Implement Linux sandboxes #90

Workflow file for this run

.github/workflows/vorpal.yaml at c8cd34d

	name: vorpal

	on:
	pull_request:
	push:
	branches:
	- main

	env:
	RUST_VERSION: 1.80.1

	jobs:
	dev:
	runs-on: ${{ matrix.runner }}
	strategy:
	matrix:
	runner:
	- macos-latest
	- ubuntu-latest
	- ubuntu-latest-arm64
	steps:
	- uses: actions/checkout@v4

	- uses: actions/cache/restore@v4
	with:
	key: dev-env-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('script/dev.sh', 'script/dev/**') }}
	path: .env

	- if: matrix.runner != 'macos-latest'
	run: ./script/debian.sh "dev"

	- run: ./script/dev.sh
	- run: ./script/dev.sh cargo --version
	- run: ./script/dev.sh rustc --version
	- run: ./script/dev.sh sha256sum --version
	- run: ./script/dev.sh nickel --version
	- run: ./script/dev.sh protoc --version
	- run: ./script/dev.sh zstd --version

	- uses: actions/cache/save@v4
	with:
	key: dev-env-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('script/dev.sh', 'script/dev/**') }}
	path: .env

	code-quality:
	needs:
	- dev
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v4

	- uses: actions/cache/restore@v4
	with:
	key: dev-env-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('script/dev.sh', 'script/dev/**') }}
	path: .env

	- uses: actions/cache/restore@v4
	with:
	key: package-target-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('Cargo.lock') }}
	path: target

	- run: ./script/dev.sh # prebake
	- run: ./script/dev.sh make format
	- run: ./script/dev.sh make lint

	package:
	needs:
	- code-quality
	runs-on: ${{ matrix.runner }}
	strategy:
	matrix:
	runner:
	- macos-latest
	- ubuntu-latest
	- ubuntu-latest-arm64
	steps:
	- uses: actions/checkout@v4

	- uses: actions/cache/restore@v4
	with:
	key: dev-env-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('script/dev.sh', 'script/dev/**') }}
	path: .env

	- uses: actions/cache/restore@v4
	with:
	key: package-target-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('Cargo.lock') }}
	path: target

	- run: ./script/dev.sh # prebake
	- run: ./script/dev.sh make dist

	- run: \|
	echo "ARCH=$(uname -m \| tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV
	echo "OS=$(uname -s \| tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

	- uses: actions/upload-artifact@v4
	with:
	name: vorpal-${{ env.ARCH }}-${{ env.OS }}
	path: vorpal-${{ env.ARCH }}-${{ env.OS }}.tar.gz

	- uses: actions/cache/save@v4
	with:
	key: package-target-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('Cargo.lock') }}
	path: target

	package-sandbox:
	runs-on: ${{ matrix.runner }}
	strategy:
	matrix:
	runner:
	- macos-latest
	- ubuntu-latest
	- ubuntu-latest-arm64
	steps:
	- uses: actions/checkout@v4

	- if: matrix.runner != 'macos-latest'
	run: ./script/debian.sh "sandbox"

	- run: ./script/sandbox.sh

	- run: \|
	OS=$(uname -s \| tr '[:upper:]' '[:lower:]')
	SANDBOX_HASH=$(cat "${PWD}/script/sandbox/sha256sum/${OS}/sandbox")
	echo "ARCH=$(uname -m \| tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV
	echo "OS=${OS}" >> $GITHUB_ENV
	echo "SANDBOX_HASH=${SANDBOX_HASH}" >> $GITHUB_ENV

	- run: \|
	cp "/var/lib/vorpal/store/vorpal-sandbox-${SANDBOX_HASH}.package.tar.zst" \
	"${PWD}/vorpal-sandbox-${SANDBOX_HASH}.package.tar.zst"

	- uses: actions/upload-artifact@v4
	with:
	name: vorpal-sandbox-${{ env.ARCH }}-${{ env.OS }}
	path: vorpal-sandbox-${{ env.SANDBOX_HASH }}.package.tar.zst

	test:
	needs:
	- package
	- package-sandbox
	runs-on: ${{ matrix.runner }}
	strategy:
	matrix:
	runner:
	- macos-latest
	# - ubuntu-latest
	# - ubuntu-latest-arm64
	steps:
	- uses: actions/checkout@v4

	- uses: actions/cache/restore@v4
	with:
	key: dev-env-${{ runner.arch }}-${{ runner.os }}-${{ hashFiles('script/dev.sh', 'script/dev/**') }}
	path: .env

	- run: echo "$PWD/.env/bin" >> $GITHUB_PATH

	- run: which nickel

	- run: \|
	echo "ARCH=$(uname -m \| tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV
	echo "OS=$(uname -s \| tr '[:upper:]' '[:lower:]')" >> $GITHUB_ENV

	- uses: actions/download-artifact@v4
	with:
	name: vorpal-${{ env.ARCH }}-${{ env.OS }}

	- run: tar -xzf "vorpal-${ARCH}-${OS}.tar.gz"

	- run: \|
	sudo mkdir -p /var/lib/vorpal
	sudo chown -R $(id -u):$(id -g) /var/lib/vorpal

	- run: ./vorpal keys generate

	- run: ./vorpal validate

	- run: \|
	./vorpal worker start > worker_output.log 2>&1 &
	WORKER_PID=$(echo $!)
	echo "WORKER_PID=$WORKER_PID" >> $GITHUB_ENV
	echo "Worker pid: $WORKER_PID"

	- run: ./vorpal build

	- if: always()
	run: \|
	cat worker_output.log
	kill $WORKER_PID

	# release:
	# needs:
	# - test
	# permissions:
	# attestations: write
	# contents: write
	# id-token: write
	# packages: write
	# runs-on: ubuntu-latest
	# steps:
	# - uses: actions/checkout@v4
	#
	# - uses: actions/download-artifact@v4
	# with:
	# fail-on-cache-miss: true
	# pattern: vorpal-*
	#
	# - run: git fetch --tags
	#
	# - if: github.ref == 'refs/heads/main'
	# env:
	# GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	# run: \|
	# if gh release view edge > /dev/null 2>&1; then
	# gh release delete --cleanup-tag --yes edge
	# fi
	# git tag edge
	# git push --tags
	#
	# - if: github.ref == 'refs/heads/main'
	# uses: softprops/action-gh-release@v2
	# with:
	# body: Latest artifacts from `main` branch when merged.
	# fail_on_unmatched_files: true
	# files: \|
	# vorpal-aarch64-linux/vorpal-aarch64-linux.tar.gz
	# vorpal-x86_64-linux/vorpal-x86_64-linux.tar.gz
	# name: edge
	# prerelease: true
	# tag_name: refs/tags/edge
	#
	# - run: \|
	# mkdir -p dist/aarch64-linux
	# mkdir -p dist/x86_64-linux
	# tar -xzf vorpal-aarch64-linux/vorpal-aarch64-linux.tar.gz -C dist/aarch64-linux
	# tar -xzf vorpal-x86_64-linux/vorpal-x86_64-linux.tar.gz -C dist/x86_64-linux
	#
	# - if: github.ref == 'refs/heads/main'
	# uses: actions/attest-build-provenance@v1
	# with:
	# subject-path: \|
	# dist/aarch64-linux/vorpal
	# dist/x86_64-linux/vorpal

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Implement Linux sandboxes #90

Workflow file

Implement Linux sandboxes #90

Jobs

Run details

Workflow file for this run