Bump github/codeql-action from 3.24.6 to 3.27.0 #1871
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
workflow_dispatch: # Allow manual runs. | |
pull_request: | |
branches: ["main"] | |
push: | |
branches: ["main"] | |
permissions: | |
contents: read | |
jobs: | |
lockfile: | |
name: Check lockfile up to date | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Check lockfile | |
run: bazel mod deps --lockfile_mode=error | |
ci-build-test: | |
name: CI build and unit test | |
runs-on: distroless-ci-large-ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Mount bazel caches | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cache/bazel-repo | |
key: bazel-cache-deps-ci1-${{ github.sha }} | |
restore-keys: | | |
bazel-cache-deps-ci1-${{ github.sha }} | |
bazel-cache-deps-ci1- | |
- name: Free space | |
run: | | |
sudo apt-get remove -y '^dotnet-.*' | |
sudo apt-get remove -y '^llvm-.*' | |
sudo apt-get remove -y 'php.*' | |
sudo apt-get remove -y azure-cli google-cloud-cli google-chrome-stable firefox powershell mono-devel | |
sudo apt-get autoremove -y | |
sudo apt-get clean | |
rm -rf /usr/share/dotnet/ | |
- name: Fetch # this can take a long time if there are a lot of errors | |
run: | | |
for i in $(seq 10); do | |
bazel --bazelrc=$GITHUB_WORKSPACE/.github/workflows/ci.bazelrc fetch //... && break || sleep 180; | |
done | |
- name: Build All Images | |
run: | | |
set -e | |
targets=$(bazel query 'kind(oci_image, deps(:sign_and_push))') | |
bazel --bazelrc=$GITHUB_WORKSPACE/.github/workflows/ci.bazelrc build $targets | |
- name: Unit Tests | |
run: bazel --bazelrc=$GITHUB_WORKSPACE/.github/workflows/ci.bazelrc test //... --build_tests_only | |
- name: Build Examples | |
run: bazel --bazelrc=$GITHUB_WORKSPACE/.github/workflows/ci.bazelrc build //examples/... | |
ci-images: | |
name: CI image tests | |
runs-on: distroless-ci-large-ubuntu-22.04 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Mount bazel caches | |
uses: actions/cache@v4 | |
with: | |
path: | | |
~/.cache/bazel-repo | |
key: bazel-cache-deps-ci2-${{ github.sha }} | |
restore-keys: | | |
bazel-cache-deps-ci2-${{ github.sha }} | |
bazel-cache-deps-ci2- | |
- name: Free space | |
run: | | |
sudo apt-get remove -y '^dotnet-.*' | |
sudo apt-get remove -y '^llvm-.*' | |
sudo apt-get remove -y 'php.*' | |
sudo apt-get remove -y azure-cli google-cloud-cli google-chrome-stable firefox powershell mono-devel | |
sudo apt-get autoremove -y | |
sudo apt-get clean | |
rm -rf /usr/share/dotnet/ | |
- name: Fetch | |
run: | | |
for i in $(seq 20); do | |
bazel --bazelrc=$GITHUB_WORKSPACE/.github/workflows/ci.bazelrc cquery 'attr(tags, "amd64", ...)' && break | |
sleep 10; | |
done | |
- name: Image Tests | |
run: bazel --bazelrc=$GITHUB_WORKSPACE/.github/workflows/ci.bazelrc test $(bazel query 'attr(tags, "amd64", ...)') |