Skip to content

Enable Sorbet/StrictSigil in devcontainers #16407

Enable Sorbet/StrictSigil in devcontainers

Enable Sorbet/StrictSigil in devcontainers #16407

Workflow file for this run

# Runs all ecosystems cached and concurrently.
name: Smoke
on: # yamllint disable-line rule:truthy
workflow_dispatch:
push:
branches: ["main"]
pull_request:
paths-ignore:
- docs/**
- README.md
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SMOKE_TEST_BRANCH: main
jobs:
discover:
runs-on: ubuntu-latest
outputs:
suites: ${{ steps.suites.outputs.suites }}
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
submodules: recursive
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
if: github.event_name != 'workflow_dispatch'
id: changes
with:
filters: .github/smoke-filters.yml
- name: Generate suites to run
id: suites
run: |
# Write the changes.json file which is an array of paths
echo "${{ toJson(steps.changes.outputs.changes) }}" > changes.json
cat changes.json
# Read smoke-matrix.json, filtering out paths not in changes.json
jq -c --argjson changes "$(cat changes.json)" '[.[] | select(.core as $p | $changes | index($p))]' .github/smoke-matrix.json > filtered.json
cat filtered.json
# Curl the smoke-test tests directory to get a list of tests to run
URL=https://api.github.com/repos/dependabot/smoke-tests/contents/tests?ref=${{ env.SMOKE_TEST_BRANCH }}
curl $URL > tests.json
# Select the names that match smoke-$test*.yaml, where $test is the .text value from filtered.json
# We end up with, for example: [{core: "bundler", ecosystem: "rubygems", name: "smoke-bundler.yaml"}]
jq -c '.[]' filtered.json | while read -r i; do
test=$(echo "$i" | jq -r '.test')
jq --argjson i "$i" --arg test "-$test" -r '.[] | select(.name | contains($test)) | {core: ($i | .core), ecosystem: ($i | .ecosystem), name: .name, sha: .sha }' tests.json
done | jq -cs . > suites.json
# Set the step output
echo "suites=$(cat suites.json)" >> $GITHUB_OUTPUT
e2e:
needs: discover
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
suite: ${{ fromJSON(needs.discover.outputs.suites) }}
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
submodules: recursive
- name: Download CLI
run: |
gh release download --repo dependabot/cli -p "*linux-amd64.tar.gz"
tar xzvf *.tar.gz >/dev/null 2>&1
./dependabot --version
- name: Restore Smoke Test
id: cache-smoke-test
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: smoke.yaml
key: ${{ matrix.suite.sha }}-${{ matrix.suite.name }}
- name: Download test
if: steps.cache-smoke-test.outputs.cache-hit != 'true'
run: |
URL=https://api.github.com/repos/dependabot/smoke-tests/contents/tests/${{ matrix.suite.name }}?ref=${{ env.SMOKE_TEST_BRANCH }}
curl $(gh api $URL --jq .download_url) -o smoke.yaml
- name: Cache Smoke Test
if: steps.cache-smoke-test.outputs.cache-hit != 'true'
uses: actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: smoke.yaml
key: ${{ steps.cache-smoke-test.outputs.cache-primary-key }}
# Download the Proxy cache. The job is ideally 100% cached so no real calls are made.
# Allowed to fail to get out of checking and egg situations, for example, when adding a new ecosystem.
- name: Download cache
run: |
# The name of the cache is derived from the test name, e.g. smoke-bundler.yaml -> cache-bundler
TEST=${{ matrix.suite.name }}
# Remove the smoke- and the .yaml or .yml suffix
CACHE=${TEST#smoke-}
CACHE=${CACHE%.yaml}
CACHE=${CACHE%.yml}
gh run download --repo dependabot/smoke-tests --name cache-$CACHE --dir cache
continue-on-error: true
- name: Build ecosystem image
run: script/build ${{ matrix.suite.core }}
- name: ${{ matrix.suite.core }}
id: test
env:
LOCAL_GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -o pipefail
./dependabot test \
-f=smoke.yaml \
-o=result.yaml \
--cache=cache \
--timeout=20m \
--updater-image=ghcr.io/dependabot/dependabot-updater-${{ matrix.suite.ecosystem }}:latest \
2>&1 | tee -a log.txt
- name: Diff
continue-on-error: true
run: diff --ignore-space-change smoke.yaml result.yaml && echo "Contents are identical"
- name: Create summary
run: tail -n100 log.txt | grep -P '\d+/\d+ calls cached \(\d+%\)' >> $GITHUB_STEP_SUMMARY
# No upload at the end:
# - If a test is uncachable in some regard, the cache would grow unbound.
# - We might want to consider erroring if the cache is changed.