simplify CoreEval proposals #258
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Proposal tests | |
| # run on all PRs | |
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| merge_group: | |
| push: | |
| branches: [main] | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| # Name these so they look less similar than AMD/ARM; omit 64 as uninformative. | |
| X86_PLATFORM: linux/amd64 | |
| ARM_PLATFORM: linux/arm64/v8 | |
| jobs: | |
| platforms: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| platforms: '${{ steps.platforms.outputs.platforms }}' | |
| steps: | |
| - name: Compute Docker platforms | |
| id: platforms | |
| run: | | |
| if ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}; then | |
| # JSON-encoded list consisting only of the default platform. | |
| platforms='["'"$X86_PLATFORM"'"]' | |
| else | |
| platforms='["$X86_PLATFORM","$ARM_PLATFORM"]' | |
| fi | |
| echo "platforms=$platforms" >> $GITHUB_OUTPUT | |
| # see https://docs.docker.com/build/ci/github-actions/test-before-push/ | |
| test-proposals: | |
| needs: [platforms] | |
| # UNTIL https://github.com/Agoric/agoric-3-proposals/issues/2 | |
| timeout-minutes: 120 | |
| strategy: | |
| matrix: | |
| platform: ${{ fromJSON(needs.platforms.outputs.platforms) }} | |
| # Run on our own self-hosted ARM64 machine if the platform is ARMish. | |
| runs-on: ${{ contains(matrix.platform, '/arm') && fromJSON('["self-hosted","Linux","ARM64"]') || 'ubuntu-latest' }} | |
| steps: | |
| # As the project has grown, we've repeatly run into out-of-space errors. | |
| # This action and its documentation helped. See also https://www.baeldung.com/linux/docker-fix-no-space-error | |
| - name: Maximize build space | |
| uses: easimon/maximize-build-space@master | |
| with: | |
| root-reserve-mb: 20000 # ~20GB for /var/lib/docker where images are built (docker info -f '{{ .DockerRootDir }}') | |
| remove-dotnet: 'true' | |
| remove-android: 'true' | |
| remove-haskell: 'true' | |
| remove-codeql: 'true' | |
| remove-docker-images: 'false' # TODO compare with true | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Set up QEMU for cross-platform builds | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| # see https://docs.github.com/en/actions/publishing-packages/publishing-docker-images | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Compute Docker tags | |
| id: docker-tags | |
| run: | | |
| sep= | |
| # A list of comma-separated tags to merge in the final image. | |
| SUFFIXED= | |
| # Our platform, replacing slashes with underscores. | |
| uarch=$(echo "${{ matrix.platform }}" | tr / _) | |
| for TAG in ${{ steps.meta.outputs.tags }}; do | |
| SUFFIXED="$SUFFIXED$sep$TAG-$uarch" | |
| if test -z "$sep"; then | |
| # The first tag (suffixed with our architecture) is the one we build. | |
| sep=, | |
| echo "tag=$TAG-$uarch" | tee -a $GITHUB_OUTPUT | |
| fi | |
| done | |
| echo "tags=$SUFFIXED" | tee -a $GITHUB_OUTPUT | |
| # The .ts scripts depend upon this | |
| - run: tsx --version || npm install --global tsx | |
| # Enable corepack for packageManager config | |
| - run: corepack enable || sudo corepack enable | |
| - run: yarn install | |
| - run: docker system df | |
| - run: docker buildx du --verbose | |
| - run: df -h | |
| # Test before pushing the images. | |
| - name: Build and run proposal tests | |
| if: ${{ matrix.platform == env.X86_PLATFORM }} | |
| run: node_modules/.bin/synthetic-chain test | |
| # Build a "use" image for each proposal. This uses Docker Bake's | |
| # matrix feature. We could have each "use" image built in a different runner | |
| # by including https://github.com/docker/bake-action?tab=readme-ov-file#list-targets | |
| # in the GHA matrix, but that wouldn't be able to resolve the DAG of what to build first. | |
| - name: Push proposal "use" images | |
| uses: docker/bake-action@v4 | |
| # If we pushed from PRs, each one would overwrite main's (e.g. use-upgrade-8) | |
| # To push PR "use" images we'll need to qualify the tag (e.g. use-upgrade-8-pr-2). | |
| if: ${{ github.event_name != 'pull_request' }} | |
| with: | |
| files: | | |
| ./docker-bake.json | |
| ./docker-bake.hcl | |
| ${{ steps.meta.outputs.bake-file }} | |
| targets: use | |
| - name: Build and push default image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: . | |
| platforms: ${{ matrix.platform }} | |
| # push to registry on every repo push. A PR #2 will push with tag `pr-2` and `main` will have tag `main`. | |
| # See https://github.com/docker/metadata-action?tab=readme-ov-file#basic. | |
| push: true | |
| tags: ${{ steps.docker-tags.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| # Merge the default image from each platform into one multi-arch image, | |
| # then publish that multiarch image. | |
| docker-publish-multiarch: | |
| needs: [test-proposals, platforms] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| buildkitd-flags: --debug | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| registry: ${{ env.REGISTRY }} | |
| - name: Compute tags | |
| id: docker-tags | |
| run: | | |
| echo "tags=${{ steps.meta.outputs.tags }}" >> $GITHUB_OUTPUT | |
| - name: Push multiarch image | |
| run: | | |
| set -ex | |
| # Push all tags, comprised of all architectures, to the registry. | |
| for TAG in ${{ steps.docker-tags.outputs.tags }}; do | |
| sources= | |
| for ARCH in ${{ join(fromJson(needs.platforms.outputs.platforms), ' ') }}; do | |
| uarch=$(echo "$ARCH" | tr / _) | |
| BUILD_TAG="$TAG-$uarch" | |
| sources="$sources $BUILD_TAG" | |
| done | |
| docker buildx imagetools create --tag "$TAG"$sources | |
| done | |
| - name: notify on failure | |
| if: failure() && github.event_name != 'pull_request' | |
| uses: ./.github/actions/notify-status | |
| with: | |
| webhook: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| from: ${{ secrets.NOTIFY_EMAIL_FROM }} | |
| to: ${{ secrets.NOTIFY_EMAIL_TO }} | |
| password: ${{ secrets.NOTIFY_EMAIL_PASSWORD }} |