Skip to content
build

chore: weekly flake.lock update #17119

Sign in to view logs

chore: weekly flake.lock update

chore: weekly flake.lock update #17119

Workflow file for this run

.github/workflows/test.yml at 62c217d
name: "build"
on:
push:
branches: [ master ]
pull_request: {}
jobs:
common-tests:
strategy:
matrix:
os: [ ubuntu-24-large, arm64-linux-16 ]
fail-fast: false
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v6
- name: Run Common Tests
uses: ./.github/actions/test-blueprint
with:
os: ${{ matrix.os }}
test-target: common-tests
test-name: ${{ matrix.os }}-common-tests
cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }}
gc-tests:
strategy:
matrix:
os: [ ubuntu-24-large, arm64-linux-16 ]
fail-fast: false
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v6
- name: Run GC Tests
uses: ./.github/actions/test-blueprint
with:
os: ${{ matrix.os }}
test-target: gc-tests
test-name: ${{ matrix.os }}-gc-tests
cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }}
tests:
strategy:
matrix:
os: [ ubuntu-24-large, arm64-linux-16 ]
build_type: [ release, debug ]
fail-fast: false
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v6
with:
# fetch full history so that git merge-base works
fetch-depth: 0
# fetch PR commit, not predicted merge commit
ref: ${{ github.event.pull_request.head.sha }}
- name: Run Tests
uses: ./.github/actions/test-blueprint
with:
os: ${{ matrix.os }}
test-target: ${{ matrix.build_type }}-systems-go
test-name: ${{ matrix.os }}-${{ matrix.build_type }}-tests
cachix-auth-token: ${{ secrets.CACHIX_AUTH_TOKEN }}
- name: Create GitHub App Token
uses: actions/create-github-app-token@v2
id: app-token
with:
app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }}
private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }}
- name: Run Performance Tests
if: github.actor != 'dependabot[bot]' && github.event_name == 'pull_request' && runner.os == 'Linux' && runner.arch == 'X64' && matrix.build_type == 'release'
uses: ./.github/actions/performance
with:
head_sha: ${{ github.event.pull_request.head.sha }}
head_ref: ${{ github.event.pull_request.head.ref }}
base_ref: ${{ github.base_ref }}
pr_number: ${{ github.event.pull_request.number }}
is_fork: ${{ github.event.pull_request.head.repo.full_name != github.repository }}
token: ${{ steps.app-token.outputs.token }}
reports:
if: github.ref == 'refs/heads/master'
needs: [tests]
concurrency: ci-${{ github.ref }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- uses: cachix/install-nix-action@v31
- uses: cachix/cachix-action@v16
with:
name: ic-hs-test
- name: Fetch report
run: nix build .#report-site -o report-site
- name: Resolve symlinks
run: cp -rL report-site report-site-copy
- name: Push report to GitHub pages
uses: JamesIves/github-pages-deploy-action@v4
with:
branch: gh-pages
folder: report-site-copy
single-commit: true
artifacts:
if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && contains(github.event.pull_request.labels.*.name, 'build_artifacts')
strategy:
matrix:
os: [ ubuntu-latest, ubuntu-24.04-arm, macos-latest ]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v6
- uses: cachix/install-nix-action@v31
- uses: cachix/cachix-action@v16
with:
name: ic-hs-test
- name: nix-build
run: |
nix build .#release.moc
# upload-artifact doesn't work for symlink dir
# https://github.com/actions/upload-artifact/issues/92
- run: echo "UPLOAD_PATH=$(readlink -f result)" >> $GITHUB_ENV
- name: upload artifacts
uses: actions/upload-artifact@v5
with:
name: moc-${{ matrix.os }}
path: ${{ env.UPLOAD_PATH }}
retention-days: 5
verify-common-gc:
needs: [common-tests, gc-tests]
if: ${{ always() }} # run even if dependencies failed/skipped/cancelled
runs-on: ubuntu-latest
steps:
- name: Show dependency results
run: |
echo common-tests: ${{ needs.common-tests.result }}
echo gc-tests: ${{ needs.gc-tests.result }}
- name: Fail if any dependency did not succeed
run: |
if ${{ needs.common-tests.result != 'success' || needs.gc-tests.result != 'success' }}; then
echo "One or more dependencies failed/skipped/cancelled."
exit 1
fi
- name: Common and GC tests passed
if: ${{ success() }}
run: echo "Common and GC tests completed successfully."
verify-main-tests:
needs: tests
if: ${{ always() }} # run even if dependencies failed/skipped/cancelled
runs-on: ubuntu-latest
steps:
- name: Show dependency results
run: |
echo tests: ${{ needs.tests.result }}
- name: Fail if any dependency did not succeed
run: |
if ${{ needs.tests.result != 'success' }}; then
echo "One or more dependencies failed/skipped/cancelled."
exit 1
fi
- name: Main test passed
if: ${{ success() }}
run: echo "Main test completed successfully."
autoclose:
if: github.event_name == 'pull_request' && github.event.pull_request.state == 'open' && github.event.pull_request.head.repo.full_name == github.repository && github.event.pull_request.base.ref == 'master' && contains(github.event.pull_request.labels.*.name, 'autoclose')
needs: [verify-common-gc, verify-main-tests]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
ref: 'master'
- name: Automatically closing successful trials
env:
GH_TOKEN: ${{ github.token }}
run: |
gh pr close ${{ github.event.pull_request.number }} --delete-branch --comment "CI looks good, this dependency bump would not cause problems, hence closing this trial PR."
gh pr edit ${{ github.event.pull_request.number }} --remove-label "autoclose"
approvals:
if: github.event_name == 'pull_request' && github.event.pull_request.state == 'open' && github.event.pull_request.head.repo.full_name == github.repository && github.event.pull_request.base.ref == 'master' && github.event.pull_request.changed_files == 1
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
with:
ref: 'master'
- name: Hand out single-file review approvals
env:
GH_TOKEN: ${{ github.token }}
PR: ${{ github.event.pull_request.number }}
run: |
set +e
### Handles open PRs that address `master` and only have one changed file. The body checks whether that is the `Changelog.md` (since the `if:` condition can't). If so, the PR gets approved with a comment.
[ $(gh pr diff $PR --name-only) == "Changelog.md" ] \
&& gh pr review $PR --approve --body 'A change to `Changelog.md`? I can handle that!'
### Handles open PRs filed by `dependabot[bot]` that carry the `dependencies` label. The single changed file must be `doc/docusaurus/package-lock.json`. If so, the PR gets approved with a comment.
${{ github.event.pull_request.user.login == 'dependabot[bot]' && contains(github.event.pull_request.labels.*.name, 'dependencies') }} \
&& [ $(gh pr diff $PR --name-only) == "doc/docusaurus/package-lock.json" ] \
&& gh pr review $PR --approve --body 'A change to `doc/docusaurus/package-lock.json`? I can handle that!' \
&& gh pr merge $PR --squash --auto
### Handles open PRs filed by the GH automation bot that carry the `automerge-squash` label. The single changed file must be `flake.lock`. If so, the PR gets approved with a comment, auto-merge activated and the label removed.
${{ github.event.pull_request.user.login == 'pr-automation-bot-public[bot]' && contains(github.event.pull_request.labels.*.name, 'automerge-squash') }} \
&& [ $(gh pr diff $PR --name-only) == "flake.lock" ] \
&& gh pr review $PR --approve --body 'A change to `flake.lock`? I can handle that!' \
&& gh pr merge $PR --squash --auto \
&& gh pr edit $PR --remove-label 'automerge-squash'
true