-
Notifications
You must be signed in to change notification settings - Fork 215
324 lines (314 loc) · 11.2 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
name: CI
env:
go-version: "1.23"
GCLOUD_KEY: ${{ secrets.GCLOUD_KEY }}
PROJECT_NAME: ${{ secrets.PROJECT_NAME }}
CLUSTER_NAME: ${{ secrets.CLUSTER_NAME }}
CLUSTER_ZONE: ${{ secrets.CLUSTER_ZONE }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
ES_USER: ${{ secrets.ES_USER }}
ES_PASS: ${{ secrets.ES_PASS }}
MAIN_ES_IP: ${{ secrets.MAIN_ES_IP }}
TD_QUEUE_NAME: ${{ secrets.TD_QUEUE_NAME }}
TD_QUEUE_ZONE: ${{ secrets.TD_QUEUE_ZONE }}
DUMP_QUEUE_NAME: ${{ secrets.DUMP_QUEUE_NAME }}
DUMP_QUEUE_ZONE: ${{ secrets.DUMP_QUEUE_ZONE }}
# If needed the variable GOPRIVATE can be set in the repository settings :: Secrets and Variables > action > Variables : GOPRIVATE
# Trigger the workflow on all pull requests, and on push to specific branches
on:
# Allow manually triggering this workflow
workflow_dispatch:
# run for all pull requests and pushes to certain branches
pull_request:
push:
branches:
- staging
- trying
concurrency:
group: ${{ github.base_ref == 'staging' && 'smci-staging' || format('smci-{0}-{1}', github.workflow, github.ref) }}
cancel-in-progress: ${{ github.base_ref == 'staging' && false || true }}
jobs:
## stage 0: check which files were changed
filter-changes:
runs-on: ubuntu-22.04
outputs:
nondocchanges: ${{ steps.filter.outputs.nondoc }}
steps:
- uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.GH_ACTION_PRIVATE_KEY }}
- uses: dorny/paths-filter@v3
id: filter
with:
# All patterns have to match for it to be considered a non-doc change.
# If only markdown files or CODEOWNERS are changed non-doc will be considered true and not trigger
# building the code and executing the tests.
predicate-quantifier: 'every'
filters: |
nondoc:
- '!**/*.md'
- '!.github/CODEOWNERS'
## stage 1: run unit tests and app tests as a prerequisite
## these run on all pushes to all pull requests, all branches
## note that secrets may not be accessible in this phase
quicktests:
runs-on: ubuntu-22.04
needs: filter-changes
if: ${{ needs.filter-changes.outputs.nondocchanges == 'true' }}
# should not take more than 2-3 mins
timeout-minutes: 5
steps:
- name: Add OpenCL support
run: sudo apt-get update -q && sudo apt-get install -qy ocl-icd-opencl-dev libpocl2
- name: checkout
uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.GH_ACTION_PRIVATE_KEY }}
- uses: extractions/netrc@v2
with:
machine: github.com
username: ${{ secrets.GH_ACTION_TOKEN_USER }}
password: ${{ secrets.GH_ACTION_TOKEN }}
if: vars.GOPRIVATE
- name: set up go
uses: actions/setup-go@v5
with:
check-latest: true
go-version: ${{ env.go-version }}
- name: fmt, tidy, generate
run: |
make install
make test-fmt
make test-tidy
make test-generate
- name: Check for vulnerabilities
run: make vulncheck
lint:
runs-on: ubuntu-22.04
needs: filter-changes
if: ${{ needs.filter-changes.outputs.nondocchanges == 'true' }}
# should not take more than 15-16 mins
timeout-minutes: 18
steps:
- name: Add OpenCL support
run: sudo apt-get update -q && sudo apt-get install -qy ocl-icd-opencl-dev libpocl2
- name: checkout
uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.GH_ACTION_PRIVATE_KEY }}
- uses: extractions/netrc@v2
with:
machine: github.com
username: ${{ secrets.GH_ACTION_TOKEN_USER }}
password: ${{ secrets.GH_ACTION_TOKEN }}
if: vars.GOPRIVATE
- name: set up go
uses: actions/setup-go@v5
with:
check-latest: true
go-version: ${{ env.go-version }}
- name: setup env
run: make install
- name: lint
run: make lint
build:
runs-on: ${{ matrix.os }}
needs: filter-changes
if: ${{ needs.filter-changes.outputs.nondocchanges == 'true' }}
strategy:
fail-fast: true
matrix:
os:
- ubuntu-22.04
- ubuntu-latest-arm-8-cores
- macos-13
- [self-hosted, macOS, ARM64, go-spacemesh]
- windows-2022
steps:
- name: Add OpenCL support - Ubuntu
if: ${{ matrix.os == 'ubuntu-22.04' || matrix.os == 'ubuntu-latest-arm-8-cores' }}
run: sudo apt-get update -q && sudo apt-get install -qy ocl-icd-opencl-dev libpocl2
- name: disable Windows Defender - Windows
if: ${{ matrix.os == 'windows-2022' }}
run: |
Set-MpPreference -DisableRealtimeMonitoring $true
- name: Set new git config - Windows
if: ${{ matrix.os == 'windows-2022' }}
run: |
git config --global pack.window 1
git config --global core.compression 0
git config --global http.postBuffer 1024M
- name: checkout
uses: actions/checkout@v4
with:
ssh-key: ${{ secrets.GH_ACTION_PRIVATE_KEY }}
- uses: extractions/netrc@v2
with:
machine: github.com
username: ${{ secrets.GH_ACTION_TOKEN_USER }}
password: ${{ secrets.GH_ACTION_TOKEN }}
if: vars.GOPRIVATE
- name: set up go
uses: actions/setup-go@v5
with:
check-latest: true
go-version: ${{ env.go-version }}
cache: ${{ runner.arch != 'arm64' }}
- name: setup env
run: make install
- name: build merge-nodes
run: make merge-nodes
- name: build gen-p2p-identity
run: make gen-p2p-identity
- name: build bootstrapper
run: make bootstrapper
- name: build
timeout-minutes: 5
run: make build
coverage:
runs-on: ubuntu-22.04
needs: filter-changes
if: ${{ needs.filter-changes.outputs.nondocchanges == 'true' }}
steps:
- name: disable TCP/UDP offload
run: |
sudo ethtool -K eth0 tx off
sudo ethtool -K eth0 rx off
- uses: actions/checkout@v4
with:
lfs: true
ssh-key: ${{ secrets.GH_ACTION_PRIVATE_KEY }}
- uses: extractions/netrc@v2
with:
machine: github.com
username: ${{ secrets.GH_ACTION_TOKEN_USER }}
password: ${{ secrets.GH_ACTION_TOKEN }}
if: vars.GOPRIVATE
- name: set up go
uses: actions/setup-go@v5
with:
check-latest: true
go-version-file: "go.mod"
- name: Add OpenCL support - Ubuntu
run: sudo apt-get update -q && sudo apt-get install -qy ocl-icd-opencl-dev libpocl2
- name: setup env
run: make install
- name: test coverage
run: make cover
- name: Upload to codecov.io
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Upload test results to Codecov
if: ${{ !cancelled() }}
uses: codecov/test-results-action@v1
with:
token: ${{ secrets.CODECOV_TOKEN }}
unittests:
runs-on: ${{ matrix.os }}
needs: filter-changes
if: ${{ needs.filter-changes.outputs.nondocchanges == 'true' }}
strategy:
fail-fast: true
matrix:
os:
- ubuntu-22.04
- ubuntu-latest-arm-8-cores
# FIXME: reenable the macos runner
# - macos-13
- [self-hosted, macOS, ARM64, go-spacemesh]
- windows-2022
steps:
# as we use some request to localhost, sometimes it gives us flaky tests. try to disable tcp offloading for fix it
# https://github.com/actions/virtual-environments/issues/1187
- name: disable TCP/UDP offload - Ubuntu
if: ${{ matrix.os == 'ubuntu-22.04' }}
run: |
sudo ethtool -K eth0 tx off
sudo ethtool -K eth0 rx off
- name: disable TCP/UDP offload - MacOS
if: ${{ matrix.os == 'macos-13' || matrix.os == '[self-hosted, macOS, ARM64, go-spacemesh]' }}
run: |
sudo sysctl -w net.link.generic.system.hwcksum_tx=0
sudo sysctl -w net.link.generic.system.hwcksum_rx=0
- name: disable TCP/UDP offload - Windows
if: ${{ matrix.os == 'windows-2022' }}
run: |
Disable-NetAdapterChecksumOffload -Name * -TcpIPv4 -UdpIPv4 -TcpIPv6 -UdpIPv6
- name: disable Windows Defender - Windows
if: ${{ matrix.os == 'windows-2022' }}
run: |
Set-MpPreference -DisableRealtimeMonitoring $true
- name: Set new git config - Windows
if: ${{ matrix.os == 'windows-2022' }}
run: |
git config --global pack.window 1
git config --global core.compression 0
git config --global http.postBuffer 1024M
- name: checkout
uses: actions/checkout@v4
with:
lfs: true
ssh-key: ${{ secrets.GH_ACTION_PRIVATE_KEY }}
- uses: extractions/netrc@v2
with:
machine: github.com
username: ${{ secrets.GH_ACTION_TOKEN_USER }}
password: ${{ secrets.GH_ACTION_TOKEN }}
if: vars.GOPRIVATE
- name: set up go
uses: actions/setup-go@v5
with:
check-latest: true
go-version: ${{ env.go-version }}
cache: ${{ runner.arch != 'arm64' }}
- name: Add OpenCL support - Ubuntu
if: ${{ matrix.os == 'ubuntu-22.04' || matrix.os == 'ubuntu-latest-arm-8-cores' }}
run: sudo apt-get update -q && sudo apt-get install -qy ocl-icd-opencl-dev libpocl2
- name: Add OpenCL support - Windows
if: ${{ matrix.os == 'windows-2022' }}
run: choco install opencl-intel-cpu-runtime
- name: setup env
run: make install
- name: Clear test cache
run: make clear-test-cache
- name: unit tests
timeout-minutes: 35
env:
GOTESTSUM_FORMAT: standard-quiet
GOTESTSUM_JUNITFILE: unit-tests.xml
run: make test
- name: Publish Test Report
uses: mikepenz/action-junit-report@v5
# always run even if the previous step fails
if: always()
with:
report_paths: "**/unit-tests.xml"
annotate_only: true
ci-status:
# run regardless of status of previous jobs but skip if the required secret is not accessible
if: always()
needs:
- filter-changes
- quicktests
- lint
- build
- unittests
runs-on: ubuntu-22.04
env:
# short-circuit success if no non-doc files were modified
# this is the easiest way to access success/failure state of previous jobs in this workflow
status: ${{ (needs.filter-changes.outputs.nondocchanges == 'false' || (needs.quicktests.result == 'success' && needs.build.result == 'success' && needs.lint.result == 'success' && needs.unittests.result == 'success')) && 'success' || 'failure' }}
steps:
- uses: act10ns/slack@v2
name: Slack notification
# skip if the secret is not accessible
if: env.SLACK_WEBHOOK_URL
with:
status: ${{ env.status }}
- name: Mark the job as succeeded
if: env.status == 'success'
run: exit 0
- name: Mark the job as failed
if: env.status != 'success'
run: exit 1