Add user freeze feature #12120
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
workflow_dispatch: | |
merge_group: | |
pull_request: | |
push: | |
branches: | |
- master | |
- releases/* | |
# We set `concurrency` to prevent having this workflow being run on code that is not up-to-date on a PR (a user make multiple push in a quick manner). | |
# But on the main branch, we don't want that behavior. | |
# Having the workflow run on each merge commit is something we would like, that could help us where a regression was made and missed by previous checks. | |
# | |
# For that we use `head_ref` that is only defined on `pull-request` and fallback to `run_id` (this is a counter, so it's value is unique between workflow call). | |
concurrency: | |
group: ci-${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
cancel-in-progress: true | |
permissions: | |
contents: read | |
packages: read | |
jobs: | |
dispatch: | |
runs-on: ubuntu-22.04 | |
outputs: | |
rust: ${{ steps.need-check.outputs.rust }} | |
python: ${{ steps.need-check.outputs.python }} | |
python-style-only: ${{ steps.need-check.outputs.python_style_only }} | |
rust-platform-crates: ${{ steps.need-check.outputs.rust_platform_crates }} | |
rust-dependencies: ${{ steps.need-check.outputs.rust_dependencies }} | |
web: ${{ steps.need-check.outputs.web }} | |
docs: ${{ steps.need-check.outputs.docs }} | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin v4.1.1 | |
timeout-minutes: 5 | |
- uses: dorny/paths-filter@0bc4621a3135347011ad047f9ecf449bf72ce2bd # pin v3.0.0 | |
id: changes | |
with: | |
list-files: shell | |
filters: .github/filters/ci.yml | |
timeout-minutes: 5 | |
- name: Determine which workflows need to be run | |
id: need-check | |
run: | | |
env | grep NEED_CHECK_ | |
set -eux -o pipefail | |
for check in $(env | grep -o 'NEED_CHECK_[a-z_]\+' ); do | |
env_value=$(eval "echo \${$check}") | |
echo "${check#NEED_CHECK_}=$env_value" | |
done | tee -a $GITHUB_OUTPUT | |
env: | |
NEED_CHECK_rust: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.rust-jobs == 'true' }} | |
NEED_CHECK_web: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.web-jobs == 'true' }} | |
NEED_CHECK_python: ${{ github.ref == 'refs/heads/master' || steps.changes.outputs.python-jobs == 'true' }} | |
# Basically we want to only check the python code style when we modify a file that ins't related to the parsec server (e.g.: bindings/generator/generate.py) | |
# Thus don't require to run the python test. | |
NEED_CHECK_python_style_only: ${{ steps.changes.outputs.python-jobs == 'false' && steps.changes.outputs.any-python-files == 'true' }} | |
NEED_CHECK_rust_platform_crates: ${{ steps.changes.outputs.rust-platform-crates == 'true' }} | |
NEED_CHECK_rust_dependencies: ${{ steps.changes.outputs.rust-dependencies-workspace == 'true' }} | |
NEED_CHECK_docs: ${{ steps.changes.outputs.docs-jobs == 'true' }} | |
# Github PR merging is configured to only require this job to pass | |
ci-is-happy: | |
name: ⭐ CI is happy ⭐ | |
needs: | |
- dispatch | |
- quality-assurance | |
- python | |
- rust | |
- web | |
- spelling | |
- docs | |
runs-on: ubuntu-latest | |
if: always() | |
# Just a fail-safe timeout, see the fine grain per-task timeout instead | |
timeout-minutes: 2 | |
steps: | |
- name: Requirement fulfilled | |
run: | | |
#!python3 | |
import os | |
import json | |
NOT_A_JOB = ('python-style-only', 'rust-platform-crates') | |
needs = json.loads(os.environ["NEEDS"]) | |
print("NEEDS:", json.dumps(needs, indent=4), sep="\n") | |
# Check jobs aren't failed or cancelled. | |
for name, job in needs.items(): | |
if job["result"] in ("cancelled", "failure"): | |
raise ValueError(f"The job `{name}` is in a invalid state: {job['result']}") | |
# Check required jobs, here we just need to check that the state is `success` and not `skipped`. | |
for job_name, required in needs["dispatch"]["outputs"].items(): | |
if job_name in NOT_A_JOB: | |
continue | |
if job_name not in needs: | |
print(f"Job: `{job_name}` isn't required!") | |
continue | |
assert required in ("true", "false") | |
job_result = needs[job_name]["result"] | |
if required == "true" and job_result != "success": | |
raise ValueError( | |
f"The required job `{job_name}` should be in a success state but is not (state={job_result})" | |
) | |
env: | |
NEEDS: ${{ toJSON(needs) }} | |
shell: python | |
spelling: | |
uses: ./.github/workflows/cspell.yml | |
############################################################################## | |
# 📊 Q&A # | |
############################################################################## | |
quality-assurance: | |
name: 📊 Q&A | |
# All linux jobs must run the same ubuntu version to avoid Rust caching issues ! | |
runs-on: ubuntu-22.04 | |
# Just a fail-safe timeout, see the fine grain per-task timeout instead | |
timeout-minutes: 10 | |
steps: | |
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # pin v4.1.1 | |
timeout-minutes: 5 | |
- uses: dorny/paths-filter@0bc4621a3135347011ad047f9ecf449bf72ce2bd # pin v3.0.0 | |
id: newsfragment-have-changed | |
with: | |
filters: | | |
newsfragments: | |
- newsfragments/** | |
- name: Install python | |
uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # pin v5.0.0 | |
id: setup-python | |
with: | |
python-version: 3.12 | |
- name: Check tools version | |
run: | | |
echo "::add-matcher::.github/custom-problem-matchers/version-updater.json" | |
python --version | |
python misc/version_updater.py --check | |
echo "::remove-matcher owner=version-updater::" | |
timeout-minutes: 2 | |
- name: Check Commit Signature | |
run: python .github/scripts/check_commit_signature.py | |
- name: Check News fragments | |
if: | | |
github.event_name == 'pull_request' | |
&& !( | |
startsWith(github.head_ref, 'releases/') | |
|| startsWith(github.head_ref, 'revert') | |
|| startsWith(github.head_ref, 'acknowledge') | |
) | |
&& steps.newsfragment-have-changed.outputs.newsfragments == 'true' | |
run: | | |
whereis git | |
git fetch origin ${{ github.base_ref }} | |
python .github/scripts/check_newsfragments.py --base=${{ github.base_ref }} | |
timeout-minutes: 5 | |
- name: Patch pre-commit for line-ending | |
id: patched-pre-commit-config | |
run: | | |
TEMP_FILE=$(mktemp) | |
sed '/id: mixed-line-ending/a\ args: [ --fix=lf ]' .pre-commit-config.yaml > $TEMP_FILE | |
diff --unified .pre-commit-config.yaml $TEMP_FILE || true | |
echo "path=$TEMP_FILE" >> $GITHUB_OUTPUT | |
# Clippy basically compile the project, hence it's faster to run it in | |
# the test-rust-matrix job where compilation cache is reused ! | |
- uses: ./.github/actions/use-pre-commit | |
with: | |
config-file: ${{ steps.patched-pre-commit-config.outputs.path }} | |
env: | |
SKIP: clippy,fmt,cspell,ruff,black,pyright,eslint | |
timeout-minutes: 5 | |
python: | |
needs: | |
- dispatch | |
if: needs.dispatch.outputs.python == 'true' || needs.dispatch.outputs.python-style-only == 'true' | |
uses: ./.github/workflows/ci-python.yml | |
with: | |
style-only: ${{ needs.dispatch.outputs.python-style-only == 'true' }} | |
rust: | |
needs: | |
- dispatch | |
if: needs.dispatch.outputs.rust == 'true' | |
uses: ./.github/workflows/ci-rust.yml | |
with: | |
run-wasm-tests: ${{ needs.dispatch.outputs.rust-platform-crates == 'true' }} | |
check-cargo-deny: ${{ needs.dispatch.outputs.rust-dependencies == 'true' }} | |
web: | |
needs: | |
- dispatch | |
if: needs.dispatch.outputs.web == 'true' | |
uses: ./.github/workflows/ci-web.yml | |
docs: | |
needs: | |
- dispatch | |
if: needs.dispatch.outputs.docs == 'true' | |
uses: ./.github/workflows/ci-docs.yml |