-
Notifications
You must be signed in to change notification settings - Fork 10
156 lines (129 loc) · 4.74 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: CI
on:
merge_group:
pull_request:
schedule:
- cron: "0 3 * * 3"
workflow_dispatch:
concurrency:
group: ci-${{ github.ref }}
cancel-in-progress: true
env:
CARGO_TERM_COLOR: always
jobs:
maybe-expedite:
outputs:
value: ${{ steps.expedite.outputs.value }}
runs-on: ubuntu-latest
steps:
- name: Log github refs
run: |
echo '```' >> "$GITHUB_STEP_SUMMARY"
echo 'github.ref: ${{ github.ref }}' >> "$GITHUB_STEP_SUMMARY"
echo 'github.sha: ${{ github.sha }}' >> "$GITHUB_STEP_SUMMARY"
echo '```' >> "$GITHUB_STEP_SUMMARY"
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check if merging an up-to-date branch
if: ${{ github.event_name == 'merge_group' }}
id: expedite
run: |
N="$(expr "${{ github.ref }}" : '.*-\([0-9]\+\)-[^-]*$')"
BASE_SHA="$(gh api /repos/${{ github.repository }}/pulls/"$N" | jq -r '.base.sha')"
if git diff --quiet ${{ github.event.merge_group.base_sha }} "$BASE_SHA"; then
echo "value=1" >> "$GITHUB_OUTPUT"
fi
env:
GH_TOKEN: ${{ github.token }}
test:
needs: [maybe-expedite]
if: ${{ ! needs.maybe-expedite.outputs.value }}
strategy:
fail-fast: ${{ github.event_name == 'merge_group' }}
matrix:
environment: [ubuntu-latest, ubuntu-24.04, macos-latest, windows-latest]
test: [third_party_0, third_party_1, trycmd, other]
include:
- environment: ubuntu-latest
test: ci
runs-on: ${{ matrix.environment }}
defaults:
run:
shell: bash
steps:
- uses: actions/checkout@v4
- uses: actions/cache@v4
with:
path: |
~/.avm
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
~/.dylint_drivers/
~/.rustup/toolchains/
target/dylint/
key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
- name: Rustup
run: rustup update
- name: Install CI tools
if: ${{ matrix.test == 'ci' }}
run: |
rustup +nightly component add clippy rustfmt
cargo install cargo-dylint --git=https://github.com/trailofbits/dylint --no-default-features --features=cargo-cli || true
cargo install dylint-link || true
cargo install cargo-hack || true
cargo install cargo-license || true
cargo install cargo-sort || true
cargo install cargo-udeps --locked || true
cargo install cargo-unmaintained || true
- name: Install testing tools
if: ${{ matrix.test != 'ci' }}
uses: ./.github/actions/install-testing-tools
- name: Free up space on Ubuntu
if: ${{ matrix.environment == 'ubuntu-latest' }}
run: |
# https://github.com/actions/runner-images/issues/2606#issuecomment-772683150
sudo rm -rf /usr/local/lib/android
sudo rm -rf /usr/share/dotnet
sudo rm -rf /usr/share/swift
# du -sh /usr/*/* 2>/dev/null | sort -h || true
- name: Disable incremental compilation on Windows
if: ${{ matrix.environment == 'windows-latest' }}
run: echo 'CARGO_INCREMENTAL=0' >> "$GITHUB_ENV"
- name: Enable debug logging
if: ${{ runner.debug == 1 }}
run: echo 'RUST_LOG=debug' >> "$GITHUB_ENV"
- name: Build
run: |
if [[ '${{ matrix.test }}' != 'other' ]]; then
$CARGO_TEST -p necessist --test ${{ matrix.test }}
else
$CARGO_TEST -p necessist --test general
$CARGO_TEST -p necessist-backends
$CARGO_TEST -p necessist-core
fi
env:
CARGO_TEST: cargo test --no-run
- name: Test
run: |
if [[ '${{ matrix.test }}' != 'other' ]]; then
cargo test -p necessist --test ${{ matrix.test }} -- --nocapture
else
cargo test -p necessist --test general
cargo test -p necessist-backends
cargo test -p necessist-core
fi
all-checks:
needs: [test]
# smoelius: From "Defining prerequisite jobs"
# (https://docs.github.com/en/actions/using-jobs/using-jobs-in-a-workflow#defining-prerequisite-jobs):
# > If you would like a job to run even if a job it is dependent on did not succeed, use the
# > `always()` conditional expression in `jobs.<job_id>.if`.
if: ${{ always() }}
runs-on: ubuntu-latest
steps:
- name: Check results
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }}
run: exit 1