-
Notifications
You must be signed in to change notification settings - Fork 0
261 lines (254 loc) · 8.72 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
name: Elixir CI Checks
env:
DEBIAN_FRONTEND: noninteractive
DEPENDENCY_FILE: mix.lock
ELIXIR_VERSION: 1.16.2
JOB_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
OTP_VERSION: 26.2.5
RELEVANT_FILES: "mix.lock mix.exs lib priv config test"
REPOSITORY: absinthe_helpers
RUNNER_OS: ubuntu22
SHA: ${{ github.sha }}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on:
push:
branches:
- main
pull_request:
types:
- synchronize
- opened
- reopened
jobs:
static:
name: Static Checks (Elixir ${{ matrix.versions.elixir-version }})
runs-on: runs-on,runner=4cpu-linux-x64
outputs:
HASH: ${{ steps.hash.outputs.HASH }}
strategy:
fail-fast: false
matrix:
versions:
- {
elixir-version: 1.16.2,
otp-version: 26.2.5,
runner-os: "ubuntu22",
}
steps:
- name: Checkout latest codebase
uses: actions/checkout@v4
with:
ref: ${{ env.SHA }}
clean: false
persist-credentials: true
- name: Setup Elixir
uses: erlef/setup-beam@v1
env:
ImageOS: ${{ matrix.versions.runner-os }}
with:
elixir-version: ${{ matrix.versions.elixir-version }}
otp-version: ${{ matrix.versions.otp-version }}
version-type: strict
- name: Get SHA sum (HASH) of relevant files
id: hash
run: |
git config --global --add safe.directory /__w/${{ env.repository }}/${{ env.repository }}
echo "Get SHA sum (HASH) of relevant files"
HASH="$(git ls-tree ${{ env.SHA }} -- ${{ env.RELEVANT_FILES }} | sha1sum | cut -d' ' -f1)"
echo "BUILD HASH FOR THE CODEBASE IS: $HASH"
echo "HASH=$HASH" >> $GITHUB_OUTPUT
- name: Hex auth
run: mix hex.organization auth fresha --key ${{ secrets.HEX_ORGANIZATION_WRITE_KEY }}
- uses: runs-on/cache@v4
id: deps-cache
with:
path: |
deps
_build/dev
key: ${{ runner.os }}-${{ matrix.versions.elixir-version }}-${{ matrix.versions.otp-version }}-precompile-deps-dev-${{ hashFiles('mix.lock') }}
- name: Install dependencies
if: steps.deps-cache.outputs.cache-hit != 'true'
env:
MIX_ENV: dev
run: |
echo "Installing dependencies"
mix deps.get
mix deps.compile
- uses: runs-on/cache@v4
id: build-cache
with:
path: "**/*"
key: ${{ runner.os }}-${{ matrix.versions.elixir-version }}-${{ matrix.versions.otp-version }}-compile-dev-${{ steps.hash.outputs.HASH }}
- name: Compile with warning as --warnings-as-errors
if: steps.build-cache.outputs.cache-hit != 'true'
run: |
echo "Compiling the app with --warnings-as-errors"
mix compile --warnings-as-errors --force
- name: Run credo
run: |
echo "Running credo"
mix credo --strict
- name: Run format
run: |
echo "Running format"
mix format --check-formatted --dry-run
- name: Run publish --dry-run
env:
HEX_API_KEY: ${{ secrets.HEX_ORGANIZATION_WRITE_KEY }}
run: |
echo "Running publish --dry-run"
mix hex.publish --dry-run
test:
name: Unit Tests (Elixir ${{ matrix.versions.elixir-version }})
runs-on: runs-on,runner=2cpu-linux-x64
strategy:
fail-fast: false
matrix:
versions:
- {
elixir-version: 1.16.2,
otp-version: 26.2.5,
runner-os: "ubuntu22",
}
steps:
- name: Checkout latest codebase
uses: actions/checkout@v4
with:
ref: ${{ env.SHA }}
clean: false
persist-credentials: true
- name: Setup Elixir
uses: erlef/setup-beam@v1
env:
ImageOS: ${{ matrix.versions.runner-os }}
with:
elixir-version: ${{ matrix.versions.elixir-version }}
otp-version: ${{ matrix.versions.otp-version }}
version-type: strict
- name: Get SHA sum (HASH) of relevant files
id: hash
run: |
git config --global --add safe.directory /__w/${{ env.repository }}/${{ env.repository }}
echo "Get SHA sum (HASH) of relevant files"
HASH="$(git ls-tree ${{ env.SHA }} -- ${{ env.RELEVANT_FILES }} | sha1sum | cut -d' ' -f1)"
echo "BUILD HASH FOR THE CODEBASE IS: $HASH"
echo "HASH=$HASH" >> $GITHUB_OUTPUT
- name: Hex auth
run: mix hex.organization auth fresha --key ${{ secrets.HEX_ORGANIZATION_WRITE_KEY }}
- uses: runs-on/cache@v4
id: deps-cache
with:
path: |
deps
_build/test
key: ${{ runner.os }}-${{ matrix.versions.elixir-version }}-${{ matrix.versions.otp-version }}-precompile-deps-test-${{ hashFiles('mix.lock') }}
- name: Install dependencies
if: steps.deps-cache.outputs.cache-hit != 'true'
env:
MIX_ENV: test
run: |
echo "Installing dependencies"
mix deps.get
mix deps.compile
- uses: runs-on/cache@v4
id: build-cache
with:
path: "**/*"
key: ${{ runner.os }}-${{ matrix.versions.elixir-version }}-${{ matrix.versions.otp-version }}-compile-test-${{ steps.hash.outputs.HASH }}
- name: Compile with MIX_ENV=test
if: steps.build-cache.outputs.cache-hit != 'true'
env:
MIX_ENV: test
run: |
echo "Compiling the app with MIX_ENV=test"
mix compile --force
- name: Run tests
run: |
echo "Running tests"
mix test --trace
permit:
name: Permit Package Publishing
needs: [static, test]
runs-on: runs-on,runner=1cpu-linux-x64
outputs:
PUBLISH: ${{ steps.version.outputs.PUBLISH }}
steps:
- name: Checkout latest codebase
uses: actions/checkout@v4
with:
fetch-depth: 2
ref: ${{ env.SHA }}
clean: false
persist-credentials: true
- name: Create Approval File
shell: bash
run: |
echo "CI Checks Passed for SHA ${{ env.SHA }} and HASH ${{ needs.static.outputs.HASH }}" > approval.txt
- name: Process Package Version
shell: bash
id: version
run: |
echo "==============================================="
echo ""
git show HEAD~1:mix.exs > mix.old.exs
diff mix.old.exs mix.exs > diff.txt || true
old_version=$(grep -oP 'version: "\K[^"]+' mix.old.exs)
new_version=$(grep -oP 'version: "\K[^"]+' mix.exs)
echo "Old Version: $old_version | New Version: $new_version"
if [ "$new_version" != "$old_version" ]; then
if [ "$new_version" \> "$old_version" ]; then
echo "Version is upped - WILL publish upon merging the PR"
echo "PUBLISH=true" >> $GITHUB_OUTPUT
else
echo "Version is lower than the original version - blocking publication"
echo "PUBLISH=false" >> $GITHUB_OUTPUT
exit 1
fi
else
echo "PUBLISH=false" >> $GITHUB_OUTPUT
echo "Version is unchanged - WONT publish upon merging the PR"
fi
echo ""
echo "==============================================="
- name: Cache Approval File
uses: runs-on/cache/save@v4
with:
path: approval.txt
key: ${{ runner.os }}-${{ env.REPOSITORY }}-approval-${{ needs.static.outputs.HASH }}
publish:
name: Publish Hex Package
needs: [permit]
runs-on: runs-on,runner=2cpu-linux-x64
if: needs.permit.outputs.PUBLISH == 'true' && github.event_name == 'push'
steps:
- name: Checkout latest codebase
uses: actions/checkout@v4
with:
ref: ${{ env.SHA }}
clean: false
persist-credentials: true
- name: Setup Elixir
uses: erlef/setup-beam@v1
env:
ImageOS: ${{ env.RUNNER_OS }}
with:
elixir-version: ${{ env.ELIXIR_VERSION }}
otp-version: ${{ env.OTP_VERSION }}
version-type: strict
- name: Hex auth
run: mix hex.organization auth fresha --key ${{ secrets.HEX_ORGANIZATION_WRITE_KEY }}
shell: bash
- name: Get dependencies
shell: bash
run: |
echo "Getting dependencies"
mix deps.get
- name: Publish dev package
shell: bash
env:
HEX_API_KEY: ${{ secrets.HEX_ORGANIZATION_WRITE_KEY }}
run: |
echo "Publishing package"
mix hex.publish --yes