From 18762768e25c6b8ad1da50af250cebe640e82c92 Mon Sep 17 00:00:00 2001 From: Paul Jolly Date: Mon, 30 May 2022 13:01:30 +0100 Subject: [PATCH] internal/ci: stop using txtar tests for GitHub actions workflows MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit In the early days of the GitHub actions workflows, prior to unity, the import from the JSON schema source of truth for GitHub actions workflows, and subsequent evaluation of workflow declarations, provided a very good source of test material for changes in the evaluator. At the time, the evaluator and the workflow declarations were both changing a lot. So it made sense to have the generation of the Yaml workflow specifications be based on cmd/cue from the current commit as opposed to a previous version (@master commit or a semantic version). But having to remember to run go generate in order to validate the workflow of updating GitHub actions workflows was a regular footgun. As such we created txtar tests based on the current GitHub actions workflow declarations that then ensured go test _did_ capture the entire workflow: cue/testdata/eval/github.txtar encoding/jsonschema/testdata/github.txtar cmd/cue/cmd/testdata/script/cmd_github.txt However, this is where things got a bit circular and burdensome. The files in the txtar tests needed to be updated following a change to the workflow declarations, just as the expectations needed to be updated following a change to the workflow declarations or the evaluator (or any related tooling). The evaluator has now settled down significantly, taking away one major source of changes. As such, the overhead associated with maintaining txtar tests outweighs any benefits. Instead, we can factor out the txtar tests to equivalents in a unity-tested repository, cue-unit/cue-github-actions. In this CL we therefore: * Base the GitHub Actions workflow on a prior known good version of CUE, v0.4.3. * Split the "vendor" and "import" process into two steps to simplify the process of vendoring these packages into cue-unit/cue-github-actions. * Simplify the command declaration in internal/ci and internal/ci/vendor, most notably using injection vars for OS. * Remove the step of updating txtar tests from internal/ci commands and the associated call from internal/ci/gen.go. * Remove internal/ci/updatetxt which is no longer needed. * Remove the txtar tests listed above. The packages internal/ci/... can then be "vendored" into cue-unit/cue-github-actions as the basis for external, unity-driven tests of this workflow with no loss of code coverage, but a significantly smoother development workflow. Signed-off-by: Paul Jolly Change-Id: I13606d3bf74050d1dbeb87b16713e3a19a66de7e Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/540682 Unity-Result: CUEcueckoo TryBot-Result: CUEcueckoo Reviewed-by: Roger Peppe Reviewed-by: Daniel Martí --- cmd/cue/cmd/testdata/script/cmd_github.txt | 1449 ----------- cue/testdata/eval/github.txtar | 2600 -------------------- encoding/jsonschema/testdata/github.txtar | 2003 --------------- internal/ci/ci_tool.cue | 110 +- internal/ci/gen.go | 3 +- internal/ci/updatetxtar/main.go | 74 - internal/ci/vendor/vendor_tool.cue | 73 +- 7 files changed, 26 insertions(+), 6286 deletions(-) delete mode 100644 cmd/cue/cmd/testdata/script/cmd_github.txt delete mode 100644 cue/testdata/eval/github.txtar delete mode 100644 encoding/jsonschema/testdata/github.txtar delete mode 100644 internal/ci/updatetxtar/main.go diff --git a/cmd/cue/cmd/testdata/script/cmd_github.txt b/cmd/cue/cmd/testdata/script/cmd_github.txt deleted file mode 100644 index 875f85cf684..00000000000 --- a/cmd/cue/cmd/testdata/script/cmd_github.txt +++ /dev/null @@ -1,1449 +0,0 @@ -# A txtar test version of the of the go generate workflow that wraps -# the internal/ci genworkflows CUE command. -# -# Note: all the non-golden files below are updated automatically by -# the internal/ci updateTxtarTests CUE command (with the exception -# of the cue.mod/module.cue file). - -# TODO: drop cd when we solve cuelang.org/issue/708 -cd internal/ci -cue cmd genworkflows - -# TODO: drop cd when we solve cuelang.org/issue/708 -cd ../../ -cmp .github/workflows/release.yml .github/workflows/release.yml.golden -cmp .github/workflows/repository_dispatch.yml .github/workflows/repository_dispatch.yml.golden -cmp .github/workflows/test.yml .github/workflows/test.yml.golden -cmp .github/workflows/tip_triggers.yml .github/workflows/tip_triggers.yml.golden - --- cue.mod/module.cue -- -module: "cuelang.org/go" --- .github/workflows/mirror.yml.golden -- -# Generated by internal/ci/ci_tool.cue; do not edit - -name: Scheduled repo mirror -on: - schedule: - - cron: '*/15 * * * *' -jobs: - mirror: - runs-on: ubuntu-18.04 - defaults: - run: - shell: bash - steps: - - name: Checkout code - uses: actions/checkout@v2 - - name: Mirror Gerrit to GitHub - run: |- - cd _scripts - docker run --rm -v $PWD/cache:/root/copybara/cache -v $PWD:/usr/src/app --entrypoint="" cueckoo/copybara:afc4ae03eed00b0c9d7415141cd1b5dfa583da7c bash -c " \ - set -eu; \ - git config --global user.name cueckoo; \ - git config --global user.email cueckoo@cuelang.org; \ - echo machine github.com login cueckoo password ${{ secrets.CUECKOO_GITHUB_PAT }} >> ~/.netrc; \ - echo machine review.gerrithub.io login cueckoo password ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }} >> ~/.netrc; \ - chmod 600 ~/.netrc; \ - java -jar /opt/copybara/copybara_deploy.jar migrate copy.bara.sky github; \ - " --- .github/workflows/release.yml.golden -- -# Generated by internal/ci/ci_tool.cue; do not edit - -name: Release -"on": - push: - tags: - - v* -jobs: - goreleaser: - runs-on: ubuntu-20.04 - defaults: - run: - shell: bash - steps: - - name: Checkout code - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - name: Install Go - uses: actions/setup-go@v3 - with: - go-version: 1.18.1 - - name: Setup qemu - uses: docker/setup-qemu-action@v1 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - name: Docker Login - uses: docker/login-action@v1 - with: - registry: docker.io - username: cueckoo - password: ${{ secrets.CUECKOO_DOCKER_PAT }} - - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v2 - with: - args: release --rm-dist - version: v1.8.2 - env: - GITHUB_TOKEN: ${{ secrets.CUECKOO_GITHUB_PAT }} - - name: Re-test cuelang.org - run: 'curl -f -s -H "Content-Type: application/json" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary "{\"event_type\":\"Re-test post release of ${GITHUB_REF##refs/tags/}\"}" https://api.github.com/repos/cue-lang/cuelang.org/dispatches' - - name: Trigger unity build - run: 'curl -f -s -H "Content-Type: application/json" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary "{\"event_type\":\"Check against CUE ${GITHUB_REF##refs/tags/}\",\"client_payload\":{\"type\":\"unity\",\"payload\":{\"versions\":\"\\\"${GITHUB_REF##refs/tags/}\\\"\"}}}" https://api.github.com/repos/cue-unity/unity/dispatches' --- .github/workflows/repository_dispatch.yml.golden -- -# Generated by internal/ci/ci_tool.cue; do not edit - -name: Repository Dispatch -"on": - - repository_dispatch -jobs: - runtrybot: - runs-on: ubuntu-20.04 - defaults: - run: - shell: bash - if: ${{ github.event.client_payload.type == 'runtrybot' }} - steps: - - name: Write netrc file for cueckoo Gerrithub - run: |- - cat < ~/.netrc - machine review.gerrithub.io - login cueckoo - password ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }} - EOD - chmod 600 ~/.netrc - - name: Trigger trybot - run: |- - mkdir tmpgit - cd tmpgit - git init - git config user.name cueckoo - git config user.email cueckoo@gmail.com - git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)" - git fetch https://review.gerrithub.io/a/cue-lang/cue ${{ github.event.client_payload.payload.ref }} - git checkout -b ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} FETCH_HEAD - git push https://github.com/cue-lang/cue ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} --- .github/workflows/test.yml.golden -- -# Generated by internal/ci/ci_tool.cue; do not edit - -name: Test -"on": - push: - branches: - - '**' - tags-ignore: - - v* - pull_request: {} -jobs: - start: - runs-on: ubuntu-20.04 - defaults: - run: - shell: bash - steps: - - if: ${{ startsWith(github.ref, 'refs/heads/ci/') }} - name: Write netrc file for cueckoo Gerrithub - run: |- - cat < ~/.netrc - machine review.gerrithub.io - login cueckoo - password ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }} - EOD - chmod 600 ~/.netrc - - if: ${{ startsWith(github.ref, 'refs/heads/ci/') }} - name: Update Gerrit CL message with starting message - run: 'curl -f -s -n -H "Content-Type: application/json" --request POST --data "{\"tag\":\"trybot\",\"message\":\"Started the build... see progress at ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\"}" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review' - test: - needs: start - strategy: - fail-fast: false - matrix: - go-version: - - 1.17.x - - 1.18.x - os: - - ubuntu-20.04 - - macos-11 - - windows-2022 - runs-on: ${{ matrix.os }} - defaults: - run: - shell: bash - steps: - - name: Write netrc file for cueckoo Gerrithub - run: |- - cat < ~/.netrc - machine review.gerrithub.io - login cueckoo - password ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }} - EOD - chmod 600 ~/.netrc - - name: Install Go - uses: actions/setup-go@v3 - with: - go-version: ${{ matrix.go-version }} - - name: Checkout code - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.sha }} - - if: matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' - name: Early git and code sanity checks - run: |- - # Ensure the recent commit messages have Signed-off-by headers. - # TODO: Remove once this is enforced for admins too; - # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229 - # TODO: Our --max-count here is just 1, because we've made mistakes very - # recently. Increase it to 5 or 10 soon, to also cover CL chains. - for commit in $(git rev-list --max-count=1 HEAD); do - if ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then - echo -e " - Recent commit is lacking Signed-off-by: - " - git show --quiet $commit - exit 1 - fi - done - - name: Cache Go modules - uses: actions/cache@v3 - with: - path: ~/go/pkg/mod - key: ${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-${{ matrix.go-version }}-go- - - if: ${{ github.ref == 'refs/heads/master' }} - run: echo CUE_LONG=true >> $GITHUB_ENV - - if: matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' - name: Generate - run: go generate ./... - - name: Test - run: go test ./... - - if: matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' - name: Check - run: go vet ./... - - if: ${{ matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' }} - name: Test with -race - run: go test -race ./... - - name: Check that git is clean post generate and tests - run: test -z "$(git status --porcelain)" || (git status; git diff; false) - - if: ${{ github.ref == 'refs/heads/master' }} - name: Pull this commit through the proxy on master - run: |- - v=$(git rev-parse HEAD) - cd $(mktemp -d) - go mod init mod.com - GOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v - - if: ${{ startsWith(github.ref, 'refs/heads/ci/') && failure() }} - name: Post any failures for this matrix entry - run: 'curl -f -s -n -H "Content-Type: application/json" --request POST --data "{\"tag\":\"trybot\",\"message\":\"Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details\",\"labels\":{\"TryBot-Result\":-1}}" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review' - mark_ci_success: - runs-on: ubuntu-20.04 - if: ${{ startsWith(github.ref, 'refs/heads/ci/') }} - needs: test - defaults: - run: - shell: bash - steps: - - name: Write netrc file for cueckoo Gerrithub - run: |- - cat < ~/.netrc - machine review.gerrithub.io - login cueckoo - password ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }} - EOD - chmod 600 ~/.netrc - - name: Update Gerrit CL message with success message - run: 'curl -f -s -n -H "Content-Type: application/json" --request POST --data "{\"tag\":\"trybot\",\"message\":\"Build succeeded for ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\",\"labels\":{\"TryBot-Result\":1}}" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review' - delete_build_branch: - runs-on: ubuntu-20.04 - if: ${{ startsWith(github.ref, 'refs/heads/ci/') && always() }} - needs: test - defaults: - run: - shell: bash - steps: - - run: |- - mkdir tmpgit - cd tmpgit - git init - git config user.name cueckoo - git config user.email cueckoo@gmail.com - git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)" - git push https://github.com/cue-lang/cue :${GITHUB_REF#refs/heads/} --- .github/workflows/tip_triggers.yml.golden -- -# Generated by internal/ci/ci_tool.cue; do not edit - -name: Push to tip triggers -"on": - push: - branches: - - master -jobs: - push: - runs-on: ubuntu-20.04 - defaults: - run: - shell: bash - steps: - - name: Rebuild tip.cuelang.org - run: curl -f -s -X POST -d {} https://api.netlify.com/build_hooks/${{ secrets.CuelangOrgTipRebuildHook }} - - name: Trigger unity build - run: 'curl -f -s -H "Content-Type: application/json" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary "{\"event_type\":\"Check against ${GITHUB_SHA}\",\"client_payload\":{\"type\":\"unity\",\"payload\":{\"versions\":\"\\\"commit:${GITHUB_SHA}\\\"\"}}}" https://api.github.com/repos/cue-unity/unity/dispatches' --- internal/ci/ci_tool.cue -- -// Copyright 2021 The CUE Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package ci - -import ( - "path" - - "encoding/yaml" - - "tool/exec" - "tool/file" - "tool/os" -) - -// genworkflows regenerates the GitHub workflow Yaml definitions. -// -// See internal/ci/gen.go for details on how this step fits into the sequence -// of generating our CI workflow definitions, and updating various txtar tests -// with files from that process. -// -// Until we have a resolution for cuelang.org/issue/704 and -// cuelang.org/issue/708 this must be run from the internal/ci package. At -// which point we can switch to using _#modroot. -// -// This also explains why the ../../ relative path specification below appear -// wrong in the context of the containing directory internal/ci/vendor. -command: genworkflows: { - goos: _#goos - - for w in workflows { - "\(w.file)": file.Create & { - _dir: path.FromSlash("../../.github/workflows", path.Unix) - filename: path.Join([_dir, w.file], goos.GOOS) - contents: """ - # Generated by internal/ci/ci_tool.cue; do not edit - - \(yaml.Marshal(w.schema)) - """ - } - } -} - -// updateTxtarTests ensures certain txtar tests are updated with the -// relevant files that make up the process of generating our CI -// workflows. -// -// See internal/ci/gen.go for details on how this step fits into the sequence -// of generating our CI workflow definitions, and updating various txtar tests -// with files from that process. -// -// Until we have a resolution for cuelang.org/issue/704 and -// cuelang.org/issue/708 this must be run from the internal/ci package. At -// which point we can switch to using _#modroot. -// -// This also explains why the ../../ relative path specification below appear -// wrong in the context of the containing directory internal/ci/vendor. -command: updateTxtarTests: { - goos: _#goos - - readJSONSchema: file.Read & { - _path: path.FromSlash("../../cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue", path.Unix) - filename: path.Join([_path], goos.GOOS) - contents: string - } - cueDefInternalCI: exec.Run & { - cmd: "go run cuelang.org/go/cmd/cue def cuelang.org/go/internal/ci" - stdout: string - } - // updateEvalTxtarTest updates the cue/testdata/eval testscript which exercises - // the evaluation of the workflows defined in internal/ci (which by definition - // means resolving and using the vendored GitHub Workflow schema) - updateEvalTxtarTest: { - _relpath: path.FromSlash("../../cue/testdata/eval/github.txtar", path.Unix) - _path: path.Join([_relpath], goos.GOOS) - - githubSchema: exec.Run & { - stdin: readJSONSchema.contents - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue" - } - defWorkflows: exec.Run & { - $after: githubSchema - stdin: cueDefInternalCI.stdout - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) workflows.cue" - } - } - // When we have a solution for cuelang.org/issue/709 we can make this a - // file.Glob. Ultimately it would be better to be able to do a cue def - // on the tool "package" - readToolsFile: file.Read & { - filename: "ci_tool.cue" - contents: string - } - updateCmdCueCmdTxtarTest: { - _relpath: path.FromSlash("../../cmd/cue/cmd/testdata/script/cmd_github.txt", path.Unix) - _path: path.Join([_relpath], goos.GOOS) - - githubSchema: exec.Run & { - stdin: readJSONSchema.contents - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue" - } - defWorkflows: exec.Run & { - $after: githubSchema - stdin: cueDefInternalCI.stdout - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) internal/ci/workflows.cue" - } - toolsFile: exec.Run & { - stdin: readToolsFile.contents - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) internal/ci/\(readToolsFile.filename)" - } - } -} - -// _#modroot is a common helper to get the module root -// -// TODO: use once we have a solution to cuelang.org/issue/704. -// This will then allow us to remove the use of .. below. -_#modroot: exec.Run & { - cmd: "go list -m -f {{.Dir}}" - stdout: string -} - -// Until we have the ability to inject contextual information -// we need to pass in GOOS explicitly. Either by environment -// variable (which we get for free when this is used via go generate) -// or via a tag in the case you want to manually run the CUE -// command. -_#goos: os.Getenv & { - GOOS: *path.Unix | string @tag(os) -} --- cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue -- -package json - -import "strings" - -#Workflow: { - @jsonschema(schema="http://json-schema.org/draft-07/schema") - null | bool | number | string | [...] | { - // The name of your workflow. GitHub displays the names of your - // workflows on your repository's actions page. If you omit this - // field, GitHub sets the name to the workflow's filename. - name?: string - - // The name of the GitHub event that triggers the workflow. You - // can provide a single event string, array of events, array of - // event types, or an event configuration map that schedules a - // workflow or restricts the execution of a workflow to specific - // files, tags, or branch changes. For a list of available - // events, see - // https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows. - on: #event | [...#event] & [_, ...] | { - // Runs your workflow anytime the check_run event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/checks/runs. - check_run?: #eventObject & { - types?: #types & [..."created" | "rerequested" | "completed" | "requested_action"] | *["created", "rerequested", "completed", "requested_action"] - ... - } - - // Runs your workflow anytime the check_suite event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/checks/suites/. - check_suite?: #eventObject & { - types?: #types & [..."completed" | "requested" | "rerequested"] | *["completed", "requested", "rerequested"] - ... - } - - // Runs your workflow anytime someone creates a branch or tag, - // which triggers the create event. For information about the - // REST API, see - // https://developer.github.com/v3/git/refs/#create-a-reference. - create?: #eventObject - - // Runs your workflow anytime someone deletes a branch or tag, - // which triggers the delete event. For information about the - // REST API, see - // https://developer.github.com/v3/git/refs/#delete-a-reference. - delete?: #eventObject - - // Runs your workflow anytime someone creates a deployment, which - // triggers the deployment event. Deployments created with a - // commit SHA may not have a Git ref. For information about the - // REST API, see - // https://developer.github.com/v3/repos/deployments/. - deployment?: #eventObject - - // Runs your workflow anytime a third party provides a deployment - // status, which triggers the deployment_status event. - // Deployments created with a commit SHA may not have a Git ref. - // For information about the REST API, see - // https://developer.github.com/v3/repos/deployments/#create-a-deployment-status. - deployment_status?: #eventObject - - // Runs your workflow anytime when someone forks a repository, - // which triggers the fork event. For information about the REST - // API, see - // https://developer.github.com/v3/repos/forks/#create-a-fork. - fork?: #eventObject - - // Runs your workflow when someone creates or updates a Wiki page, - // which triggers the gollum event. - gollum?: #eventObject - - // Runs your workflow anytime the issue_comment event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/issues/comments/. - issue_comment?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the issues event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see https://developer.github.com/v3/issues. - issues?: #eventObject & { - types?: #types & [..."opened" | "edited" | "deleted" | "transferred" | "pinned" | "unpinned" | "closed" | "reopened" | "assigned" | "unassigned" | "labeled" | "unlabeled" | "locked" | "unlocked" | "milestoned" | "demilestoned"] | *["opened", "edited", "deleted", "transferred", "pinned", "unpinned", "closed", "reopened", "assigned", "unassigned", "labeled", "unlabeled", "locked", "unlocked", "milestoned", "demilestoned"] - ... - } - - // Runs your workflow anytime the label event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/issues/labels/. - label?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the member event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/repos/collaborators/. - member?: #eventObject & { - types?: #types & [..."added" | "edited" | "deleted"] | *["added", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the milestone event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/issues/milestones/. - milestone?: #eventObject & { - types?: #types & [..."created" | "closed" | "opened" | "edited" | "deleted"] | *["created", "closed", "opened", "edited", "deleted"] - ... - } - - // Runs your workflow anytime someone pushes to a GitHub - // Pages-enabled branch, which triggers the page_build event. For - // information about the REST API, see - // https://developer.github.com/v3/repos/pages/. - page_build?: #eventObject - - // Runs your workflow anytime the project event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see https://developer.github.com/v3/projects/. - project?: #eventObject & { - types?: #types & [..."created" | "updated" | "closed" | "reopened" | "edited" | "deleted"] | *["created", "updated", "closed", "reopened", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the project_card event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/projects/cards. - project_card?: #eventObject & { - types?: #types & [..."created" | "moved" | "converted" | "edited" | "deleted"] | *["created", "moved", "converted", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the project_column event occurs. - // More than one activity type triggers this event. For - // information about the REST API, see - // https://developer.github.com/v3/projects/columns. - project_column?: #eventObject & { - types?: #types & [..."created" | "updated" | "moved" | "deleted"] | *["created", "updated", "moved", "deleted"] - ... - } - - // Runs your workflow anytime someone makes a private repository - // public, which triggers the public event. For information about - // the REST API, see https://developer.github.com/v3/repos/#edit. - public?: #eventObject - - // Runs your workflow anytime the pull_request event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see https://developer.github.com/v3/pulls. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request?: #ref & { - types?: #types & [..."assigned" | "unassigned" | "labeled" | "unlabeled" | "opened" | "edited" | "closed" | "reopened" | "synchronize" | "ready_for_review" | "locked" | "unlocked" | "review_requested" | "review_request_removed"] | *["opened", "synchronize", "reopened"] - - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^(types)$"]: _} - } - - // Runs your workflow anytime the pull_request_review event - // occurs. More than one activity type triggers this event. For - // information about the REST API, see - // https://developer.github.com/v3/pulls/reviews. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request_review?: #eventObject & { - types?: #types & [..."submitted" | "edited" | "dismissed"] | *["submitted", "edited", "dismissed"] - ... - } - - // Runs your workflow anytime a comment on a pull request's - // unified diff is modified, which triggers the - // pull_request_review_comment event. More than one activity type - // triggers this event. For information about the REST API, see - // https://developer.github.com/v3/pulls/comments. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request_review_comment?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // This event is similar to pull_request, except that it runs in - // the context of the base repository of the pull request, rather - // than in the merge commit. This means that you can more safely - // make your secrets available to the workflows triggered by the - // pull request, because only workflows defined in the commit on - // the base repository are run. For example, this event allows - // you to create workflows that label and comment on pull - // requests, based on the contents of the event payload. - pull_request_target?: #ref & { - types?: #types & [..."assigned" | "unassigned" | "labeled" | "unlabeled" | "opened" | "edited" | "closed" | "reopened" | "synchronize" | "ready_for_review" | "locked" | "unlocked" | "review_requested" | "review_request_removed"] | *["opened", "synchronize", "reopened"] - - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^(types)$"]: _} - } - - // Runs your workflow when someone pushes to a repository branch, - // which triggers the push event. - // Note: The webhook payload available to GitHub Actions does not - // include the added, removed, and modified attributes in the - // commit object. You can retrieve the full commit object using - // the REST API. For more information, see - // https://developer.github.com/v3/repos/commits/#get-a-single-commit. - push?: #ref & { - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^()$"]: _} - } - - // Runs your workflow anytime a package is published or updated. - // For more information, see - // https://help.github.com/en/github/managing-packages-with-github-packages. - registry_package?: #eventObject & { - types?: #types & [..."published" | "updated"] | *["published", "updated"] - ... - } - - // Runs your workflow anytime the release event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/repos/releases/ in the GitHub - // Developer documentation. - release?: #eventObject & { - types?: #types & [..."published" | "unpublished" | "created" | "edited" | "deleted" | "prereleased" | "released"] | *["published", "unpublished", "created", "edited", "deleted", "prereleased", "released"] - ... - } - - // Runs your workflow anytime the status of a Git commit changes, - // which triggers the status event. For information about the - // REST API, see https://developer.github.com/v3/repos/statuses/. - status?: #eventObject - - // Runs your workflow anytime the watch event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/activity/starring/. - watch?: #eventObject - - // You can now create workflows that are manually triggered with - // the new workflow_dispatch event. You will then see a 'Run - // workflow' button on the Actions tab, enabling you to easily - // trigger a run. - workflow_dispatch?: null | bool | number | string | [...] | { - // Input parameters allow you to specify data that the action - // expects to use during runtime. GitHub stores input parameters - // as environment variables. Input ids with uppercase letters are - // converted to lowercase during runtime. We recommended using - // lowercase input ids. - inputs?: { - {[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$" & !~"^()$"]: { - // A string description of the input parameter. - description: string - - // A string shown to users using the deprecated input. - deprecationMessage?: string - - // A boolean to indicate whether the action requires the input - // parameter. Set to true when the parameter is required. - required: bool - - // A string representing the default value. The default value is - // used when an input parameter isn't specified in a workflow - // file. - default?: string - }} - } - ... - } - - // This event occurs when a workflow run is requested or - // completed, and allows you to execute a workflow based on the - // finished result of another workflow. For example, if your - // pull_request workflow generates build artifacts, you can - // create a new workflow that uses workflow_run to analyze the - // results and add a comment to the original pull request. - workflow_run?: #eventObject & { - types?: #types & [..."requested" | "completed"] | *["requested", "completed"] - workflows?: [...string] & [_, ...] - - {[=~"^branches(-ignore)?$" & !~"^(types|workflows)$"]: _} - ... - } - - // You can use the GitHub API to trigger a webhook event called - // repository_dispatch when you want to trigger a workflow for - // activity that happens outside of GitHub. For more information, - // see - // https://developer.github.com/v3/repos/#create-a-repository-dispatch-event. - // To trigger the custom repository_dispatch webhook event, you - // must send a POST request to a GitHub API endpoint and provide - // an event_type name to describe the activity type. To trigger a - // workflow run, you must also configure your workflow to use the - // repository_dispatch event. - repository_dispatch?: #eventObject - - // You can schedule a workflow to run at specific UTC times using - // POSIX cron syntax - // (https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07). - // Scheduled workflows run on the latest commit on the default or - // base branch. The shortest interval you can run scheduled - // workflows is once every 5 minutes. - // Note: GitHub Actions does not support the non-standard syntax - // @yearly, @monthly, @weekly, @daily, @hourly, and @reboot. - // You can use crontab guru (https://crontab.guru/). to help - // generate your cron syntax and confirm what time it will run. - // To help you get started, there is also a list of crontab guru - // examples (https://crontab.guru/examples.html). - schedule?: [...null | bool | number | string | [...] | { - cron?: =~"^(((\\d+,)+\\d+|((\\d+|\\*)\\/\\d+|JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC)|(\\d+-\\d+)|\\d+|\\*|MON|TUE|WED|THU|FRI|SAT|SUN) ?){5,7}$" - }] & [_, ...] - } - - // A map of environment variables that are available to all jobs - // and steps in the workflow. - env?: #env - - // A map of default settings that will apply to all jobs in the - // workflow. - defaults?: #defaults - - // A workflow run is made up of one or more jobs. Jobs run in - // parallel by default. To run jobs sequentially, you can define - // dependencies on other jobs using the jobs..needs - // keyword. - // Each job runs in a fresh instance of the virtual environment - // specified by runs-on. - // You can run an unlimited number of jobs as long as you are - // within the workflow usage limits. For more information, see - // https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#usage-limits. - jobs: { - {[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$" & !~"^()$"]: { - // The name of the job displayed on GitHub. - name?: string - - // Identifies any jobs that must complete successfully before this - // job will run. It can be a string or array of strings. If a job - // fails, all jobs that need it are skipped unless the jobs use a - // conditional statement that causes the job to continue. - needs?: [...#name] & [_, ...] | #name - - // The type of machine to run the job on. The machine can be - // either a GitHub-hosted runner, or a self-hosted runner. - "runs-on": "macos-10.15" | "macos-11.0" | "macos-latest" | "self-hosted" | "ubuntu-16.04" | "ubuntu-18.04" | "ubuntu-20.04" | "ubuntu-latest" | "windows-2016" | "windows-2019" | "windows-latest" | (["self-hosted"] | ["self-hosted", #machine] | ["self-hosted", #architecture] | ["self-hosted", #machine, #architecture] | ["self-hosted", #architecture, #machine]) & [...] | #expressionSyntax - - // The environment that the job references. - environment?: string | #environment - - // A map of outputs for a job. Job outputs are available to all - // downstream jobs that depend on this job. - outputs?: { - [string]: string - } - - // A map of environment variables that are available to all steps - // in the job. - env?: #env - - // A map of default settings that will apply to all steps in the - // job. - defaults?: #defaults - - // You can use the if conditional to prevent a job from running - // unless a condition is met. You can use any supported context - // and expression to create a conditional. - // Expressions in an if conditional do not require the ${{ }} - // syntax. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - if?: string - - // A job contains a sequence of tasks called steps. Steps can run - // commands, run setup tasks, or run an action in your - // repository, a public repository, or an action published in a - // Docker registry. Not all steps run actions, but all actions - // run as a step. Each step runs in its own process in the - // virtual environment and has access to the workspace and - // filesystem. Because steps run in their own process, changes to - // environment variables are not preserved between steps. GitHub - // provides built-in steps to set up and complete a job. - steps?: [...{ - // A unique identifier for the step. You can use the id to - // reference the step in contexts. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - id?: string - - // You can use the if conditional to prevent a step from running - // unless a condition is met. You can use any supported context - // and expression to create a conditional. - // Expressions in an if conditional do not require the ${{ }} - // syntax. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - if?: string - - // A name for your step to display on GitHub. - name?: string - - // Selects an action to run as part of a step in your job. An - // action is a reusable unit of code. You can use an action - // defined in the same repository as the workflow, a public - // repository, or in a published Docker container image - // (https://hub.docker.com/). - // We strongly recommend that you include the version of the - // action you are using by specifying a Git ref, SHA, or Docker - // tag number. If you don't specify a version, it could break - // your workflows or cause unexpected behavior when the action - // owner publishes an update. - // - Using the commit SHA of a released action version is the - // safest for stability and security. - // - Using the specific major action version allows you to receive - // critical fixes and security patches while still maintaining - // compatibility. It also assures that your workflow should still - // work. - // - Using the master branch of an action may be convenient, but - // if someone releases a new major version with a breaking - // change, your workflow could break. - // Some actions require inputs that you must set using the with - // keyword. Review the action's README file to determine the - // inputs required. - // Actions are either JavaScript files or Docker containers. If - // the action you're using is a Docker container you must run the - // job in a Linux virtual environment. For more details, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - uses?: string - - // Runs command-line programs using the operating system's shell. - // If you do not provide a name, the step name will default to - // the text specified in the run command. - // Commands run using non-login shells by default. You can choose - // a different shell and customize the shell used to run - // commands. For more information, see - // https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#using-a-specific-shell. - // Each run keyword represents a new process and shell in the - // virtual environment. When you provide multi-line commands, - // each line runs in the same shell. - run?: string, "working-directory"?: #["working-directory"], shell?: #shell - - // A map of the input parameters defined by the action. Each input - // parameter is a key/value pair. Input parameters are set as - // environment variables. The variable is prefixed with INPUT_ - // and converted to upper case. - with?: #env & { - args?: string, entrypoint?: string, ... - } - - // Sets environment variables for steps to use in the virtual - // environment. You can also set environment variables for the - // entire workflow or a job. - env?: #env - - // Prevents a job from failing when a step fails. Set to true to - // allow a job to pass when this step fails. - "continue-on-error"?: bool | #expressionSyntax | *false - - // The maximum number of minutes to run the step before killing - // the process. - "timeout-minutes"?: number - }] & [_, ...] - - // The maximum number of minutes to let a workflow run before - // GitHub automatically cancels it. Default: 360 - "timeout-minutes"?: number | *360 - - // A strategy creates a build matrix for your jobs. You can define - // different variations of an environment to run each job in. - strategy?: { - // A build matrix is a set of different configurations of the - // virtual environment. For example you might run a job against - // more than one supported version of a language, operating - // system, or tool. Each configuration is a copy of the job that - // runs and reports a status. - // You can specify a matrix by supplying an array for the - // configuration options. For example, if the GitHub virtual - // environment supports Node.js versions 6, 8, and 10 you could - // specify an array of those versions in the matrix. - // When you define a matrix of operating systems, you must set the - // required runs-on keyword to the operating system of the - // current job, rather than hard-coding the operating system - // name. To access the operating system name, you can use the - // matrix.os context parameter to set runs-on. For more - // information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - matrix: ({ - ... - } | #expressionSyntax) & { - {[=~"^(in|ex)clude$" & !~"^()$"]: [...{ - [string]: #configuration - }] & [_, ...]} - {[!~"^(in|ex)clude$" & !~"^()$"]: [...#configuration] & [_, ...]} - } - - // When set to true, GitHub cancels all in-progress jobs if any - // matrix job fails. Default: true - "fail-fast"?: bool | *true - - // The maximum number of jobs that can run simultaneously when - // using a matrix job strategy. By default, GitHub will maximize - // the number of jobs run in parallel depending on the available - // runners on GitHub-hosted virtual machines. - "max-parallel"?: number - } - - // Prevents a workflow run from failing when a job fails. Set to - // true to allow a workflow run to pass when this job fails. - "continue-on-error"?: bool | #expressionSyntax - - // A container to run any steps in a job that don't already - // specify a container. If you have steps that use both script - // and container actions, the container actions will run as - // sibling containers on the same network with the same volume - // mounts. - // If you do not set a container, all steps will run directly on - // the host specified by runs-on unless a step refers to an - // action configured to run in a container. - container?: string | #container - - // Additional containers to host services for a job in a workflow. - // These are useful for creating databases or cache services like - // redis. The runner on the virtual machine will automatically - // create a network and manage the life cycle of the service - // containers. - // When you use a service container for a job or your step uses - // container actions, you don't need to set port information to - // access the service. Docker automatically exposes all ports - // between containers on the same network. - // When both the job and the action run in a container, you can - // directly reference the container by its hostname. The hostname - // is automatically mapped to the service name. - // When a step does not use a container action, you must access - // the service using localhost and bind the ports. - services?: { - [string]: #container - } - }} - } - } - - #architecture: "ARM32" | "x64" | "x86" - - #branch: #globs - - #configuration: string | number | bool | { - [string]: #configuration - } | [...#configuration] - - #container: { - // The Docker image to use as the container to run the action. The - // value can be the Docker Hub image name or a registry name. - image: string - - // If the image's container registry requires authentication to - // pull the image, you can use credentials to set a map of the - // username and password. The credentials are the same values - // that you would provide to the `docker login` command. - credentials?: { - username?: string - password?: string - ... - } - - // Sets an array of environment variables in the container. - env?: #env - - // Sets an array of ports to expose on the container. - ports?: [...number | string] & [_, ...] - - // Sets an array of volumes for the container to use. You can use - // volumes to share data between services or other steps in a - // job. You can specify named Docker volumes, anonymous Docker - // volumes, or bind mounts on the host. - // To specify a volume, you specify the source and destination - // path: : - // The is a volume name or an absolute path on the host - // machine, and is an absolute path in the - // container. - volumes?: [...=~"^[^:]+:[^:]+$"] & [_, ...] - - // Additional Docker container resource options. For a list of - // options, see - // https://docs.docker.com/engine/reference/commandline/create/#options. - options?: string - } - - #defaults: run?: { - shell?: #shell - "working-directory"?: #["working-directory"] - } - - #env: [string]: bool | number | string - - #environment: { - // The name of the environment configured in the repo. - name: string - - // A deployment URL - url?: string - } - - #event: "check_run" | "check_suite" | "create" | "delete" | "deployment" | "deployment_status" | "fork" | "gollum" | "issue_comment" | "issues" | "label" | "member" | "milestone" | "page_build" | "project" | "project_card" | "project_column" | "public" | "pull_request" | "pull_request_review" | "pull_request_review_comment" | "pull_request_target" | "push" | "registry_package" | "release" | "status" | "watch" | "workflow_dispatch" | "workflow_run" | "repository_dispatch" - - #eventObject: null | { - ... - } - - #expressionSyntax: =~"^\\$\\{\\{.*\\}\\}$" - - #globs: [...strings.MinRunes(1)] & [_, ...] - - #machine: "linux" | "macos" | "windows" - - #name: =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" - - #path: #globs - - #ref: null | { - branches?: #branch - "branches-ignore"?: #branch - tags?: #branch - "tags-ignore"?: #branch - paths?: #path - "paths-ignore"?: #path - ... - } - - #shell: (string | ("bash" | "pwsh" | "python" | "sh" | "cmd" | "powershell")) & string - - #types: [_, ...] - - #: "working-directory": string -} --- internal/ci/workflows.cue -- -package ci - -import ( - "github.com/SchemaStore/schemastore/src/schemas/json" - "strconv" - encjson "encoding/json" -) - -workflowsDir: *"./" | string @tag(workflowsDir) -_#masterBranch: "master" -_#releaseTagPattern: "v*" -workflows: [...{ - file: string - schema: json.#Workflow -}] & [{ - file: "test.yml" - schema: test -}, { - file: "repository_dispatch.yml" - schema: repository_dispatch -}, { - file: "release.yml" - schema: release -}, { - file: "tip_triggers.yml" - schema: tip_triggers -}] -test: _#bashWorkflow & { - name: "Test" - on: { - push: { - branches: ["**"] - "tags-ignore": [_#releaseTagPattern] - } - pull_request: {} - } - jobs: { - start: { - "runs-on": _#linuxMachine - steps: [..._ & { - if: "${{ \(_#isCLCITestBranch) }}" - }] & [_#writeNetrcFile, _#startCLBuild] - } - test: { - needs: "start" - strategy: _#testStrategy - "runs-on": "${{ matrix.os }}" - steps: [_#writeNetrcFile, _#installGo, _#checkoutCode & { - with: ref: "${{ github.event.pull_request.head.sha }}" - }, _#earlyChecks, _#cacheGoModules, _#step & { - if: "${{ \(_#isMaster) }}" - run: "echo CUE_LONG=true >> $GITHUB_ENV" - }, _#goGenerate, _#goTest, _#goCheck, _#goTestRace & { - if: "${{ matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)' }}" - }, _#checkGitClean, _#pullThroughProxy, _#failCLBuild] - } - mark_ci_success: { - "runs-on": _#linuxMachine - if: "${{ \(_#isCLCITestBranch) }}" - needs: "test" - steps: [_#writeNetrcFile, _#passCLBuild] - } - delete_build_branch: { - "runs-on": _#linuxMachine - if: "${{ \(_#isCLCITestBranch) && always() }}" - needs: "test" - steps: [_#step & { - run: """ - \(_#tempCueckooGitDir) - git push https://github.com/cue-lang/cue :${GITHUB_REF#\(_#branchRefPrefix)} - """ - }] - } - } - - // _#isCLCITestBranch is an expression that evaluates to true - // if the job is running as a result of a CL triggered CI build - _#isCLCITestBranch: "startsWith(github.ref, '\(_#branchRefPrefix)ci/')" - - // _#isMaster is an expression that evaluates to true if the - // job is running as a result of a master commit push - _#isMaster: "github.ref == '\(_#branchRefPrefix+_#masterBranch)'" - _#pullThroughProxy: _#step & { - name: "Pull this commit through the proxy on \(_#masterBranch)" - run: """ - v=$(git rev-parse HEAD) - cd $(mktemp -d) - go mod init mod.com - GOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v - """ - if: "${{ \(_#isMaster) }}" - } - _#startCLBuild: _#step & { - name: "Update Gerrit CL message with starting message" - run: (_#gerrit._#setCodeReview & { - #args: { - message: "Started the build... see progress at ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" - } - }).res - } - _#failCLBuild: _#step & { - if: "${{ \(_#isCLCITestBranch) && failure() }}" - name: "Post any failures for this matrix entry" - run: (_#gerrit._#setCodeReview & { - #args: { - message: "Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details" - labels: "TryBot-Result": -1 - } - }).res - } - _#passCLBuild: _#step & { - name: "Update Gerrit CL message with success message" - run: (_#gerrit._#setCodeReview & { - #args: { - message: "Build succeeded for ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" - labels: "TryBot-Result": 1 - } - }).res - } - _#gerrit: { - // _#setCodeReview assumes that it is invoked from a job where - // _#isCLCITestBranch is true - _#setCodeReview: { - #args: { - tag: "trybot" - message: string - labels?: "TryBot-Result": int - } - res: "\(_#curl) -n -H \"Content-Type: application/json\" --request POST --data \(strconv.Quote(encjson.Marshal(#args))) https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" - } - } -} -repository_dispatch: _#bashWorkflow & { - // These constants are defined by github.com/cue-sh/tools/cmd/cueckoo - _#runtrybot: "runtrybot" - _#unity: "unity" - _#dispatchJob: _#job & { - _#type: string - "runs-on": _#linuxMachine - if: "${{ github.event.client_payload.type == '\(_#type)' }}" - } - name: "Repository Dispatch" - on: ["repository_dispatch"] - jobs: "\(_#runtrybot)": _#dispatchJob & { - _#type: _#runtrybot - steps: [_#writeNetrcFile, _#step & { - name: "Trigger trybot" - run: """ - \(_#tempCueckooGitDir) - git fetch https://review.gerrithub.io/a/cue-lang/cue ${{ github.event.client_payload.payload.ref }} - git checkout -b ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} FETCH_HEAD - git push https://github.com/cue-lang/cue ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} - """ - }] - } -} -release: _#bashWorkflow & { - name: "Release" - on: push: tags: [_#releaseTagPattern] - jobs: goreleaser: { - "runs-on": _#linuxMachine - steps: [_#checkoutCode & { - with: "fetch-depth": 0 - }, _#installGo & { - with: "go-version": _#pinnedReleaseGo - }, _#step & { - name: "Setup qemu" - uses: "docker/setup-qemu-action@v1" - }, _#step & { - name: "Set up Docker Buildx" - uses: "docker/setup-buildx-action@v1" - }, _#step & { - name: "Docker Login" - uses: "docker/login-action@v1" - with: { - registry: "docker.io" - username: "cueckoo" - password: "${{ secrets.CUECKOO_DOCKER_PAT }}" - } - }, _#step & { - name: "Run GoReleaser" - env: GITHUB_TOKEN: "${{ secrets.CUECKOO_GITHUB_PAT }}" - uses: "goreleaser/goreleaser-action@v2" - with: { - args: "release --rm-dist" - version: "v1.8.2" - } - }, _#step & { - _#arg: { - event_type: "Re-test post release of ${GITHUB_REF##refs/tags/}" - } - name: "Re-test cuelang.org" - run: "\(_#curl) -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(strconv.Quote(encjson.Marshal(_#arg))) https://api.github.com/repos/cue-lang/cuelang.org/dispatches" - }, _#step & { - _#arg: { - event_type: "Check against CUE ${GITHUB_REF##refs/tags/}" - client_payload: { - type: "unity" - payload: versions: """ - "${GITHUB_REF##refs/tags/}" - """ - } - } - name: "Trigger unity build" - run: "\(_#curl) -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(strconv.Quote(encjson.Marshal(_#arg))) https://api.github.com/repos/cue-unity/unity/dispatches" - }] - } -} -tip_triggers: _#bashWorkflow & { - name: "Push to tip triggers" - on: push: branches: [_#masterBranch] - jobs: push: { - "runs-on": _#linuxMachine - steps: [{ - name: "Rebuild tip.cuelang.org" - run: "\(_#curl) -X POST -d {} https://api.netlify.com/build_hooks/${{ secrets.CuelangOrgTipRebuildHook }}" - }, { - _#arg: { - event_type: "Check against ${GITHUB_SHA}" - client_payload: { - type: "unity" - payload: versions: """ - "commit:${GITHUB_SHA}" - """ - } - } - name: "Trigger unity build" - run: "\(_#curl) -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(strconv.Quote(encjson.Marshal(_#arg))) https://api.github.com/repos/cue-unity/unity/dispatches" - }] - } -} -_#bashWorkflow: json.#Workflow & { - jobs: [string]: defaults: run: shell: "bash" -} - -// TODO: drop when cuelang.org/issue/390 is fixed. -// Declare definitions for sub-schemas -_#job: ((json.#Workflow & {}).jobs & { - x: _ -}).x -_#step: ((_#job & { - steps: _ -}).steps & [_])[0] - -// Use the latest Go version for extra checks, -// such as running tests with the data race detector. -_#latestStableGo: "1.18.x" - -// Use a specific latest version for release builds. -// Note that we don't want ".x" for the sake of reproducibility, -// so we instead pin a specific Go release. -_#pinnedReleaseGo: "1.18.1" -_#linuxMachine: "ubuntu-20.04" -_#macosMachine: "macos-11" -_#windowsMachine: "windows-2022" -_#testStrategy: { - "fail-fast": false - matrix: { - "go-version": ["1.17.x", _#latestStableGo] - os: [_#linuxMachine, _#macosMachine, _#windowsMachine] - } -} -_#installGo: _#step & { - name: "Install Go" - uses: "actions/setup-go@v3" - with: "go-version": *"${{ matrix.go-version }}" | string -} -_#checkoutCode: _#step & { - name: "Checkout code" - uses: "actions/checkout@v3" -} -_#earlyChecks: _#step & { - name: "Early git and code sanity checks" - run: """ - # Ensure the recent commit messages have Signed-off-by headers. - # TODO: Remove once this is enforced for admins too; - # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229 - # TODO: Our --max-count here is just 1, because we've made mistakes very - # recently. Increase it to 5 or 10 soon, to also cover CL chains. - for commit in $(git rev-list --max-count=1 HEAD); do - if ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then - echo -e "\nRecent commit is lacking Signed-off-by:\n" - git show --quiet $commit - exit 1 - fi - done - """ - // These checks don't vary based on the Go version or OS, - // so we only need to run them on one of the matrix jobs. - if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" -} -_#cacheGoModules: _#step & { - name: "Cache Go modules" - uses: "actions/cache@v3" - with: { - path: "~/go/pkg/mod" - key: "${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}" - "restore-keys": """ - ${{ runner.os }}-${{ matrix.go-version }}-go- - """ - } -} -_#goGenerate: _#step & { - name: "Generate" - run: "go generate ./..." - // The Go version corresponds to the precise version specified in - // the matrix. Skip windows for now until we work out why re-gen is flaky - if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" -} -_#goTest: _#step & { - name: "Test" - run: "go test ./..." -} -_#goCheck: _#step & { - // These checks can vary between platforms, as different code can be built - // based on GOOS and GOARCH build tags. - // However, CUE does not have any such build tags yet, and we don't use - // dependencies that vary wildly between platforms. - // For now, to save CI resources, just run the checks on one matrix job. - // TODO: consider adding more checks as per https://github.com/golang/go/issues/42119. - if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" - name: "Check" - run: "go vet ./..." -} -_#goTestRace: _#step & { - name: "Test with -race" - run: "go test -race ./..." -} -_#checkGitClean: _#step & { - name: "Check that git is clean post generate and tests" - run: "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" -} -_#writeNetrcFile: _#step & { - name: "Write netrc file for cueckoo Gerrithub" - run: """ - cat < ~/.netrc - machine review.gerrithub.io - login cueckoo - password ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }} - EOD - chmod 600 ~/.netrc - """ -} -_#branchRefPrefix: "refs/heads/" -_#tempCueckooGitDir: """ - mkdir tmpgit - cd tmpgit - git init - git config user.name cueckoo - git config user.email cueckoo@gmail.com - git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)" - """ -_#curl: "curl -f -s" diff --git a/cue/testdata/eval/github.txtar b/cue/testdata/eval/github.txtar deleted file mode 100644 index 314deb03d08..00000000000 --- a/cue/testdata/eval/github.txtar +++ /dev/null @@ -1,2600 +0,0 @@ -#noformat - -# A txtar test version of evaluation phase of the process behind our -# CI workflow generation. -# -# Note: all the non-golden files below are updated automatically by -# the internal/ci updateTxtarTests CUE command (with the exception -# of the cue.mod/module.cue file). - --- workflows.cue -- -package ci - -import ( - "github.com/SchemaStore/schemastore/src/schemas/json" - "strconv" - encjson "encoding/json" -) - -workflowsDir: *"./" | string @tag(workflowsDir) -_#masterBranch: "master" -_#releaseTagPattern: "v*" -workflows: [...{ - file: string - schema: json.#Workflow -}] & [{ - file: "test.yml" - schema: test -}, { - file: "repository_dispatch.yml" - schema: repository_dispatch -}, { - file: "release.yml" - schema: release -}, { - file: "tip_triggers.yml" - schema: tip_triggers -}] -test: _#bashWorkflow & { - name: "Test" - on: { - push: { - branches: ["**"] - "tags-ignore": [_#releaseTagPattern] - } - pull_request: {} - } - jobs: { - start: { - "runs-on": _#linuxMachine - steps: [..._ & { - if: "${{ \(_#isCLCITestBranch) }}" - }] & [_#writeNetrcFile, _#startCLBuild] - } - test: { - needs: "start" - strategy: _#testStrategy - "runs-on": "${{ matrix.os }}" - steps: [_#writeNetrcFile, _#installGo, _#checkoutCode & { - with: ref: "${{ github.event.pull_request.head.sha }}" - }, _#earlyChecks, _#cacheGoModules, _#step & { - if: "${{ \(_#isMaster) }}" - run: "echo CUE_LONG=true >> $GITHUB_ENV" - }, _#goGenerate, _#goTest, _#goCheck, _#goTestRace & { - if: "${{ matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)' }}" - }, _#checkGitClean, _#pullThroughProxy, _#failCLBuild] - } - mark_ci_success: { - "runs-on": _#linuxMachine - if: "${{ \(_#isCLCITestBranch) }}" - needs: "test" - steps: [_#writeNetrcFile, _#passCLBuild] - } - delete_build_branch: { - "runs-on": _#linuxMachine - if: "${{ \(_#isCLCITestBranch) && always() }}" - needs: "test" - steps: [_#step & { - run: """ - \(_#tempCueckooGitDir) - git push https://github.com/cue-lang/cue :${GITHUB_REF#\(_#branchRefPrefix)} - """ - }] - } - } - - // _#isCLCITestBranch is an expression that evaluates to true - // if the job is running as a result of a CL triggered CI build - _#isCLCITestBranch: "startsWith(github.ref, '\(_#branchRefPrefix)ci/')" - - // _#isMaster is an expression that evaluates to true if the - // job is running as a result of a master commit push - _#isMaster: "github.ref == '\(_#branchRefPrefix+_#masterBranch)'" - _#pullThroughProxy: _#step & { - name: "Pull this commit through the proxy on \(_#masterBranch)" - run: """ - v=$(git rev-parse HEAD) - cd $(mktemp -d) - go mod init mod.com - GOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v - """ - if: "${{ \(_#isMaster) }}" - } - _#startCLBuild: _#step & { - name: "Update Gerrit CL message with starting message" - run: (_#gerrit._#setCodeReview & { - #args: { - message: "Started the build... see progress at ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" - } - }).res - } - _#failCLBuild: _#step & { - if: "${{ \(_#isCLCITestBranch) && failure() }}" - name: "Post any failures for this matrix entry" - run: (_#gerrit._#setCodeReview & { - #args: { - message: "Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details" - labels: "TryBot-Result": -1 - } - }).res - } - _#passCLBuild: _#step & { - name: "Update Gerrit CL message with success message" - run: (_#gerrit._#setCodeReview & { - #args: { - message: "Build succeeded for ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" - labels: "TryBot-Result": 1 - } - }).res - } - _#gerrit: { - // _#setCodeReview assumes that it is invoked from a job where - // _#isCLCITestBranch is true - _#setCodeReview: { - #args: { - tag: "trybot" - message: string - labels?: "TryBot-Result": int - } - res: "\(_#curl) -n -H \"Content-Type: application/json\" --request POST --data \(strconv.Quote(encjson.Marshal(#args))) https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" - } - } -} -repository_dispatch: _#bashWorkflow & { - // These constants are defined by github.com/cue-sh/tools/cmd/cueckoo - _#runtrybot: "runtrybot" - _#unity: "unity" - _#dispatchJob: _#job & { - _#type: string - "runs-on": _#linuxMachine - if: "${{ github.event.client_payload.type == '\(_#type)' }}" - } - name: "Repository Dispatch" - on: ["repository_dispatch"] - jobs: "\(_#runtrybot)": _#dispatchJob & { - _#type: _#runtrybot - steps: [_#writeNetrcFile, _#step & { - name: "Trigger trybot" - run: """ - \(_#tempCueckooGitDir) - git fetch https://review.gerrithub.io/a/cue-lang/cue ${{ github.event.client_payload.payload.ref }} - git checkout -b ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} FETCH_HEAD - git push https://github.com/cue-lang/cue ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} - """ - }] - } -} -release: _#bashWorkflow & { - name: "Release" - on: push: tags: [_#releaseTagPattern] - jobs: goreleaser: { - "runs-on": _#linuxMachine - steps: [_#checkoutCode & { - with: "fetch-depth": 0 - }, _#installGo & { - with: "go-version": _#pinnedReleaseGo - }, _#step & { - name: "Setup qemu" - uses: "docker/setup-qemu-action@v1" - }, _#step & { - name: "Set up Docker Buildx" - uses: "docker/setup-buildx-action@v1" - }, _#step & { - name: "Docker Login" - uses: "docker/login-action@v1" - with: { - registry: "docker.io" - username: "cueckoo" - password: "${{ secrets.CUECKOO_DOCKER_PAT }}" - } - }, _#step & { - name: "Run GoReleaser" - env: GITHUB_TOKEN: "${{ secrets.CUECKOO_GITHUB_PAT }}" - uses: "goreleaser/goreleaser-action@v2" - with: { - args: "release --rm-dist" - version: "v1.8.2" - } - }, _#step & { - _#arg: { - event_type: "Re-test post release of ${GITHUB_REF##refs/tags/}" - } - name: "Re-test cuelang.org" - run: "\(_#curl) -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(strconv.Quote(encjson.Marshal(_#arg))) https://api.github.com/repos/cue-lang/cuelang.org/dispatches" - }, _#step & { - _#arg: { - event_type: "Check against CUE ${GITHUB_REF##refs/tags/}" - client_payload: { - type: "unity" - payload: versions: """ - "${GITHUB_REF##refs/tags/}" - """ - } - } - name: "Trigger unity build" - run: "\(_#curl) -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(strconv.Quote(encjson.Marshal(_#arg))) https://api.github.com/repos/cue-unity/unity/dispatches" - }] - } -} -tip_triggers: _#bashWorkflow & { - name: "Push to tip triggers" - on: push: branches: [_#masterBranch] - jobs: push: { - "runs-on": _#linuxMachine - steps: [{ - name: "Rebuild tip.cuelang.org" - run: "\(_#curl) -X POST -d {} https://api.netlify.com/build_hooks/${{ secrets.CuelangOrgTipRebuildHook }}" - }, { - _#arg: { - event_type: "Check against ${GITHUB_SHA}" - client_payload: { - type: "unity" - payload: versions: """ - "commit:${GITHUB_SHA}" - """ - } - } - name: "Trigger unity build" - run: "\(_#curl) -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(strconv.Quote(encjson.Marshal(_#arg))) https://api.github.com/repos/cue-unity/unity/dispatches" - }] - } -} -_#bashWorkflow: json.#Workflow & { - jobs: [string]: defaults: run: shell: "bash" -} - -// TODO: drop when cuelang.org/issue/390 is fixed. -// Declare definitions for sub-schemas -_#job: ((json.#Workflow & {}).jobs & { - x: _ -}).x -_#step: ((_#job & { - steps: _ -}).steps & [_])[0] - -// Use the latest Go version for extra checks, -// such as running tests with the data race detector. -_#latestStableGo: "1.18.x" - -// Use a specific latest version for release builds. -// Note that we don't want ".x" for the sake of reproducibility, -// so we instead pin a specific Go release. -_#pinnedReleaseGo: "1.18.1" -_#linuxMachine: "ubuntu-20.04" -_#macosMachine: "macos-11" -_#windowsMachine: "windows-2022" -_#testStrategy: { - "fail-fast": false - matrix: { - "go-version": ["1.17.x", _#latestStableGo] - os: [_#linuxMachine, _#macosMachine, _#windowsMachine] - } -} -_#installGo: _#step & { - name: "Install Go" - uses: "actions/setup-go@v3" - with: "go-version": *"${{ matrix.go-version }}" | string -} -_#checkoutCode: _#step & { - name: "Checkout code" - uses: "actions/checkout@v3" -} -_#earlyChecks: _#step & { - name: "Early git and code sanity checks" - run: """ - # Ensure the recent commit messages have Signed-off-by headers. - # TODO: Remove once this is enforced for admins too; - # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229 - # TODO: Our --max-count here is just 1, because we've made mistakes very - # recently. Increase it to 5 or 10 soon, to also cover CL chains. - for commit in $(git rev-list --max-count=1 HEAD); do - if ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then - echo -e "\nRecent commit is lacking Signed-off-by:\n" - git show --quiet $commit - exit 1 - fi - done - """ - // These checks don't vary based on the Go version or OS, - // so we only need to run them on one of the matrix jobs. - if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" -} -_#cacheGoModules: _#step & { - name: "Cache Go modules" - uses: "actions/cache@v3" - with: { - path: "~/go/pkg/mod" - key: "${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}" - "restore-keys": """ - ${{ runner.os }}-${{ matrix.go-version }}-go- - """ - } -} -_#goGenerate: _#step & { - name: "Generate" - run: "go generate ./..." - // The Go version corresponds to the precise version specified in - // the matrix. Skip windows for now until we work out why re-gen is flaky - if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" -} -_#goTest: _#step & { - name: "Test" - run: "go test ./..." -} -_#goCheck: _#step & { - // These checks can vary between platforms, as different code can be built - // based on GOOS and GOARCH build tags. - // However, CUE does not have any such build tags yet, and we don't use - // dependencies that vary wildly between platforms. - // For now, to save CI resources, just run the checks on one matrix job. - // TODO: consider adding more checks as per https://github.com/golang/go/issues/42119. - if: "matrix.go-version == '\(_#latestStableGo)' && matrix.os == '\(_#linuxMachine)'" - name: "Check" - run: "go vet ./..." -} -_#goTestRace: _#step & { - name: "Test with -race" - run: "go test -race ./..." -} -_#checkGitClean: _#step & { - name: "Check that git is clean post generate and tests" - run: "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" -} -_#writeNetrcFile: _#step & { - name: "Write netrc file for cueckoo Gerrithub" - run: """ - cat < ~/.netrc - machine review.gerrithub.io - login cueckoo - password ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }} - EOD - chmod 600 ~/.netrc - """ -} -_#branchRefPrefix: "refs/heads/" -_#tempCueckooGitDir: """ - mkdir tmpgit - cd tmpgit - git init - git config user.name cueckoo - git config user.email cueckoo@gmail.com - git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)" - """ -_#curl: "curl -f -s" --- cue.mod/module.cue -- -module: "mod.com" --- cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue -- -package json - -import "strings" - -#Workflow: { - @jsonschema(schema="http://json-schema.org/draft-07/schema") - null | bool | number | string | [...] | { - // The name of your workflow. GitHub displays the names of your - // workflows on your repository's actions page. If you omit this - // field, GitHub sets the name to the workflow's filename. - name?: string - - // The name of the GitHub event that triggers the workflow. You - // can provide a single event string, array of events, array of - // event types, or an event configuration map that schedules a - // workflow or restricts the execution of a workflow to specific - // files, tags, or branch changes. For a list of available - // events, see - // https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows. - on: #event | [...#event] & [_, ...] | { - // Runs your workflow anytime the check_run event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/checks/runs. - check_run?: #eventObject & { - types?: #types & [..."created" | "rerequested" | "completed" | "requested_action"] | *["created", "rerequested", "completed", "requested_action"] - ... - } - - // Runs your workflow anytime the check_suite event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/checks/suites/. - check_suite?: #eventObject & { - types?: #types & [..."completed" | "requested" | "rerequested"] | *["completed", "requested", "rerequested"] - ... - } - - // Runs your workflow anytime someone creates a branch or tag, - // which triggers the create event. For information about the - // REST API, see - // https://developer.github.com/v3/git/refs/#create-a-reference. - create?: #eventObject - - // Runs your workflow anytime someone deletes a branch or tag, - // which triggers the delete event. For information about the - // REST API, see - // https://developer.github.com/v3/git/refs/#delete-a-reference. - delete?: #eventObject - - // Runs your workflow anytime someone creates a deployment, which - // triggers the deployment event. Deployments created with a - // commit SHA may not have a Git ref. For information about the - // REST API, see - // https://developer.github.com/v3/repos/deployments/. - deployment?: #eventObject - - // Runs your workflow anytime a third party provides a deployment - // status, which triggers the deployment_status event. - // Deployments created with a commit SHA may not have a Git ref. - // For information about the REST API, see - // https://developer.github.com/v3/repos/deployments/#create-a-deployment-status. - deployment_status?: #eventObject - - // Runs your workflow anytime when someone forks a repository, - // which triggers the fork event. For information about the REST - // API, see - // https://developer.github.com/v3/repos/forks/#create-a-fork. - fork?: #eventObject - - // Runs your workflow when someone creates or updates a Wiki page, - // which triggers the gollum event. - gollum?: #eventObject - - // Runs your workflow anytime the issue_comment event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/issues/comments/. - issue_comment?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the issues event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see https://developer.github.com/v3/issues. - issues?: #eventObject & { - types?: #types & [..."opened" | "edited" | "deleted" | "transferred" | "pinned" | "unpinned" | "closed" | "reopened" | "assigned" | "unassigned" | "labeled" | "unlabeled" | "locked" | "unlocked" | "milestoned" | "demilestoned"] | *["opened", "edited", "deleted", "transferred", "pinned", "unpinned", "closed", "reopened", "assigned", "unassigned", "labeled", "unlabeled", "locked", "unlocked", "milestoned", "demilestoned"] - ... - } - - // Runs your workflow anytime the label event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/issues/labels/. - label?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the member event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/repos/collaborators/. - member?: #eventObject & { - types?: #types & [..."added" | "edited" | "deleted"] | *["added", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the milestone event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/issues/milestones/. - milestone?: #eventObject & { - types?: #types & [..."created" | "closed" | "opened" | "edited" | "deleted"] | *["created", "closed", "opened", "edited", "deleted"] - ... - } - - // Runs your workflow anytime someone pushes to a GitHub - // Pages-enabled branch, which triggers the page_build event. For - // information about the REST API, see - // https://developer.github.com/v3/repos/pages/. - page_build?: #eventObject - - // Runs your workflow anytime the project event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see https://developer.github.com/v3/projects/. - project?: #eventObject & { - types?: #types & [..."created" | "updated" | "closed" | "reopened" | "edited" | "deleted"] | *["created", "updated", "closed", "reopened", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the project_card event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/projects/cards. - project_card?: #eventObject & { - types?: #types & [..."created" | "moved" | "converted" | "edited" | "deleted"] | *["created", "moved", "converted", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the project_column event occurs. - // More than one activity type triggers this event. For - // information about the REST API, see - // https://developer.github.com/v3/projects/columns. - project_column?: #eventObject & { - types?: #types & [..."created" | "updated" | "moved" | "deleted"] | *["created", "updated", "moved", "deleted"] - ... - } - - // Runs your workflow anytime someone makes a private repository - // public, which triggers the public event. For information about - // the REST API, see https://developer.github.com/v3/repos/#edit. - public?: #eventObject - - // Runs your workflow anytime the pull_request event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see https://developer.github.com/v3/pulls. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request?: #ref & { - types?: #types & [..."assigned" | "unassigned" | "labeled" | "unlabeled" | "opened" | "edited" | "closed" | "reopened" | "synchronize" | "ready_for_review" | "locked" | "unlocked" | "review_requested" | "review_request_removed"] | *["opened", "synchronize", "reopened"] - - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^(types)$"]: _} - } - - // Runs your workflow anytime the pull_request_review event - // occurs. More than one activity type triggers this event. For - // information about the REST API, see - // https://developer.github.com/v3/pulls/reviews. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request_review?: #eventObject & { - types?: #types & [..."submitted" | "edited" | "dismissed"] | *["submitted", "edited", "dismissed"] - ... - } - - // Runs your workflow anytime a comment on a pull request's - // unified diff is modified, which triggers the - // pull_request_review_comment event. More than one activity type - // triggers this event. For information about the REST API, see - // https://developer.github.com/v3/pulls/comments. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request_review_comment?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // This event is similar to pull_request, except that it runs in - // the context of the base repository of the pull request, rather - // than in the merge commit. This means that you can more safely - // make your secrets available to the workflows triggered by the - // pull request, because only workflows defined in the commit on - // the base repository are run. For example, this event allows - // you to create workflows that label and comment on pull - // requests, based on the contents of the event payload. - pull_request_target?: #ref & { - types?: #types & [..."assigned" | "unassigned" | "labeled" | "unlabeled" | "opened" | "edited" | "closed" | "reopened" | "synchronize" | "ready_for_review" | "locked" | "unlocked" | "review_requested" | "review_request_removed"] | *["opened", "synchronize", "reopened"] - - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^(types)$"]: _} - } - - // Runs your workflow when someone pushes to a repository branch, - // which triggers the push event. - // Note: The webhook payload available to GitHub Actions does not - // include the added, removed, and modified attributes in the - // commit object. You can retrieve the full commit object using - // the REST API. For more information, see - // https://developer.github.com/v3/repos/commits/#get-a-single-commit. - push?: #ref & { - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^()$"]: _} - } - - // Runs your workflow anytime a package is published or updated. - // For more information, see - // https://help.github.com/en/github/managing-packages-with-github-packages. - registry_package?: #eventObject & { - types?: #types & [..."published" | "updated"] | *["published", "updated"] - ... - } - - // Runs your workflow anytime the release event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/repos/releases/ in the GitHub - // Developer documentation. - release?: #eventObject & { - types?: #types & [..."published" | "unpublished" | "created" | "edited" | "deleted" | "prereleased" | "released"] | *["published", "unpublished", "created", "edited", "deleted", "prereleased", "released"] - ... - } - - // Runs your workflow anytime the status of a Git commit changes, - // which triggers the status event. For information about the - // REST API, see https://developer.github.com/v3/repos/statuses/. - status?: #eventObject - - // Runs your workflow anytime the watch event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/activity/starring/. - watch?: #eventObject - - // You can now create workflows that are manually triggered with - // the new workflow_dispatch event. You will then see a 'Run - // workflow' button on the Actions tab, enabling you to easily - // trigger a run. - workflow_dispatch?: null | bool | number | string | [...] | { - // Input parameters allow you to specify data that the action - // expects to use during runtime. GitHub stores input parameters - // as environment variables. Input ids with uppercase letters are - // converted to lowercase during runtime. We recommended using - // lowercase input ids. - inputs?: { - {[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$" & !~"^()$"]: { - // A string description of the input parameter. - description: string - - // A string shown to users using the deprecated input. - deprecationMessage?: string - - // A boolean to indicate whether the action requires the input - // parameter. Set to true when the parameter is required. - required: bool - - // A string representing the default value. The default value is - // used when an input parameter isn't specified in a workflow - // file. - default?: string - }} - } - ... - } - - // This event occurs when a workflow run is requested or - // completed, and allows you to execute a workflow based on the - // finished result of another workflow. For example, if your - // pull_request workflow generates build artifacts, you can - // create a new workflow that uses workflow_run to analyze the - // results and add a comment to the original pull request. - workflow_run?: #eventObject & { - types?: #types & [..."requested" | "completed"] | *["requested", "completed"] - workflows?: [...string] & [_, ...] - - {[=~"^branches(-ignore)?$" & !~"^(types|workflows)$"]: _} - ... - } - - // You can use the GitHub API to trigger a webhook event called - // repository_dispatch when you want to trigger a workflow for - // activity that happens outside of GitHub. For more information, - // see - // https://developer.github.com/v3/repos/#create-a-repository-dispatch-event. - // To trigger the custom repository_dispatch webhook event, you - // must send a POST request to a GitHub API endpoint and provide - // an event_type name to describe the activity type. To trigger a - // workflow run, you must also configure your workflow to use the - // repository_dispatch event. - repository_dispatch?: #eventObject - - // You can schedule a workflow to run at specific UTC times using - // POSIX cron syntax - // (https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07). - // Scheduled workflows run on the latest commit on the default or - // base branch. The shortest interval you can run scheduled - // workflows is once every 5 minutes. - // Note: GitHub Actions does not support the non-standard syntax - // @yearly, @monthly, @weekly, @daily, @hourly, and @reboot. - // You can use crontab guru (https://crontab.guru/). to help - // generate your cron syntax and confirm what time it will run. - // To help you get started, there is also a list of crontab guru - // examples (https://crontab.guru/examples.html). - schedule?: [...null | bool | number | string | [...] | { - cron?: =~"^(((\\d+,)+\\d+|((\\d+|\\*)\\/\\d+|JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC)|(\\d+-\\d+)|\\d+|\\*|MON|TUE|WED|THU|FRI|SAT|SUN) ?){5,7}$" - }] & [_, ...] - } - - // A map of environment variables that are available to all jobs - // and steps in the workflow. - env?: #env - - // A map of default settings that will apply to all jobs in the - // workflow. - defaults?: #defaults - - // A workflow run is made up of one or more jobs. Jobs run in - // parallel by default. To run jobs sequentially, you can define - // dependencies on other jobs using the jobs..needs - // keyword. - // Each job runs in a fresh instance of the virtual environment - // specified by runs-on. - // You can run an unlimited number of jobs as long as you are - // within the workflow usage limits. For more information, see - // https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#usage-limits. - jobs: { - {[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$" & !~"^()$"]: { - // The name of the job displayed on GitHub. - name?: string - - // Identifies any jobs that must complete successfully before this - // job will run. It can be a string or array of strings. If a job - // fails, all jobs that need it are skipped unless the jobs use a - // conditional statement that causes the job to continue. - needs?: [...#name] & [_, ...] | #name - - // The type of machine to run the job on. The machine can be - // either a GitHub-hosted runner, or a self-hosted runner. - "runs-on": "macos-10.15" | "macos-11.0" | "macos-latest" | "self-hosted" | "ubuntu-16.04" | "ubuntu-18.04" | "ubuntu-20.04" | "ubuntu-latest" | "windows-2016" | "windows-2019" | "windows-latest" | (["self-hosted"] | ["self-hosted", #machine] | ["self-hosted", #architecture] | ["self-hosted", #machine, #architecture] | ["self-hosted", #architecture, #machine]) & [...] | #expressionSyntax - - // The environment that the job references. - environment?: string | #environment - - // A map of outputs for a job. Job outputs are available to all - // downstream jobs that depend on this job. - outputs?: { - [string]: string - } - - // A map of environment variables that are available to all steps - // in the job. - env?: #env - - // A map of default settings that will apply to all steps in the - // job. - defaults?: #defaults - - // You can use the if conditional to prevent a job from running - // unless a condition is met. You can use any supported context - // and expression to create a conditional. - // Expressions in an if conditional do not require the ${{ }} - // syntax. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - if?: string - - // A job contains a sequence of tasks called steps. Steps can run - // commands, run setup tasks, or run an action in your - // repository, a public repository, or an action published in a - // Docker registry. Not all steps run actions, but all actions - // run as a step. Each step runs in its own process in the - // virtual environment and has access to the workspace and - // filesystem. Because steps run in their own process, changes to - // environment variables are not preserved between steps. GitHub - // provides built-in steps to set up and complete a job. - steps?: [...{ - // A unique identifier for the step. You can use the id to - // reference the step in contexts. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - id?: string - - // You can use the if conditional to prevent a step from running - // unless a condition is met. You can use any supported context - // and expression to create a conditional. - // Expressions in an if conditional do not require the ${{ }} - // syntax. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - if?: string - - // A name for your step to display on GitHub. - name?: string - - // Selects an action to run as part of a step in your job. An - // action is a reusable unit of code. You can use an action - // defined in the same repository as the workflow, a public - // repository, or in a published Docker container image - // (https://hub.docker.com/). - // We strongly recommend that you include the version of the - // action you are using by specifying a Git ref, SHA, or Docker - // tag number. If you don't specify a version, it could break - // your workflows or cause unexpected behavior when the action - // owner publishes an update. - // - Using the commit SHA of a released action version is the - // safest for stability and security. - // - Using the specific major action version allows you to receive - // critical fixes and security patches while still maintaining - // compatibility. It also assures that your workflow should still - // work. - // - Using the master branch of an action may be convenient, but - // if someone releases a new major version with a breaking - // change, your workflow could break. - // Some actions require inputs that you must set using the with - // keyword. Review the action's README file to determine the - // inputs required. - // Actions are either JavaScript files or Docker containers. If - // the action you're using is a Docker container you must run the - // job in a Linux virtual environment. For more details, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - uses?: string - - // Runs command-line programs using the operating system's shell. - // If you do not provide a name, the step name will default to - // the text specified in the run command. - // Commands run using non-login shells by default. You can choose - // a different shell and customize the shell used to run - // commands. For more information, see - // https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#using-a-specific-shell. - // Each run keyword represents a new process and shell in the - // virtual environment. When you provide multi-line commands, - // each line runs in the same shell. - run?: string, "working-directory"?: #["working-directory"], shell?: #shell - - // A map of the input parameters defined by the action. Each input - // parameter is a key/value pair. Input parameters are set as - // environment variables. The variable is prefixed with INPUT_ - // and converted to upper case. - with?: #env & { - args?: string, entrypoint?: string, ... - } - - // Sets environment variables for steps to use in the virtual - // environment. You can also set environment variables for the - // entire workflow or a job. - env?: #env - - // Prevents a job from failing when a step fails. Set to true to - // allow a job to pass when this step fails. - "continue-on-error"?: bool | #expressionSyntax | *false - - // The maximum number of minutes to run the step before killing - // the process. - "timeout-minutes"?: number - }] & [_, ...] - - // The maximum number of minutes to let a workflow run before - // GitHub automatically cancels it. Default: 360 - "timeout-minutes"?: number | *360 - - // A strategy creates a build matrix for your jobs. You can define - // different variations of an environment to run each job in. - strategy?: { - // A build matrix is a set of different configurations of the - // virtual environment. For example you might run a job against - // more than one supported version of a language, operating - // system, or tool. Each configuration is a copy of the job that - // runs and reports a status. - // You can specify a matrix by supplying an array for the - // configuration options. For example, if the GitHub virtual - // environment supports Node.js versions 6, 8, and 10 you could - // specify an array of those versions in the matrix. - // When you define a matrix of operating systems, you must set the - // required runs-on keyword to the operating system of the - // current job, rather than hard-coding the operating system - // name. To access the operating system name, you can use the - // matrix.os context parameter to set runs-on. For more - // information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - matrix: ({ - ... - } | #expressionSyntax) & { - {[=~"^(in|ex)clude$" & !~"^()$"]: [...{ - [string]: #configuration - }] & [_, ...]} - {[!~"^(in|ex)clude$" & !~"^()$"]: [...#configuration] & [_, ...]} - } - - // When set to true, GitHub cancels all in-progress jobs if any - // matrix job fails. Default: true - "fail-fast"?: bool | *true - - // The maximum number of jobs that can run simultaneously when - // using a matrix job strategy. By default, GitHub will maximize - // the number of jobs run in parallel depending on the available - // runners on GitHub-hosted virtual machines. - "max-parallel"?: number - } - - // Prevents a workflow run from failing when a job fails. Set to - // true to allow a workflow run to pass when this job fails. - "continue-on-error"?: bool | #expressionSyntax - - // A container to run any steps in a job that don't already - // specify a container. If you have steps that use both script - // and container actions, the container actions will run as - // sibling containers on the same network with the same volume - // mounts. - // If you do not set a container, all steps will run directly on - // the host specified by runs-on unless a step refers to an - // action configured to run in a container. - container?: string | #container - - // Additional containers to host services for a job in a workflow. - // These are useful for creating databases or cache services like - // redis. The runner on the virtual machine will automatically - // create a network and manage the life cycle of the service - // containers. - // When you use a service container for a job or your step uses - // container actions, you don't need to set port information to - // access the service. Docker automatically exposes all ports - // between containers on the same network. - // When both the job and the action run in a container, you can - // directly reference the container by its hostname. The hostname - // is automatically mapped to the service name. - // When a step does not use a container action, you must access - // the service using localhost and bind the ports. - services?: { - [string]: #container - } - }} - } - } - - #architecture: "ARM32" | "x64" | "x86" - - #branch: #globs - - #configuration: string | number | bool | { - [string]: #configuration - } | [...#configuration] - - #container: { - // The Docker image to use as the container to run the action. The - // value can be the Docker Hub image name or a registry name. - image: string - - // If the image's container registry requires authentication to - // pull the image, you can use credentials to set a map of the - // username and password. The credentials are the same values - // that you would provide to the `docker login` command. - credentials?: { - username?: string - password?: string - ... - } - - // Sets an array of environment variables in the container. - env?: #env - - // Sets an array of ports to expose on the container. - ports?: [...number | string] & [_, ...] - - // Sets an array of volumes for the container to use. You can use - // volumes to share data between services or other steps in a - // job. You can specify named Docker volumes, anonymous Docker - // volumes, or bind mounts on the host. - // To specify a volume, you specify the source and destination - // path: : - // The is a volume name or an absolute path on the host - // machine, and is an absolute path in the - // container. - volumes?: [...=~"^[^:]+:[^:]+$"] & [_, ...] - - // Additional Docker container resource options. For a list of - // options, see - // https://docs.docker.com/engine/reference/commandline/create/#options. - options?: string - } - - #defaults: run?: { - shell?: #shell - "working-directory"?: #["working-directory"] - } - - #env: [string]: bool | number | string - - #environment: { - // The name of the environment configured in the repo. - name: string - - // A deployment URL - url?: string - } - - #event: "check_run" | "check_suite" | "create" | "delete" | "deployment" | "deployment_status" | "fork" | "gollum" | "issue_comment" | "issues" | "label" | "member" | "milestone" | "page_build" | "project" | "project_card" | "project_column" | "public" | "pull_request" | "pull_request_review" | "pull_request_review_comment" | "pull_request_target" | "push" | "registry_package" | "release" | "status" | "watch" | "workflow_dispatch" | "workflow_run" | "repository_dispatch" - - #eventObject: null | { - ... - } - - #expressionSyntax: =~"^\\$\\{\\{.*\\}\\}$" - - #globs: [...strings.MinRunes(1)] & [_, ...] - - #machine: "linux" | "macos" | "windows" - - #name: =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" - - #path: #globs - - #ref: null | { - branches?: #branch - "branches-ignore"?: #branch - tags?: #branch - "tags-ignore"?: #branch - paths?: #path - "paths-ignore"?: #path - ... - } - - #shell: (string | ("bash" | "pwsh" | "python" | "sh" | "cmd" | "powershell")) & string - - #types: [_, ...] - - #: "working-directory": string -} --- out/eval -- -(struct){ - workflowsDir: (string){ |(*(string){ "./" }, (string){ string }) } - _#masterBranch(:ci): (string){ "master" } - _#releaseTagPattern(:ci): (string){ "v*" } - workflows: (#list){ - 0: (struct){ - file: (string){ "test.yml" } - schema: (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - start: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') }}" } - } - 1: (#struct){ - name: (string){ "Update Gerrit CL message with starting message" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Started the build... see progress at ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\\\"}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') }}" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - test: (#struct){ - needs: (string){ "start" } - strategy: (#struct){ - "fail-fast": (bool){ false } - matrix: (#struct){ - "go-version": (#list){ - 0: (string){ "1.17.x" } - 1: (string){ "1.18.x" } - } - os: (#list){ - 0: (string){ "ubuntu-20.04" } - 1: (string){ "macos-11" } - 2: (string){ "windows-2022" } - } - } - } - "runs-on": (string){ "${{ matrix.os }}" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - } - 1: (#struct){ - name: (string){ "Install Go" } - uses: (string){ "actions/setup-go@v3" } - with: (#struct){ - "go-version": (string){ |(*(string){ "${{ matrix.go-version }}" }, (string){ string }) } - } - } - 2: (#struct){ - name: (string){ "Checkout code" } - uses: (string){ "actions/checkout@v3" } - with: (#struct){ - ref: (string){ "${{ github.event.pull_request.head.sha }}" } - } - } - 3: (#struct){ - name: (string){ "Early git and code sanity checks" } - run: (string){ "# Ensure the recent commit messages have Signed-off-by headers.\n# TODO: Remove once this is enforced for admins too;\n# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229\n# TODO: Our --max-count here is just 1, because we've made mistakes very\n# recently. Increase it to 5 or 10 soon, to also cover CL chains.\nfor commit in $(git rev-list --max-count=1 HEAD); do\n\tif ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then\n\t\techo -e \"\nRecent commit is lacking Signed-off-by:\n\"\n\t\tgit show --quiet $commit\n\t\texit 1\n\tfi\ndone" } - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - } - 4: (#struct){ - name: (string){ "Cache Go modules" } - uses: (string){ "actions/cache@v3" } - with: (#struct){ - path: (string){ "~/go/pkg/mod" } - key: (string){ "${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}" } - "restore-keys": (string){ "${{ runner.os }}-${{ matrix.go-version }}-go-" } - } - } - 5: (#struct){ - if: (string){ "${{ github.ref == 'refs/heads/master' }}" } - run: (string){ "echo CUE_LONG=true >> $GITHUB_ENV" } - } - 6: (#struct){ - name: (string){ "Generate" } - run: (string){ "go generate ./..." } - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - } - 7: (#struct){ - name: (string){ "Test" } - run: (string){ "go test ./..." } - } - 8: (#struct){ - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - name: (string){ "Check" } - run: (string){ "go vet ./..." } - } - 9: (#struct){ - name: (string){ "Test with -race" } - run: (string){ "go test -race ./..." } - if: (string){ "${{ matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' }}" } - } - 10: (#struct){ - name: (string){ "Check that git is clean post generate and tests" } - run: (string){ "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" } - } - 11: (#struct){ - name: (string){ "Pull this commit through the proxy on master" } - run: (string){ "v=$(git rev-parse HEAD)\ncd $(mktemp -d)\ngo mod init mod.com\nGOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v" } - if: (string){ "${{ github.ref == 'refs/heads/master' }}" } - } - 12: (#struct){ - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') && failure() }}" } - name: (string){ "Post any failures for this matrix entry" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":-1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - mark_ci_success: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') }}" } - needs: (string){ "test" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - } - 1: (#struct){ - name: (string){ "Update Gerrit CL message with success message" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build succeeded for ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - delete_build_branch: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') && always() }}" } - needs: (string){ "test" } - steps: (#list){ - 0: (#struct){ - run: (string){ "mkdir tmpgit\ncd tmpgit\ngit init\ngit config user.name cueckoo\ngit config user.email cueckoo@gmail.com\ngit config http.https://github.com/.extraheader \"AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)\"\ngit push https://github.com/cue-lang/cue :${GITHUB_REF#refs/heads/}" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - } - name: (string){ "Test" } - on: (#struct){ - push: (#struct){ - branches: (#list){ - 0: (string){ "**" } - } - "tags-ignore": (#list){ - 0: (string){ "v*" } - } - } - pull_request: (#struct){ - } - } - _#isCLCITestBranch(:ci): (string){ "startsWith(github.ref, 'refs/heads/ci/')" } - _#isMaster(:ci): (string){ "github.ref == 'refs/heads/master'" } - _#pullThroughProxy(:ci): (#struct){ - name: (string){ "Pull this commit through the proxy on master" } - run: (string){ "v=$(git rev-parse HEAD)\ncd $(mktemp -d)\ngo mod init mod.com\nGOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v" } - if: (string){ "${{ github.ref == 'refs/heads/master' }}" } - } - _#startCLBuild(:ci): (#struct){ - name: (string){ "Update Gerrit CL message with starting message" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Started the build... see progress at ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\\\"}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - _#failCLBuild(:ci): (#struct){ - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') && failure() }}" } - name: (string){ "Post any failures for this matrix entry" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":-1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - _#passCLBuild(:ci): (#struct){ - name: (string){ "Update Gerrit CL message with success message" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build succeeded for ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - _#gerrit(:ci): (#struct){ - _#setCodeReview(:ci): (#struct){ - #args: (#struct){ - tag: (string){ "trybot" } - message: (string){ string } - } - res: (_|_){ - // [incomplete] invalid interpolation: cannot convert incomplete value "string" to JSON: - // ./workflows.cue:129:9 - // ./workflows.cue:126:14 - } - } - } - } - } - 1: (struct){ - file: (string){ "repository_dispatch.yml" } - schema: (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - runtrybot: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - _#type(:ci): (string){ "runtrybot" } - if: (string){ "${{ github.event.client_payload.type == 'runtrybot' }}" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - } - 1: (#struct){ - name: (string){ "Trigger trybot" } - run: (string){ "mkdir tmpgit\ncd tmpgit\ngit init\ngit config user.name cueckoo\ngit config user.email cueckoo@gmail.com\ngit config http.https://github.com/.extraheader \"AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)\"\ngit fetch https://review.gerrithub.io/a/cue-lang/cue ${{ github.event.client_payload.payload.ref }}\ngit checkout -b ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} FETCH_HEAD\ngit push https://github.com/cue-lang/cue ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }}" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - } - _#runtrybot(:ci): (string){ "runtrybot" } - _#unity(:ci): (string){ "unity" } - _#dispatchJob(:ci): (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - _#type(:ci): (string){ string } - if: (_|_){ - // [incomplete] workflows.1.schema._#dispatchJob.if: invalid interpolation: non-concrete value string (type string): - // ./workflows.cue:140:14 - // ./workflows.cue:138:14 - } - } - name: (string){ "Repository Dispatch" } - on: (#list){ - 0: (string){ "repository_dispatch" } - } - } - } - 2: (struct){ - file: (string){ "release.yml" } - schema: (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - goreleaser: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Checkout code" } - uses: (string){ "actions/checkout@v3" } - with: (#struct){ - "fetch-depth": (int){ 0 } - } - } - 1: (#struct){ - name: (string){ "Install Go" } - uses: (string){ "actions/setup-go@v3" } - with: (#struct){ - "go-version": (string){ "1.18.1" } - } - } - 2: (#struct){ - name: (string){ "Setup qemu" } - uses: (string){ "docker/setup-qemu-action@v1" } - } - 3: (#struct){ - name: (string){ "Set up Docker Buildx" } - uses: (string){ "docker/setup-buildx-action@v1" } - } - 4: (#struct){ - name: (string){ "Docker Login" } - uses: (string){ "docker/login-action@v1" } - with: (#struct){ - registry: (string){ "docker.io" } - username: (string){ "cueckoo" } - password: (string){ "${{ secrets.CUECKOO_DOCKER_PAT }}" } - } - } - 5: (#struct){ - name: (string){ "Run GoReleaser" } - env: (#struct){ - GITHUB_TOKEN: (string){ "${{ secrets.CUECKOO_GITHUB_PAT }}" } - } - uses: (string){ "goreleaser/goreleaser-action@v2" } - with: (#struct){ - args: (string){ "release --rm-dist" } - version: (string){ "v1.8.2" } - } - } - 6: (#struct){ - _#arg(:ci): (#struct){ - event_type: (string){ "Re-test post release of ${GITHUB_REF##refs/tags/}" } - } - name: (string){ "Re-test cuelang.org" } - run: (string){ "curl -f -s -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \"{\\\"event_type\\\":\\\"Re-test post release of ${GITHUB_REF##refs/tags/}\\\"}\" https://api.github.com/repos/cue-lang/cuelang.org/dispatches" } - } - 7: (#struct){ - _#arg(:ci): (#struct){ - event_type: (string){ "Check against CUE ${GITHUB_REF##refs/tags/}" } - client_payload: (#struct){ - type: (string){ "unity" } - payload: (#struct){ - versions: (string){ "\"${GITHUB_REF##refs/tags/}\"" } - } - } - } - name: (string){ "Trigger unity build" } - run: (string){ "curl -f -s -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \"{\\\"event_type\\\":\\\"Check against CUE ${GITHUB_REF##refs/tags/}\\\",\\\"client_payload\\\":{\\\"type\\\":\\\"unity\\\",\\\"payload\\\":{\\\"versions\\\":\\\"\\\\\\\"${GITHUB_REF##refs/tags/}\\\\\\\"\\\"}}}\" https://api.github.com/repos/cue-unity/unity/dispatches" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - } - name: (string){ "Release" } - on: (#struct){ - push: (#struct){ - tags: (#list){ - 0: (string){ "v*" } - } - } - } - } - } - 3: (struct){ - file: (string){ "tip_triggers.yml" } - schema: (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - push: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Rebuild tip.cuelang.org" } - run: (string){ "curl -f -s -X POST -d {} https://api.netlify.com/build_hooks/${{ secrets.CuelangOrgTipRebuildHook }}" } - } - 1: (#struct){ - _#arg(:ci): (#struct){ - event_type: (string){ "Check against ${GITHUB_SHA}" } - client_payload: (#struct){ - type: (string){ "unity" } - payload: (#struct){ - versions: (string){ "\"commit:${GITHUB_SHA}\"" } - } - } - } - name: (string){ "Trigger unity build" } - run: (string){ "curl -f -s -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \"{\\\"event_type\\\":\\\"Check against ${GITHUB_SHA}\\\",\\\"client_payload\\\":{\\\"type\\\":\\\"unity\\\",\\\"payload\\\":{\\\"versions\\\":\\\"\\\\\\\"commit:${GITHUB_SHA}\\\\\\\"\\\"}}}\" https://api.github.com/repos/cue-unity/unity/dispatches" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - } - name: (string){ "Push to tip triggers" } - on: (#struct){ - push: (#struct){ - branches: (#list){ - 0: (string){ "master" } - } - } - } - } - } - } - test: (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - start: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') }}" } - } - 1: (#struct){ - name: (string){ "Update Gerrit CL message with starting message" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Started the build... see progress at ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\\\"}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') }}" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - test: (#struct){ - needs: (string){ "start" } - strategy: (#struct){ - "fail-fast": (bool){ false } - matrix: (#struct){ - "go-version": (#list){ - 0: (string){ "1.17.x" } - 1: (string){ "1.18.x" } - } - os: (#list){ - 0: (string){ "ubuntu-20.04" } - 1: (string){ "macos-11" } - 2: (string){ "windows-2022" } - } - } - } - "runs-on": (string){ "${{ matrix.os }}" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - } - 1: (#struct){ - name: (string){ "Install Go" } - uses: (string){ "actions/setup-go@v3" } - with: (#struct){ - "go-version": (string){ |(*(string){ "${{ matrix.go-version }}" }, (string){ string }) } - } - } - 2: (#struct){ - name: (string){ "Checkout code" } - uses: (string){ "actions/checkout@v3" } - with: (#struct){ - ref: (string){ "${{ github.event.pull_request.head.sha }}" } - } - } - 3: (#struct){ - name: (string){ "Early git and code sanity checks" } - run: (string){ "# Ensure the recent commit messages have Signed-off-by headers.\n# TODO: Remove once this is enforced for admins too;\n# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229\n# TODO: Our --max-count here is just 1, because we've made mistakes very\n# recently. Increase it to 5 or 10 soon, to also cover CL chains.\nfor commit in $(git rev-list --max-count=1 HEAD); do\n\tif ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then\n\t\techo -e \"\nRecent commit is lacking Signed-off-by:\n\"\n\t\tgit show --quiet $commit\n\t\texit 1\n\tfi\ndone" } - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - } - 4: (#struct){ - name: (string){ "Cache Go modules" } - uses: (string){ "actions/cache@v3" } - with: (#struct){ - path: (string){ "~/go/pkg/mod" } - key: (string){ "${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}" } - "restore-keys": (string){ "${{ runner.os }}-${{ matrix.go-version }}-go-" } - } - } - 5: (#struct){ - if: (string){ "${{ github.ref == 'refs/heads/master' }}" } - run: (string){ "echo CUE_LONG=true >> $GITHUB_ENV" } - } - 6: (#struct){ - name: (string){ "Generate" } - run: (string){ "go generate ./..." } - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - } - 7: (#struct){ - name: (string){ "Test" } - run: (string){ "go test ./..." } - } - 8: (#struct){ - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - name: (string){ "Check" } - run: (string){ "go vet ./..." } - } - 9: (#struct){ - name: (string){ "Test with -race" } - run: (string){ "go test -race ./..." } - if: (string){ "${{ matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04' }}" } - } - 10: (#struct){ - name: (string){ "Check that git is clean post generate and tests" } - run: (string){ "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" } - } - 11: (#struct){ - name: (string){ "Pull this commit through the proxy on master" } - run: (string){ "v=$(git rev-parse HEAD)\ncd $(mktemp -d)\ngo mod init mod.com\nGOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v" } - if: (string){ "${{ github.ref == 'refs/heads/master' }}" } - } - 12: (#struct){ - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') && failure() }}" } - name: (string){ "Post any failures for this matrix entry" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":-1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - mark_ci_success: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') }}" } - needs: (string){ "test" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - } - 1: (#struct){ - name: (string){ "Update Gerrit CL message with success message" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build succeeded for ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - delete_build_branch: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') && always() }}" } - needs: (string){ "test" } - steps: (#list){ - 0: (#struct){ - run: (string){ "mkdir tmpgit\ncd tmpgit\ngit init\ngit config user.name cueckoo\ngit config user.email cueckoo@gmail.com\ngit config http.https://github.com/.extraheader \"AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)\"\ngit push https://github.com/cue-lang/cue :${GITHUB_REF#refs/heads/}" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - } - name: (string){ "Test" } - on: (#struct){ - push: (#struct){ - branches: (#list){ - 0: (string){ "**" } - } - "tags-ignore": (#list){ - 0: (string){ "v*" } - } - } - pull_request: (#struct){ - } - } - _#isCLCITestBranch(:ci): (string){ "startsWith(github.ref, 'refs/heads/ci/')" } - _#isMaster(:ci): (string){ "github.ref == 'refs/heads/master'" } - _#pullThroughProxy(:ci): (#struct){ - name: (string){ "Pull this commit through the proxy on master" } - run: (string){ "v=$(git rev-parse HEAD)\ncd $(mktemp -d)\ngo mod init mod.com\nGOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v" } - if: (string){ "${{ github.ref == 'refs/heads/master' }}" } - } - _#startCLBuild(:ci): (#struct){ - name: (string){ "Update Gerrit CL message with starting message" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Started the build... see progress at ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\\\"}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - _#failCLBuild(:ci): (#struct){ - if: (string){ "${{ startsWith(github.ref, 'refs/heads/ci/') && failure() }}" } - name: (string){ "Post any failures for this matrix entry" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":-1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - _#passCLBuild(:ci): (#struct){ - name: (string){ "Update Gerrit CL message with success message" } - run: (string){ "curl -f -s -n -H \"Content-Type: application/json\" --request POST --data \"{\\\"tag\\\":\\\"trybot\\\",\\\"message\\\":\\\"Build succeeded for ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}\\\",\\\"labels\\\":{\\\"TryBot-Result\\\":1}}\" https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" } - } - _#gerrit(:ci): (#struct){ - _#setCodeReview(:ci): (#struct){ - #args: (#struct){ - tag: (string){ "trybot" } - message: (string){ string } - } - res: (_|_){ - // [incomplete] invalid interpolation: cannot convert incomplete value "string" to JSON: - // ./workflows.cue:129:9 - // ./workflows.cue:126:14 - } - } - } - } - repository_dispatch: (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - runtrybot: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - _#type(:ci): (string){ "runtrybot" } - if: (string){ "${{ github.event.client_payload.type == 'runtrybot' }}" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - } - 1: (#struct){ - name: (string){ "Trigger trybot" } - run: (string){ "mkdir tmpgit\ncd tmpgit\ngit init\ngit config user.name cueckoo\ngit config user.email cueckoo@gmail.com\ngit config http.https://github.com/.extraheader \"AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)\"\ngit fetch https://review.gerrithub.io/a/cue-lang/cue ${{ github.event.client_payload.payload.ref }}\ngit checkout -b ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} FETCH_HEAD\ngit push https://github.com/cue-lang/cue ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }}" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - } - _#runtrybot(:ci): (string){ "runtrybot" } - _#unity(:ci): (string){ "unity" } - _#dispatchJob(:ci): (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - _#type(:ci): (string){ string } - if: (_|_){ - // [incomplete] repository_dispatch._#dispatchJob.if: invalid interpolation: non-concrete value string (type string): - // ./workflows.cue:140:14 - // ./workflows.cue:138:14 - } - } - name: (string){ "Repository Dispatch" } - on: (#list){ - 0: (string){ "repository_dispatch" } - } - } - release: (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - goreleaser: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Checkout code" } - uses: (string){ "actions/checkout@v3" } - with: (#struct){ - "fetch-depth": (int){ 0 } - } - } - 1: (#struct){ - name: (string){ "Install Go" } - uses: (string){ "actions/setup-go@v3" } - with: (#struct){ - "go-version": (string){ "1.18.1" } - } - } - 2: (#struct){ - name: (string){ "Setup qemu" } - uses: (string){ "docker/setup-qemu-action@v1" } - } - 3: (#struct){ - name: (string){ "Set up Docker Buildx" } - uses: (string){ "docker/setup-buildx-action@v1" } - } - 4: (#struct){ - name: (string){ "Docker Login" } - uses: (string){ "docker/login-action@v1" } - with: (#struct){ - registry: (string){ "docker.io" } - username: (string){ "cueckoo" } - password: (string){ "${{ secrets.CUECKOO_DOCKER_PAT }}" } - } - } - 5: (#struct){ - name: (string){ "Run GoReleaser" } - env: (#struct){ - GITHUB_TOKEN: (string){ "${{ secrets.CUECKOO_GITHUB_PAT }}" } - } - uses: (string){ "goreleaser/goreleaser-action@v2" } - with: (#struct){ - args: (string){ "release --rm-dist" } - version: (string){ "v1.8.2" } - } - } - 6: (#struct){ - _#arg(:ci): (#struct){ - event_type: (string){ "Re-test post release of ${GITHUB_REF##refs/tags/}" } - } - name: (string){ "Re-test cuelang.org" } - run: (string){ "curl -f -s -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \"{\\\"event_type\\\":\\\"Re-test post release of ${GITHUB_REF##refs/tags/}\\\"}\" https://api.github.com/repos/cue-lang/cuelang.org/dispatches" } - } - 7: (#struct){ - _#arg(:ci): (#struct){ - event_type: (string){ "Check against CUE ${GITHUB_REF##refs/tags/}" } - client_payload: (#struct){ - type: (string){ "unity" } - payload: (#struct){ - versions: (string){ "\"${GITHUB_REF##refs/tags/}\"" } - } - } - } - name: (string){ "Trigger unity build" } - run: (string){ "curl -f -s -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \"{\\\"event_type\\\":\\\"Check against CUE ${GITHUB_REF##refs/tags/}\\\",\\\"client_payload\\\":{\\\"type\\\":\\\"unity\\\",\\\"payload\\\":{\\\"versions\\\":\\\"\\\\\\\"${GITHUB_REF##refs/tags/}\\\\\\\"\\\"}}}\" https://api.github.com/repos/cue-unity/unity/dispatches" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - } - name: (string){ "Release" } - on: (#struct){ - push: (#struct){ - tags: (#list){ - 0: (string){ "v*" } - } - } - } - } - tip_triggers: (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - push: (#struct){ - "runs-on": (string){ "ubuntu-20.04" } - steps: (#list){ - 0: (#struct){ - name: (string){ "Rebuild tip.cuelang.org" } - run: (string){ "curl -f -s -X POST -d {} https://api.netlify.com/build_hooks/${{ secrets.CuelangOrgTipRebuildHook }}" } - } - 1: (#struct){ - _#arg(:ci): (#struct){ - event_type: (string){ "Check against ${GITHUB_SHA}" } - client_payload: (#struct){ - type: (string){ "unity" } - payload: (#struct){ - versions: (string){ "\"commit:${GITHUB_SHA}\"" } - } - } - } - name: (string){ "Trigger unity build" } - run: (string){ "curl -f -s -H \"Content-Type: application/json\" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \"{\\\"event_type\\\":\\\"Check against ${GITHUB_SHA}\\\",\\\"client_payload\\\":{\\\"type\\\":\\\"unity\\\",\\\"payload\\\":{\\\"versions\\\":\\\"\\\\\\\"commit:${GITHUB_SHA}\\\\\\\"\\\"}}}\" https://api.github.com/repos/cue-unity/unity/dispatches" } - } - } - defaults: (#struct){ - run: (#struct){ - shell: (string){ "bash" } - } - } - } - } - name: (string){ "Push to tip triggers" } - on: (#struct){ - push: (#struct){ - branches: (#list){ - 0: (string){ "master" } - } - } - } - } - _#bashWorkflow(:ci): (#struct){ - #architecture: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - #branch: (list){ - 0: (string){ strings.MinRunes(1) } - } - #configuration: ((bool|string|list|struct|number)){ |((string){ string }, (number){ number }, (bool){ bool }, (#struct){ - }, (list){ - }) } - #container: (#struct){ - image: (string){ string } - } - #defaults: (#struct){ - } - #env: (#struct){ - } - #environment: (#struct){ - name: (string){ string } - } - #event: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - #eventObject: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #expressionSyntax: (string){ =~"^\\$\\{\\{.*\\}\\}$" } - #globs: (list){ - 0: (string){ strings.MinRunes(1) } - } - #machine: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - #name: (string){ =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" } - #path: (list){ - 0: (string){ strings.MinRunes(1) } - } - #ref: ((null|struct)){ |((null){ null }, (#struct){ - }) } - #shell: (string){ |((string){ string }, (string){ "bash" }, (string){ "pwsh" }, (string){ "python" }, (string){ "sh" }, (string){ "cmd" }, (string){ "powershell" }) } - #types: (list){ - 0: (_){ _ } - } - #: (#struct){ - "working-directory": (string){ string } - } - jobs: (#struct){ - } - on: ((string|list|struct)){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }, (list){ - 0: (string){ |((string){ "check_run" }, (string){ "check_suite" }, (string){ "create" }, (string){ "delete" }, (string){ "deployment" }, (string){ "deployment_status" }, (string){ "fork" }, (string){ "gollum" }, (string){ "issue_comment" }, (string){ "issues" }, (string){ "label" }, (string){ "member" }, (string){ "milestone" }, (string){ "page_build" }, (string){ "project" }, (string){ "project_card" }, (string){ "project_column" }, (string){ "public" }, (string){ "pull_request" }, (string){ "pull_request_review" }, (string){ "pull_request_review_comment" }, (string){ "pull_request_target" }, (string){ "push" }, (string){ "registry_package" }, (string){ "release" }, (string){ "status" }, (string){ "watch" }, (string){ "workflow_dispatch" }, (string){ "workflow_run" }, (string){ "repository_dispatch" }) } - }, (#struct){ - }) } - } - _#job(:ci): (#struct){ - "runs-on": ((string|list)){ |((string){ "macos-10.15" }, (string){ "macos-11.0" }, (string){ "macos-latest" }, (string){ "self-hosted" }, (string){ "ubuntu-16.04" }, (string){ "ubuntu-18.04" }, (string){ "ubuntu-20.04" }, (string){ "ubuntu-latest" }, (string){ "windows-2016" }, (string){ "windows-2019" }, (string){ "windows-latest" }, (#list){ - 0: (string){ "self-hosted" } - }, (#list){ - 0: (string){ "self-hosted" } - 1: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - }, (#list){ - 0: (string){ "self-hosted" } - 1: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - }, (#list){ - 0: (string){ "self-hosted" } - 1: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - 2: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - }, (#list){ - 0: (string){ "self-hosted" } - 1: (string){ |((string){ "ARM32" }, (string){ "x64" }, (string){ "x86" }) } - 2: (string){ |((string){ "linux" }, (string){ "macos" }, (string){ "windows" }) } - }, (string){ =~"^\\$\\{\\{.*\\}\\}$" }) } - } - _#step(:ci): (#struct){ - } - _#latestStableGo(:ci): (string){ "1.18.x" } - _#pinnedReleaseGo(:ci): (string){ "1.18.1" } - _#linuxMachine(:ci): (string){ "ubuntu-20.04" } - _#macosMachine(:ci): (string){ "macos-11" } - _#windowsMachine(:ci): (string){ "windows-2022" } - _#testStrategy(:ci): (#struct){ - "fail-fast": (bool){ false } - matrix: (#struct){ - "go-version": (#list){ - 0: (string){ "1.17.x" } - 1: (string){ "1.18.x" } - } - os: (#list){ - 0: (string){ "ubuntu-20.04" } - 1: (string){ "macos-11" } - 2: (string){ "windows-2022" } - } - } - } - _#installGo(:ci): (#struct){ - name: (string){ "Install Go" } - uses: (string){ "actions/setup-go@v3" } - with: (#struct){ - "go-version": (string){ |(*(string){ "${{ matrix.go-version }}" }, (string){ string }) } - } - } - _#checkoutCode(:ci): (#struct){ - name: (string){ "Checkout code" } - uses: (string){ "actions/checkout@v3" } - } - _#earlyChecks(:ci): (#struct){ - name: (string){ "Early git and code sanity checks" } - run: (string){ "# Ensure the recent commit messages have Signed-off-by headers.\n# TODO: Remove once this is enforced for admins too;\n# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229\n# TODO: Our --max-count here is just 1, because we've made mistakes very\n# recently. Increase it to 5 or 10 soon, to also cover CL chains.\nfor commit in $(git rev-list --max-count=1 HEAD); do\n\tif ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then\n\t\techo -e \"\nRecent commit is lacking Signed-off-by:\n\"\n\t\tgit show --quiet $commit\n\t\texit 1\n\tfi\ndone" } - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - } - _#cacheGoModules(:ci): (#struct){ - name: (string){ "Cache Go modules" } - uses: (string){ "actions/cache@v3" } - with: (#struct){ - path: (string){ "~/go/pkg/mod" } - key: (string){ "${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}" } - "restore-keys": (string){ "${{ runner.os }}-${{ matrix.go-version }}-go-" } - } - } - _#goGenerate(:ci): (#struct){ - name: (string){ "Generate" } - run: (string){ "go generate ./..." } - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - } - _#goTest(:ci): (#struct){ - name: (string){ "Test" } - run: (string){ "go test ./..." } - } - _#goCheck(:ci): (#struct){ - if: (string){ "matrix.go-version == '1.18.x' && matrix.os == 'ubuntu-20.04'" } - name: (string){ "Check" } - run: (string){ "go vet ./..." } - } - _#goTestRace(:ci): (#struct){ - name: (string){ "Test with -race" } - run: (string){ "go test -race ./..." } - } - _#checkGitClean(:ci): (#struct){ - name: (string){ "Check that git is clean post generate and tests" } - run: (string){ "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" } - } - _#writeNetrcFile(:ci): (#struct){ - name: (string){ "Write netrc file for cueckoo Gerrithub" } - run: (string){ "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" } - } - _#branchRefPrefix(:ci): (string){ "refs/heads/" } - _#tempCueckooGitDir(:ci): (string){ "mkdir tmpgit\ncd tmpgit\ngit init\ngit config user.name cueckoo\ngit config user.email cueckoo@gmail.com\ngit config http.https://github.com/.extraheader \"AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)\"" } - _#curl(:ci): (string){ "curl -f -s" } -} --- out/compile -- ---- workflows.cue -{ - workflowsDir: (*"./"|string) - _#masterBranch: "master" - _#releaseTagPattern: "v*" - workflows: ([ - ...{ - file: string - schema: 〈import;"github.com/SchemaStore/schemastore/src/schemas/json"〉.#Workflow - }, - ] & [ - { - file: "test.yml" - schema: 〈2;test〉 - }, - { - file: "repository_dispatch.yml" - schema: 〈2;repository_dispatch〉 - }, - { - file: "release.yml" - schema: 〈2;release〉 - }, - { - file: "tip_triggers.yml" - schema: 〈2;tip_triggers〉 - }, - ]) - test: (〈0;_#bashWorkflow〉 & { - name: "Test" - on: { - push: { - branches: [ - "**", - ] - "tags-ignore": [ - 〈4;_#releaseTagPattern〉, - ] - } - pull_request: {} - } - jobs: { - start: { - "runs-on": 〈3;_#linuxMachine〉 - steps: ([ - ...(_ & { - if: "${{ \(〈4;_#isCLCITestBranch〉) }}" - }), - ] & [ - 〈4;_#writeNetrcFile〉, - 〈3;_#startCLBuild〉, - ]) - } - test: { - needs: "start" - strategy: 〈3;_#testStrategy〉 - "runs-on": "${{ matrix.os }}" - steps: [ - 〈4;_#writeNetrcFile〉, - 〈4;_#installGo〉, - (〈4;_#checkoutCode〉 & { - with: { - ref: "${{ github.event.pull_request.head.sha }}" - } - }), - 〈4;_#earlyChecks〉, - 〈4;_#cacheGoModules〉, - (〈4;_#step〉 & { - if: "${{ \(〈4;_#isMaster〉) }}" - run: "echo CUE_LONG=true >> $GITHUB_ENV" - }), - 〈4;_#goGenerate〉, - 〈4;_#goTest〉, - 〈4;_#goCheck〉, - (〈4;_#goTestRace〉 & { - if: "${{ matrix.go-version == '\(〈5;_#latestStableGo〉)' && matrix.os == '\(〈5;_#linuxMachine〉)' }}" - }), - 〈4;_#checkGitClean〉, - 〈3;_#pullThroughProxy〉, - 〈3;_#failCLBuild〉, - ] - } - mark_ci_success: { - "runs-on": 〈3;_#linuxMachine〉 - if: "${{ \(〈2;_#isCLCITestBranch〉) }}" - needs: "test" - steps: [ - 〈4;_#writeNetrcFile〉, - 〈3;_#passCLBuild〉, - ] - } - delete_build_branch: { - "runs-on": 〈3;_#linuxMachine〉 - if: "${{ \(〈2;_#isCLCITestBranch〉) && always() }}" - needs: "test" - steps: [ - (〈4;_#step〉 & { - run: "\(〈5;_#tempCueckooGitDir〉) - git push https://github.com/cue-lang/cue :${GITHUB_REF#\(〈5;_#branchRefPrefix〉)}" - }), - ] - } - } - _#isCLCITestBranch: "startsWith(github.ref, '\(〈1;_#branchRefPrefix〉)ci/')" - _#isMaster: "github.ref == '\((〈1;_#branchRefPrefix〉 + 〈1;_#masterBranch〉))'" - _#pullThroughProxy: (〈1;_#step〉 & { - name: "Pull this commit through the proxy on \(〈2;_#masterBranch〉)" - run: "v=$(git rev-parse HEAD)\ncd $(mktemp -d)\ngo mod init mod.com\nGOPROXY=https://proxy.golang.org go get -d cuelang.org/go/cmd/cue@$v" - if: "${{ \(〈1;_#isMaster〉) }}" - }) - _#startCLBuild: (〈1;_#step〉 & { - name: "Update Gerrit CL message with starting message" - run: (〈1;_#gerrit〉._#setCodeReview & { - #args: { - message: "Started the build... see progress at ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" - } - }).res - }) - _#failCLBuild: (〈1;_#step〉 & { - if: "${{ \(〈1;_#isCLCITestBranch〉) && failure() }}" - name: "Post any failures for this matrix entry" - run: (〈1;_#gerrit〉._#setCodeReview & { - #args: { - message: "Build failed for ${{ runner.os }}-${{ matrix.go-version }}; see ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }} for more details" - labels: { - "TryBot-Result": -1 - } - } - }).res - }) - _#passCLBuild: (〈1;_#step〉 & { - name: "Update Gerrit CL message with success message" - run: (〈1;_#gerrit〉._#setCodeReview & { - #args: { - message: "Build succeeded for ${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}" - labels: { - "TryBot-Result": 1 - } - } - }).res - }) - _#gerrit: { - _#setCodeReview: { - #args: { - tag: "trybot" - message: string - labels?: { - "TryBot-Result": int - } - } - res: "\(〈3;_#curl〉) -n -H "Content-Type: application/json" --request POST --data \(〈import;strconv〉.Quote(〈import;"encoding/json"〉.Marshal(〈0;#args〉))) https://review.gerrithub.io/a/changes/$(basename $(dirname $GITHUB_REF))/revisions/$(basename $GITHUB_REF)/review" - } - } - }) - repository_dispatch: (〈0;_#bashWorkflow〉 & { - _#runtrybot: "runtrybot" - _#unity: "unity" - _#dispatchJob: (〈1;_#job〉 & { - _#type: string - "runs-on": 〈2;_#linuxMachine〉 - if: "${{ github.event.client_payload.type == '\(〈0;_#type〉)' }}" - }) - name: "Repository Dispatch" - on: [ - "repository_dispatch", - ] - jobs: { - "\(〈1;_#runtrybot〉)": (〈1;_#dispatchJob〉 & { - _#type: 〈2;_#runtrybot〉 - steps: [ - 〈4;_#writeNetrcFile〉, - (〈4;_#step〉 & { - name: "Trigger trybot" - run: "\(〈5;_#tempCueckooGitDir〉) - git fetch https://review.gerrithub.io/a/cue-lang/cue ${{ github.event.client_payload.payload.ref }} - git checkout -b ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }} FETCH_HEAD - git push https://github.com/cue-lang/cue ci/${{ github.event.client_payload.payload.changeID }}/${{ github.event.client_payload.payload.commit }}" - }), - ] - }) - } - }) - release: (〈0;_#bashWorkflow〉 & { - name: "Release" - on: { - push: { - tags: [ - 〈4;_#releaseTagPattern〉, - ] - } - } - jobs: { - goreleaser: { - "runs-on": 〈3;_#linuxMachine〉 - steps: [ - (〈4;_#checkoutCode〉 & { - with: { - "fetch-depth": 0 - } - }), - (〈4;_#installGo〉 & { - with: { - "go-version": 〈6;_#pinnedReleaseGo〉 - } - }), - (〈4;_#step〉 & { - name: "Setup qemu" - uses: "docker/setup-qemu-action@v1" - }), - (〈4;_#step〉 & { - name: "Set up Docker Buildx" - uses: "docker/setup-buildx-action@v1" - }), - (〈4;_#step〉 & { - name: "Docker Login" - uses: "docker/login-action@v1" - with: { - registry: "docker.io" - username: "cueckoo" - password: "${{ secrets.CUECKOO_DOCKER_PAT }}" - } - }), - (〈4;_#step〉 & { - name: "Run GoReleaser" - env: { - GITHUB_TOKEN: "${{ secrets.CUECKOO_GITHUB_PAT }}" - } - uses: "goreleaser/goreleaser-action@v2" - with: { - args: "release --rm-dist" - version: "v1.8.2" - } - }), - (〈4;_#step〉 & { - _#arg: { - event_type: "Re-test post release of ${GITHUB_REF##refs/tags/}" - } - name: "Re-test cuelang.org" - run: "\(〈5;_#curl〉) -H "Content-Type: application/json" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(〈import;strconv〉.Quote(〈import;"encoding/json"〉.Marshal(〈0;_#arg〉))) https://api.github.com/repos/cue-lang/cuelang.org/dispatches" - }), - (〈4;_#step〉 & { - _#arg: { - event_type: "Check against CUE ${GITHUB_REF##refs/tags/}" - client_payload: { - type: "unity" - payload: { - versions: "\"${GITHUB_REF##refs/tags/}\"" - } - } - } - name: "Trigger unity build" - run: "\(〈5;_#curl〉) -H "Content-Type: application/json" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(〈import;strconv〉.Quote(〈import;"encoding/json"〉.Marshal(〈0;_#arg〉))) https://api.github.com/repos/cue-unity/unity/dispatches" - }), - ] - } - } - }) - tip_triggers: (〈0;_#bashWorkflow〉 & { - name: "Push to tip triggers" - on: { - push: { - branches: [ - 〈4;_#masterBranch〉, - ] - } - } - jobs: { - push: { - "runs-on": 〈3;_#linuxMachine〉 - steps: [ - { - name: "Rebuild tip.cuelang.org" - run: "\(〈5;_#curl〉) -X POST -d {} https://api.netlify.com/build_hooks/${{ secrets.CuelangOrgTipRebuildHook }}" - }, - { - _#arg: { - event_type: "Check against ${GITHUB_SHA}" - client_payload: { - type: "unity" - payload: { - versions: "\"commit:${GITHUB_SHA}\"" - } - } - } - name: "Trigger unity build" - run: "\(〈5;_#curl〉) -H "Content-Type: application/json" -u cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} --request POST --data-binary \(〈import;strconv〉.Quote(〈import;"encoding/json"〉.Marshal(〈0;_#arg〉))) https://api.github.com/repos/cue-unity/unity/dispatches" - }, - ] - } - } - }) - _#bashWorkflow: (〈import;"github.com/SchemaStore/schemastore/src/schemas/json"〉.#Workflow & { - jobs: { - [string]: { - defaults: { - run: { - shell: "bash" - } - } - } - } - }) - _#job: ((〈import;"github.com/SchemaStore/schemastore/src/schemas/json"〉.#Workflow & {}).jobs & { - x: _ - }).x - _#step: ((〈0;_#job〉 & { - steps: _ - }).steps & [ - _, - ])[0] - _#latestStableGo: "1.18.x" - _#pinnedReleaseGo: "1.18.1" - _#linuxMachine: "ubuntu-20.04" - _#macosMachine: "macos-11" - _#windowsMachine: "windows-2022" - _#testStrategy: { - "fail-fast": false - matrix: { - "go-version": [ - "1.17.x", - 〈3;_#latestStableGo〉, - ] - os: [ - 〈3;_#linuxMachine〉, - 〈3;_#macosMachine〉, - 〈3;_#windowsMachine〉, - ] - } - } - _#installGo: (〈0;_#step〉 & { - name: "Install Go" - uses: "actions/setup-go@v3" - with: { - "go-version": (*"${{ matrix.go-version }}"|string) - } - }) - _#checkoutCode: (〈0;_#step〉 & { - name: "Checkout code" - uses: "actions/checkout@v3" - }) - _#earlyChecks: (〈0;_#step〉 & { - name: "Early git and code sanity checks" - run: "# Ensure the recent commit messages have Signed-off-by headers.\n# TODO: Remove once this is enforced for admins too;\n# see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229\n# TODO: Our --max-count here is just 1, because we've made mistakes very\n# recently. Increase it to 5 or 10 soon, to also cover CL chains.\nfor commit in $(git rev-list --max-count=1 HEAD); do\n\tif ! git rev-list --format=%B --max-count=1 $commit | grep -q '^Signed-off-by:'; then\n\t\techo -e \"\nRecent commit is lacking Signed-off-by:\n\"\n\t\tgit show --quiet $commit\n\t\texit 1\n\tfi\ndone" - if: "matrix.go-version == '\(〈1;_#latestStableGo〉)' && matrix.os == '\(〈1;_#linuxMachine〉)'" - }) - _#cacheGoModules: (〈0;_#step〉 & { - name: "Cache Go modules" - uses: "actions/cache@v3" - with: { - path: "~/go/pkg/mod" - key: "${{ runner.os }}-${{ matrix.go-version }}-go-${{ hashFiles('**/go.sum') }}" - "restore-keys": "${{ runner.os }}-${{ matrix.go-version }}-go-" - } - }) - _#goGenerate: (〈0;_#step〉 & { - name: "Generate" - run: "go generate ./..." - if: "matrix.go-version == '\(〈1;_#latestStableGo〉)' && matrix.os == '\(〈1;_#linuxMachine〉)'" - }) - _#goTest: (〈0;_#step〉 & { - name: "Test" - run: "go test ./..." - }) - _#goCheck: (〈0;_#step〉 & { - if: "matrix.go-version == '\(〈1;_#latestStableGo〉)' && matrix.os == '\(〈1;_#linuxMachine〉)'" - name: "Check" - run: "go vet ./..." - }) - _#goTestRace: (〈0;_#step〉 & { - name: "Test with -race" - run: "go test -race ./..." - }) - _#checkGitClean: (〈0;_#step〉 & { - name: "Check that git is clean post generate and tests" - run: "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" - }) - _#writeNetrcFile: (〈0;_#step〉 & { - name: "Write netrc file for cueckoo Gerrithub" - run: "cat < ~/.netrc\nmachine review.gerrithub.io\nlogin cueckoo\npassword ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}\nEOD\nchmod 600 ~/.netrc" - }) - _#branchRefPrefix: "refs/heads/" - _#tempCueckooGitDir: "mkdir tmpgit\ncd tmpgit\ngit init\ngit config user.name cueckoo\ngit config user.email cueckoo@gmail.com\ngit config http.https://github.com/.extraheader \"AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)\"" - _#curl: "curl -f -s" -} diff --git a/encoding/jsonschema/testdata/github.txtar b/encoding/jsonschema/testdata/github.txtar deleted file mode 100644 index 69699f96b69..00000000000 --- a/encoding/jsonschema/testdata/github.txtar +++ /dev/null @@ -1,2003 +0,0 @@ -# A txtar test version of import phase of the process behind our -# CI workflow generation. -# -# Note: all the non-golden files below are updated automatically by -# the internal/ci updateTxtarTests CUE command (with the exception -# of the cue.mod/module.cue file). - --- workflow.json -- -{ - "$schema": "http://json-schema.org/draft-07/schema", - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions", - "definitions": { - "architecture": { - "type": "string", - "enum": [ - "ARM32", - "x64", - "x86" - ] - }, - "branch": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#onpushpull_requestbranchestags", - "$ref": "#/definitions/globs", - "description": "When using the push and pull_request events, you can configure a workflow to run on specific branches or tags. If you only define only tags or only branches, the workflow won't run for events affecting the undefined Git ref.\nThe branches, branches-ignore, tags, and tags-ignore keywords accept glob patterns that use the * and ** wildcard characters to match more than one branch or tag name. For more information, see https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet.\nThe patterns defined in branches and tags are evaluated against the Git ref's name. For example, defining the pattern mona/octocat in branches will match the refs/heads/mona/octocat Git ref. The pattern releases/** will match the refs/heads/releases/10 Git ref.\nYou can use two types of filters to prevent a workflow from running on pushes and pull requests to tags and branches:\n- branches or branches-ignore - You cannot use both the branches and branches-ignore filters for the same event in a workflow. Use the branches filter when you need to filter branches for positive matches and exclude branches. Use the branches-ignore filter when you only need to exclude branch names.\n- tags or tags-ignore - You cannot use both the tags and tags-ignore filters for the same event in a workflow. Use the tags filter when you need to filter tags for positive matches and exclude tags. Use the tags-ignore filter when you only need to exclude tag names.\nYou can exclude tags and branches using the ! character. The order that you define patterns matters.\n- A matching negative pattern (prefixed with !) after a positive match will exclude the Git ref.\n- A matching positive pattern after a negative match will include the Git ref again." - }, - "configuration": { - "oneOf": [ - { - "type": "string" - }, - { - "type": "number" - }, - { - "type": "boolean" - }, - { - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/configuration" - } - }, - { - "type": "array", - "items": { - "$ref": "#/definitions/configuration" - }, - "additionalItems": false - } - ] - }, - "container": { - "type": "object", - "properties": { - "image": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idcontainerimage", - "description": "The Docker image to use as the container to run the action. The value can be the Docker Hub image name or a registry name.", - "type": "string" - }, - "credentials": { - "$comment": "https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#jobsjob_idcontainercredentials", - "description": "If the image's container registry requires authentication to pull the image, you can use credentials to set a map of the username and password. The credentials are the same values that you would provide to the `docker login` command.", - "type": "object", - "properties": { - "username": { - "type": "string" - }, - "password": { - "type": "string" - } - } - }, - "env": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idcontainerenv", - "$ref": "#/definitions/env", - "description": "Sets an array of environment variables in the container." - }, - "ports": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idcontainerports", - "description": "Sets an array of ports to expose on the container.", - "type": "array", - "items": { - "oneOf": [ - { - "type": "number" - }, - { - "type": "string" - } - ] - }, - "minItems": 1, - "additionalItems": false - }, - "volumes": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idcontainervolumes", - "description": "Sets an array of volumes for the container to use. You can use volumes to share data between services or other steps in a job. You can specify named Docker volumes, anonymous Docker volumes, or bind mounts on the host.\nTo specify a volume, you specify the source and destination path: :\nThe is a volume name or an absolute path on the host machine, and is an absolute path in the container.", - "type": "array", - "items": { - "type": "string", - "pattern": "^[^:]+:[^:]+$" - }, - "minItems": 1, - "additionalItems": false - }, - "options": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idcontaineroptions", - "description": "Additional Docker container resource options. For a list of options, see https://docs.docker.com/engine/reference/commandline/create/#options.", - "type": "string" - } - }, - "required": [ - "image" - ], - "additionalProperties": false - }, - "defaults": { - "type": "object", - "properties": { - "run": { - "type": "object", - "properties": { - "shell": { - "$ref": "#/definitions/shell" - }, - "working-directory": { - "$ref": "#/definitions/working-directory" - } - }, - "minProperties": 1, - "additionalProperties": false - } - }, - "minProperties": 1, - "additionalProperties": false - }, - "env": { - "type": "object", - "additionalProperties": { - "oneOf": [ - { - "type": "string" - }, - { - "type": "number" - }, - { - "type": "boolean" - } - ] - }, - "minProperties": 1 - }, - "environment": { - "$comment": "https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#jobsjob_idenvironment", - "description": "The environment that the job references", - "type": "object", - "properties": { - "name": { - "$comment": "https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#example-using-a-single-environment-name", - "description": "The name of the environment configured in the repo.", - "type": "string" - }, - "url": { - "$comment": "https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#example-using-environment-name-and-url", - "description": "A deployment URL", - "type": "string" - } - }, - "required": [ - "name" - ], - "additionalProperties": false - }, - "event": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows", - "type": "string", - "enum": [ - "check_run", - "check_suite", - "create", - "delete", - "deployment", - "deployment_status", - "fork", - "gollum", - "issue_comment", - "issues", - "label", - "member", - "milestone", - "page_build", - "project", - "project_card", - "project_column", - "public", - "pull_request", - "pull_request_review", - "pull_request_review_comment", - "pull_request_target", - "push", - "registry_package", - "release", - "status", - "watch", - "workflow_dispatch", - "workflow_run", - "repository_dispatch" - ] - }, - "eventObject": { - "oneOf": [ - { - "type": "object" - }, - { - "type": "null" - } - ], - "additionalProperties": true - }, - "expressionSyntax": { - "type": "string", - "pattern": "^\\$\\{\\{.*\\}\\}$" - }, - "globs": { - "type": "array", - "items": { - "type": "string", - "minLength": 1 - }, - "minItems": 1, - "additionalItems": false - }, - "machine": { - "type": "string", - "enum": [ - "linux", - "macos", - "windows" - ] - }, - "name": { - "type": "string", - "pattern": "^[_a-zA-Z][a-zA-Z0-9_-]*$" - }, - "path": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#onpushpull_requestpaths", - "$ref": "#/definitions/globs", - "description": "When using the push and pull_request events, you can configure a workflow to run when at least one file does not match paths-ignore or at least one modified file matches the configured paths. Path filters are not evaluated for pushes to tags.\nThe paths-ignore and paths keywords accept glob patterns that use the * and ** wildcard characters to match more than one path name. For more information, see https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet.\nYou can exclude paths using two types of filters. You cannot use both of these filters for the same event in a workflow.\n- paths-ignore - Use the paths-ignore filter when you only need to exclude path names.\n- paths - Use the paths filter when you need to filter paths for positive matches and exclude paths." - }, - "ref": { - "properties": { - "branches": { - "$ref": "#/definitions/branch" - }, - "branches-ignore": { - "$ref": "#/definitions/branch" - }, - "tags": { - "$ref": "#/definitions/branch" - }, - "tags-ignore": { - "$ref": "#/definitions/branch" - }, - "paths": { - "$ref": "#/definitions/path" - }, - "paths-ignore": { - "$ref": "#/definitions/path" - } - }, - "oneOf": [ - { - "type": "object", - "allOf": [ - { - "not": { - "required": [ - "branches", - "branches-ignore" - ] - } - }, - { - "not": { - "required": [ - "tags", - "tags-ignore" - ] - } - }, - { - "not": { - "required": [ - "paths", - "paths-ignore" - ] - } - } - ] - }, - { - "type": "null" - } - ] - }, - "shell": { - "$comment": "https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#using-a-specific-shell", - "description": "You can override the default shell settings in the runner's operating system using the shell keyword. You can use built-in shell keywords, or you can define a custom set of shell options.", - "type": "string", - "anyOf": [ - { - "$comment": "https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#custom-shell" - }, - { - "enum": [ - "bash", - "pwsh", - "python", - "sh", - "cmd", - "powershell" - ] - } - ] - }, - "types": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#onevent_nametypes", - "description": "Selects the types of activity that will trigger a workflow run. Most GitHub events are triggered by more than one type of activity. For example, the event for the release resource is triggered when a release is published, unpublished, created, edited, deleted, or prereleased. The types keyword enables you to narrow down activity that causes the workflow to run. When only one activity type triggers a webhook event, the types keyword is unnecessary.\nYou can use an array of event types. For more information about each event and their activity types, see https://help.github.com/en/articles/events-that-trigger-workflows#webhook-events.", - "type": "array", - "minItems": 1, - "additionalItems": false - }, - "working-directory": { - "$comment": "https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idstepsrun", - "description": "Using the working-directory keyword, you can specify the working directory of where to run the command.", - "type": "string" - } - }, - "properties": { - "name": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#name", - "description": "The name of your workflow. GitHub displays the names of your workflows on your repository's actions page. If you omit this field, GitHub sets the name to the workflow's filename.", - "type": "string" - }, - "on": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#on", - "description": "The name of the GitHub event that triggers the workflow. You can provide a single event string, array of events, array of event types, or an event configuration map that schedules a workflow or restricts the execution of a workflow to specific files, tags, or branch changes. For a list of available events, see https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows.", - "oneOf": [ - { - "$ref": "#/definitions/event" - }, - { - "type": "array", - "items": { - "$ref": "#/definitions/event" - }, - "minItems": 1, - "additionalItems": false - }, - { - "type": "object", - "properties": { - "check_run": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#check-run-event-check_run", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the check_run event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/checks/runs.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "created", - "rerequested", - "completed", - "requested_action" - ] - }, - "default": [ - "created", - "rerequested", - "completed", - "requested_action" - ] - } - } - }, - "check_suite": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#check-suite-event-check_suite", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the check_suite event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/checks/suites/.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "completed", - "requested", - "rerequested" - ] - }, - "default": [ - "completed", - "requested", - "rerequested" - ] - } - } - }, - "create": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#create-event-create", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime someone creates a branch or tag, which triggers the create event. For information about the REST API, see https://developer.github.com/v3/git/refs/#create-a-reference." - }, - "delete": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#delete-event-delete", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime someone deletes a branch or tag, which triggers the delete event. For information about the REST API, see https://developer.github.com/v3/git/refs/#delete-a-reference." - }, - "deployment": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#deployment-event-deployment", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime someone creates a deployment, which triggers the deployment event. Deployments created with a commit SHA may not have a Git ref. For information about the REST API, see https://developer.github.com/v3/repos/deployments/." - }, - "deployment_status": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#deployment-status-event-deployment_status", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime a third party provides a deployment status, which triggers the deployment_status event. Deployments created with a commit SHA may not have a Git ref. For information about the REST API, see https://developer.github.com/v3/repos/deployments/#create-a-deployment-status." - }, - "fork": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#fork-event-fork", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime when someone forks a repository, which triggers the fork event. For information about the REST API, see https://developer.github.com/v3/repos/forks/#create-a-fork." - }, - "gollum": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#gollum-event-gollum", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow when someone creates or updates a Wiki page, which triggers the gollum event." - }, - "issue_comment": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#issue-comment-event-issue_comment", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the issue_comment event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/issues/comments/.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "created", - "edited", - "deleted" - ] - }, - "default": [ - "created", - "edited", - "deleted" - ] - } - } - }, - "issues": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#issues-event-issues", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the issues event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/issues.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "opened", - "edited", - "deleted", - "transferred", - "pinned", - "unpinned", - "closed", - "reopened", - "assigned", - "unassigned", - "labeled", - "unlabeled", - "locked", - "unlocked", - "milestoned", - "demilestoned" - ] - }, - "default": [ - "opened", - "edited", - "deleted", - "transferred", - "pinned", - "unpinned", - "closed", - "reopened", - "assigned", - "unassigned", - "labeled", - "unlabeled", - "locked", - "unlocked", - "milestoned", - "demilestoned" - ] - } - } - }, - "label": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#label-event-label", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the label event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/issues/labels/.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "created", - "edited", - "deleted" - ] - }, - "default": [ - "created", - "edited", - "deleted" - ] - } - } - }, - "member": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#member-event-member", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the member event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/repos/collaborators/.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "added", - "edited", - "deleted" - ] - }, - "default": [ - "added", - "edited", - "deleted" - ] - } - } - }, - "milestone": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#milestone-event-milestone", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the milestone event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/issues/milestones/.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "created", - "closed", - "opened", - "edited", - "deleted" - ] - }, - "default": [ - "created", - "closed", - "opened", - "edited", - "deleted" - ] - } - } - }, - "page_build": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#page-build-event-page_build", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime someone pushes to a GitHub Pages-enabled branch, which triggers the page_build event. For information about the REST API, see https://developer.github.com/v3/repos/pages/." - }, - "project": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#project-event-project", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the project event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/projects/.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "created", - "updated", - "closed", - "reopened", - "edited", - "deleted" - ] - }, - "default": [ - "created", - "updated", - "closed", - "reopened", - "edited", - "deleted" - ] - } - } - }, - "project_card": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#project-card-event-project_card", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the project_card event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/projects/cards.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "created", - "moved", - "converted", - "edited", - "deleted" - ] - }, - "default": [ - "created", - "moved", - "converted", - "edited", - "deleted" - ] - } - } - }, - "project_column": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#project-column-event-project_column", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the project_column event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/projects/columns.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "created", - "updated", - "moved", - "deleted" - ] - }, - "default": [ - "created", - "updated", - "moved", - "deleted" - ] - } - } - }, - "public": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#public-event-public", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime someone makes a private repository public, which triggers the public event. For information about the REST API, see https://developer.github.com/v3/repos/#edit." - }, - "pull_request": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#pull-request-event-pull_request", - "$ref": "#/definitions/ref", - "description": "Runs your workflow anytime the pull_request event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/pulls.\nNote: Workflows do not run on private base repositories when you open a pull request from a forked repository.\nWhen you create a pull request from a forked repository to the base repository, GitHub sends the pull_request event to the base repository and no pull request events occur on the forked repository.\nWorkflows don't run on forked repositories by default. You must enable GitHub Actions in the Actions tab of the forked repository.\nThe permissions for the GITHUB_TOKEN in forked repositories is read-only. For more information about the GITHUB_TOKEN, see https://help.github.com/en/articles/virtual-environments-for-github-actions.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "assigned", - "unassigned", - "labeled", - "unlabeled", - "opened", - "edited", - "closed", - "reopened", - "synchronize", - "ready_for_review", - "locked", - "unlocked", - "review_requested", - "review_request_removed" - ] - }, - "default": [ - "opened", - "synchronize", - "reopened" - ] - } - }, - "patternProperties": { - "^(branche|tag|path)s(-ignore)?$": {} - }, - "additionalProperties": false - }, - "pull_request_review": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#pull-request-review-event-pull_request_review", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the pull_request_review event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/pulls/reviews.\nNote: Workflows do not run on private base repositories when you open a pull request from a forked repository.\nWhen you create a pull request from a forked repository to the base repository, GitHub sends the pull_request event to the base repository and no pull request events occur on the forked repository.\nWorkflows don't run on forked repositories by default. You must enable GitHub Actions in the Actions tab of the forked repository.\nThe permissions for the GITHUB_TOKEN in forked repositories is read-only. For more information about the GITHUB_TOKEN, see https://help.github.com/en/articles/virtual-environments-for-github-actions.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "submitted", - "edited", - "dismissed" - ] - }, - "default": [ - "submitted", - "edited", - "dismissed" - ] - } - } - }, - "pull_request_review_comment": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#pull-request-review-comment-event-pull_request_review_comment", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime a comment on a pull request's unified diff is modified, which triggers the pull_request_review_comment event. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/pulls/comments.\nNote: Workflows do not run on private base repositories when you open a pull request from a forked repository.\nWhen you create a pull request from a forked repository to the base repository, GitHub sends the pull_request event to the base repository and no pull request events occur on the forked repository.\nWorkflows don't run on forked repositories by default. You must enable GitHub Actions in the Actions tab of the forked repository.\nThe permissions for the GITHUB_TOKEN in forked repositories is read-only. For more information about the GITHUB_TOKEN, see https://help.github.com/en/articles/virtual-environments-for-github-actions.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "created", - "edited", - "deleted" - ] - }, - "default": [ - "created", - "edited", - "deleted" - ] - } - } - }, - "pull_request_target": { - "$comment": "https://docs.github.com/en/actions/reference/events-that-trigger-workflows#pull_request_target", - "$ref": "#/definitions/ref", - "description": "This event is similar to pull_request, except that it runs in the context of the base repository of the pull request, rather than in the merge commit. This means that you can more safely make your secrets available to the workflows triggered by the pull request, because only workflows defined in the commit on the base repository are run. For example, this event allows you to create workflows that label and comment on pull requests, based on the contents of the event payload.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "assigned", - "unassigned", - "labeled", - "unlabeled", - "opened", - "edited", - "closed", - "reopened", - "synchronize", - "ready_for_review", - "locked", - "unlocked", - "review_requested", - "review_request_removed" - ] - }, - "default": [ - "opened", - "synchronize", - "reopened" - ] - } - }, - "patternProperties": { - "^(branche|tag|path)s(-ignore)?$": {} - }, - "additionalProperties": false - }, - "push": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#push-event-push", - "$ref": "#/definitions/ref", - "description": "Runs your workflow when someone pushes to a repository branch, which triggers the push event.\nNote: The webhook payload available to GitHub Actions does not include the added, removed, and modified attributes in the commit object. You can retrieve the full commit object using the REST API. For more information, see https://developer.github.com/v3/repos/commits/#get-a-single-commit.", - "patternProperties": { - "^(branche|tag|path)s(-ignore)?$": {} - }, - "additionalProperties": false - }, - "registry_package": { - "$comment": "https://help.github.com/en/actions/reference/events-that-trigger-workflows#registry-package-event-registry_package", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime a package is published or updated. For more information, see https://help.github.com/en/github/managing-packages-with-github-packages.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "published", - "updated" - ] - }, - "default": [ - "published", - "updated" - ] - } - } - }, - "release": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#release-event-release", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the release event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/repos/releases/ in the GitHub Developer documentation.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "published", - "unpublished", - "created", - "edited", - "deleted", - "prereleased", - "released" - ] - }, - "default": [ - "published", - "unpublished", - "created", - "edited", - "deleted", - "prereleased", - "released" - ] - } - } - }, - "status": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#status-event-status", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the status of a Git commit changes, which triggers the status event. For information about the REST API, see https://developer.github.com/v3/repos/statuses/." - }, - "watch": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#watch-event-watch", - "$ref": "#/definitions/eventObject", - "description": "Runs your workflow anytime the watch event occurs. More than one activity type triggers this event. For information about the REST API, see https://developer.github.com/v3/activity/starring/." - }, - "workflow_dispatch": { - "$comment": "https://github.blog/changelog/2020-07-06-github-actions-manual-triggers-with-workflow_dispatch/", - "description": "You can now create workflows that are manually triggered with the new workflow_dispatch event. You will then see a 'Run workflow' button on the Actions tab, enabling you to easily trigger a run.", - "properties": { - "inputs": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/metadata-syntax-for-github-actions#inputs", - "description": "Input parameters allow you to specify data that the action expects to use during runtime. GitHub stores input parameters as environment variables. Input ids with uppercase letters are converted to lowercase during runtime. We recommended using lowercase input ids.", - "type": "object", - "patternProperties": { - "^[_a-zA-Z][a-zA-Z0-9_-]*$": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/metadata-syntax-for-github-actions#inputsinput_id", - "description": "A string identifier to associate with the input. The value of is a map of the input's metadata. The must be a unique identifier within the inputs object. The must start with a letter or _ and contain only alphanumeric characters, -, or _.", - "type": "object", - "properties": { - "description": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/metadata-syntax-for-github-actions#inputsinput_iddescription", - "description": "A string description of the input parameter.", - "type": "string" - }, - "deprecationMessage": { - "description": "A string shown to users using the deprecated input.", - "type": "string" - }, - "required": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/metadata-syntax-for-github-actions#inputsinput_idrequired", - "description": "A boolean to indicate whether the action requires the input parameter. Set to true when the parameter is required.", - "type": "boolean" - }, - "default": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/metadata-syntax-for-github-actions#inputsinput_iddefault", - "description": "A string representing the default value. The default value is used when an input parameter isn't specified in a workflow file.", - "type": "string" - } - }, - "required": [ - "description", - "required" - ], - "additionalProperties": false - } - }, - "additionalProperties": false - } - } - }, - "workflow_run": { - "$comment": "https://docs.github.com/en/actions/reference/events-that-trigger-workflows#workflow_run", - "$ref": "#/definitions/eventObject", - "description": "This event occurs when a workflow run is requested or completed, and allows you to execute a workflow based on the finished result of another workflow. For example, if your pull_request workflow generates build artifacts, you can create a new workflow that uses workflow_run to analyze the results and add a comment to the original pull request.", - "properties": { - "types": { - "$ref": "#/definitions/types", - "items": { - "type": "string", - "enum": [ - "requested", - "completed" - ] - }, - "default": [ - "requested", - "completed" - ] - }, - "workflows": { - "type": "array", - "items": { - "type": "string" - }, - "minItems": 1, - "additionalItems": false - } - }, - "patternProperties": { - "^branches(-ignore)?$": {} - } - }, - "repository_dispatch": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#external-events-repository_dispatch", - "$ref": "#/definitions/eventObject", - "description": "You can use the GitHub API to trigger a webhook event called repository_dispatch when you want to trigger a workflow for activity that happens outside of GitHub. For more information, see https://developer.github.com/v3/repos/#create-a-repository-dispatch-event.\nTo trigger the custom repository_dispatch webhook event, you must send a POST request to a GitHub API endpoint and provide an event_type name to describe the activity type. To trigger a workflow run, you must also configure your workflow to use the repository_dispatch event." - }, - "schedule": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows#scheduled-events-schedule", - "description": "You can schedule a workflow to run at specific UTC times using POSIX cron syntax (https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07). Scheduled workflows run on the latest commit on the default or base branch. The shortest interval you can run scheduled workflows is once every 5 minutes.\nNote: GitHub Actions does not support the non-standard syntax @yearly, @monthly, @weekly, @daily, @hourly, and @reboot.\nYou can use crontab guru (https://crontab.guru/). to help generate your cron syntax and confirm what time it will run. To help you get started, there is also a list of crontab guru examples (https://crontab.guru/examples.html).", - "type": "array", - "items": { - "properties": { - "cron": { - "$comment": "https://stackoverflow.com/a/57639657/4044345", - "type": "string", - "pattern": "^(((\\d+,)+\\d+|((\\d+|\\*)\\/\\d+|JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC)|(\\d+-\\d+)|\\d+|\\*|MON|TUE|WED|THU|FRI|SAT|SUN) ?){5,7}$" - } - }, - "additionalProperties": false - }, - "minItems": 1, - "additionalItems": false - } - }, - "additionalProperties": false - } - ] - }, - "env": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#env", - "$ref": "#/definitions/env", - "description": "A map of environment variables that are available to all jobs and steps in the workflow." - }, - "defaults": { - "$comment": "https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#defaults", - "$ref": "#/definitions/defaults", - "description": "A map of default settings that will apply to all jobs in the workflow." - }, - "jobs": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobs", - "description": "A workflow run is made up of one or more jobs. Jobs run in parallel by default. To run jobs sequentially, you can define dependencies on other jobs using the jobs..needs keyword.\nEach job runs in a fresh instance of the virtual environment specified by runs-on.\nYou can run an unlimited number of jobs as long as you are within the workflow usage limits. For more information, see https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#usage-limits.", - "type": "object", - "patternProperties": { - "^[_a-zA-Z][a-zA-Z0-9_-]*$": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_id", - "description": "Each job must have an id to associate with the job. The key job_id is a string and its value is a map of the job's configuration data. You must replace with a string that is unique to the jobs object. The must start with a letter or _ and contain only alphanumeric characters, -, or _.", - "type": "object", - "properties": { - "name": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idname", - "description": "The name of the job displayed on GitHub.", - "type": "string" - }, - "needs": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idneeds", - "description": "Identifies any jobs that must complete successfully before this job will run. It can be a string or array of strings. If a job fails, all jobs that need it are skipped unless the jobs use a conditional statement that causes the job to continue.", - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/name" - }, - "minItems": 1, - "additionalItems": false - }, - { - "$ref": "#/definitions/name" - } - ] - }, - "runs-on": { - "$comment": "https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idruns-on", - "description": "The type of machine to run the job on. The machine can be either a GitHub-hosted runner, or a self-hosted runner.", - "oneOf": [ - { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#github-hosted-runners", - "type": "string", - "enum": [ - "macos-10.15", - "macos-11.0", - "macos-latest", - "self-hosted", - "ubuntu-16.04", - "ubuntu-18.04", - "ubuntu-20.04", - "ubuntu-latest", - "windows-2016", - "windows-2019", - "windows-latest" - ] - }, - { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#self-hosted-runners", - "type": "array", - "anyOf": [ - { - "items": [ - { - "const": "self-hosted" - } - ] - }, - { - "items": [ - { - "const": "self-hosted" - }, - { - "$ref": "#/definitions/machine" - } - ] - }, - { - "items": [ - { - "const": "self-hosted" - }, - { - "$ref": "#/definitions/architecture" - } - ] - }, - { - "items": [ - { - "const": "self-hosted" - }, - { - "$ref": "#/definitions/machine" - }, - { - "$ref": "#/definitions/architecture" - } - ] - }, - { - "items": [ - { - "const": "self-hosted" - }, - { - "$ref": "#/definitions/architecture" - }, - { - "$ref": "#/definitions/machine" - } - ] - } - ], - "additionalItems": { - "type": "string" - } - }, - { - "$ref": "#/definitions/expressionSyntax" - } - ] - }, - "environment": { - "$comment": "https://docs.github.com/en/free-pro-team@latest/actions/reference/workflow-syntax-for-github-actions#jobsjob_idenvironment", - "description": "The environment that the job references.", - "oneOf": [ - { - "type": "string" - }, - { - "$ref": "#/definitions/environment" - } - ] - }, - "outputs": { - "$comment": "https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjobs_idoutputs", - "description": "A map of outputs for a job. Job outputs are available to all downstream jobs that depend on this job.", - "type": "object", - "additionalProperties": { - "type": "string" - }, - "minProperties": 1 - }, - "env": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idenv", - "$ref": "#/definitions/env", - "description": "A map of environment variables that are available to all steps in the job." - }, - "defaults": { - "$comment": "https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_iddefaults", - "$ref": "#/definitions/defaults", - "description": "A map of default settings that will apply to all steps in the job." - }, - "if": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idif", - "description": "You can use the if conditional to prevent a job from running unless a condition is met. You can use any supported context and expression to create a conditional.\nExpressions in an if conditional do not require the ${{ }} syntax. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.", - "type": "string" - }, - "steps": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idsteps", - "description": "A job contains a sequence of tasks called steps. Steps can run commands, run setup tasks, or run an action in your repository, a public repository, or an action published in a Docker registry. Not all steps run actions, but all actions run as a step. Each step runs in its own process in the virtual environment and has access to the workspace and filesystem. Because steps run in their own process, changes to environment variables are not preserved between steps. GitHub provides built-in steps to set up and complete a job.\n", - "type": "array", - "items": { - "type": "object", - "properties": { - "id": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsid", - "description": "A unique identifier for the step. You can use the id to reference the step in contexts. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.", - "type": "string" - }, - "if": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsif", - "description": "You can use the if conditional to prevent a step from running unless a condition is met. You can use any supported context and expression to create a conditional.\nExpressions in an if conditional do not require the ${{ }} syntax. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.", - "type": "string" - }, - "name": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsname", - "description": "A name for your step to display on GitHub.", - "type": "string" - }, - "uses": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsuses", - "description": "Selects an action to run as part of a step in your job. An action is a reusable unit of code. You can use an action defined in the same repository as the workflow, a public repository, or in a published Docker container image (https://hub.docker.com/).\nWe strongly recommend that you include the version of the action you are using by specifying a Git ref, SHA, or Docker tag number. If you don't specify a version, it could break your workflows or cause unexpected behavior when the action owner publishes an update.\n- Using the commit SHA of a released action version is the safest for stability and security.\n- Using the specific major action version allows you to receive critical fixes and security patches while still maintaining compatibility. It also assures that your workflow should still work.\n- Using the master branch of an action may be convenient, but if someone releases a new major version with a breaking change, your workflow could break.\nSome actions require inputs that you must set using the with keyword. Review the action's README file to determine the inputs required.\nActions are either JavaScript files or Docker containers. If the action you're using is a Docker container you must run the job in a Linux virtual environment. For more details, see https://help.github.com/en/articles/virtual-environments-for-github-actions.", - "type": "string" - }, - "run": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsrun", - "description": "Runs command-line programs using the operating system's shell. If you do not provide a name, the step name will default to the text specified in the run command.\nCommands run using non-login shells by default. You can choose a different shell and customize the shell used to run commands. For more information, see https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#using-a-specific-shell.\nEach run keyword represents a new process and shell in the virtual environment. When you provide multi-line commands, each line runs in the same shell.", - "type": "string" - }, - "working-directory": { - "$ref": "#/definitions/working-directory" - }, - "shell": { - "$ref": "#/definitions/shell" - }, - "with": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepswith", - "$ref": "#/definitions/env", - "description": "A map of the input parameters defined by the action. Each input parameter is a key/value pair. Input parameters are set as environment variables. The variable is prefixed with INPUT_ and converted to upper case.", - "properties": { - "args": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepswithargs", - "type": "string" - }, - "entrypoint": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepswithentrypoint", - "type": "string" - } - } - }, - "env": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepsenv", - "$ref": "#/definitions/env", - "description": "Sets environment variables for steps to use in the virtual environment. You can also set environment variables for the entire workflow or a job." - }, - "continue-on-error": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepscontinue-on-error", - "description": "Prevents a job from failing when a step fails. Set to true to allow a job to pass when this step fails.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "#/definitions/expressionSyntax" - } - ], - "default": false - }, - "timeout-minutes": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstepstimeout-minutes", - "description": "The maximum number of minutes to run the step before killing the process.", - "type": "number" - } - }, - "dependencies": { - "working-directory": [ - "run" - ], - "shell": [ - "run" - ] - }, - "additionalProperties": false - }, - "minItems": 1, - "additionalItems": false - }, - "timeout-minutes": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idtimeout-minutes", - "description": "The maximum number of minutes to let a workflow run before GitHub automatically cancels it. Default: 360", - "type": "number", - "default": 360 - }, - "strategy": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstrategy", - "description": "A strategy creates a build matrix for your jobs. You can define different variations of an environment to run each job in.", - "type": "object", - "properties": { - "matrix": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix", - "description": "A build matrix is a set of different configurations of the virtual environment. For example you might run a job against more than one supported version of a language, operating system, or tool. Each configuration is a copy of the job that runs and reports a status.\nYou can specify a matrix by supplying an array for the configuration options. For example, if the GitHub virtual environment supports Node.js versions 6, 8, and 10 you could specify an array of those versions in the matrix.\nWhen you define a matrix of operating systems, you must set the required runs-on keyword to the operating system of the current job, rather than hard-coding the operating system name. To access the operating system name, you can use the matrix.os context parameter to set runs-on. For more information, see https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions.", - "oneOf": [ - { - "type": "object" - }, - { - "$ref": "#/definitions/expressionSyntax" - } - ], - "patternProperties": { - "^(in|ex)clude$": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#example-including-configurations-in-a-matrix-build", - "type": "array", - "items": { - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/configuration" - } - }, - "minItems": 1, - "additionalItems": false - } - }, - "additionalProperties": { - "type": "array", - "items": { - "$ref": "#/definitions/configuration" - }, - "minItems": 1, - "additionalItems": false - }, - "minProperties": 1 - }, - "fail-fast": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast", - "description": "When set to true, GitHub cancels all in-progress jobs if any matrix job fails. Default: true", - "type": "boolean", - "default": true - }, - "max-parallel": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idstrategymax-parallel", - "description": "The maximum number of jobs that can run simultaneously when using a matrix job strategy. By default, GitHub will maximize the number of jobs run in parallel depending on the available runners on GitHub-hosted virtual machines.", - "type": "number" - } - }, - "required": [ - "matrix" - ], - "additionalProperties": false - }, - "continue-on-error": { - "$comment": "https://help.github.com/en/actions/reference/workflow-syntax-for-github-actions#jobsjob_idcontinue-on-error", - "description": "Prevents a workflow run from failing when a job fails. Set to true to allow a workflow run to pass when this job fails.", - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "#/definitions/expressionSyntax" - } - ] - }, - "container": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idcontainer", - "description": "A container to run any steps in a job that don't already specify a container. If you have steps that use both script and container actions, the container actions will run as sibling containers on the same network with the same volume mounts.\nIf you do not set a container, all steps will run directly on the host specified by runs-on unless a step refers to an action configured to run in a container.", - "oneOf": [ - { - "type": "string" - }, - { - "$ref": "#/definitions/container" - } - ] - }, - "services": { - "$comment": "https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#jobsjob_idservices", - "description": "Additional containers to host services for a job in a workflow. These are useful for creating databases or cache services like redis. The runner on the virtual machine will automatically create a network and manage the life cycle of the service containers.\nWhen you use a service container for a job or your step uses container actions, you don't need to set port information to access the service. Docker automatically exposes all ports between containers on the same network.\nWhen both the job and the action run in a container, you can directly reference the container by its hostname. The hostname is automatically mapped to the service name.\nWhen a step does not use a container action, you must access the service using localhost and bind the ports.", - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/container" - } - } - }, - "required": [ - "runs-on" - ], - "additionalProperties": false - } - }, - "minProperties": 1, - "additionalProperties": false - } - }, - "required": [ - "on", - "jobs" - ], - "additionalProperties": false -} --- out.cue -- -import "strings" - -@jsonschema(schema="http://json-schema.org/draft-07/schema") -null | bool | number | string | [...] | { - // The name of your workflow. GitHub displays the names of your - // workflows on your repository's actions page. If you omit this - // field, GitHub sets the name to the workflow's filename. - name?: string - - // The name of the GitHub event that triggers the workflow. You - // can provide a single event string, array of events, array of - // event types, or an event configuration map that schedules a - // workflow or restricts the execution of a workflow to specific - // files, tags, or branch changes. For a list of available - // events, see - // https://help.github.com/en/github/automating-your-workflow-with-github-actions/events-that-trigger-workflows. - on: #event | [...#event] & [_, ...] | { - // Runs your workflow anytime the check_run event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/checks/runs. - check_run?: #eventObject & { - types?: #types & [..."created" | "rerequested" | "completed" | "requested_action"] | *["created", "rerequested", "completed", "requested_action"] - ... - } - - // Runs your workflow anytime the check_suite event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/checks/suites/. - check_suite?: #eventObject & { - types?: #types & [..."completed" | "requested" | "rerequested"] | *["completed", "requested", "rerequested"] - ... - } - - // Runs your workflow anytime someone creates a branch or tag, - // which triggers the create event. For information about the - // REST API, see - // https://developer.github.com/v3/git/refs/#create-a-reference. - create?: #eventObject - - // Runs your workflow anytime someone deletes a branch or tag, - // which triggers the delete event. For information about the - // REST API, see - // https://developer.github.com/v3/git/refs/#delete-a-reference. - delete?: #eventObject - - // Runs your workflow anytime someone creates a deployment, which - // triggers the deployment event. Deployments created with a - // commit SHA may not have a Git ref. For information about the - // REST API, see - // https://developer.github.com/v3/repos/deployments/. - deployment?: #eventObject - - // Runs your workflow anytime a third party provides a deployment - // status, which triggers the deployment_status event. - // Deployments created with a commit SHA may not have a Git ref. - // For information about the REST API, see - // https://developer.github.com/v3/repos/deployments/#create-a-deployment-status. - deployment_status?: #eventObject - - // Runs your workflow anytime when someone forks a repository, - // which triggers the fork event. For information about the REST - // API, see - // https://developer.github.com/v3/repos/forks/#create-a-fork. - fork?: #eventObject - - // Runs your workflow when someone creates or updates a Wiki page, - // which triggers the gollum event. - gollum?: #eventObject - - // Runs your workflow anytime the issue_comment event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/issues/comments/. - issue_comment?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the issues event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see https://developer.github.com/v3/issues. - issues?: #eventObject & { - types?: #types & [..."opened" | "edited" | "deleted" | "transferred" | "pinned" | "unpinned" | "closed" | "reopened" | "assigned" | "unassigned" | "labeled" | "unlabeled" | "locked" | "unlocked" | "milestoned" | "demilestoned"] | *["opened", "edited", "deleted", "transferred", "pinned", "unpinned", "closed", "reopened", "assigned", "unassigned", "labeled", "unlabeled", "locked", "unlocked", "milestoned", "demilestoned"] - ... - } - - // Runs your workflow anytime the label event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/issues/labels/. - label?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the member event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/repos/collaborators/. - member?: #eventObject & { - types?: #types & [..."added" | "edited" | "deleted"] | *["added", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the milestone event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/issues/milestones/. - milestone?: #eventObject & { - types?: #types & [..."created" | "closed" | "opened" | "edited" | "deleted"] | *["created", "closed", "opened", "edited", "deleted"] - ... - } - - // Runs your workflow anytime someone pushes to a GitHub - // Pages-enabled branch, which triggers the page_build event. For - // information about the REST API, see - // https://developer.github.com/v3/repos/pages/. - page_build?: #eventObject - - // Runs your workflow anytime the project event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see https://developer.github.com/v3/projects/. - project?: #eventObject & { - types?: #types & [..."created" | "updated" | "closed" | "reopened" | "edited" | "deleted"] | *["created", "updated", "closed", "reopened", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the project_card event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see - // https://developer.github.com/v3/projects/cards. - project_card?: #eventObject & { - types?: #types & [..."created" | "moved" | "converted" | "edited" | "deleted"] | *["created", "moved", "converted", "edited", "deleted"] - ... - } - - // Runs your workflow anytime the project_column event occurs. - // More than one activity type triggers this event. For - // information about the REST API, see - // https://developer.github.com/v3/projects/columns. - project_column?: #eventObject & { - types?: #types & [..."created" | "updated" | "moved" | "deleted"] | *["created", "updated", "moved", "deleted"] - ... - } - - // Runs your workflow anytime someone makes a private repository - // public, which triggers the public event. For information about - // the REST API, see https://developer.github.com/v3/repos/#edit. - public?: #eventObject - - // Runs your workflow anytime the pull_request event occurs. More - // than one activity type triggers this event. For information - // about the REST API, see https://developer.github.com/v3/pulls. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request?: #ref & { - types?: #types & [..."assigned" | "unassigned" | "labeled" | "unlabeled" | "opened" | "edited" | "closed" | "reopened" | "synchronize" | "ready_for_review" | "locked" | "unlocked" | "review_requested" | "review_request_removed"] | *["opened", "synchronize", "reopened"] - - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^(types)$"]: _} - } - - // Runs your workflow anytime the pull_request_review event - // occurs. More than one activity type triggers this event. For - // information about the REST API, see - // https://developer.github.com/v3/pulls/reviews. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request_review?: #eventObject & { - types?: #types & [..."submitted" | "edited" | "dismissed"] | *["submitted", "edited", "dismissed"] - ... - } - - // Runs your workflow anytime a comment on a pull request's - // unified diff is modified, which triggers the - // pull_request_review_comment event. More than one activity type - // triggers this event. For information about the REST API, see - // https://developer.github.com/v3/pulls/comments. - // Note: Workflows do not run on private base repositories when - // you open a pull request from a forked repository. - // When you create a pull request from a forked repository to the - // base repository, GitHub sends the pull_request event to the - // base repository and no pull request events occur on the forked - // repository. - // Workflows don't run on forked repositories by default. You must - // enable GitHub Actions in the Actions tab of the forked - // repository. - // The permissions for the GITHUB_TOKEN in forked repositories is - // read-only. For more information about the GITHUB_TOKEN, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - pull_request_review_comment?: #eventObject & { - types?: #types & [..."created" | "edited" | "deleted"] | *["created", "edited", "deleted"] - ... - } - - // This event is similar to pull_request, except that it runs in - // the context of the base repository of the pull request, rather - // than in the merge commit. This means that you can more safely - // make your secrets available to the workflows triggered by the - // pull request, because only workflows defined in the commit on - // the base repository are run. For example, this event allows - // you to create workflows that label and comment on pull - // requests, based on the contents of the event payload. - pull_request_target?: #ref & { - types?: #types & [..."assigned" | "unassigned" | "labeled" | "unlabeled" | "opened" | "edited" | "closed" | "reopened" | "synchronize" | "ready_for_review" | "locked" | "unlocked" | "review_requested" | "review_request_removed"] | *["opened", "synchronize", "reopened"] - - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^(types)$"]: _} - } - - // Runs your workflow when someone pushes to a repository branch, - // which triggers the push event. - // Note: The webhook payload available to GitHub Actions does not - // include the added, removed, and modified attributes in the - // commit object. You can retrieve the full commit object using - // the REST API. For more information, see - // https://developer.github.com/v3/repos/commits/#get-a-single-commit. - push?: #ref & { - {[=~"^(branche|tag|path)s(-ignore)?$" & !~"^()$"]: _} - } - - // Runs your workflow anytime a package is published or updated. - // For more information, see - // https://help.github.com/en/github/managing-packages-with-github-packages. - registry_package?: #eventObject & { - types?: #types & [..."published" | "updated"] | *["published", "updated"] - ... - } - - // Runs your workflow anytime the release event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/repos/releases/ in the GitHub - // Developer documentation. - release?: #eventObject & { - types?: #types & [..."published" | "unpublished" | "created" | "edited" | "deleted" | "prereleased" | "released"] | *["published", "unpublished", "created", "edited", "deleted", "prereleased", "released"] - ... - } - - // Runs your workflow anytime the status of a Git commit changes, - // which triggers the status event. For information about the - // REST API, see https://developer.github.com/v3/repos/statuses/. - status?: #eventObject - - // Runs your workflow anytime the watch event occurs. More than - // one activity type triggers this event. For information about - // the REST API, see - // https://developer.github.com/v3/activity/starring/. - watch?: #eventObject - - // You can now create workflows that are manually triggered with - // the new workflow_dispatch event. You will then see a 'Run - // workflow' button on the Actions tab, enabling you to easily - // trigger a run. - workflow_dispatch?: null | bool | number | string | [...] | { - // Input parameters allow you to specify data that the action - // expects to use during runtime. GitHub stores input parameters - // as environment variables. Input ids with uppercase letters are - // converted to lowercase during runtime. We recommended using - // lowercase input ids. - inputs?: { - {[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$" & !~"^()$"]: { - // A string description of the input parameter. - description: string - - // A string shown to users using the deprecated input. - deprecationMessage?: string - - // A boolean to indicate whether the action requires the input - // parameter. Set to true when the parameter is required. - required: bool - - // A string representing the default value. The default value is - // used when an input parameter isn't specified in a workflow - // file. - default?: string - }} - } - ... - } - - // This event occurs when a workflow run is requested or - // completed, and allows you to execute a workflow based on the - // finished result of another workflow. For example, if your - // pull_request workflow generates build artifacts, you can - // create a new workflow that uses workflow_run to analyze the - // results and add a comment to the original pull request. - workflow_run?: #eventObject & { - types?: #types & [..."requested" | "completed"] | *["requested", "completed"] - workflows?: [...string] & [_, ...] - - {[=~"^branches(-ignore)?$" & !~"^(types|workflows)$"]: _} - ... - } - - // You can use the GitHub API to trigger a webhook event called - // repository_dispatch when you want to trigger a workflow for - // activity that happens outside of GitHub. For more information, - // see - // https://developer.github.com/v3/repos/#create-a-repository-dispatch-event. - // To trigger the custom repository_dispatch webhook event, you - // must send a POST request to a GitHub API endpoint and provide - // an event_type name to describe the activity type. To trigger a - // workflow run, you must also configure your workflow to use the - // repository_dispatch event. - repository_dispatch?: #eventObject - - // You can schedule a workflow to run at specific UTC times using - // POSIX cron syntax - // (https://pubs.opengroup.org/onlinepubs/9699919799/utilities/crontab.html#tag_20_25_07). - // Scheduled workflows run on the latest commit on the default or - // base branch. The shortest interval you can run scheduled - // workflows is once every 5 minutes. - // Note: GitHub Actions does not support the non-standard syntax - // @yearly, @monthly, @weekly, @daily, @hourly, and @reboot. - // You can use crontab guru (https://crontab.guru/). to help - // generate your cron syntax and confirm what time it will run. - // To help you get started, there is also a list of crontab guru - // examples (https://crontab.guru/examples.html). - schedule?: [...null | bool | number | string | [...] | { - cron?: =~"^(((\\d+,)+\\d+|((\\d+|\\*)\\/\\d+|JAN|FEB|MAR|APR|MAY|JUN|JUL|AUG|SEP|OCT|NOV|DEC)|(\\d+-\\d+)|\\d+|\\*|MON|TUE|WED|THU|FRI|SAT|SUN) ?){5,7}$" - }] & [_, ...] - } - - // A map of environment variables that are available to all jobs - // and steps in the workflow. - env?: #env - - // A map of default settings that will apply to all jobs in the - // workflow. - defaults?: #defaults - - // A workflow run is made up of one or more jobs. Jobs run in - // parallel by default. To run jobs sequentially, you can define - // dependencies on other jobs using the jobs..needs - // keyword. - // Each job runs in a fresh instance of the virtual environment - // specified by runs-on. - // You can run an unlimited number of jobs as long as you are - // within the workflow usage limits. For more information, see - // https://help.github.com/en/github/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#usage-limits. - jobs: { - {[=~"^[_a-zA-Z][a-zA-Z0-9_-]*$" & !~"^()$"]: { - // The name of the job displayed on GitHub. - name?: string - - // Identifies any jobs that must complete successfully before this - // job will run. It can be a string or array of strings. If a job - // fails, all jobs that need it are skipped unless the jobs use a - // conditional statement that causes the job to continue. - needs?: [...#name] & [_, ...] | #name - - // The type of machine to run the job on. The machine can be - // either a GitHub-hosted runner, or a self-hosted runner. - "runs-on": "macos-10.15" | "macos-11.0" | "macos-latest" | "self-hosted" | "ubuntu-16.04" | "ubuntu-18.04" | "ubuntu-20.04" | "ubuntu-latest" | "windows-2016" | "windows-2019" | "windows-latest" | (["self-hosted"] | ["self-hosted", #machine] | ["self-hosted", #architecture] | ["self-hosted", #machine, #architecture] | ["self-hosted", #architecture, #machine]) & [...] | #expressionSyntax - - // The environment that the job references. - environment?: string | #environment - - // A map of outputs for a job. Job outputs are available to all - // downstream jobs that depend on this job. - outputs?: { - [string]: string - } - - // A map of environment variables that are available to all steps - // in the job. - env?: #env - - // A map of default settings that will apply to all steps in the - // job. - defaults?: #defaults - - // You can use the if conditional to prevent a job from running - // unless a condition is met. You can use any supported context - // and expression to create a conditional. - // Expressions in an if conditional do not require the ${{ }} - // syntax. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - if?: string - - // A job contains a sequence of tasks called steps. Steps can run - // commands, run setup tasks, or run an action in your - // repository, a public repository, or an action published in a - // Docker registry. Not all steps run actions, but all actions - // run as a step. Each step runs in its own process in the - // virtual environment and has access to the workspace and - // filesystem. Because steps run in their own process, changes to - // environment variables are not preserved between steps. GitHub - // provides built-in steps to set up and complete a job. - steps?: [...{ - // A unique identifier for the step. You can use the id to - // reference the step in contexts. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - id?: string - - // You can use the if conditional to prevent a step from running - // unless a condition is met. You can use any supported context - // and expression to create a conditional. - // Expressions in an if conditional do not require the ${{ }} - // syntax. For more information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - if?: string - - // A name for your step to display on GitHub. - name?: string - - // Selects an action to run as part of a step in your job. An - // action is a reusable unit of code. You can use an action - // defined in the same repository as the workflow, a public - // repository, or in a published Docker container image - // (https://hub.docker.com/). - // We strongly recommend that you include the version of the - // action you are using by specifying a Git ref, SHA, or Docker - // tag number. If you don't specify a version, it could break - // your workflows or cause unexpected behavior when the action - // owner publishes an update. - // - Using the commit SHA of a released action version is the - // safest for stability and security. - // - Using the specific major action version allows you to receive - // critical fixes and security patches while still maintaining - // compatibility. It also assures that your workflow should still - // work. - // - Using the master branch of an action may be convenient, but - // if someone releases a new major version with a breaking - // change, your workflow could break. - // Some actions require inputs that you must set using the with - // keyword. Review the action's README file to determine the - // inputs required. - // Actions are either JavaScript files or Docker containers. If - // the action you're using is a Docker container you must run the - // job in a Linux virtual environment. For more details, see - // https://help.github.com/en/articles/virtual-environments-for-github-actions. - uses?: string - - // Runs command-line programs using the operating system's shell. - // If you do not provide a name, the step name will default to - // the text specified in the run command. - // Commands run using non-login shells by default. You can choose - // a different shell and customize the shell used to run - // commands. For more information, see - // https://help.github.com/en/actions/automating-your-workflow-with-github-actions/workflow-syntax-for-github-actions#using-a-specific-shell. - // Each run keyword represents a new process and shell in the - // virtual environment. When you provide multi-line commands, - // each line runs in the same shell. - run?: string, "working-directory"?: #["working-directory"], shell?: #shell - - // A map of the input parameters defined by the action. Each input - // parameter is a key/value pair. Input parameters are set as - // environment variables. The variable is prefixed with INPUT_ - // and converted to upper case. - with?: #env & { - args?: string, entrypoint?: string, ... - } - - // Sets environment variables for steps to use in the virtual - // environment. You can also set environment variables for the - // entire workflow or a job. - env?: #env - - // Prevents a job from failing when a step fails. Set to true to - // allow a job to pass when this step fails. - "continue-on-error"?: bool | #expressionSyntax | *false - - // The maximum number of minutes to run the step before killing - // the process. - "timeout-minutes"?: number - }] & [_, ...] - - // The maximum number of minutes to let a workflow run before - // GitHub automatically cancels it. Default: 360 - "timeout-minutes"?: number | *360 - - // A strategy creates a build matrix for your jobs. You can define - // different variations of an environment to run each job in. - strategy?: { - // A build matrix is a set of different configurations of the - // virtual environment. For example you might run a job against - // more than one supported version of a language, operating - // system, or tool. Each configuration is a copy of the job that - // runs and reports a status. - // You can specify a matrix by supplying an array for the - // configuration options. For example, if the GitHub virtual - // environment supports Node.js versions 6, 8, and 10 you could - // specify an array of those versions in the matrix. - // When you define a matrix of operating systems, you must set the - // required runs-on keyword to the operating system of the - // current job, rather than hard-coding the operating system - // name. To access the operating system name, you can use the - // matrix.os context parameter to set runs-on. For more - // information, see - // https://help.github.com/en/articles/contexts-and-expression-syntax-for-github-actions. - matrix: ({ - ... - } | #expressionSyntax) & { - {[=~"^(in|ex)clude$" & !~"^()$"]: [...{ - [string]: #configuration - }] & [_, ...]} - {[!~"^(in|ex)clude$" & !~"^()$"]: [...#configuration] & [_, ...]} - } - - // When set to true, GitHub cancels all in-progress jobs if any - // matrix job fails. Default: true - "fail-fast"?: bool | *true - - // The maximum number of jobs that can run simultaneously when - // using a matrix job strategy. By default, GitHub will maximize - // the number of jobs run in parallel depending on the available - // runners on GitHub-hosted virtual machines. - "max-parallel"?: number - } - - // Prevents a workflow run from failing when a job fails. Set to - // true to allow a workflow run to pass when this job fails. - "continue-on-error"?: bool | #expressionSyntax - - // A container to run any steps in a job that don't already - // specify a container. If you have steps that use both script - // and container actions, the container actions will run as - // sibling containers on the same network with the same volume - // mounts. - // If you do not set a container, all steps will run directly on - // the host specified by runs-on unless a step refers to an - // action configured to run in a container. - container?: string | #container - - // Additional containers to host services for a job in a workflow. - // These are useful for creating databases or cache services like - // redis. The runner on the virtual machine will automatically - // create a network and manage the life cycle of the service - // containers. - // When you use a service container for a job or your step uses - // container actions, you don't need to set port information to - // access the service. Docker automatically exposes all ports - // between containers on the same network. - // When both the job and the action run in a container, you can - // directly reference the container by its hostname. The hostname - // is automatically mapped to the service name. - // When a step does not use a container action, you must access - // the service using localhost and bind the ports. - services?: { - [string]: #container - } - }} - } -} - -#architecture: "ARM32" | "x64" | "x86" - -#branch: #globs - -#configuration: string | number | bool | { - [string]: #configuration -} | [...#configuration] - -#container: { - // The Docker image to use as the container to run the action. The - // value can be the Docker Hub image name or a registry name. - image: string - - // If the image's container registry requires authentication to - // pull the image, you can use credentials to set a map of the - // username and password. The credentials are the same values - // that you would provide to the `docker login` command. - credentials?: { - username?: string - password?: string - ... - } - - // Sets an array of environment variables in the container. - env?: #env - - // Sets an array of ports to expose on the container. - ports?: [...number | string] & [_, ...] - - // Sets an array of volumes for the container to use. You can use - // volumes to share data between services or other steps in a - // job. You can specify named Docker volumes, anonymous Docker - // volumes, or bind mounts on the host. - // To specify a volume, you specify the source and destination - // path: : - // The is a volume name or an absolute path on the host - // machine, and is an absolute path in the - // container. - volumes?: [...=~"^[^:]+:[^:]+$"] & [_, ...] - - // Additional Docker container resource options. For a list of - // options, see - // https://docs.docker.com/engine/reference/commandline/create/#options. - options?: string -} - -#defaults: run?: { - shell?: #shell - "working-directory"?: #["working-directory"] -} - -#env: [string]: bool | number | string - -#environment: { - // The name of the environment configured in the repo. - name: string - - // A deployment URL - url?: string -} - -#event: "check_run" | "check_suite" | "create" | "delete" | "deployment" | "deployment_status" | "fork" | "gollum" | "issue_comment" | "issues" | "label" | "member" | "milestone" | "page_build" | "project" | "project_card" | "project_column" | "public" | "pull_request" | "pull_request_review" | "pull_request_review_comment" | "pull_request_target" | "push" | "registry_package" | "release" | "status" | "watch" | "workflow_dispatch" | "workflow_run" | "repository_dispatch" - -#eventObject: null | { - ... -} - -#expressionSyntax: =~"^\\$\\{\\{.*\\}\\}$" - -#globs: [...strings.MinRunes(1)] & [_, ...] - -#machine: "linux" | "macos" | "windows" - -#name: =~"^[_a-zA-Z][a-zA-Z0-9_-]*$" - -#path: #globs - -#ref: null | { - branches?: #branch - "branches-ignore"?: #branch - tags?: #branch - "tags-ignore"?: #branch - paths?: #path - "paths-ignore"?: #path - ... -} - -#shell: (string | ("bash" | "pwsh" | "python" | "sh" | "cmd" | "powershell")) & string - -#types: [_, ...] - -#: "working-directory": string diff --git a/internal/ci/ci_tool.cue b/internal/ci/ci_tool.cue index ef8b8eb2873..f93e814d08f 100644 --- a/internal/ci/ci_tool.cue +++ b/internal/ci/ci_tool.cue @@ -16,33 +16,29 @@ package ci import ( "path" - "encoding/yaml" - - "tool/exec" "tool/file" - "tool/os" ) +// For the commands below, note we use simple yet hacky path resolution, rather +// than anything that might derive the module root using go list or similar, in +// order that we have zero dependencies. This is important because this CUE +// package is "vendored" to an external dependency so that that unity can +// re-run and verify these steps as part of a the test suite that runs against +// new CUE versions. + // genworkflows regenerates the GitHub workflow Yaml definitions. // // See internal/ci/gen.go for details on how this step fits into the sequence // of generating our CI workflow definitions, and updating various txtar tests // with files from that process. -// -// Until we have a resolution for cuelang.org/issue/704 and -// cuelang.org/issue/708 this must be run from the internal/ci package. At -// which point we can switch to using _#modroot. -// -// This also explains why the ../../ relative path specification below appear -// wrong in the context of the containing directory internal/ci/vendor. command: genworkflows: { - goos: _#goos + _goos: string @tag(os,var=os) for w in workflows { "\(w.file)": file.Create & { _dir: path.FromSlash("../../.github/workflows", path.Unix) - filename: path.Join([_dir, w.file], goos.GOOS) + filename: path.Join([_dir, w.file], _goos) contents: """ # Generated by internal/ci/ci_tool.cue; do not edit @@ -51,91 +47,3 @@ command: genworkflows: { } } } - -// updateTxtarTests ensures certain txtar tests are updated with the -// relevant files that make up the process of generating our CI -// workflows. -// -// See internal/ci/gen.go for details on how this step fits into the sequence -// of generating our CI workflow definitions, and updating various txtar tests -// with files from that process. -// -// Until we have a resolution for cuelang.org/issue/704 and -// cuelang.org/issue/708 this must be run from the internal/ci package. At -// which point we can switch to using _#modroot. -// -// This also explains why the ../../ relative path specification below appear -// wrong in the context of the containing directory internal/ci/vendor. -command: updateTxtarTests: { - goos: _#goos - - readJSONSchema: file.Read & { - _path: path.FromSlash("../../cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue", path.Unix) - filename: path.Join([_path], goos.GOOS) - contents: string - } - cueDefInternalCI: exec.Run & { - cmd: "go run cuelang.org/go/cmd/cue def cuelang.org/go/internal/ci" - stdout: string - } - // updateEvalTxtarTest updates the cue/testdata/eval testscript which exercises - // the evaluation of the workflows defined in internal/ci (which by definition - // means resolving and using the vendored GitHub Workflow schema) - updateEvalTxtarTest: { - _relpath: path.FromSlash("../../cue/testdata/eval/github.txtar", path.Unix) - _path: path.Join([_relpath], goos.GOOS) - - githubSchema: exec.Run & { - stdin: readJSONSchema.contents - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue" - } - defWorkflows: exec.Run & { - $after: githubSchema - stdin: cueDefInternalCI.stdout - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) workflows.cue" - } - } - // When we have a solution for cuelang.org/issue/709 we can make this a - // file.Glob. Ultimately it would be better to be able to do a cue def - // on the tool "package" - readToolsFile: file.Read & { - filename: "ci_tool.cue" - contents: string - } - updateCmdCueCmdTxtarTest: { - _relpath: path.FromSlash("../../cmd/cue/cmd/testdata/script/cmd_github.txt", path.Unix) - _path: path.Join([_relpath], goos.GOOS) - - githubSchema: exec.Run & { - stdin: readJSONSchema.contents - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue" - } - defWorkflows: exec.Run & { - $after: githubSchema - stdin: cueDefInternalCI.stdout - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) internal/ci/workflows.cue" - } - toolsFile: exec.Run & { - stdin: readToolsFile.contents - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) internal/ci/\(readToolsFile.filename)" - } - } -} - -// _#modroot is a common helper to get the module root -// -// TODO: use once we have a solution to cuelang.org/issue/704. -// This will then allow us to remove the use of .. below. -_#modroot: exec.Run & { - cmd: "go list -m -f {{.Dir}}" - stdout: string -} - -// Until we have the ability to inject contextual information -// we need to pass in GOOS explicitly. Either by environment -// variable (which we get for free when this is used via go generate) -// or via a tag in the case you want to manually run the CUE -// command. -_#goos: os.Getenv & { - GOOS: *path.Unix | string @tag(os) -} diff --git a/internal/ci/gen.go b/internal/ci/gen.go index 1c9a5c53acf..865d76aaff7 100644 --- a/internal/ci/gen.go +++ b/internal/ci/gen.go @@ -14,6 +14,5 @@ package ci -//go:generate go run cuelang.org/go/cmd/cue cmd vendorgithubschema ./vendor +//go:generate go run cuelang.org/go/cmd/cue cmd importjsonschema ./vendor //go:generate go run cuelang.org/go/cmd/cue cmd genworkflows -//go:generate go run cuelang.org/go/cmd/cue cmd updateTxtarTests diff --git a/internal/ci/updatetxtar/main.go b/internal/ci/updatetxtar/main.go deleted file mode 100644 index 7869c53ce0f..00000000000 --- a/internal/ci/updatetxtar/main.go +++ /dev/null @@ -1,74 +0,0 @@ -// Copyright 2021 The CUE Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package main - -import ( - "flag" - "io" - "io/ioutil" - "log" - "os" - - "github.com/rogpeppe/go-internal/txtar" -) - -// Usage: -// updateTxtar source target filename -// -// updateTxtar writes the contents of source (could be - for stdin) to a file -// (identified by filename) within the txtar archive at target. - -func main() { - log.SetFlags(0) - flag.Parse() - if flag.NArg() != 3 { - log.Fatal("Usage:\n\tupdateTxtar source target filename") - } - source := flag.Arg(0) - target := flag.Arg(1) - fn := flag.Arg(2) - a, err := txtar.ParseFile(target) - if err != nil { - log.Fatal(err) - } - var file *txtar.File - for i, f := range a.Files { - if f.Name == fn { - file = &a.Files[i] - break - } - } - if file == nil { - a.Files = append(a.Files, txtar.File{Name: fn}) - file = &a.Files[len(a.Files)-1] - } - var sourceReader io.Reader - if source == "-" { - sourceReader = os.Stdin - } else { - sourceReader, err = os.Open(source) - if err != nil { - log.Fatal(err) - } - } - contents, err := ioutil.ReadAll(sourceReader) - if err != nil { - log.Fatal(err) - } - file.Data = contents - if err := ioutil.WriteFile(target, txtar.Format(a), 0666); err != nil { - log.Fatal(err) - } -} diff --git a/internal/ci/vendor/vendor_tool.cue b/internal/ci/vendor/vendor_tool.cue index 6ae43550b6a..96b3f63c7ae 100644 --- a/internal/ci/vendor/vendor_tool.cue +++ b/internal/ci/vendor/vendor_tool.cue @@ -18,26 +18,23 @@ import ( "path" "tool/exec" - "tool/file" "tool/http" - "tool/os" ) -// vendorgithubschema vendors a "cue import"-ed version of the JSONSchema that +// _cueCmd defines the command that is run to run cmd/cue. +// This is factored out in order that the cue-github-actions +// project which "vendors" the various workflow-related +// packages can specify "cue" as the value so that unity +// tests can specify the cmd/cue binary to use. +_cueCmd: string | *"go run cuelang.org/go/cmd/cue@v0.4.3" @tag(cue_cmd) + +// For the commands below, note we use simple yet hacky path resolution, rather +// than anything that might derive the module root using go list or similar, in +// order that we have zero dependencies. + +// importjsonschema vendors a CUE-imported version of the JSONSchema that // defines GitHub workflows into the main module's cue.mod/pkg. -// -// See internal/ci/gen.go for details on how this step fits into the sequence -// of generating our CI workflow definitions, and updating various txtar tests -// with files from that process. -// -// Until we have a resolution for cuelang.org/issue/704 and -// cuelang.org/issue/708 this must be run from the internal/ci package. At -// which point we can switch to using _#modroot. -// -// This also explains why the ../../ relative path specification below appear -// wrong in the context of the containing directory internal/ci/vendor. -command: vendorgithubschema: { - goos: _#goos +command: importjsonschema: { getJSONSchema: http.Get & { request: body: "" @@ -45,47 +42,9 @@ command: vendorgithubschema: { // https://github.com/SchemaStore/schemastore/blob/master/src/schemas/json/github-workflow.json url: "https://raw.githubusercontent.com/SchemaStore/schemastore/6fe4707b9d1c5d45cfc8d5b6d56968e65d2bdc38/src/schemas/json/github-workflow.json" } - // Write the JSON schema to an encoding/jsonschema txtar test - // that verifies (at go test time) that we can import this - // JSON schema definition, independently of having to re-run - // go generate (which is expensive and yet another command - // to have to remember to run) - updateEncodingJSONSchemaTxtarTest: exec.Run & { - _relpath: path.FromSlash("../../encoding/jsonschema/testdata/github.txtar", "unix") - _path: path.Join([_relpath], goos.GOOS) + import: exec.Run & { + _outpath: path.FromSlash("../../cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue", "unix") stdin: getJSONSchema.response.body - cmd: "go run cuelang.org/go/internal/ci/updatetxtar - \(_path) workflow.json" - } - importJSONSchema: exec.Run & { - stdin: getJSONSchema.response.body - cmd: "go run cuelang.org/go/cmd/cue import -f -p json -l #Workflow: jsonschema: - -o -" - stdout: string + cmd: "\(_cueCmd) import -f -p json -l #Workflow: -o \(_outpath) jsonschema: -" } - // vendorGitHubWorkflowSchema writes the imported schema to the cue.mod/pkg - // hierarchy for the GitHub workflow package. This vendored - // package is then referenced in the internal/ci package - // when defining workflows. - vendorGitHubWorkflowSchema: file.Create & { - _path: path.FromSlash("../../cue.mod/pkg/github.com/SchemaStore/schemastore/src/schemas/json/github-workflow.cue", "unix") - filename: path.Join([_path], goos.GOOS) - contents: importJSONSchema.stdout - } -} - -// _#modroot is a common helper to get the module root -// -// TODO: use once we have a solution to cuelang.org/issue/704. -// This will then allow us to remove the use of .. below. -_#modroot: exec.Run & { - cmd: "go list -m -f {{.Dir}}" - stdout: string -} - -// Until we have the ability to inject contextual information -// we need to pass in GOOS explicitly. Either by environment -// variable (which we get for free when this is used via go generate) -// or via a tag in the case you want to manually run the CUE -// command. -_#goos: os.Getenv & { - GOOS: *"unix" | string @tag(os) }