From 83e25b4c2541efbe8ee37cffd73f0d8e2989e06d Mon Sep 17 00:00:00 2001 From: James N <59348282+RandomSpaceship@users.noreply.github.com> Date: Sun, 22 Dec 2024 01:03:27 +1000 Subject: [PATCH 1/5] ci-cd: Rewrite GH Actions - Now all integrated into one workflow - intersphinx update runs on cron job instead of push - Use `git-auto-commit-action` instead of manual setup and push - Job execution order is now correct since they're all in the same workflow --- .github/filters.yaml | 27 ++++++++ .github/workflows/all.yaml | 103 +++++++++++++++++++++++++++++ .github/workflows/build.yaml | 41 ------------ .github/workflows/deploy-docs.yaml | 75 --------------------- .github/workflows/intersphinx.yaml | 23 +++++++ .github/workflows/lint.yaml | 32 --------- 6 files changed, 153 insertions(+), 148 deletions(-) create mode 100644 .github/filters.yaml create mode 100644 .github/workflows/all.yaml delete mode 100644 .github/workflows/build.yaml delete mode 100644 .github/workflows/deploy-docs.yaml create mode 100644 .github/workflows/intersphinx.yaml delete mode 100644 .github/workflows/lint.yaml diff --git a/.github/filters.yaml b/.github/filters.yaml new file mode 100644 index 0000000..fdff690 --- /dev/null +++ b/.github/filters.yaml @@ -0,0 +1,27 @@ +# nix updates are common to all workflows +nix: &nix + - "flake.nix" + - "flake.lock" +docs-shell: + - *nix + - "docs/**/*.nix" + - "docs/pyproject/**" +docs: + - "docs/**" + - *nix + # software paths should only include files which are used by Doxygen + - "software/**/*.cpp" + - "software/**/*.hpp" + - "software/**/*.c" + - "software/**/*.h" + - "software/**/*.py" + - "software/**/*.pyi" +software: + - "software/**" + - *nix + # ignore script updates + - "!software/scripts/**" + - "!software/ros_ws/colcon/**" + # we don't care about package.xml updates since they don't affect the nix build, + # we only care about it when the nix files get updated + - "!software/ros_ws/**/package.xml" diff --git a/.github/workflows/all.yaml b/.github/workflows/all.yaml new file mode 100644 index 0000000..bea02cf --- /dev/null +++ b/.github/workflows/all.yaml @@ -0,0 +1,103 @@ +name: Nix CI/CD +on: [push, pull_request, workflow_dispatch] +permissions: + contents: read +jobs: + # get the file changes to filter other jobs + changes: + name: Detect changes + runs-on: ubuntu-latest + outputs: + software: ${{ steps.filter.outputs.software }} + docs: ${{ steps.filter.outputs.docs }} + docs-shell: ${{ steps.filter.outputs.docs-shell }} + steps: + - uses: actions/checkout@v4 + - uses: dorny/paths-filter@v3 + id: filter + with: + filters: .github/filters.yaml + format: + name: Format and lint + # jobs which push to the repo all need to be in this concurrency group + concurrency: + group: "push" + # needed to push changes if needed + permissions: + contents: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: nixbuild/nix-quick-install-action@v29 + - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Format and lint repository + run: nix fmt + - uses: stefanzweifel/git-auto-commit-action@v5 + # don't want to run the commit action on pull request workflows (ie, after the merge commit), only on push + # note: this applies to all push workflows, not just this job + if: ${{ github.event_name != 'pull_request' }} + with: + commit_message: "Run format and lint" + docs-shell: + runs-on: ubuntu-latest + if: ${{ needs.changes.outputs.docs-shell == 'true' }} + needs: [changes, format] + steps: + - uses: actions/checkout@v4 + - uses: nixbuild/nix-quick-install-action@v29 + - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Upload docs dev shell to Cachix + run: nix run -L .#scripts.cachix.docs-shell + env: + CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} + docs: + runs-on: ubuntu-latest + if: ${{ needs.changes.outputs.docs == 'true' }} + needs: [changes, format, docs-shell] + steps: + - uses: actions/checkout@v4 + - uses: nixbuild/nix-quick-install-action@v29 + - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Build docs + run: nix build -L .#docs + # From here, deploying to the website repo + - name: Checkout website repo + # only run on origin main branch + if: ${{ (github.event_name != 'pull_request') && (github.repository == 'ROAR-QUTRC/perseus-v2') && (github.ref == 'refs/heads/main') }} + id: checkout-website + uses: actions/checkout@v4 + with: + repository: ROAR-QUTRC/roar-qutrc.github.io + ssh-key: ${{ secrets.DOCS_DEPLOY_KEY }} + path: docs + - name: Update docs in checked out repo + if: ${{ steps.checkout-website.outcome == 'success' }} + run: | + rm -rf docs/* + cp -a result/html/. docs/ + - uses: stefanzweifel/git-auto-commit-action@v5 + name: Commit and push changes + if: ${{ steps.checkout-website.outcome == 'success' }} + with: + commit_message: "Update generated docs" + repository: ./docs + build: + runs-on: ubuntu-latest + if: ${{ needs.changes.outputs.software == 'true' }} + needs: [changes, format] + steps: + - uses: actions/checkout@v4 + - uses: nixbuild/nix-quick-install-action@v29 + - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Build repository + run: nix build -L + - name: Upload build to Cachix + run: nix run -L .#scripts.cachix.build + - name: Test dev shell + run: nix develop -L -c echo 'Shell test success' + - name: Upload dev shell to Cachix + run: nix run -L .#scripts.cachix.shell + - name: Run flake checks + run: nix flake check -L + env: + CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml deleted file mode 100644 index bf0c821..0000000 --- a/.github/workflows/build.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Workflow to build the repo, run tests, and push the binaries to Cachix -name: Build repo and run tests -on: - push: - # no point rebuilding if the code doesn't change - paths: - - "software/**" - - "flake.nix" - - "flake.lock" - # ignore script updates - - "!software/scripts/**" - - "!software/ros_ws/colcon/**" - # we don't care about package.xml updates since they don't affect the nix build, - # we only care about it when the nix files get updated - - "!software/ros_ws/**/package.xml" - # launch files don't affect the tests - - "!software/ros_ws/**/launch/**" - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: -jobs: - run-build: - concurrency: - group: "build" - cancel-in-progress: true - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: nixbuild/nix-quick-install-action@v29 - - uses: DeterminateSystems/magic-nix-cache-action@main - - name: Build repository - run: nix build -L - - name: Run flake checks - run: nix flake check -L - - name: Upload build to Cachix - run: nix run -L .#scripts.cachix.build - - name: Test dev shell - run: nix develop -L -c echo 'Shell test success' - - name: Upload dev shell to Cachix - run: nix run -L .#scripts.cachix.shell - env: - CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} diff --git a/.github/workflows/deploy-docs.yaml b/.github/workflows/deploy-docs.yaml deleted file mode 100644 index 98c62be..0000000 --- a/.github/workflows/deploy-docs.yaml +++ /dev/null @@ -1,75 +0,0 @@ -# Workflow to build and deploy the docs using a deploy key -name: Deploy documentation to GH Pages -on: - push: - paths: - - "docs/**" - # software paths should only include files which are used by Doxygen - - "software/**/*.cpp" - - "software/**/*.hpp" - - "software/**/*.c" - - "software/**/*.h" - - "software/**/*.py" - - "software/**/*.pyi" - - "flake.nix" - - "flake.lock" - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: -# only run one job at a time -# needed for the intersphinx update -concurrency: - group: "docs" - cancel-in-progress: true -jobs: - deploy-docs: - # jobs which push to the repo all need to be in this concurrency group - concurrency: - group: "pushers" - permissions: - contents: write - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - path: source - - uses: nixbuild/nix-quick-install-action@v29 - # - uses: DeterminateSystems/magic-nix-cache-action@main - - name: Update intersphinx inventory files - # only run intersphinx update on main branch! - if: ${{ github.ref == 'refs/heads/main' }} - continue-on-error: true # if there are no changes to the files, technically this fails - run: | - cd source - git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - git config user.name "github-actions[bot]" - nix run .#docs.fetch-inventories - git push - - name: Build docs - run: nix build -L ./source#docs - # From here, deploying to the website repo - - name: Checkout website repo - # only run on origin main branch - if: ${{ github.repository == 'ROAR-QUTRC/perseus-v2' && github.ref == 'refs/heads/main' }} - id: checkout-website - uses: actions/checkout@v4 - with: - repository: ROAR-QUTRC/roar-qutrc.github.io - ref: main - ssh-key: ${{ secrets.DOCS_DEPLOY_KEY }} - path: docs - - name: Update docs in checked out repo - if: ${{ steps.checkout-website.outcome == 'success' }} - run: | - rm -rf docs/* - # copy from previous nix build - cp -a result/html/. docs/ - - name: Commit and push changes - if: ${{ steps.checkout-website.outcome == 'success' }} - continue-on-error: true # if there's nothing to push, this step fails - run: | - cd docs - git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - git config user.name "github-actions[bot]" - git add . - git commit -m "$(date +%z:%Y-%m-%dT%H:%M:%S) Automatic docs update" - git push diff --git a/.github/workflows/intersphinx.yaml b/.github/workflows/intersphinx.yaml new file mode 100644 index 0000000..c1392f3 --- /dev/null +++ b/.github/workflows/intersphinx.yaml @@ -0,0 +1,23 @@ +on: + schedule: + # WARNING: When @RandomSpaceship leaves the project, this will need to be updated + # see: https://docs.github.com/en/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows#schedule + # note: the time is semi-random + - cron: "42 0 * * 1" +jobs: + intersphinx: + if: ${{ github.ref == 'refs/heads/main' }} + concurrency: + group: "push" + permissions: + contents: write + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: nixbuild/nix-quick-install-action@v29 + - uses: DeterminateSystems/magic-nix-cache-action@main + - name: Update intersphinx inventory files + run: nix run .#docs.fetch-inventories + - uses: stefanzweifel/git-auto-commit-action@v5 + with: + commit_message: "Update intersphinx inventory files" diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml deleted file mode 100644 index 16fd0a9..0000000 --- a/.github/workflows/lint.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Workflow to format + lint the repo -name: Format and lint repository -on: - # Run on any push - we always want the code formatted! - push: - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: -# only run one job at a time -concurrency: - group: "format" - cancel-in-progress: true -jobs: - run-format: - # jobs which push to the repo all need to be in this concurrency group - concurrency: - group: "pushers" - # needed to push changes if needed - permissions: - contents: write - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: nixbuild/nix-quick-install-action@v29 - - uses: DeterminateSystems/magic-nix-cache-action@main - - name: Format and lint repository - run: nix fmt - - name: Push changes - continue-on-error: true # if there are no changes to the files, technically this fails - run: | - git config user.email "41898282+github-actions[bot]@users.noreply.github.com" - git config user.name "github-actions[bot]" - git push From 3a6db246534c97ddb2b3abf71f1ce843216a5fd4 Mon Sep 17 00:00:00 2001 From: James N <59348282+RandomSpaceship@users.noreply.github.com> Date: Sun, 22 Dec 2024 01:23:04 +1000 Subject: [PATCH 2/5] ci-cd: Allow manual job triggers --- .github/workflows/all.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/all.yaml b/.github/workflows/all.yaml index bea02cf..057c188 100644 --- a/.github/workflows/all.yaml +++ b/.github/workflows/all.yaml @@ -8,6 +8,7 @@ jobs: name: Detect changes runs-on: ubuntu-latest outputs: + manual: ${{ github.event_name == 'workflow_dispatch'}} software: ${{ steps.filter.outputs.software }} docs: ${{ steps.filter.outputs.docs }} docs-shell: ${{ steps.filter.outputs.docs-shell }} @@ -39,8 +40,9 @@ jobs: with: commit_message: "Run format and lint" docs-shell: + name: Build docs dev shell runs-on: ubuntu-latest - if: ${{ needs.changes.outputs.docs-shell == 'true' }} + if: ${{ (needs.changes.outputs.docs-shell == 'true') || (needs.changes.outputs.manual == 'true') }} needs: [changes, format] steps: - uses: actions/checkout@v4 @@ -51,8 +53,9 @@ jobs: env: CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }} docs: + name: Build docs runs-on: ubuntu-latest - if: ${{ needs.changes.outputs.docs == 'true' }} + if: ${{ (needs.changes.outputs.docs == 'true') || (needs.changes.outputs.manual == 'true') }} needs: [changes, format, docs-shell] steps: - uses: actions/checkout@v4 @@ -82,8 +85,9 @@ jobs: commit_message: "Update generated docs" repository: ./docs build: + name: Build software runs-on: ubuntu-latest - if: ${{ needs.changes.outputs.software == 'true' }} + if: ${{ (needs.changes.outputs.software == 'true') || (needs.changes.outputs.manual == 'true') }} needs: [changes, format] steps: - uses: actions/checkout@v4 From 675ed58dd7993cfc715ba12c9200dd8beef06967 Mon Sep 17 00:00:00 2001 From: James N <59348282+RandomSpaceship@users.noreply.github.com> Date: Sun, 22 Dec 2024 01:23:22 +1000 Subject: [PATCH 3/5] ci-cd(filters): Run all jobs on filters update --- .github/filters.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/filters.yaml b/.github/filters.yaml index fdff690..bfed234 100644 --- a/.github/filters.yaml +++ b/.github/filters.yaml @@ -1,14 +1,14 @@ -# nix updates are common to all workflows -nix: &nix +common: &common - "flake.nix" - "flake.lock" + - ".github/**" docs-shell: - - *nix + - *common - "docs/**/*.nix" - "docs/pyproject/**" docs: + - *common - "docs/**" - - *nix # software paths should only include files which are used by Doxygen - "software/**/*.cpp" - "software/**/*.hpp" @@ -17,8 +17,8 @@ docs: - "software/**/*.py" - "software/**/*.pyi" software: + - *common - "software/**" - - *nix # ignore script updates - "!software/scripts/**" - "!software/ros_ws/colcon/**" From d24eacbed931840e18223fc0156a9316a6fcb56a Mon Sep 17 00:00:00 2001 From: James N <59348282+RandomSpaceship@users.noreply.github.com> Date: Sun, 22 Dec 2024 14:10:52 +1000 Subject: [PATCH 4/5] ci-cd: Run jobs in specific enviroments --- .github/workflows/all.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/all.yaml b/.github/workflows/all.yaml index 057c188..6552e2d 100644 --- a/.github/workflows/all.yaml +++ b/.github/workflows/all.yaml @@ -42,6 +42,7 @@ jobs: docs-shell: name: Build docs dev shell runs-on: ubuntu-latest + environment: binary-deployment if: ${{ (needs.changes.outputs.docs-shell == 'true') || (needs.changes.outputs.manual == 'true') }} needs: [changes, format] steps: @@ -55,6 +56,7 @@ jobs: docs: name: Build docs runs-on: ubuntu-latest + environment: docs-deployment if: ${{ (needs.changes.outputs.docs == 'true') || (needs.changes.outputs.manual == 'true') }} needs: [changes, format, docs-shell] steps: @@ -87,6 +89,7 @@ jobs: build: name: Build software runs-on: ubuntu-latest + environment: binary-deployment if: ${{ (needs.changes.outputs.software == 'true') || (needs.changes.outputs.manual == 'true') }} needs: [changes, format] steps: From 95d7c60e1144c2d257e655ddb60c01eb680c5c3a Mon Sep 17 00:00:00 2001 From: James N <59348282+RandomSpaceship@users.noreply.github.com> Date: Sun, 22 Dec 2024 14:20:28 +1000 Subject: [PATCH 5/5] ci-cd: Update badge in repo README --- README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/README.md b/README.md index 5004732..0ba44b9 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,4 @@ Full documentation is located [here](https://roar-qutrc.github.io/) ## CI/CD Status -[![Format and lint repository](https://github.com/ROAR-QUTRC/perseus-v2/actions/workflows/lint.yaml/badge.svg)](https://github.com/ROAR-QUTRC/perseus-v2/actions/workflows/lint.yaml) -[![Deploy documentation to GH Pages](https://github.com/ROAR-QUTRC/perseus-v2/actions/workflows/deploy-docs.yaml/badge.svg)](https://github.com/ROAR-QUTRC/perseus-v2/actions/workflows/deploy-docs.yaml) -[![Build repo and run tests](https://github.com/ROAR-QUTRC/perseus-v2/actions/workflows/build.yaml/badge.svg)](https://github.com/ROAR-QUTRC/perseus-v2/actions/workflows/build.yaml) +[![Nix CI/CD](https://github.com/ROAR-QUTRC/perseus-v2/actions/workflows/all.yaml/badge.svg)](https://github.com/ROAR-QUTRC/perseus-v2/actions/workflows/all.yaml)