cybercyst/jj
1
0
Fork 0
mirror of https://github.com/martinvonz/jj.git synced 2025-05-05 15:32:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
jj/.github/workflows/ci.yml
Emily 3ad42b8f15 github: use faster linkers in CI 
This shaves off something like 20 to 40 seconds for Linux. It’s
seemingly within the margin of error for Windows, so not sure if
we’ll want to keep it there.
2025-03-18 02:22:47 +00:00

336 lines
11 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

name: ci
on:
pull_request:
merge_group:
concurrency:
group: >-
${{ github.workflow }}-${{
github.event.pull_request.number
|| github.event.merge_group.head_ref
}}
cancel-in-progress: true
permissions: {}
jobs:
test:
strategy:
fail-fast: ${{ github.event_name == 'merge_group' }}
matrix:
build: [linux-x86_64-gnu, 'linux-x86_64-gnu, no git2', linux-aarch64-gnu, macos-x86_64, macos-aarch64, windows-x86_64]
include:
- build: linux-x86_64-gnu
os: ubuntu-24.04
cargo_flags: "--all-features"
- build: 'linux-x86_64-gnu, no git2'
os: ubuntu-24.04
cargo_flags: "--no-default-features --features git"
# Ensure we dont link to `libgit2`.
LIBGIT2_NO_VENDOR: 1
- build: linux-aarch64-gnu
os: ubuntu-24.04-arm
cargo_flags: "--all-features"
- build: macos-x86_64
os: macos-14
targets: x86_64-apple-darwin
# We pass `--target` here rather than unconditionally for all
# platforms because otherwise Rust flag settings are ignored
# for build scripts and the like, preventing us from getting
# the full benefit from faster linkers.
#
# See:
# * <https://doc.rust-lang.org/1.84.1/cargo/reference/config.html#buildrustflags>
# * <https://github.com/rust-lang/cargo/issues/4423>
cargo_flags: "--target x86_64-apple-darwin --features vendored-openssl"
- build: macos-aarch64
os: macos-14
cargo_flags: ""
- build: windows-x86_64
os: windows-2022
cargo_flags: ""
runs-on: ${{ matrix.os }}
# TODO FIXME (aseipp): keep the timeout limit to ~15 minutes. this is long
# enough to give us runway for the future, but also once we hit it, we're at
# the "builds are taking too long" stage and we should start looking at ways
# to optimize the CI.
#
# at the same time, this avoids some issues where some flaky, bugged tests
# seem to be causing multi-hour runs on Windows (GPG signing issues), which
# is a problem we should fix. in the mean time, this will make these flakes
# less harmful, as it won't cause builds to spin for multiple hours, requiring
# manual cancellation.
#
# FIXME (aseipp, 2025-02-06): bumped to 20min.
timeout-minutes: 20
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Set up Windows Builders
uses: ./.github/actions/setup-windows
- name: Install Rust
uses: dtolnay/rust-toolchain@a54c7afa936fefeb4456b2dd8068152669aa8203
with:
toolchain: 1.84
target: ${{ matrix.targets }}
- uses: taiki-e/install-action@0f58b6a196e0d71c72fd459ab8fd8b228f85f669
with:
tool: nextest,taplo-cli
- name: Install mold
uses: rui314/setup-mold@f80524ca6eeaa76759b57fb78ddce5d87a20c720
with:
make-default: false
- name: Build
run: >-
cargo build
--config .cargo/config-ci.toml
--workspace
--all-targets
--verbose
${{ matrix.cargo_flags }}
env:
LIBGIT2_NO_VENDOR: ${{ matrix.LIBGIT2_NO_VENDOR || '0' }}
- name: Test
run: >-
cargo nextest run
--config .cargo/config-ci.toml
--workspace
--all-targets
--verbose
--profile ci
${{ matrix.cargo_flags }}
env:
RUST_BACKTRACE: 1
CARGO_TERM_COLOR: always
LIBGIT2_NO_VENDOR: ${{ matrix.LIBGIT2_NO_VENDOR || '0' }}
no-git:
name: build (no git)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Install Rust
uses: dtolnay/rust-toolchain@a54c7afa936fefeb4456b2dd8068152669aa8203
with:
toolchain: 1.84
- name: Build
run: cargo build -p jj-cli --no-default-features --verbose
build-nix:
name: nix flake
strategy:
fail-fast: ${{ github.event_name == 'merge_group' }}
matrix:
os: [ubuntu-24.04, ubuntu-24.04-arm, macos-14]
runs-on: ${{ matrix.os }}
timeout-minutes: 20
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
fetch-depth: 0
persist-credentials: false
- uses: DeterminateSystems/nix-installer-action@e50d5f73bfe71c2dd0aa4218de8f4afa59f8f81d
- run: nix flake check -L --show-trace
check-protos:
name: check (protos)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@a54c7afa936fefeb4456b2dd8068152669aa8203
with:
toolchain: stable
- run: sudo apt update && sudo apt-get -y install protobuf-compiler
- name: Generate Rust code from .proto files
run: cargo run -p gen-protos
- name: Check for uncommitted changes
run: git diff --exit-code
check-rustfmt:
name: check (rustfmt)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@a54c7afa936fefeb4456b2dd8068152669aa8203
with:
toolchain: nightly
components: rustfmt
- run: cargo +nightly fmt --all -- --check
check-clippy:
name: check (clippy)
permissions:
checks: write
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@a54c7afa936fefeb4456b2dd8068152669aa8203
with:
toolchain: stable
components: clippy
- run: cargo +stable clippy --all-features --workspace --all-targets -- -D warnings
check-cargo-deny:
runs-on: ubuntu-24.04
strategy:
matrix:
checks:
- advisories
- bans
- licenses
- sources
# Prevent sudden announcement of a new advisory from failing ci:
continue-on-error: ${{ matrix.checks == 'advisories' }}
name: check (cargo-deny, ${{ matrix.checks }})
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- uses: EmbarkStudios/cargo-deny-action@34899fc7ba81ca6268d5947a7a16b4649013fea1
with:
command: check ${{ matrix.checks }}
check-codespell:
name: check (codespell)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38
with:
python-version: 3.11
- name: Install uv
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231
with:
# If you bump the version, also update docs/contributing.md
# and all other workflows that install uv
version: "0.5.1"
- name: Run Codespell
run: uv run -- codespell && echo Codespell exited successfully
check-doctests:
name: check (doctests)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
with:
toolchain: 1.84
# NOTE: We need to run `cargo test --doc` separately from normal tests:
# - `cargo build --all-targets` specifies: "Build all targets"
# - `cargo test --all-targets` specifies: "Test all targets (does not include doctests)"
- name: Run doctests
run: cargo test --workspace --doc
env:
RUST_BACKTRACE: 1
- name: Check `cargo doc` for lint issues
env:
RUSTDOCFLAGS: "--deny warnings"
run: cargo doc --workspace --no-deps
check-mkdocs:
name: check (mkdocs)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38
with:
python-version: 3.11
- name: Install uv
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231
with:
# If you bump the version, also update docs/contributing.md
# and all other workflows that install uv
version: "0.5.1"
- name: Check that `mkdocs` can build the docs
run: uv run -- mkdocs build --strict
# An optional job to alert us when uv updates break the build
check-mkdocs-latest:
name: check (latest mkdocs, optional)
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Install uv
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231
# 'only-managed' means that uv will always download Python, even
# if the runner happens to provide a compatible version
- name: Check that `mkdocs` can build the docs
run: uv run --python-preference=only-managed -- mkdocs build --strict
check-zizmor:
name: check (zizmor)
runs-on: ubuntu-latest
permissions:
security-events: write
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
with:
persist-credentials: false
- name: Install the latest version of uv
uses: astral-sh/setup-uv@f94ec6bedd8674c4426838e6b50417d36b6ab231
- name: Run zizmor
run: uvx zizmor --format sarif . > results.sarif
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@6bb031afdd8eb862ea3fc1848194185e076637e5
with:
sarif_file: results.sarif
category: zizmor
# Block the merge if required checks fail, but only in the merge
# queue. See also `required-checks-hack.yml`.
required-checks:
name: required checks (merge queue)
if: ${{ always() && github.event_name == 'merge_group' }}
needs:
- test
- no-git
- build-nix
- check-protos
- check-rustfmt
- check-clippy
- check-cargo-deny
- check-codespell
- check-doctests
- check-mkdocs
# - check-mkdocs-latest
# - check-zizmor
runs-on: ubuntu-latest
steps:
- name: Block merge if required checks fail
if: >-
${{
contains(needs.*.result, 'failure')
|| contains(needs.*.result, 'cancelled')
}}
run: exit 1
Reference in New Issue View Git Blame Copy Permalink