-
Notifications
You must be signed in to change notification settings - Fork 49
193 lines (150 loc) · 7.31 KB
/
Copy pathci.yml
File metadata and controls
193 lines (150 loc) · 7.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
name: "ci"
on:
# Run using manual triggers from GitHub UI:
# https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow
workflow_dispatch: {}
# Run on every pull request:
pull_request: {}
# Run on merge queue validation:
merge_group: {}
# Run on 'main' pushes to refresh the CI caches that PRs restore from
push:
branches:
- "main"
# In the event that there is a new push to the ref, cancel any running jobs because they are now obsolete, wasting resources.
permissions: {}
# Queue ci workflows for the same branch (main pushes queue to finish updating the cache; PR runs cancel stale ones):
concurrency:
group: "${{ github.workflow }}-${{ github.ref_name }}"
cancel-in-progress: "${{ github.event_name == 'pull_request' }}"
jobs:
ci:
runs-on: "ubuntu-24.04" # _SLANG_DEV_CONTAINER_BASE_IMAGE_ (keep in sync)
permissions:
contents: "read"
steps:
- name: "Checkout Repository"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
with:
persist-credentials: false
fetch-depth: 0 # Full history is needed by 'git/restore-mtime' to find each file's last commit time.
- name: "Free up disk space"
uses: "./.github/actions/free-disk-space"
- name: "Restore file mtimes from git"
uses: "./.github/actions/git/restore-mtime"
# Cache is updated in this workflow, and reused in subsequent workflows.
# Always start with a fresh cache when running on the main branch.
- name: "Restore Dependencies Cache"
if: "${{ github.ref_name != 'main' }}"
uses: "./.github/actions/cache/dependencies/restore"
# Restore compiled Rust artifacts from a previous build on main for non-main runs,
# but intentionally skip this restore for merge-queue validation so merge_group
# runs compile without the target cache.
- name: "Restore Cargo Target Cache"
if: "${{ github.ref_name != 'main' && github.event_name != 'merge_group' }}"
uses: "./.github/actions/cache/cargo-target/restore"
- name: "Setup SFW (optional)"
uses: "./.github/actions/setup-sfw"
with:
optional: "true"
#
# Run all CI steps in order: _SLANG_INFRA_CI_STEPS_ORDERED_ (keep in sync)
#
- name: "infra setup"
run: "${SFW_PREFIX:-} ./scripts/bin/infra setup"
- name: "infra check"
run: "${SFW_PREFIX:-} ./scripts/bin/infra check"
- name: "infra test"
run: "./scripts/bin/infra test"
- name: "infra lint"
run: "./scripts/bin/infra lint"
# On main pushes, warm the dependency and cargo-target caches with the perf
# toolchain (bencher_cli, iai-callgrind-runner, and the bench binaries) so
# subsequent PR perf runs don't compile them from scratch. Wrapped: these
# cargo-install from crates.io (no bencher upload, so no MITM concern).
- name: "infra perf cargo --smoke slang-v2"
if: "${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'main' }}"
run: "${SFW_PREFIX:-} ./scripts/bin/infra perf cargo --smoke --no-apt-deps slang-v2"
- name: "infra perf npm --smoke"
if: "${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'main' }}"
run: "${SFW_PREFIX:-} ./scripts/bin/infra perf npm --smoke"
- name: "Save Cargo Target Cache"
if: "${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'main' }}"
uses: "./.github/actions/cache/cargo-target/save"
- name: "Save Dependencies Cache"
if: "${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'main' }}"
uses: "./.github/actions/cache/dependencies/save"
cargo-cooldown-check:
runs-on: "ubuntu-24.04" # _SLANG_DEV_CONTAINER_BASE_IMAGE_ (keep in sync)
permissions:
contents: "read"
steps:
- name: "Checkout Repository"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
with:
persist-credentials: false
fetch-depth: 0 # Full history is needed by 'git/restore-mtime' to find each file's last commit time.
- name: "Restore file mtimes from git"
uses: "./.github/actions/git/restore-mtime"
# Cache is updated in this workflow, and reused in subsequent workflows.
# Always start with a fresh cache when running on the main branch.
- name: "Restore Cargo Cooldown Cache"
if: "${{ github.ref_name != 'main' }}"
uses: "./.github/actions/cache/cargo-cooldown/restore"
- name: "Setup SFW (optional)"
uses: "./.github/actions/setup-sfw"
with:
optional: "true"
- name: "Cargo cooldown check"
run: "${SFW_PREFIX:-} ./scripts/bin/with-hermit cargo cooldown-check"
- name: "Save Cargo Cooldown Cache"
if: "${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'main' }}"
uses: "./.github/actions/cache/cargo-cooldown/save"
renovate-config-check:
runs-on: "ubuntu-24.04" # _SLANG_DEV_CONTAINER_BASE_IMAGE_ (keep in sync)
permissions:
contents: "read"
steps:
- name: "Checkout Repository"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
with:
persist-credentials: false
- name: "Setup SFW (optional)"
uses: "./.github/actions/setup-sfw"
with:
optional: "true"
- name: "Renovate schema check"
run: "${SFW_PREFIX:-} ./bin/npx --yes --package renovate -- renovate-config-validator renovate.json"
- name: "Renovate extraction dry-run"
env:
# Without a token, github-tags/github-releases lookups (e.g. bencher_cli) hit the
# anonymous 60 req/hr rate limit shared across the runner IP.
GITHUB_COM_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
LOG_LEVEL: "debug"
run: "${SFW_PREFIX:-} ./bin/npx --yes renovate --platform=local --dry-run=full"
# The full CI runs on the bare runner so it can reuse the cargo-target cache;
# reproducing that cache-mount setup inside a devcontainer would slow CI down
# rather than speed it up. This job is kept as a minimal smoke test that the
# devcontainer image still builds and can run the tooling it's expected to.
validate-devcontainer:
runs-on: "ubuntu-24.04" # _SLANG_DEV_CONTAINER_BASE_IMAGE_ (keep in sync)
permissions:
contents: "read"
steps:
- name: "Checkout Repository"
uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" # v6.0.2
with:
persist-credentials: false
# The devcontainers/ci action pulls and/or builds the devcontainer image
# below, which is tight on the stock ubuntu-24.04 runner; freeing unused
# pre-installed tooling first keeps the image build from failing on space.
- name: "Free up disk space"
uses: "./.github/actions/free-disk-space"
- name: "infra setup pipenv"
uses: "./.github/actions/devcontainer/run"
with:
runCmd: "./scripts/bin/infra setup pipenv"
- name: "infra lint mkdocs"
uses: "./.github/actions/devcontainer/run"
with:
runCmd: "./scripts/bin/infra lint mkdocs"