Container tooling #3514
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI Build | |
on: [push, pull_request] | |
jobs: | |
setup: | |
# This job sets up the runners to be used in the matrix for the build workflow. | |
# It provides a list of available runners with stable, human-friendly names and a mapping | |
# from those names to the actual `runs-on` value for each runner type. This allows us to | |
# use codebuild-hosted runners for amazon-ion/ion-rust without requiring forks to also | |
# have codebuild-hosted runners. | |
# | |
# If you want to use codebuild runners for your personal fork, follow the instructions to set | |
# up a codebuild project. https://docs.aws.amazon.com/codebuild/latest/userguide/action-runner.html | |
# Then, create a repository variable for your fork named `CODEBUILD_PROJECT_NAME` with the name | |
# of the project you created. | |
# | |
# TODO: See if this job can be turned into a reusable component | |
name: Setup Build Matrix | |
runs-on: ubuntu-latest | |
# We want to run on external PRs, but not on internal ones as push automatically builds | |
# H/T: https://github.com/Dart-Code/Dart-Code/commit/612732d5879730608baa9622bf7f5e5b7b51ae65 | |
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != 'amazon-ion/ion-rust' | |
strategy: | |
matrix: | |
# We're using a matrix with a single entry so that we can define some config as YAML rather than | |
# having to write escaped json in a string. | |
include: | |
# Repository vars are not available for fork->source pull requests, so if we want to use codebuild runners | |
# for PRs, we need a fallback to check the repository owner. | |
- use-codebuild: ${{ vars.CODEBUILD_PROJECT_NAME != '' || github.repository_owner == 'amazon-ion' }} | |
codebuild-project-name: ${{ vars.CODEBUILD_PROJECT_NAME != '' && vars.CODEBUILD_PROJECT_NAME || 'ion-rust' }} | |
runs-on-names-cb: [ windows, macos, ubuntu, al2-x86, al2-arm ] | |
runs-on-names: [ windows, macos, ubuntu ] | |
runner-labels: | |
windows: windows-latest | |
ubuntu: ubuntu-latest | |
macos: macos-latest | |
al2-x86: "codebuild-${{ vars.CODEBUILD_PROJECT_NAME != '' && vars.CODEBUILD_PROJECT_NAME || 'ion-rust' }}-${{ github.run_id }}-${{ github.run_attempt }}-al2-5.0-large" | |
al2-arm: "codebuild-${{ vars.CODEBUILD_PROJECT_NAME != '' && vars.CODEBUILD_PROJECT_NAME || 'ion-rust' }}-${{ github.run_id }}-${{ github.run_attempt }}-arm-3.0-large" | |
outputs: | |
available-runners: ${{ matrix.use-codebuild && toJSON(matrix.runs-on-names-cb) || toJSON(matrix.runs-on-names) }} | |
runner-labels: ${{ toJSON(matrix.runner-labels) }} | |
steps: | |
- name: Dump Config | |
run: echo '${{ toJSON(matrix) }}' | |
build: | |
name: Build and Test | |
needs: setup | |
# Map the friendly names from `available-runners` to the actual runner labels. | |
runs-on: ${{ fromJSON(needs.setup.outputs.runner-labels)[matrix.os] }} | |
# We want to run on external PRs, but not on internal ones as push automatically builds | |
# H/T: https://github.com/Dart-Code/Dart-Code/commit/612732d5879730608baa9622bf7f5e5b7b51ae65 | |
if: github.event_name == 'push' || github.event.pull_request.head.repo.full_name != 'amazon-ion/ion-rust' | |
strategy: | |
fail-fast: false | |
matrix: | |
# use the available runner types that were determined by the setup step | |
os: ${{ fromJSON(needs.setup.outputs.available-runners) }} | |
# build and test for different and interesting crate features | |
features: ['default', 'all', 'experimental-ion-hash', 'experimental'] | |
permissions: | |
checks: write | |
steps: | |
- name: Install Dependencies | |
if: runner.os == 'Windows' | |
run: choco install llvm -y | |
- name: Git Checkout | |
uses: actions/checkout@v2 | |
with: | |
submodules: recursive | |
- name: Rust Toolchain | |
uses: actions-rs/toolchain@v1 | |
with: | |
profile: minimal | |
toolchain: stable | |
components: rustfmt, clippy | |
override: true | |
- name: Cargo Test (default/no features) | |
if: matrix.features == 'default' | |
uses: actions-rs/cargo@v1 | |
with: | |
command: test | |
args: --verbose --workspace | |
- name: Cargo Test (all features) | |
if: matrix.features == 'all' | |
uses: actions-rs/cargo@v1 | |
with: | |
command: test | |
args: --verbose --workspace --all-features | |
- name: Cargo Test (specific feature) | |
if: matrix.features != 'default' && matrix.features != 'all' | |
uses: actions-rs/cargo@v1 | |
with: | |
command: test | |
args: --verbose --workspace --features "${{ matrix.features }}" | |
- name: Rustfmt Check | |
# We really only need to run this once--ubuntu/all features mode is as good as any | |
if: matrix.os == 'ubuntu-latest' && matrix.features == 'all' | |
uses: actions-rs/cargo@v1 | |
with: | |
command: fmt | |
args: --verbose -- --check | |
# `clippy-check` will run `cargo clippy` on new pull requests. Due to a limitation in GitHub | |
# permissions, the behavior of the Action is different depending on the source of the PR. If the | |
# PR comes from the ion-rust project itself, any suggestions will be added to the PR as comments. | |
# If the PR comes from a fork, any suggestions will be added to the Action's STDOUT for review. | |
# For details, see: https://github.com/actions-rs/clippy-check/issues/2 | |
- name: Install Clippy | |
# The clippy check depends on setup steps defined above, but we don't want it to run | |
# for every OS because it posts its comments to the PR. These `if` checks limit clippy to | |
# only running on the Linux test. (The choice of OS was arbitrary.) | |
if: matrix.os == 'ubuntu' && matrix.features == 'all' | |
run: rustup component add clippy | |
- name: Run Clippy | |
if: matrix.os == 'ubuntu' && matrix.features == 'all' | |
uses: actions-rs/clippy-check@v1 | |
with: | |
# Adding comments to the PR requires the GITHUB_TOKEN secret. | |
token: ${{ secrets.GITHUB_TOKEN }} | |
# We are opinionated here and fail the build if anything is complained about. | |
# We can always explicitly allow clippy things we disagree with or if this gets too annoying, get rid of it. | |
args: --workspace --all-features --tests -- -Dwarnings | |
- name: Rustdoc on Everything | |
# We really only need to run this once--ubuntu/all features mode is as good as any | |
if: matrix.os == 'ubuntu' && matrix.features == 'all' | |
uses: actions-rs/cargo@v1 | |
with: | |
command: doc | |
args: --document-private-items --all-features | |
confirm-build: | |
# This job is just a "join" on all parallel strategies for the `build` job so that we can require it in our branch protection rules. | |
needs: build | |
name: Build and Test Confirmation | |
runs-on: ubuntu-latest | |
# We must include always() even with additional conditions in order to override the default status check of | |
# success() that is automatically applied to if conditions that don't contain a status check function. | |
if: ${{ always() && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name != 'amazon-ion/ion-rust') }} | |
steps: | |
- run: echo ${{ needs.build.result }} | |
- if: needs.build.result != 'success' | |
run: exit 1 | |