[submodule-sync: submodules/dev-tools] Update submodule to its latest version #1929
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Run All Tests | |
| # We use action's triggers 'push' and 'pull_request'. | |
| # The strategy is the following: this action will be | |
| # triggered on any push to 'main' branch and any pull | |
| # request to any branch. Thus we avoid duplicate work- | |
| # flows. | |
| on: | |
| push: | |
| branches: | |
| - "main" | |
| pull_request: | |
| branches: | |
| - "**" | |
| workflow_dispatch: | |
| inputs: | |
| # Live debug failures using tmate by toggling input parameter | |
| # 'debug_enabled': | |
| # https://github.com/mxschmitt/action-tmate#manually-triggered-debug | |
| # When manually running this workflow: | |
| # https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow | |
| debug_enabled: | |
| description: "Enable tmate debugging" | |
| type: boolean | |
| default: false | |
| env: | |
| XCODE_VERSION: 14.3.1 | |
| jobs: | |
| check-secrets: | |
| name: Check Secrets | |
| # There is no reason to run that job on the 'macos-13' or 'macos-13-xlarge, | |
| # which are more expensive runners, since we are just checking the secrets. | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Fail if GCP_GITHUB_INFRA_REMOTE_CACHE_CREDENTIALS secret is missing | |
| env: | |
| secret: ${{ secrets.GCP_GITHUB_INFRA_REMOTE_CACHE_CREDENTIALS }} | |
| if: ${{ env.secret == '' }} | |
| run: echo "Missing secret 'GCP_GITHUB_INFRA_REMOTE_CACHE_CREDENTIALS'"; exit 1 | |
| linux-test: | |
| name: Test eventuals on Linux | |
| needs: [check-secrets] | |
| runs-on: 64_core_GitHub_hosted | |
| steps: | |
| - uses: actions/checkout@v2 | |
| with: | |
| submodules: "recursive" | |
| - name: Use Bazel remote cache (scoped to this devcontainer version) | |
| env: | |
| # The devcontainer is fully defined by the files in the | |
| # `.devcontainer/` directory, so we can use the hash of those files to | |
| # determine a "version" that changes if and only if the devcontainer | |
| # changes. | |
| # | |
| # By then setting that "version" as an `--action_env` variable, we | |
| # force Bazel to reject cached results from previous devcontainer | |
| # versions. This is intended to prevent cache corruptions due to | |
| # incompatible tooling across devcontainer versions, see: | |
| # https://github.com/reboot-dev/respect/issues/1723 | |
| DEVCONTAINER_VERSION: ${{ hashFiles('.devcontainer/') }} | |
| run: | | |
| # The remote bazel cache saves a LOT of time when building in a clean | |
| # environment. | |
| echo "build --remote_cache=https://storage.googleapis.com/reboot-dev-bazel-remote-cache-eventuals-us" >user.bazelrc | |
| # The remote cache credentials are provided by environment variable. | |
| echo "build --google_default_credentials" >>user.bazelrc | |
| # Scope all of the artifacts we'll produce in the remote cache to this | |
| # devcontainer version by adding an `--action_env` variable. This will | |
| # ensure that changes to the devcontainer (which might produce | |
| # incompatible artifacts) don't cause cache corruption. | |
| echo "build --action_env=DEVCONTAINER_VERSION=$DEVCONTAINER_VERSION" >>user.bazelrc | |
| echo "user.bazelrc:" | |
| echo "----" | |
| cat user.bazelrc | |
| echo "----" | |
| - name: Run | |
| uses: devcontainers/[email protected] | |
| env: | |
| # NOTE: the following environment variables are _not_ passed through | |
| # to the devcontainer when it runs, but are available ONLY to | |
| # its `devcontainer.json` (the build step). The | |
| # `devcontainer.json` forwards some of them on to the runtime | |
| # environment of the devcontainer, but that is not a given. | |
| # If you would like to pass environment variables to the | |
| # run-time of the devcontainer, use the `env` section inside the | |
| # `with`; see: | |
| # https://github.com/devcontainers/ci/blob/main/docs/github-action.md#environment-variables | |
| # Specify that this devcontainer build was triggered by this | |
| # YML file so we skip steps that we intend only when using | |
| # Codespaces. | |
| # | |
| # NOTE: while there does exist an 'env' input to | |
| # 'devcontainers/ci', that _only_ changes the environment for | |
| # the 'runCmd', not for the building and creating of the | |
| # devcontainer itself. In contrast, this 'env' section also influences | |
| # the build, as it should. | |
| GCP_GITHUB_INFRA_REMOTE_CACHE_CREDENTIALS: ${{ secrets.GCP_GITHUB_INFRA_REMOTE_CACHE_CREDENTIALS }} | |
| with: | |
| # The Docker image of the runner will get built based on the | |
| # `.devcontainer/devcontainer.json`, which in our case means it's | |
| # mostly based on the `Dockerfile`. | |
| # We are not using cache for the devcontainer build. | |
| push: never | |
| runCmd: | | |
| bazel \ | |
| test \ | |
| --config=asan \ | |
| --test_env=ASAN_OPTIONS=detect_odr_violation=0 \ | |
| --experimental_ui_max_stdouterr_bytes=-1 \ | |
| --verbose_failures \ | |
| -c dbg \ | |
| --strip="never" \ | |
| --test_output=errors \ | |
| test/... \ | |
| --test_arg=--gtest_shuffle \ | |
| --test_arg=--gtest_repeat=100 | |
| - name: Debug using tmate (if failure) | |
| uses: mxschmitt/action-tmate@v3 | |
| # Optionally enable tmate debugging if the workflow was manually-triggered | |
| # with `debug_enabled` set to `true`. | |
| # https://github.com/mxschmitt/action-tmate#manually-triggered-debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled }} | |
| macos-test: | |
| name: Test eventuals on macOS | |
| needs: [check-secrets] | |
| runs-on: ${{ matrix.runner }} | |
| strategy: | |
| matrix: | |
| runner: [macos-13, macos-13-xlarge] | |
| steps: | |
| - name: Install llvm@14 | |
| run: | | |
| brew install llvm@14 | |
| brew link llvm@14 --force --overwrite | |
| echo 'export PATH="/opt/homebrew/opt/llvm@14/bin:$PATH"' >> $HOME/.bash_profile | |
| - name: Select Xcode | |
| run: | | |
| sudo xcode-select -s /Applications/Xcode_$XCODE_VERSION.app/Contents/Developer | |
| - uses: actions/checkout@v2 | |
| with: | |
| submodules: "recursive" | |
| # We need to differentiate between different MacOS environments, like | |
| # arm64 and x86_64 in the remote cache, so we dump information about the | |
| # environment into 'mac_os_environment.txt' and calculate a hash of | |
| # that file later. | |
| - name: Create environment information file for remote-cache | |
| run: | | |
| # Get the architecture and Release version of the runner. | |
| echo $(uname -rsm) >> mac_os_environment.txt | |
| # Get the MacOS version of the runner. | |
| echo $(sw_vers) >> mac_os_environment.txt | |
| - name: Use Bazel remote cache (scoped to this MacOS runner version) | |
| env: | |
| # Setting a hash of "mac_os_environment.txt" as an `--action_env` | |
| # variable, we force Bazel to reject cached results from other | |
| # MacOS environments. This is intended to prevent cache | |
| # corruptions due to incompatible tooling across MacOS runner versions. | |
| # See: https://github.com/reboot-dev/respect/issues/1723 | |
| MAC_OS_ENVIRONMENT_VERSION: ${{ hashFiles('mac_os_environment.txt') }} | |
| run: | | |
| # The remote bazel cache saves a LOT of time when building in a clean | |
| # environment. | |
| echo "build --remote_cache=https://storage.googleapis.com/reboot-dev-bazel-remote-cache-eventuals-us" >> user.bazelrc | |
| # The remote cache credentials are provided by environment variable. | |
| echo "build --google_default_credentials" >> user.bazelrc | |
| # Scope all of the artifacts we'll produce in the remote cache to this | |
| # MacOS runner version by adding an `--action_env` variable. This will | |
| # ensure that changes to the MacOS runner (which might produce | |
| # incompatible artifacts) don't cause cache corruption. | |
| echo "build --action_env=MAC_OS_ENVIRONMENT_VERSION=$MAC_OS_ENVIRONMENT_VERSION" >> user.bazelrc | |
| echo "user.bazelrc:" | |
| echo "----" | |
| cat user.bazelrc | |
| echo "----" | |
| - name: Create google_application_credentials.json | |
| env: | |
| GCP_GITHUB_INFRA_REMOTE_CACHE_CREDENTIALS: ${{ secrets.GCP_GITHUB_INFRA_REMOTE_CACHE_CREDENTIALS }} | |
| run: | | |
| echo "export GOOGLE_APPLICATION_CREDENTIALS=google_application_credentials.json" >> $HOME/.bash_profile | |
| source $HOME/.bash_profile | |
| echo $GCP_GITHUB_INFRA_REMOTE_CACHE_CREDENTIALS > $GOOGLE_APPLICATION_CREDENTIALS | |
| - name: Run | |
| run: | | |
| source $HOME/.bash_profile | |
| bazel \ | |
| test \ | |
| --test_output=errors \ | |
| test/... \ | |
| --test_arg=--gtest_shuffle \ | |
| --test_arg=--gtest_repeat=100 | |
| - name: Debug using tmate (if failure) | |
| uses: mxschmitt/action-tmate@v3 | |
| # Optionally enable tmate debugging if the workflow was manually-triggered | |
| # with `debug_enabled` set to `true`. | |
| # https://github.com/mxschmitt/action-tmate#manually-triggered-debug | |
| if: ${{ failure() && github.event_name == 'workflow_dispatch' && github.event.inputs.debug_enabled }} |