-
Notifications
You must be signed in to change notification settings - Fork 38
209 lines (183 loc) · 7.67 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
name: ci
on:
workflow_dispatch:
merge_group:
pull_request:
push:
branches:
- master
- releases/*
# We set `concurrency` to prevent having this workflow being run on code that is not up-to-date on a PR (a user make multiple push in a quick manner).
# But on the main branch, we don't want that behavior.
# Having the workflow run on each merge commit is something we would like, that could help us where a regression was made and missed by previous checks.
#
# For that we use `head_ref` that is only defined on `pull-request` and fallback to `run_id` (this is a counter, so it's value is unique between workflow call).
concurrency:
group: ci-${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read
packages: read
jobs:
dispatch:
runs-on: ubuntu-22.04
outputs:
rust: ${{ steps.need-check.outputs.rust }}
python: ${{ steps.need-check.outputs.python }}
python-style-only: ${{ steps.need-check.outputs.python_style_only }}
rust-platform-crates: ${{ steps.need-check.outputs.rust_platform_crates }}
web: ${{ steps.need-check.outputs.web }}
docs: ${{ steps.need-check.outputs.docs }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin v4.1.1
timeout-minutes: 5
- uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # pin v2.11.1
id: changes
with:
list-files: shell
filters: .github/filters/ci.yml
timeout-minutes: 5
- name: Determine which workflows need to be run
id: need-check
run: |
env | grep NEED_CHECK_
set -eux -o pipefail
for check in $(env | grep -o 'NEED_CHECK_[a-z_]\+' ); do
env_value=$(eval "echo \${$check}")
echo "${check#NEED_CHECK_}=$env_value"
done | tee -a $GITHUB_OUTPUT
env:
NEED_CHECK_rust: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.rust-jobs == 'true' }}
NEED_CHECK_web: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.web-jobs == 'true' }}
NEED_CHECK_python: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.python-jobs == 'true' }}
# Basically we want to only check the python code style when we modify a file that ins't related to the parsec server (e.g.: bindings/generator/generate.py)
# Thus don't require to run the python test.
NEED_CHECK_python_style_only: ${{ steps.changes.outputs.python-jobs == 'false' && steps.changes.outputs.any-python-files == 'true' }}
NEED_CHECK_rust_platform_crates: ${{ steps.changes.outputs.rust-platform-crates == 'true' }}
NEED_CHECK_docs: ${{ steps.changes.outputs.docs-jobs == 'true' }}
# Github PR merging is configured to only require this job to pass
ci-is-happy:
name: ⭐ CI is happy ⭐
needs:
- dispatch
- quality-assurance
- python
- rust
- web
- spelling
- docs
runs-on: ubuntu-latest
if: always()
# Just a fail-safe timeout, see the fine grain per-task timeout instead
timeout-minutes: 2
steps:
- name: Requirement fulfilled
run: |
#!python3
import os
import json
NOT_A_JOB = ('python-style-only', 'rust-platform-crates')
needs = json.loads(os.environ["NEEDS"])
print("NEEDS:", json.dumps(needs, indent=4), sep="\n")
# Check jobs aren't failed or cancelled.
for name, job in needs.items():
if job["result"] in ("cancelled", "failure"):
raise ValueError(f"The job `{name}` is in a invalid state: {job['result']}")
# Check required jobs, here we just need to check that the state is `success` and not `skipped`.
for job_name, required in needs["dispatch"]["outputs"].items():
if job_name in NOT_A_JOB:
continue
if job_name not in needs:
print(f"Job: `{job_name}` isn't required!")
continue
assert required in ("true", "false")
job_result = needs[job_name]["result"]
if required == "true" and job_result != "success":
raise ValueError(
f"The required job `{job_name}` should be in a success state but is not (state={job_result})"
)
env:
NEEDS: ${{ toJSON(needs) }}
shell: python
spelling:
uses: ./.github/workflows/cspell.yml
##############################################################################
# 📊 Q&A #
##############################################################################
quality-assurance:
name: 📊 Q&A
# All linux jobs must run the same ubuntu version to avoid Rust caching issues !
runs-on: ubuntu-20.04
# Just a fail-safe timeout, see the fine grain per-task timeout instead
timeout-minutes: 10
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin v4.1.1
timeout-minutes: 5
- uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # pin v2.11.1
id: newsfragment-have-changed
with:
filters: |
newsfragments:
- newsfragments/**
- name: Check tools version
run: |
echo "::add-matcher::.github/custom-problem-matchers/version-updater.json"
python3 --version
python3 misc/version_updater.py --check
echo "::remove-matcher owner=version-updater::"
timeout-minutes: 2
- name: Check Commit Signature
run: python .github/scripts/check_commit_signature.py
- name: Check News fragments
if: |
github.event_name == 'pull_request'
&& !(
startsWith(github.head_ref, 'releases/')
|| startsWith(github.head_ref, 'revert')
|| startsWith(github.head_ref, 'acknowledge')
)
&& steps.newsfragment-have-changed.outputs.newsfragments == 'true'
run: |
whereis git
git fetch origin ${{ github.base_ref }}
python .github/scripts/check_newsfragments.py --base=${{ github.base_ref }}
timeout-minutes: 5
- name: Patch pre-commit for line-ending
id: patched-pre-commit-config
run: |
TEMP_FILE=$(mktemp)
sed '/id: mixed-line-ending/a\ args: [ --fix=lf ]' .pre-commit-config.yaml > $TEMP_FILE
diff --unified .pre-commit-config.yaml $TEMP_FILE || true
echo "path=$TEMP_FILE" >> $GITHUB_OUTPUT
# Clippy basically compile the project, hence it's faster to run it in
# the test-rust-matrix job where compilation cache is reused !
- uses: ./.github/actions/use-pre-commit
with:
config-file: ${{ steps.patched-pre-commit-config.outputs.path }}
env:
SKIP: clippy,fmt,cspell,ruff,black,mypy,eslint
timeout-minutes: 5
python:
needs:
- dispatch
if: needs.dispatch.outputs.python == 'true' || needs.dispatch.outputs.python-style-only == 'true'
uses: ./.github/workflows/ci-python.yml
with:
style-only: ${{ needs.dispatch.outputs.python-style-only == 'true' }}
rust:
needs:
- dispatch
if: needs.dispatch.outputs.rust == 'true'
uses: ./.github/workflows/ci-rust.yml
with:
run-wasm-tests: ${{ needs.dispatch.outputs.rust-platform-crates == 'true'}}
web:
needs:
- dispatch
if: needs.dispatch.outputs.web == 'true'
uses: ./.github/workflows/ci-web.yml
docs:
needs:
- dispatch
if: needs.dispatch.outputs.docs == 'true'
uses: ./.github/workflows/ci-docs.yml