Skip to content

Bump Gazelle & rules_go #3076

Bump Gazelle & rules_go

Bump Gazelle & rules_go #3076

Workflow file for this run

# SPDX-License-Identifier: Apache-2.0
#
# Copyright 2023-2024 The Enola <https://enola.dev> Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
name: CI
on:
push:
branches: [main]
pull_request:
# The branches below must be a subset of the branches above
branches: [main]
# https://github.com/orgs/community/discussions/25722
types: [opened, synchronize, reopened, ready_for_review]
# Cancel any in-progress job or run if there is a newer commit
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
jobs:
build:
# https://github.com/orgs/community/discussions/25722
if:
(github.repository == 'enola-dev/enola') &&
(github.event.pull_request.draft == false)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: "temurin"
# NB: Repeated below in push-container-image: job; must keep in sync!
java-version: "21"
- name: Install graphviz
# NB: We unfortunately cannot cache this, see https://github.com/enola-dev/enola/issues/823
run: sudo apt-get install -y graphviz && dot -V
shell: bash
- name: Cache Bazel
uses: bazel-contrib/[email protected]
with:
# KEEP IN SYNC WITH BELOW!
bazelisk-cache: true
bazelisk-version: 1.25.0
disk-cache: ${{ github.workflow }}
# TODO manifest: npm: package-lock.json ??
external-cache: true
repository-cache: true
- name: Cache Python
uses: actions/cache@v4
with:
path: .venv/
key: ${{ runner.os }}-venv-${{ hashFiles('requirements.txt') }}
restore-keys: ${{ runner.os }}-venv-
- name: Cache Node.js
uses: actions/cache@v4
with:
path: ~/.npm
# -${{ hashFiles('**/package-lock.json') }}
key: ${{ runner.os }}-npm
restore-keys: ${{ runner.os }}-npm
- name: Cache Go
uses: actions/cache@v4
with:
path: |
~/.cache/go-build
~/go
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Cache Pre-Commit
uses: actions/cache@v4
with:
path: ~/.cache/pre-commit/
key:
${{ runner.os }}-cache-${{ hashFiles('.pre-commit-config.yaml') }}
restore-keys: ${{ runner.os }}-cache-
- name: Cache Demo
uses: actions/cache@v4
with:
path: .cache/demo/
key: ${{ runner.os }}-demo-${{ hashFiles('tools/demo/*.bash') }}
restore-keys: ${{ runner.os }}-demo-
# https://asdf-vm.com
- name: Setup ASDF itself
uses: asdf-vm/actions/setup@v3
- name: Cache ASDF
uses: actions/cache@v4
id: asdf-cache
with:
# https://github.com/asdf-vm/asdf/blob/master/.gitignore
path: |
~/.asdf/installs
~/.asdf/plugins
~/.asdf/shims
key: ${{ runner.os }}-asdf-tools-${{ hashFiles('.tool-versions') }}
restore-keys: ${{ runner.os }}-asdf-tools-
- name: Install ASDF plugins
uses: asdf-vm/actions/install@v3
# See https://github.com/asdf-vm/actions/issues/445
if: ${{ steps.asdf-cache.outputs.cache-hit != 'true' }}
with:
# Keep this asdf_branch version in sync with //tools/asdf/install.bash
asdf_branch: v0.14.0
- name: Reshim installed ASDF tools
run: asdf reshim
shell: bash
- run: ./tools/test-ci/test.bash
# Build docs/ into site/ (not just on main branch but also for pull requests, as test)
- name:
Build Docs Site (but skip [slow] screencast recording, because on PR)
if: ${{ github.event_name == 'pull_request' }}
run: ./tools/docs/build.bash --without-demo-screencasts
- name: Build Docs Site, now with Screencasts (because on branch)
if: ${{ github.event_name == 'push' }}
run: ./tools/docs/build.bash
- name: pre-commit run --all-files
run: .venv/bin/pre-commit run --all-files
# The following steps deploy site/ (using GitHub Pages)
# to https://enola-dev.github.io = https://docs.enola.dev
- name: Setup Pages
if: ${{ github.event_name == 'push' }}
uses: actions/configure-pages@v5
- name: Upload site/ directory as GitHub Pages artifact
if: ${{ github.event_name == 'push' }}
uses: actions/upload-pages-artifact@v3
with:
path: "site/"
deploy-website:
needs: build
if: ${{ github.event_name == 'push' }}
runs-on: ubuntu-latest
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication
# Sets required permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
permissions:
pages: write
id-token: write
environment:
name: github-pages
url: ${{ steps.deployment.outputs.page_url }}
steps:
# https://github.com/actions/deploy-pages
- name: Deploy to GitHub Pages
id: deployment
uses: actions/deploy-pages@v4
# https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#publishing-a-package-using-an-action
push-container-image:
needs: build
if: ${{ github.event_name == 'push' }}
runs-on: ubuntu-latest
# This is a separate job from 'build' only because it needs additional permissions which we don't want 'build' to have:
permissions:
contents: read
packages: write
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: "temurin"
# NB: Repeated above in build: job; must keep in sync!
java-version: "21"
- name: Cache Bazel
uses: bazel-contrib/[email protected]
with:
# KEEP IN SYNC WITH ABOVE!
bazelisk-cache: true
bazelisk-version: 1.25.0
disk-cache: ${{ github.workflow }}
# TODO manifest: npm: package-lock.json ??
external-cache: true
repository-cache: true
- name: Build Container Image # again, because technically it was already built in the 'build' job, but oh well!
run: ./tools/distro/build.bash
# Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
# This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages.
# It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository.
# It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
- name: Build and push Docker image
uses: docker/build-push-action@v6
with:
context: .
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}