall@main - - name: install just - run: cargo binstall --no-confirm just - - name: install cargo-deny - run: cargo binstall --no-confirm cargo-deny + registry: "ghcr.io" + username: "${{ github.actor }}" + password: "${{ secrets.GITHUB_TOKEN }}" + - name: "Checkout" + uses: "actions/checkout@v4" + - run: | + ./scripts/update-versions.sh + - uses: "cargo-bins/cargo-binstall@main" + - name: "install just" + run: | + cargo binstall --no-confirm just + - name: "install cargo-deny" + run: | + cargo binstall --no-confirm cargo-deny # Don't even bother with the PR if # a) somebody introduced a license we can't accept # b) some security vuln came up and cargo deny is yelling - - run: just cargo deny check - - name: Create Pull Request - uses: peter-evans/create-pull-request@v7 + - run: | + just cargo deny check + - name: "Create Pull Request" + uses: "peter-evans/create-pull-request@v7" with: branch: 'bump/dpdk-sys' title: 'bump/dpdk-sys' @@ -67,9 +71,9 @@ jobs: sign-commits: 'true' body: 'bump dpdk-sys' - - name: Setup tmate session for debug + - name: "Setup tmate session for debug" if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} - uses: mxschmitt/action-tmate@v3 + uses: "mxschmitt/action-tmate@v3" timeout-minutes: 60 with: limit-access-to-actor: true diff --git a/.github/workflows/check-developer-experience.yml b/.github/workflows/dev.yml similarity index 61% rename from .github/workflows/check-developer-experience.yml rename to .github/workflows/dev.yml index febe02ef..3d2a2ec0 100644 --- a/.github/workflows/check-developer-experience.yml +++ b/.github/workflows/dev.yml @@ -7,25 +7,25 @@ # Production artifacts are produced in a sterile environment (in another CI workflow). -name: Developer Experience +name: "dev.yml" on: workflow_dispatch: inputs: debug_enabled: - type: boolean + type: "boolean" description: "Run with tmate enabled" required: false default: false push: {} concurrency: - group: ${{ github.workflow }}:${{ github.ref }} + group: "${{ github.workflow }}:${{ github.ref }}" cancel-in-progress: true permissions: - contents: write - packages: write - id-token: write + contents: "read" + packages: "write" + id-token: "write" jobs: build: @@ -33,52 +33,58 @@ jobs: fail-fast: false matrix: rust: - - toolchain: stable + - toolchain: "stable" optional: false - - toolchain: beta + - toolchain: "beta" optional: true - - toolchain: nightly + - toolchain: "nightly" optional: true just: - - version: 1.36.0 + - version: "1.36.0" continue-on-error: ${{ matrix.rust.optional }} - runs-on: lab + runs-on: "lab" timeout-minutes: 45 steps: - - name: login to ghcr.io - uses: docker/login-action@v3 + - name: "login to ghcr.io" + uses: "docker/login-action@v3" with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: install just - uses: extractions/setup-just@v2 + registry: "ghcr.io" + username: "${{ github.actor }}" + password: "${{ secrets.GITHUB_TOKEN }}" + - name: "install rust" + uses: "dtolnay/rust-toolchain@stable" with: - just-version: ${{ matrix.just.version }} - - name: install rust - uses: dtolnay/rust-toolchain@stable - with: - toolchain: ${{ matrix.rust.toolchain }} - targets: x86_64-unknown-linux-gnu,x86_64-unknown-linux-musl - - name: Checkout - uses: actions/checkout@v4 - - uses: cargo-bins/cargo-binstall@main - - name: install nextest - run: cargo binstall --no-confirm cargo-nextest - - name: install cargo-deny - run: cargo binstall --no-confirm cargo-deny - - run: just cargo deny check - - name: install openssl and libssl-dev (needed for markdown-test-report) + toolchain: "${{ matrix.rust.toolchain }}" + targets: "x86_64-unknown-linux-gnu,x86_64-unknown-linux-musl" + - name: "Checkout" + uses: "actions/checkout@v4" + - uses: "cargo-bins/cargo-binstall@main" + - name: "install just" + run: | + cargo binstall --no-confirm just + - name: "install nextest" + run: | + cargo binstall --no-confirm cargo-nextest + - name: "install cargo-deny" + run: | + cargo binstall --no-confirm cargo-deny + - run: | + just cargo deny check + - name: "install openssl and libssl-dev (needed for markdown-test-report)" run: | sudo apt-get update sudo apt-get --yes --no-install-recommends install pkg-config openssl libssl-dev colorized-logs - - name: install markdown-test-report - run: cargo binstall --no-confirm markdown-test-report + - name: "install markdown-test-report" + run: | + cargo binstall --no-confirm markdown-test-report - name: refresh-compile-env - run: just --yes refresh-compile-env - - run: just --yes fake-nix + run: | + just --yes refresh-compile-env + - run: | + just --yes fake-nix - - run: just cargo +${{matrix.rust.toolchain}} build --locked --profile=dev --target=x86_64-unknown-linux-gnu + - run: | + just cargo +${{matrix.rust.toolchain}} build --locked --profile=dev --target=x86_64-unknown-linux-gnu continue-on-error: ${{ matrix.rust.optional }} - name: "tests: rust ${{ matrix.rust.toolchain }} profile=dev target=x86_64-unknown-linux-gnu" run: | @@ -87,7 +93,8 @@ jobs: just debug=true rust=${{matrix.rust.toolchain}} profile=dev target=x86_64-unknown-linux-gnu report continue-on-error: ${{ matrix.rust.optional }} - - run: just cargo +${{matrix.rust.toolchain}} build --locked --profile=dev --target=x86_64-unknown-linux-musl + - run: | + just cargo +${{matrix.rust.toolchain}} build --locked --profile=dev --target=x86_64-unknown-linux-musl continue-on-error: ${{ matrix.rust.optional }} - name: "tests: rust ${{ matrix.rust.toolchain }} profile=dev target=x86_64-unknown-linux-musl" run: | @@ -96,7 +103,8 @@ jobs: just debug=true rust=${{matrix.rust.toolchain}} profile=dev target=x86_64-unknown-linux-musl report continue-on-error: ${{ matrix.rust.optional }} - - run: just cargo +${{matrix.rust.toolchain}} build --locked --profile=release --target=x86_64-unknown-linux-gnu + - run: | + just cargo +${{matrix.rust.toolchain}} build --locked --profile=release --target=x86_64-unknown-linux-gnu continue-on-error: ${{ matrix.rust.optional }} - name: "tests: rust ${{ matrix.rust.toolchain }} profile=release target=x86_64-unknown-linux-gnu" run: | @@ -105,7 +113,8 @@ jobs: just debug=true rust=${{matrix.rust.toolchain}} profile=release target=x86_64-unknown-linux-gnu report continue-on-error: ${{ matrix.rust.optional }} - - run: just cargo +${{matrix.rust.toolchain}} build --locked --profile=release --target=x86_64-unknown-linux-musl + - run: | + just cargo +${{matrix.rust.toolchain}} build --locked --profile=release --target=x86_64-unknown-linux-musl continue-on-error: ${{ matrix.rust.optional }} - name: "tests: rust ${{ matrix.rust.toolchain }} profile=release target=x86_64-unknown-linux-musl" run: | @@ -114,15 +123,15 @@ jobs: just debug=true rust=${{matrix.rust.toolchain}} profile=release target=x86_64-unknown-linux-musl report continue-on-error: ${{ matrix.rust.optional }} - - uses: actions/upload-artifact@v4 + - uses: "actions/upload-artifact@v4" if: ${{ always() }} with: name: "test-results-${{ matrix.rust.toolchain }}" - path: target/nextest/ + path: "target/nextest/" - - name: Setup tmate session for debug + - name: "Setup tmate session for debug" if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} - uses: mxschmitt/action-tmate@v3 - timeout-minutes: 30 + uses: "mxschmitt/action-tmate@v3" + timeout-minutes: 60 with: limit-access-to-actor: true diff --git a/.github/workflows/build-and-deploy-docs.yml b/.github/workflows/docs.yml similarity index 94% rename from .github/workflows/build-and-deploy-docs.yml rename to .github/workflows/docs.yml index 2dea3d01..17699981 100644 --- a/.github/workflows/build-and-deploy-docs.yml +++ b/.github/workflows/docs.yml @@ -1,10 +1,10 @@ -name: Build and deploy docs +name: "docs.yml" on: workflow_dispatch: inputs: debug_enabled: - type: boolean + type: "boolean" description: "Run the build with tmate debugging enabled" pull_request: { } push: @@ -58,8 +58,9 @@ jobs: runs-on: "ubuntu-latest" steps: - - uses: cargo-bins/cargo-binstall@main - - run: cargo binstall --no-confirm just + - uses: "cargo-bins/cargo-binstall@main" + - run: | + cargo binstall --no-confirm just - name: "Checkout" uses: "actions/checkout@v4" @@ -122,9 +123,9 @@ jobs: NETLIFY_SITE_ID: "${{ secrets.NETLIFY_SITE_ID }}" timeout-minutes: 5 - - name: Setup tmate session for debug + - name: "Setup tmate session for debug" if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} - uses: mxschmitt/action-tmate@v3 + uses: "mxschmitt/action-tmate@v3" timeout-minutes: 60 with: limit-access-to-actor: true diff --git a/.github/workflows/sterile-build-and-test.yml b/.github/workflows/sterile.yml similarity index 57% rename from .github/workflows/sterile-build-and-test.yml rename to .github/workflows/sterile.yml index d2cd12ba..31705267 100644 --- a/.github/workflows/sterile-build-and-test.yml +++ b/.github/workflows/sterile.yml @@ -1,7 +1,7 @@ # This is a sterile build and test workflow that uses the `dev-env` container image # to build and test the project in a sterile environment. # Artifacts produced by this workflow are intended to be used for production. -name: Sterile build + test +name: "sterile.yml" on: push: workflow_dispatch: @@ -13,43 +13,44 @@ on: default: false concurrency: - group: ${{ github.workflow }}:${{ github.ref }} + group: "${{ github.workflow }}:${{ github.ref }}" cancel-in-progress: true jobs: test: permissions: - contents: read - packages: read - id-token: write - runs-on: lab + contents: "read" + packages: "read" + id-token: "write" + runs-on: "lab" strategy: fail-fast: false matrix: rust: - - stable + - "stable" steps: - - name: login to ghcr.io - uses: docker/login-action@v3 + - name: "login to ghcr.io" + uses: "docker/login-action@v3" with: - registry: ghcr.io + registry: "ghcr.io" username: "${{ github.actor }}" password: "${{ secrets.GITHUB_TOKEN }}" - - name: install rust - uses: dtolnay/rust-toolchain@stable + - name: "install rust" + uses: "dtolnay/rust-toolchain@stable" with: - toolchain: ${{ matrix.rust }} - targets: x86_64-unknown-linux-gnu + toolchain: "${{ matrix.rust }}" + targets: "x86_64-unknown-linux-gnu" - - uses: cargo-bins/cargo-binstall@main - - name: install just - run: cargo binstall --no-confirm just + - uses: "cargo-bins/cargo-binstall@main" + - name: "install just" + run: | + cargo binstall --no-confirm just - - name: Checkout - uses: actions/checkout@v4 + - name: "Checkout" + uses: "actions/checkout@v4" - - name: dev/gnu sterile test + - name: "dev/gnu sterile test" if: ${{ always() }} run: | export GITHUB_STEP_SUMMARY @@ -57,7 +58,7 @@ jobs: mkdir dev.gnu cp -a ./target/nextest dev.gnu - - name: release/gnu sterile test + - name: "release/gnu sterile test" if: ${{ always() }} run: | export GITHUB_STEP_SUMMARY @@ -65,7 +66,7 @@ jobs: mkdir release.gnu cp -a ./target/nextest release.gnu - - name: dev/musl sterile test + - name: "dev/musl sterile test" if: ${{ always() }} run: | export GITHUB_STEP_SUMMARY @@ -73,7 +74,7 @@ jobs: mkdir dev.musl cp -a ./target/nextest dev.musl - - name: release/musl sterile test + - name: "release/musl sterile test" if: ${{ always() }} run: | export GITHUB_STEP_SUMMARY @@ -81,7 +82,7 @@ jobs: mkdir release.musl cp -a ./target/nextest release.musl - - name: install markdown-test-report + - name: "install markdown-test-report" if: ${{ always() }} run: | sudo apt-get update @@ -92,95 +93,103 @@ jobs: pkg-config cargo binstall --no-confirm markdown-test-report - - name: dev/gnu report + - name: "dev/gnu report" if: ${{ always() }} run: | export GITHUB_STEP_SUMMARY export CARGO_TARGET_DIR=dev.gnu just rust="${{matrix.rust}}" profile=dev target=x86_64-unknown-linux-gnu report - - name: dev/musl report + - name: "dev/musl report" if: ${{ always() }} run: | export GITHUB_STEP_SUMMARY export CARGO_TARGET_DIR=dev.musl just rust="${{matrix.rust}}" profile=dev target=x86_64-unknown-linux-musl report - - name: release/gnu report + - name: "release/gnu report" if: ${{ always() }} run: | export GITHUB_STEP_SUMMARY export CARGO_TARGET_DIR=release.gnu just rust="${{matrix.rust}}" profile=release target=x86_64-unknown-linux-gnu report - - name: release/musl report + - name: "release/musl report" if: ${{ always() }} run: | export GITHUB_STEP_SUMMARY export CARGO_TARGET_DIR=release.musl just rust="${{matrix.rust}}" profile=release target=x86_64-unknown-linux-musl report - - uses: actions/upload-artifact@v4 + - uses: "actions/upload-artifact@v4" if: ${{ always() }} with: name: 'rust-${{matrix.rust}}-test-results' - path: target/nextest + path: "target/nextest" - - name: Setup tmate session for debug + - name: "Setup tmate session for debug" if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} - uses: mxschmitt/action-tmate@v3 + uses: "mxschmitt/action-tmate@v3" timeout-minutes: 60 with: limit-access-to-actor: true push: permissions: - contents: read - packages: write - id-token: write - runs-on: lab + contents: "read" + packages: "write" + id-token: "write" + runs-on: "lab" strategy: fail-fast: false matrix: rust: - - stable + - "stable" steps: - - name: login to ghcr.io - uses: docker/login-action@v3 + - name: "login to ghcr.io" + uses: "docker/login-action@v3" with: - registry: ghcr.io + registry: "ghcr.io" username: "${{ github.actor }}" password: "${{ secrets.GITHUB_TOKEN }}" - - name: install rust - uses: dtolnay/rust-toolchain@stable + - name: "install rust" + uses: "dtolnay/rust-toolchain@stable" with: - toolchain: ${{ matrix.rust }} - targets: x86_64-unknown-linux-gnu + toolchain: "${{ matrix.rust }}" + targets: "x86_64-unknown-linux-gnu" - - uses: cargo-bins/cargo-binstall@main - - name: install just - run: cargo binstall --no-confirm just + - uses: "cargo-bins/cargo-binstall@main" + - name: "install just" + run: | + cargo binstall --no-confirm just - - name: Checkout - uses: actions/checkout@v4 + - name: "Checkout" + uses: "actions/checkout@v4" - - name: install rust - uses: dtolnay/rust-toolchain@stable + - name: "install rust" + uses: "dtolnay/rust-toolchain@stable" with: - toolchain: ${{ matrix.rust }} - targets: x86_64-unknown-linux-gnu - - uses: cargo-bins/cargo-binstall@main - - run: cargo binstall --no-confirm cargo-deny - - run: just cargo deny check - - run: just rust="${{matrix.rust}}" profile=debug target=x86_64-unknown-linux-gnu push-container - - run: just rust="${{matrix.rust}}" profile=release target=x86_64-unknown-linux-gnu push-container - - run: just rust="${{matrix.rust}}" profile=debug target=x86_64-unknown-linux-musl push-container - - run: just rust="${{matrix.rust}}" profile=release target=x86_64-unknown-linux-musl push-container - - - name: Setup tmate session for debug + toolchain: "${{ matrix.rust }}" + targets: "x86_64-unknown-linux-gnu" + + - uses: "cargo-bins/cargo-binstall@main" + - run: | + cargo binstall --no-confirm cargo-deny + - run: | + just cargo deny check + - run: | + just rust="${{matrix.rust}}" profile=debug target=x86_64-unknown-linux-gnu push-container + - run: | + just rust="${{matrix.rust}}" profile=release target=x86_64-unknown-linux-gnu push-container + - run: | + just rust="${{matrix.rust}}" profile=debug target=x86_64-unknown-linux-musl push-container + - run: | + just rust="${{matrix.rust}}" profile=release target=x86_64-unknown-linux-musl push-container + + - name: "Setup tmate session for debug" if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} - uses: mxschmitt/action-tmate@v3 - timeout-minutes: 30 + uses: "mxschmitt/action-tmate@v3" + timeout-minutes: 60 with: limit-access-to-actor: true