-
Notifications
You must be signed in to change notification settings - Fork 294
218 lines (212 loc) · 10.2 KB
/
trybot.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
# Code generated internal/ci/ci_tool.cue; DO NOT EDIT.
name: TryBot
"on":
push:
branches:
- ci/test
- master
- release-branch.*
tags-ignore:
- v*
pull_request: {}
workflow_dispatch: {}
jobs:
test:
strategy:
fail-fast: false
matrix:
go-version:
- 1.20.x
- 1.21.x
runner:
- ubuntu-22.04
- macos-11
- windows-2022
runs-on: ${{ matrix.runner }}
defaults:
run:
shell: bash
if: |-
(contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"trybot"')) || ! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
steps:
- name: Checkout code
uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Reset git directory modification times
run: touch -t 202211302355 $(find * -type d)
- name: Restore git file modification times
uses: chetan/git-restore-mtime-action@075f9bc9d159805603419d50f794bd9f33252ebe
- id: DispatchTrailer
name: Try to extract Dispatch-Trailer
run: |-
x="$(git log -1 --pretty='%(trailers:key=Dispatch-Trailer,valueonly)')"
if [[ "$x" == "" ]]
then
# Some steps rely on the presence or otherwise of the Dispatch-Trailer.
# We know that we don't have a Dispatch-Trailer in this situation,
# hence we use the JSON value null in order to represent that state.
# This means that GitHub expressions can determine whether a Dispatch-Trailer
# is present or not by checking whether the fromJSON() result of the
# output from this step is the JSON value null or not.
x=null
fi
echo "value<<EOD" >> $GITHUB_OUTPUT
echo "$x" >> $GITHUB_OUTPUT
echo "EOD" >> $GITHUB_OUTPUT
- if: |-
((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) && (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
name: Check we don't have Dispatch-Trailer on a protected branch
run: |-
echo "github.event.head_commit.message contains Dispatch-Trailer"
echo "github.event.head_commit.message value"
cat <<EOD
${{ github.event.head_commit.message }}
EOD
echo "containsDispatchTrailer expression"
cat <<EOD
(contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
EOD
false
- name: Install Go
uses: actions/setup-go@v4
with:
cache: false
go-version: ${{ matrix.go-version }}
- id: go-mod-cache-dir
name: Get go mod cache directory
run: echo "dir=$(go env GOMODCACHE)" >> ${GITHUB_OUTPUT}
- id: go-cache-dir
name: Get go build/test cache directory
run: echo "dir=$(go env GOCACHE)" >> ${GITHUB_OUTPUT}
- if: |-
(((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) || (github.ref == 'refs/heads/ci/test'))
uses: actions/cache@v3
with:
path: |-
${{ steps.go-mod-cache-dir.outputs.dir }}/cache/download
${{ steps.go-cache-dir.outputs.dir }}
key: ${{ runner.os }}-${{ matrix.go-version }}-${{ github.run_id }}
restore-keys: ${{ runner.os }}-${{ matrix.go-version }}
- if: |-
! (((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) || (github.ref == 'refs/heads/ci/test'))
uses: actions/cache/restore@v3
with:
path: |-
${{ steps.go-mod-cache-dir.outputs.dir }}/cache/download
${{ steps.go-cache-dir.outputs.dir }}
key: ${{ runner.os }}-${{ matrix.go-version }}-${{ github.run_id }}
restore-keys: ${{ runner.os }}-${{ matrix.go-version }}
- if: |-
github.repository == 'cue-lang/cue' && (((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) || github.ref == 'refs/heads/ci/test')
run: go clean -testcache
- if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
name: Early git and code sanity checks
run: |-
# Ensure the recent commit messages have Signed-off-by headers. We
# only need to check the HEAD commit because all commits are tested
# in CI. Unclear why git log outputs blank lines when parsing trailers
# in this way, but we remove those blank lines so as not to skew the
# count of the trailers we are searching for.
#
# TODO: Remove once this is enforced for admins too;
# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229
if [[ "$(git log -1 --pretty='%(trailers:key=Signed-off-by)' | sed '/^\s*$/d' | wc -l)" -eq 0 ]]; then
echo -e "\nRecent commit is lacking Signed-off-by:\n"
git show --quiet
exit 1
fi
# Ensure that commit messages have a blank second line.
# We know that a commit message must be longer than a single
# line because each commit must be signed-off.
if git log --format=%B -n 1 HEAD | sed -n '2{/^$/{q1}}'; then
echo "second line of commit message must be blank"
exit 1
fi
# Ensure that the commit author is the same as the signed-off-by. This
# is a basic requirement of DCO. It is enforced by Gerrit (although
# noting that in Gerrit the author name does not have to match, only
# the email address), but _not_ by the DCO GitHub app:
#
# https://github.com/dcoapp/app/issues/201
#
# Provide a sanity check as part of GitHub workflows that should enforce
# this, e.g. trybot workflows.
#
# We do so by comparing the commit author and "Signed-off-by" trailer for
# strict equality. Whilst this is more strict than Gerrit, it should
# generally be the case, and we can always relax this when presented with
# specific situations where it is is a problem.
# commit author email address
commitauthor="$(git log -1 --pretty="%ae")"
# signed-off-by trailer email address. There is no way to parse just the
# email address from the trailer in the same way as git log, so instead
# grab the relevant trailer and then take the last whitespace-delimited
# part as the "<>" contained email address.
# Getting the Signed-off-by trailer in this way causes blank
# lines for some reason. Use awk to remove them.
commitsigner="$(git log -1 --pretty='%(trailers:key=Signed-off-by,valueonly)' | sed -ne 's/.* <\(.*\)>/\1/p')"
if [[ "$commitauthor" != "$commitsigner" ]]; then
echo "commit author email address does not match signed-off-by trailer"
exit 1
fi
- if: |-
((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) || (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
run: echo CUE_LONG=true >> $GITHUB_ENV
- if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
name: Generate
run: go generate ./...
- if: |-
((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) || !(matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
name: Test
run: go test ./...
- if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
name: Test with -race
run: go test -race ./...
env:
GORACE: atexit_sleep_ms=10
- name: gcloud auth for end-to-end tests
id: auth
if: |-
github.repository == 'cue-lang/cue' && ((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) && (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
uses: google-github-actions/auth@v1
with:
credentials_json: ${{ secrets.E2E_GCLOUD_KEY }}
- if: |-
github.repository == 'cue-lang/cue' && ((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) && (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
name: gcloud setup for end-to-end tests
uses: google-github-actions/setup-gcloud@v1
- if: |-
github.repository == 'cue-lang/cue' && ((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) && (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
name: End-to-end test
env:
GITHUB_TOKEN: ${{ secrets.E2E_GITHUB_TOKEN }}
run: |-
cd internal/e2e
go test
- if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
name: Check
run: |-
for module in . internal/e2e; do
(
cd $module
go vet ./...
go mod tidy
)
done
- name: Check that git is clean at the end of the job
run: test -z "$(git status --porcelain)" || (git status; git diff; false)