add provenance workflow dispatch #161
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
branches: [main] | |
# See https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions#example-using-concurrency-to-cancel-any-in-progress-job-or-run | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
jobs: | |
xtask: | |
runs-on: ubuntu-20.04 | |
timeout-minutes: 120 | |
# We use the same job template, but parametrize the actual command to be passed to the xtask | |
# binary using the matrix strategy, so that we get the commands running in parallel. | |
strategy: | |
fail-fast: false | |
matrix: | |
# Do not add `run-ci` to these commands. We parse them for `xtask run-ci`. | |
cmd: | |
# format tries to format all the source files, and relies on the git diff step to determine whether anything was missed. | |
- format | |
# check-format checks for additional issues (e.g. missing license headers) that format does not enforce. | |
- check-format | |
- run-cargo-deny | |
- run-cargo-udeps | |
- run-bazel-tests | |
- run-cargo-fuzz -- -max_total_time=2 | |
- completion | |
- run-cargo-clippy | |
steps: | |
- name: Checkout branch | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 2 | |
# The runner comes with all this software pre-installed: https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu2004-README.md | |
# so we delete some large packages to make sure we have more space available. | |
# | |
# We print the remaining disk space between commands in order to have an idea of which of them | |
# have the most significant impact. | |
# | |
# Copied from https://github.com/jens-maus/RaspberryMatic/blob/ea6b8ce0dd2d53ea88b2766ba8d7f8e1d667281f/.github/workflows/ci.yml#L34-L40 | |
# and https://github.com/actions/virtual-environments/issues/709#issuecomment-612569242 | |
- name: Free disk space | |
run: | | |
df --human-readable | |
sudo apt-get remove --yes '^dotnet-.*' '^llvm-.*' 'php.*' azure-cli google-cloud-cli hhvm google-chrome-stable firefox powershell | |
df --human-readable | |
sudo apt-get autoremove --yes | |
df --human-readable | |
sudo apt clean | |
df --human-readable | |
docker rmi $(docker image ls --all --quiet) | |
df --human-readable | |
rm --recursive --force "$AGENT_TOOLSDIRECTORY" | |
df --human-readable | |
rm --recursive --force /usr/local/share/boost | |
df --human-readable | |
sudo swapoff --all | |
df --human-readable | |
sudo rm --force /swapfile | |
df --human-readable | |
- name: Docker pull | |
timeout-minutes: 10 | |
run: | | |
./scripts/docker_pull | |
df --human-readable | |
- name: Run command | |
env: | |
RUST_BACKTRACE: 1 | |
RUST_LOG: debug | |
# Do not run tests that require KVM on GitHub Actions, since nested virtualization is not supported. | |
OAK_KVM_TESTS: skip | |
run: | | |
./scripts/docker_run nix develop .#ci --command ./scripts/xtask ${{ matrix.cmd }} | |
df --human-readable | |
# Ensure that the previous steps did not modify our source-code and that | |
# relevant build artifacts are ignored by git. | |
- name: Git check diff | |
run: ./scripts/docker_run ./scripts/git_check_diff |