allow privileged IMP to linger during flux-imp run
to support signal forwarding
#218
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: [ pull_request, push ] | |
jobs: | |
check-pr: | |
name: validate commits | |
runs-on: ubuntu-latest | |
if: github.event_name == 'pull_request' | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
- run: git fetch origin master | |
- uses: flux-framework/pr-validator@master | |
spelling: | |
runs-on: ubuntu-20.04 | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: crate-ci/typos@7ad296c72fa8265059cc03d1eda562fbdfcd6df2 # v1.9.0 | |
generate-matrix: | |
# https://stackoverflow.com/questions/59977364 | |
name: Generate build matrix | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.set-matrix.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
- id: set-matrix | |
run: echo "matrix=$(src/test/generate-matrix.py)" >> $GITHUB_OUTPUT | |
- run: src/test/generate-matrix.py | jq -S . | |
- run: echo "GITHUB_BRANCH=${GITHUB_REF#refs/heads}" >> $GITHUB_OUTPUT | |
- run: echo "GITHUB_TAG=${GITHUB_REF#refs/tags}" >> $GITHUB_OUTPUT | |
- run: echo "EVENT_NAME=${{github.event_name}}" >> $GITHUB_OUTPUT | |
ci: | |
needs: [ generate-matrix ] | |
runs-on: ubuntu-20.04 | |
env: | |
FLUX_TESTS_LOGFILE: t | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
name: ${{ matrix.name }} | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
ref: ${{ github.event.pull_request.head.sha }} | |
fetch-depth: 0 | |
- name: fetch annotated tag | |
if: matrix.create_release | |
run: | | |
# Ensure git-describe works on a tag. | |
# (checkout@v3 action may have left current tag as | |
# lightweight instead of annotated. See | |
# https://github.com/actions/checkout/issues/290) | |
# | |
echo github.ref == ${{ github.ref }} ; | |
git fetch -f origin ${{ github.ref }}:${{ github.ref }} ; | |
echo git describe now reports $(git describe --always) | |
- name: docker buildx | |
uses: docker/setup-buildx-action@v2 | |
if: matrix.needs_buildx | |
- name: docker-run-checks | |
env: ${{matrix.env}} | |
run: ${{matrix.command}} | |
- name: annotate errors | |
if: failure() || cancelled() | |
env: ${{matrix.env}} | |
run: src/test/checks-annotate.sh | |
- name: coverage report | |
if: success() && matrix.coverage | |
uses: codecov/codecov-action@858dd794fbb81941b6d60b0dca860878cba60fa9 # v3.1.1 | |
- name: create release | |
id: create_release | |
if: | | |
success() | |
&& matrix.create_release | |
&& github.repository == 'flux-framework/flux-security' | |
env: ${{matrix.env}} | |
uses: softprops/action-gh-release@v1 | |
with: | |
tag_name: ${{ matrix.tag }} | |
name: flux-security ${{ matrix.tag }} | |
prerelease: true | |
files: flux-security*.tar.gz | |
body: | | |
View [Release Notes](https://github.com/${{ github.repository }}/blob/${{ matrix.tag }}/NEWS.md) for flux-security ${{ matrix.tag }} |