Skip to content

Add user freeze feature #12120

Add user freeze feature

Add user freeze feature #12120

Workflow file for this run

name: ci
on:
workflow_dispatch:
merge_group:
pull_request:
push:
branches:
- master
- releases/*
# We set `concurrency` to prevent having this workflow being run on code that is not up-to-date on a PR (a user make multiple push in a quick manner).
# But on the main branch, we don't want that behavior.
# Having the workflow run on each merge commit is something we would like, that could help us where a regression was made and missed by previous checks.
#
# For that we use `head_ref` that is only defined on `pull-request` and fallback to `run_id` (this is a counter, so it's value is unique between workflow call).
concurrency:
group: ci-${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
permissions:
contents: read
packages: read
jobs:
dispatch:
runs-on: ubuntu-22.04
outputs:
rust: ${{ steps.need-check.outputs.rust }}
python: ${{ steps.need-check.outputs.python }}
python-style-only: ${{ steps.need-check.outputs.python_style_only }}
rust-platform-crates: ${{ steps.need-check.outputs.rust_platform_crates }}
rust-dependencies: ${{ steps.need-check.outputs.rust_dependencies }}
web: ${{ steps.need-check.outputs.web }}
docs: ${{ steps.need-check.outputs.docs }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin v4.1.1
timeout-minutes: 5
- uses: dorny/paths-filter@0bc4621a3135347011ad047f9ecf449bf72ce2bd # pin v3.0.0
id: changes
with:
list-files: shell
filters: .github/filters/ci.yml
timeout-minutes: 5
- name: Determine which workflows need to be run
id: need-check
run: |
env | grep NEED_CHECK_
set -eux -o pipefail
for check in $(env | grep -o 'NEED_CHECK_[a-z_]\+' ); do
env_value=$(eval "echo \${$check}")
echo "${check#NEED_CHECK_}=$env_value"
done | tee -a $GITHUB_OUTPUT
env:
NEED_CHECK_rust: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.rust-jobs == 'true' }}
NEED_CHECK_web: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.web-jobs == 'true' }}
NEED_CHECK_python: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.python-jobs == 'true' }}
# Basically we want to only check the python code style when we modify a file that ins't related to the parsec server (e.g.: bindings/generator/generate.py)
# Thus don't require to run the python test.
NEED_CHECK_python_style_only: ${{ steps.changes.outputs.python-jobs == 'false' && steps.changes.outputs.any-python-files == 'true' }}
NEED_CHECK_rust_platform_crates: ${{ steps.changes.outputs.rust-platform-crates == 'true' }}
NEED_CHECK_rust_dependencies: ${{ steps.changes.outputs.rust-dependencies-workspace == 'true' }}
NEED_CHECK_docs: ${{ steps.changes.outputs.docs-jobs == 'true' }}
# Github PR merging is configured to only require this job to pass
ci-is-happy:
name: ⭐ CI is happy ⭐
needs:
- dispatch
- quality-assurance
- python
- rust
- web
- spelling
- docs
runs-on: ubuntu-latest
if: always()
# Just a fail-safe timeout, see the fine grain per-task timeout instead
timeout-minutes: 2
steps:
- name: Requirement fulfilled
run: |
#!python3
import os
import json
NOT_A_JOB = ('python-style-only', 'rust-platform-crates')
needs = json.loads(os.environ["NEEDS"])
print("NEEDS:", json.dumps(needs, indent=4), sep="\n")
# Check jobs aren't failed or cancelled.
for name, job in needs.items():
if job["result"] in ("cancelled", "failure"):
raise ValueError(f"The job `{name}` is in a invalid state: {job['result']}")
# Check required jobs, here we just need to check that the state is `success` and not `skipped`.
for job_name, required in needs["dispatch"]["outputs"].items():
if job_name in NOT_A_JOB:
continue
if job_name not in needs:
print(f"Job: `{job_name}` isn't required!")
continue
assert required in ("true", "false")
job_result = needs[job_name]["result"]
if required == "true" and job_result != "success":
raise ValueError(
f"The required job `{job_name}` should be in a success state but is not (state={job_result})"
)
env:
NEEDS: ${{ toJSON(needs) }}
shell: python
spelling:
uses: ./.github/workflows/cspell.yml
##############################################################################
# 📊 Q&A #
##############################################################################
quality-assurance:
name: 📊 Q&A
# All linux jobs must run the same ubuntu version to avoid Rust caching issues !
runs-on: ubuntu-22.04
# Just a fail-safe timeout, see the fine grain per-task timeout instead
timeout-minutes: 10
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin v4.1.1
timeout-minutes: 5
- uses: dorny/paths-filter@0bc4621a3135347011ad047f9ecf449bf72ce2bd # pin v3.0.0
id: newsfragment-have-changed
with:
filters: |
newsfragments:
- newsfragments/**
- name: Install python
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # pin v5.0.0
id: setup-python
with:
python-version: 3.12
- name: Check tools version
run: |
echo "::add-matcher::.github/custom-problem-matchers/version-updater.json"
python --version
python misc/version_updater.py --check
echo "::remove-matcher owner=version-updater::"
timeout-minutes: 2
- name: Check Commit Signature
run: python .github/scripts/check_commit_signature.py
- name: Check News fragments
if: |
github.event_name == 'pull_request'
&& !(
startsWith(github.head_ref, 'releases/')
|| startsWith(github.head_ref, 'revert')
|| startsWith(github.head_ref, 'acknowledge')
)
&& steps.newsfragment-have-changed.outputs.newsfragments == 'true'
run: |
whereis git
git fetch origin ${{ github.base_ref }}
python .github/scripts/check_newsfragments.py --base=${{ github.base_ref }}
timeout-minutes: 5
- name: Patch pre-commit for line-ending
id: patched-pre-commit-config
run: |
TEMP_FILE=$(mktemp)
sed '/id: mixed-line-ending/a\ args: [ --fix=lf ]' .pre-commit-config.yaml > $TEMP_FILE
diff --unified .pre-commit-config.yaml $TEMP_FILE || true
echo "path=$TEMP_FILE" >> $GITHUB_OUTPUT
# Clippy basically compile the project, hence it's faster to run it in
# the test-rust-matrix job where compilation cache is reused !
- uses: ./.github/actions/use-pre-commit
with:
config-file: ${{ steps.patched-pre-commit-config.outputs.path }}
env:
SKIP: clippy,fmt,cspell,ruff,black,pyright,eslint
timeout-minutes: 5
python:
needs:
- dispatch
if: needs.dispatch.outputs.python == 'true' || needs.dispatch.outputs.python-style-only == 'true'
uses: ./.github/workflows/ci-python.yml
with:
style-only: ${{ needs.dispatch.outputs.python-style-only == 'true' }}
rust:
needs:
- dispatch
if: needs.dispatch.outputs.rust == 'true'
uses: ./.github/workflows/ci-rust.yml
with:
run-wasm-tests: ${{ needs.dispatch.outputs.rust-platform-crates == 'true' }}
check-cargo-deny: ${{ needs.dispatch.outputs.rust-dependencies == 'true' }}
web:
needs:
- dispatch
if: needs.dispatch.outputs.web == 'true'
uses: ./.github/workflows/ci-web.yml
docs:
needs:
- dispatch
if: needs.dispatch.outputs.docs == 'true'
uses: ./.github/workflows/ci-docs.yml