diff --git a/.github/workflows/.aspect-workflows-reusable.yaml b/.github/workflows/.aspect-workflows-reusable.yaml deleted file mode 100644 index a133b09..0000000 --- a/.github/workflows/.aspect-workflows-reusable.yaml +++ /dev/null @@ -1,183 +0,0 @@ -# ================================================================================================== -# Aspect Workflows Reusable Workflow for GitHub Actions v5.14.0 -# -# https://github.com/aspect-build/workflows-action/blob/5.14.0/.github/workflows/.aspect-workflows-reusable.yaml -# -# At this time, GitHub Actions does not allow referencing reusable workflows from public -# repositories in other organizations. See -# https://docs.github.com/en/actions/using-workflows/reusing-workflows#access-to-reusable-workflows -# for more info. -# -# Use the Aspect Workflows Reusable Workflow with GitHub Actions by doing one of the following: -# -# 1. Vendor this file into the `.github/workflows` folder of your repository and reference it with -# `uses:` in a workflow file such as `.github/workflows/aspect-workflows.yaml`: -# -# ``` -# name: Aspect Workflows -# -# on: -# push: -# branches: [main] -# pull_request: -# branches: [main] -# workflow_dispatch: -# -# jobs: -# aspect-workflows: -# name: Aspect Workflows -# uses: ./.github/workflows/.aspect-workflows-reusable.yaml -# ``` -# -# 2. Create a fork of https://github.com/aspect-build/workflows-action in your -# GitHub org and change the `uses` line above to reference the reusable work -# from your fork: -# -# ``` -# jobs: -# aspect-workflows: -# name: Aspect Workflows -# uses: my-github-org/workflows-action/.github/workflows/.aspect-workflows-reusable.yaml@5.14.0 -# ``` -# ================================================================================================== -name: Aspect Workflows Reusable Workflow -on: - # Makes this workflow reusable, see - # https://github.blog/2022-02-10-using-reusable-workflows-github-actions - workflow_call: - inputs: - aspect-config: - description: Path to the Aspect Workflows config.yaml file - type: string - default: .aspect/workflows/config.yaml - delivery-workflow: - description: The name of the file which contains the delivery workflow - type: string - default: aspect-workflows-delivery.yaml - queue: - description: The queue / runner pool that the setup step will run on - type: string - default: aspect-default - slack_webhook_url: - description: 'If set, then a webhook notification will be sent for failing builds on a release branch. Input should match the name of a secret. "secrets: inherit" must also be set' - type: string - inherited_secrets: - description: 'Comma separated list of secrets or regex (Oniguruma) describing secrets to be made available during the build. "secrets: inherit" must also be set. The regex is used by jq internally which uses the Oniguruma regular expression library: https://jqlang.github.io/jq/manual/' - type: string -jobs: - setup: - runs-on: [self-hosted, aspect-workflows, "${{ inputs.queue }}"] - steps: - - uses: actions/checkout@v4 - - id: rosetta-generate - run: | - ROSETTA_RESULT=$( \ - rosetta steps \ - --config ${{ inputs.aspect-config }} \ - --gha_task generate \ - --gha_json_pretty_print=false \ - ) - tee "${GITHUB_OUTPUT}" <<< "json=${ROSETTA_RESULT}" - outputs: - cfg: ${{ steps.rosetta-generate.outputs.json }} - bazel: - needs: [setup] - runs-on: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].labels }} - strategy: - fail-fast: false - matrix: ${{ fromJson(needs.setup.outputs.cfg).matrix_config }} - env: - ASPECT_WORKFLOWS_CONFIG: ${{ inputs.aspect-config }} - GITHUB_PR_HEAD_SHA: ${{ github.event.pull_request.head.sha }} - steps: - - name: Workflows environment - run: ${{ fromJson(needs.setup.outputs.cfg).platform.directories.WORKFLOWS_BIN_DIR }}/configure_workflows_env - - name: Clone repo - uses: actions/checkout@v4 - with: - fetch-depth: ${{ endsWith(matrix.job, 'lint') && 2 || endsWith(matrix.job, 'format') && 2 || 1 }} - - name: Agent health check - # Set RUNNER_TRACKER_ID="" to prevent GitHub Actions from killing the Bazel server started - # during health check when "Cleaning up orphan processes" in the "Complete job" step. - # See https://github.com/actions/runner/issues/598. - run: RUNNER_TRACKING_ID="" && ${{ fromJson(needs.setup.outputs.cfg).platform.directories.WORKFLOWS_BIN_DIR }}/agent_health_check - timeout-minutes: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].health_check_timeout }} - - name: Process secrets - id: process_secrets - if: inputs.inherited_secrets != '' - run: | - REQUIRED_SECRETS=$(${{ fromJson(needs.setup.outputs.cfg).platform.directories.WORKFLOWS_BIN_DIR }}/jq -R --compact-output 'gsub("\\s+";"";"g") | split(",")' <<< "${{ inputs.inherited_secrets }}") - FILTERED_SECRETS=$(${{ fromJson(needs.setup.outputs.cfg).platform.directories.WORKFLOWS_BIN_DIR }}/jq --compact-output --argjson secrets "${REQUIRED_SECRETS}" 'with_entries( select (.key | test($secrets[]) ) )' <<< '''${{ toJson(secrets) }}''' ) - echo "filtered_secrets=${FILTERED_SECRETS}" | tee ${GITHUB_OUTPUT} - - name: Prepare archive directories - run: rm -rf ${{ join(fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].artifact_paths, ' ') }} - - name: Checkout health - uses: aspect-build/workflows-action@5.14.0 - timeout-minutes: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].checkout_task_timeout }} - if: fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].has_checkout_task - with: - workspace: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace }} - task: checkout - - name: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].name }} - uses: aspect-build/workflows-action@5.14.0 - env: ${{ inputs.inherited_secrets != '' && fromJson(steps.process_secrets.outputs.filtered_secrets) || fromJson('{}') }} - timeout-minutes: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].timeout_in_minutes }} - with: - workspace: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace }} - task: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].task }} - - name: Send notification to Slack - id: slack - # oncall cares about branches that do delivery, so key this on whether we produce a delivery manifest - if: inputs.slack_webhook_url != '' && failure() && fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].generate_manifest - uses: slackapi/slack-github-action@v1.27.0 - with: - payload: | - { - "gha_url": "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" - } - env: - SLACK_WEBHOOK_URL: ${{ secrets[inputs.slack_webhook_url] }} - - name: Delivery manifest - if: fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].generate_manifest - uses: aspect-build/workflows-action@5.14.0 - timeout-minutes: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].delivery_manifest_timeout }} - with: - workspace: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace }} - task: delivery_manifest - args: "--data TARGETS_SOURCE=${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].task }}" - # Upload all artifacts for the workspace - - name: Upload artifacts - # The `always()` condition makes this step run even if a previous step failed. - # Setting `continue-on-error: true` on previous steps isn't ideal as the UI - # will flag them as having passed even if they failed. - if: ${{ always() }} - uses: actions/upload-artifact@v4 - with: - name: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].artifact_prefix }}${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].task }}.artifacts - path: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].artifact_upload_pattern }} - overwrite: true - # Codecov - - name: Codecov upload - # The `always()` condition makes this step run even if a previous step failed. - # Setting `continue-on-error: true` on previous steps isn't ideal as the UI - # will flag them as having passed even if they failed. - if: ${{ always() && fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].codecov_upload }} - # https://github.com/marketplace/actions/codecov - uses: codecov/codecov-action@v4 - with: - files: bazel-out/_coverage/_coverage_report.dat - token: ${{ secrets.CODECOV_TOKEN }} - functionalities: search # Disable searching for coverage reports. If enabled, it gets confused - # by the bazel convenience symlinks and finds the same coverage report - # under bazel-out and {workspace}/bazel-out. - - name: Trigger delivery - # This uses the following API: https://docs.github.com/en/rest/actions/workflows?apiVersion=2022-11-28#create-a-workflow-dispatch-event - run: | - curl \ - -X POST \ - -H "Accept: application/vnd.github.v3+json" \ - -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ - https://api.github.com/repos/${{ github.repository }}/actions/workflows/${{ inputs.delivery-workflow }}/dispatches \ - -d "{\"ref\":\"${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].branch }}\",\"inputs\":{\"delivery_commit\":\"${GITHUB_SHA}\",\"workspace\":\"${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace }}\"}}" - shell: bash - if: fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].delivery diff --git a/.github/workflows/aspect-workflows-delivery.yaml b/.github/workflows/aspect-workflows-delivery.yaml deleted file mode 100644 index c708505..0000000 --- a/.github/workflows/aspect-workflows-delivery.yaml +++ /dev/null @@ -1,50 +0,0 @@ -name: Aspect Workflows Delivery - -on: - # Allow this to be triggered manually via the GH UI. See - # https://docs.aspect.build/workflows/delivery#break-glass-deliver-on-red - workflow_dispatch: - inputs: - delivery_commit: - description: The commit to checkout and run the delivery from. Targets listed in the delivery manifest for this commit will be delivered unless specific targets are listed in `delivery_targets`. - type: string - required: true - workspace: - description: The workspace to deliver from - type: string - required: false - default: '.' - delivery_targets: - description: List of Bazel targets to deliver, delimited by spaces. For example, \`//app/a:push_release //app/b:push_release\`. If empty, targets listed in the delivery manifest for the target commit will be delivered. - type: string - required: false - -jobs: - delivery: - name: Aspect Workflows Delivery - runs-on: [self-hosted, aspect-workflows, aspect-default] - env: - ASPECT_WORKFLOWS_BIN_DIR: /etc/aspect/workflows/bin - steps: - - name: Workflows environment - run: ${ASPECT_WORKFLOWS_BIN_DIR}/configure_workflows_env - - uses: actions/checkout@v4 - with: - ref: ${{ inputs.delivery_commit }} - # Fetch all history for all tags and branches, so the --workspace_status_command can find - # any tags that it needs for `git describe`. - # See https://github.com/actions/checkout#Fetch-all-history-for-all-tags-and-branches - fetch-depth: 0 - - name: Agent health check - # Set RUNNER_TRACKER_ID="" to prevent GitHub Actions from killing the Bazel server started - # during health check when "Cleaning up orphan processes" in the "Complete job" step. - # See https://github.com/actions/runner/issues/598. - run: RUNNER_TRACKER_ID="" && ${ASPECT_WORKFLOWS_BIN_DIR}/agent_health_check - - name: Run delivery - uses: aspect-build/workflows-action@5.14.0 - with: - task: delivery - workspace: ${{ inputs.workspace }} - env: - ASPECT_WORKFLOWS_DELIVERY_COMMIT: ${{ inputs.delivery_commit }} - ASPECT_WORKFLOWS_DELIVERY_TARGETS: ${{ inputs.delivery_targets }} \ No newline at end of file diff --git a/.github/workflows/aspect-workflows-warming.yaml b/.github/workflows/aspect-workflows-warming.yaml index 0df794f..6340ca5 100644 --- a/.github/workflows/aspect-workflows-warming.yaml +++ b/.github/workflows/aspect-workflows-warming.yaml @@ -13,20 +13,18 @@ jobs: warming-archive: name: Aspect Workflows Warming runs-on: [self-hosted, aspect-workflows, aspect-warming] - env: - ASPECT_WORKFLOWS_BIN_DIR: /etc/aspect/workflows/bin steps: - name: Workflows environment - run: ${ASPECT_WORKFLOWS_BIN_DIR}/configure_workflows_env - - uses: actions/checkout@v4 + run: /etc/aspect/workflows/bin/configure_workflows_env + - name: Clone repo + uses: actions/checkout@v4 - name: Agent health check # Set RUNNER_TRACKER_ID="" to prevent GitHub Actions from killing the Bazel server started # during health check when "Cleaning up orphan processes" in the "Complete job" step. # See https://github.com/actions/runner/issues/598. - run: RUNNER_TRACKER_ID="" && ${ASPECT_WORKFLOWS_BIN_DIR}/agent_health_check + run: RUNNER_TRACKER_ID="" && /etc/aspect/workflows/bin/agent_health_check - name: Create warming archive - uses: aspect-build/workflows-action@5.14.0 - with: - task: warming + run: rosetta run --workspace . warming + shell: bash - name: Archive warming tars - run: ${ASPECT_WORKFLOWS_BIN_DIR}/warming_archive + run: /etc/aspect/workflows/bin/warming_archive diff --git a/.github/workflows/aspect-workflows.yaml b/.github/workflows/aspect-workflows.yaml index 415a9aa..7293cf3 100644 --- a/.github/workflows/aspect-workflows.yaml +++ b/.github/workflows/aspect-workflows.yaml @@ -17,8 +17,43 @@ concurrency: cancel-in-progress: ${{ github.ref_name != 'main' }} jobs: - aspect-workflows: - name: Aspect Workflows - uses: ./.github/workflows/.aspect-workflows-reusable.yaml - with: - queue: aspect-small + test: + name: Test + runs-on: [self-hosted, aspect-workflows, aspect-default] + steps: + - name: Workflows environment + run: /etc/aspect/workflows/bin/configure_workflows_env + - name: Clone repo + uses: actions/checkout@v4 + with: + fetch-depth: 1 + - name: Agent health check + # Set RUNNER_TRACKER_ID="" to prevent GitHub Actions from killing the Bazel server started during health check when "Cleaning up orphan processes" in the "Complete job" step. See https://github.com/actions/runner/issues/598. + run: RUNNER_TRACKER_ID="" && /etc/aspect/workflows/bin/agent_health_check + - name: Test + run: | + # Clear artifact directories + rm -rf /workflows/artifacts /workflows/testlogs + # Set Aspect Workflows common bazel flags in /etc/bazel.bazelrc + rosetta bazelrc > /etc/bazel.bazelrc + # Run a query + bazel query 'kind("go_test rule", //...)' > targets.out + cat targets.out + # Generate a dynamic Aspect Workflows config file from the query results + /etc/aspect/workflows/bin/jq -R -s 'split("\n") | map(select(. != "")) | {tasks: [{test: {targets: .}}]}' targets.out > .aspect/workflows/dynamic_config.yaml + cat .aspect/workflows/dynamic_config.yaml + # Run the test task from the dynamically generated config file + rosetta run --config .aspect/workflows/dynamic_config.yaml test + # Alternately you could escape from Aspect Workflows tasks and call bazel test directly + bazel test $(cat targets.out) + shell: bash + - name: Upload artifacts + # The `always()` condition makes this step run even if a previous step failed. Setting `continue-on-error: true` on previous steps isn't ideal as the UI will flag them as having passed even if they failed. + if: ${{ always() }} + uses: actions/upload-artifact@v4 + with: + name: test.artifact + path: | + /workflows/artifacts/** + /workflows/testlogs/** + overwrite: true