design dataplane internals #223
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# The primary point of this workflow is to ensure that the developer experience is good. | |
# We take a very vanilla ubuntu image, install all necessary dependencies via "normal" means, | |
# and then run the build and test steps as described in the README.md file. | |
# The artifacts produced by these builds are not intended to be used for anything other than | |
# ensuring that the developer experience is good. | |
# Production artifacts are produced in a sterile environment (in another CI workflow). | |
name: "dev.yml" | |
on: | |
pull_request: {} | |
push: | |
branches: | |
- "main" | |
merge_group: | |
types: ["checks_requested"] | |
workflow_dispatch: | |
inputs: | |
debug_enabled: | |
type: "boolean" | |
description: "Run with tmate enabled" | |
required: false | |
default: false | |
concurrency: | |
group: "${{ github.workflow }}:${{ github.event.pull_request.number || github.event.after }}" | |
cancel-in-progress: true | |
permissions: | |
contents: "read" | |
packages: "write" | |
id-token: "write" | |
jobs: | |
check_changes: | |
name: "Deduce required tests from code changes" | |
permissions: | |
contents: "read" | |
pull-requests: "read" | |
runs-on: "ubuntu-latest" | |
outputs: | |
devfiles: "${{ steps.changes.outputs.devfiles }}" | |
steps: | |
- name: "Checkout" | |
if: "${{ !github.event.pull_request }}" | |
uses: "actions/checkout@v4" | |
with: | |
persist-credentials: "false" | |
fetch-depth: "0" | |
- name: "Check code changes" | |
uses: "dorny/paths-filter@v3" | |
id: "changes" | |
with: | |
filters: | | |
devfiles: | |
- '!(README.md|LICENSE|design-docs/**|.gitignore|.github/**)' | |
- '.github/workflows/dev.yml' | |
build: | |
needs: [ check_changes ] | |
if: "${{ needs.check_changes.outputs.devfiles == 'true' }}" | |
strategy: | |
fail-fast: false | |
matrix: | |
rust: | |
- "stable" | |
- "beta" | |
- "nightly" | |
name: "Developer build" | |
runs-on: "lab" | |
timeout-minutes: 45 | |
steps: | |
- name: "login to ghcr.io" | |
uses: "docker/login-action@v3" | |
with: | |
registry: "ghcr.io" | |
username: "${{ github.actor }}" | |
password: "${{ secrets.GITHUB_TOKEN }}" | |
- name: "install rust" | |
uses: "dtolnay/rust-toolchain@stable" | |
with: | |
toolchain: "${{ matrix.rust }}" | |
targets: "x86_64-unknown-linux-gnu,x86_64-unknown-linux-musl" | |
- name: "Checkout" | |
uses: "actions/checkout@v4" | |
with: | |
persist-credentials: "false" | |
fetch-depth: "0" | |
- uses: "cargo-bins/cargo-binstall@main" | |
- name: "install just" | |
run: | | |
cargo binstall --no-confirm just | |
- name: "install nextest" | |
run: | | |
cargo binstall --no-confirm cargo-nextest | |
- name: "install cargo-deny" | |
run: | | |
cargo binstall --no-confirm cargo-deny | |
- run: | | |
just debug=true cargo deny check | |
- name: "install openssl and libssl-dev (needed for markdown-test-report)" | |
run: | | |
sudo apt-get update | |
sudo apt-get --yes --no-install-recommends install pkg-config openssl libssl-dev colorized-logs | |
- name: "install markdown-test-report" | |
run: | | |
cargo binstall --no-confirm markdown-test-report | |
- name: refresh-compile-env | |
run: | | |
just --yes debug=true refresh-compile-env | |
- run: | | |
just --yes debug=true fake-nix | |
- run: | | |
# Run a simple build for each separate commit (for "pull_request") | |
# or for the HEAD of the branch (other events). | |
set -eu -o pipefail | |
COMMITS=${{ github.sha }} | |
if [[ "${{ github.event_name == 'pull_request' }}" == "true" ]]; then | |
# Get all commits from Pull Request, in chronological order | |
COMMITS=$(git rev-list --reverse ${{ github.event.pull_request.base.sha }}..${{ github.event.pull_request.head.sha }}) | |
fi | |
for commit in $COMMITS ; do | |
git checkout $commit || exit 1 | |
printf "::group::Build commit %s\n" "$(git log --oneline --no-decorate -n 1)" | |
(just debug=true cargo +${{matrix.rust}} build --locked --profile=dev --target=x86_64-unknown-linux-gnu) || exit 1 | |
printf "::endgroup::\n" | |
done | |
printf "::notice::HEAD remains at %s\n" "$(git log --oneline --no-decorate -n 1)" | |
continue-on-error: ${{ matrix.rust.optional }} | |
# At this stage, for Pull Requests, we're back to the HEAD of the branch, | |
# start running tests for different configurations. | |
- name: "tests: rust ${{ matrix.rust }} profile=dev target=x86_64-unknown-linux-gnu" | |
run: | | |
export GITHUB_STEP_SUMMARY | |
just debug=true rust=${{matrix.rust}} profile=dev target=x86_64-unknown-linux-gnu test | |
just debug=true rust=${{matrix.rust}} profile=dev target=x86_64-unknown-linux-gnu report | |
- run: | | |
just cargo +${{matrix.rust}} build --locked --profile=dev --target=x86_64-unknown-linux-musl | |
- name: "tests: rust ${{ matrix.rust }} profile=dev target=x86_64-unknown-linux-musl" | |
run: | | |
export GITHUB_STEP_SUMMARY | |
just debug=true rust=${{matrix.rust}} profile=dev target=x86_64-unknown-linux-musl test | |
just debug=true rust=${{matrix.rust}} profile=dev target=x86_64-unknown-linux-musl report | |
- run: | | |
just debug=true cargo +${{matrix.rust}} build --locked --profile=release --target=x86_64-unknown-linux-gnu | |
- name: "tests: rust ${{ matrix.rust }} profile=release target=x86_64-unknown-linux-gnu" | |
run: | | |
export GITHUB_STEP_SUMMARY | |
just debug=true rust=${{matrix.rust}} profile=release target=x86_64-unknown-linux-gnu test | |
just debug=true rust=${{matrix.rust}} profile=release target=x86_64-unknown-linux-gnu report | |
- run: | | |
just debug=true cargo +${{matrix.rust}} build --locked --profile=release --target=x86_64-unknown-linux-musl | |
- name: "tests: rust ${{ matrix.rust }} profile=release target=x86_64-unknown-linux-musl" | |
run: | | |
export GITHUB_STEP_SUMMARY | |
just debug=true rust=${{matrix.rust}} profile=release target=x86_64-unknown-linux-musl test | |
just debug=true rust=${{matrix.rust}} profile=release target=x86_64-unknown-linux-musl report | |
- uses: "actions/upload-artifact@v4" | |
if: ${{ always() }} | |
with: | |
name: "test-results-${{ matrix.rust }}" | |
path: "target/nextest/" | |
- name: "Setup tmate session for debug" | |
if: ${{ failure() && github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
uses: "mxschmitt/action-tmate@v3" | |
timeout-minutes: 60 | |
with: | |
limit-access-to-actor: true | |
summary: | |
name: "Summary" | |
runs-on: "ubuntu-latest" | |
needs: | |
- build | |
if: ${{ always() && needs.build.result != 'skipped' }} | |
steps: | |
- name: "Flag any build matrix failures" | |
if: ${{ needs.build.result != 'success' }} | |
run: | | |
>&2 echo "A critical step failed!" | |
exit 1 |