Skip to content

Commit

Permalink
internal/ci: re-baseline base from cue-lang/cue@82995bbb
Browse files Browse the repository at this point in the history
This moves us to use the Central Registry (temporary namespace)
definitions for GitHub Actions.

We also copy the current pattern for "authenticating" a step that
requires access to the Central Registry. Not the cleanest of patterns,
but changing that does not belong in this CL.

Signed-off-by: Paul Jolly <[email protected]>
Change-Id: I00b42fabdbec6dee8608974e86122724dce2fa9d
Reviewed-on: https://review.gerrithub.io/c/cue-lang/vscode-cue/+/1200740
TryBot-Result: CUEcueckoo <[email protected]>
Reviewed-by: Daniel Martí <[email protected]>
  • Loading branch information
myitcv committed Nov 18, 2024
1 parent 4d9ebaf commit 7bf1822
Show file tree
Hide file tree
Showing 14 changed files with 123 additions and 108 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ jobs:
echo Latest commit: $sha
echo "Trigger workflow on cue-lang/vscode-cue"
curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.CUECKOO_GITHUB_PAT }}" -H "X-GitHub-Api-Version: 2022-11-28" --fail-with-body -X POST https://api.github.com/repos/cue-lang/vscode-cue/actions/workflows/trybot.yml/dispatches -d "{\"ref\":\"$j\"}"
curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.CUECKOO_GITHUB_PAT }}" -H "X-GitHub-Api-Version: 2022-11-28" --fail-with-body -X POST https://api.github.com/repos/cue-lang/vscode-cue/actions/workflows/trybot.yaml/dispatches -d "{\"ref\":\"$j\"}"
# Ensure that the trybot repo has the latest commit for
# this branch. If the force-push results in a commit
Expand Down Expand Up @@ -121,7 +121,7 @@ jobs:
# We are up-to-date, i.e. the push did nothing, hence we need to trigger a workflow_dispatch
# in the trybot repo.
echo "Trigger workflow on cue-lang/vscode-cue-trybot"
curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.CUECKOO_GITHUB_PAT }}" -H "X-GitHub-Api-Version: 2022-11-28" --fail-with-body -X POST https://api.github.com/repos/cue-lang/vscode-cue-trybot/actions/workflows/trybot.yml/dispatches -d "{\"ref\":\"$j\"}"
curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.CUECKOO_GITHUB_PAT }}" -H "X-GitHub-Api-Version: 2022-11-28" --fail-with-body -X POST https://api.github.com/repos/cue-lang/vscode-cue-trybot/actions/workflows/trybot.yaml/dispatches -d "{\"ref\":\"$j\"}"
else
echo "Force-push to cue-lang/vscode-cue-trybot did work; nothing to do"
fi
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,6 @@ concurrency: push_tip_to_trybot
jobs:
push:
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
if: ${{github.repository == 'cue-lang/vscode-cue'}}
steps:
- name: Write netrc file for cueckoo Gerrithub
run: |-
Expand Down Expand Up @@ -48,3 +44,7 @@ jobs:
echo "Giving up"
exit 1
fi
defaults:
run:
shell: bash
if: ${{github.repository == 'cue-lang/vscode-cue'}}
15 changes: 10 additions & 5 deletions .github/workflows/trybot.yml → .github/workflows/trybot.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -6,18 +6,18 @@ name: TryBot
branches:
- ci/test
- master
pull_request: {}
workflow_dispatch: {}
pull_request: {}
jobs:
test:
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
if: |-
(contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"trybot"')) || ! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
defaults:
run:
shell: bash
steps:
- name: Checkout code
uses: actions/checkout@v4
Expand Down Expand Up @@ -101,7 +101,12 @@ jobs:
- name: Verify
run: go mod verify
- name: Generate
run: go generate ./...
run: |-
export CUE_CONFIG_DIR=$(mktemp -d)
echo "$CUE_LOGINS" > $CUE_CONFIG_DIR/logins.json
go generate ./...
env:
CUE_LOGINS: ${{ secrets.NOTCUECKOO_CUE_LOGINS }}
- name: Test
run: go test ./...
- name: Race test
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,10 @@ name: Dispatch trybot
jobs:
trybot:
runs-on: ubuntu-22.04
if: ${{ ((github.ref == 'refs/heads/ci/test') && false) || github.event.client_payload.type == 'trybot' }}
defaults:
run:
shell: bash
if: ${{ ((github.ref == 'refs/heads/ci/test') && false) || github.event.client_payload.type == 'trybot' }}
steps:
- name: Write netrc file for cueckoo Gerrithub
run: |-
Expand Down
8 changes: 7 additions & 1 deletion cue.mod/module.cue
Original file line number Diff line number Diff line change
@@ -1,4 +1,10 @@
module: "github.com/cue-lang/vscode-cue"
language: {
version: "v0.10.0"
version: "v0.8.0"
}
deps: {
"github.com/cue-tmp/jsonschema-pub/exp1/githubactions@v0": {
v: "v0.4.0"
default: true
}
}
2 changes: 1 addition & 1 deletion internal/ci/base/base.cue
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ botGerritHubUser: *botGitHubUser | string
botGerritHubUserPasswordSecretsKey: *(strings.ToUpper(botGitHubUser) + "_GERRITHUB_PASSWORD") | string
botGerritHubUserEmail: *botGitHubUserEmail | string

workflowFileExtension: ".yml"
workflowFileExtension: ".yaml"

linuxMachine: string

Expand Down
22 changes: 11 additions & 11 deletions internal/ci/base/gerrithub.cue
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,15 @@ package base
// This file contains gerrithub related definitions etc

import (
encjson "encoding/json"
"encoding/json"
"strings"

"github.com/SchemaStore/schemastore/src/schemas/json"
"github.com/cue-tmp/jsonschema-pub/exp1/githubactions"
)

// trybotWorkflows is a template for trybot-based repos
trybotWorkflows: {
(trybot.key): json.#Workflow & {
(trybot.key): githubactions.#Workflow & {
on: workflow_dispatch: {}
}
"\(trybot.key)_dispatch": trybotDispatchWorkflow
Expand Down Expand Up @@ -45,7 +45,7 @@ trybotDispatchWorkflow: bashWorkflow & {
(trybot.key): {
"runs-on": linuxMachine

let goodDummyData = [if encjson.Marshal(#dummyDispatch) != _|_ {true}, false][0]
let goodDummyData = [if json.Marshal(#dummyDispatch) != _|_ {true}, false][0]

// We set the "on" conditions above, but this would otherwise mean we
// run for all dispatch events.
Expand All @@ -68,7 +68,7 @@ trybotDispatchWorkflow: bashWorkflow & {
steps: [
writeNetrcFile,

json.#step & {
githubactions.#Step & {
name: "Write fake payload"
id: "payload"
if: "github.repository == '\(githubRepositoryPath)' && \(isTestDefaultBranch)"
Expand All @@ -80,7 +80,7 @@ trybotDispatchWorkflow: bashWorkflow & {
run: #"""
cat <<EOD >> $GITHUB_OUTPUT
value<<DOE
\#(*encjson.Marshal(#dummyDispatch) | "null")
\#(*json.Marshal(#dummyDispatch) | "null")
DOE
EOD
"""#
Expand All @@ -97,7 +97,7 @@ trybotDispatchWorkflow: bashWorkflow & {
for v in cases {
let localBranchExpr = "local_${{ \(v.expr).targetBranch }}"
let targetBranchExpr = "${{ \(v.expr).targetBranch }}"
json.#step & {
githubactions.#Step & {
name: "Trigger \(trybot.name) (\(v.nameSuffix))"
if: "github.event.client_payload.type \(v.condition) '\(trybot.key)'"
run: """
Expand Down Expand Up @@ -174,7 +174,7 @@ pushTipToTrybotWorkflow: bashWorkflow & {
jobs: push: {
steps: [
writeNetrcFile,
json.#step & {
githubactions.#Step & {
name: "Push tip to trybot"
run: """
mkdir tmpgit
Expand Down Expand Up @@ -248,7 +248,7 @@ evictCaches: bashWorkflow & {
steps: [
for v in checkoutCode {v},

json.#step & {
githubactions.#Step & {
name: "Delete caches"
run: """
set -x
Expand All @@ -269,7 +269,7 @@ evictCaches: bashWorkflow & {
"""
},

json.#step & {
githubactions.#Step & {
name: "Trigger workflow runs to repopulate caches"
let branchPatterns = strings.Join(protectedBranchPatterns, " ")

Expand Down Expand Up @@ -343,7 +343,7 @@ evictCaches: bashWorkflow & {
}
}

writeNetrcFile: json.#step & {
writeNetrcFile: githubactions.#Step & {
name: "Write netrc file for \(botGerritHubUser) Gerrithub"
run: """
cat <<EOD > ~/.netrc
Expand Down
56 changes: 37 additions & 19 deletions internal/ci/base/github.cue
Original file line number Diff line number Diff line change
Expand Up @@ -3,20 +3,20 @@ package base
// This file contains aspects principally related to GitHub workflows

import (
encjson "encoding/json"
"encoding/json"
"list"
"strings"
"strconv"

"github.com/SchemaStore/schemastore/src/schemas/json"
"github.com/cue-tmp/jsonschema-pub/exp1/githubactions"
)

bashWorkflow: json.#Workflow & {
bashWorkflow: githubactions.#Workflow & {
jobs: [string]: defaults: run: shell: "bash"
}

installGo: {
#setupGo: json.#step & {
#setupGo: githubactions.#Step & {
name: "Install Go"
uses: "actions/setup-go@v5"
with: {
Expand Down Expand Up @@ -49,7 +49,7 @@ installGo: {
#setupGo,

{
json.#step & {
githubactions.#Step & {
name: "Set common go env vars"
run: """
go env -w GOTOOLCHAIN=local
Expand All @@ -63,7 +63,7 @@ installGo: {
}

checkoutCode: {
#actionsCheckout: json.#step & {
#actionsCheckout: githubactions.#Step & {
name: "Checkout code"
uses: "actions/checkout@v4"

Expand All @@ -90,17 +90,17 @@ checkoutCode: {
// per the bug report at https://github.com/MestreLion/git-tools/issues/47,
// so we first reset all directory timestamps to a static time as a fallback.
// TODO(mvdan): May be unnecessary once the Go bug above is fixed.
json.#step & {
githubactions.#Step & {
name: "Reset git directory modification times"
run: "touch -t 202211302355 $(find * -type d)"
},
json.#step & {
githubactions.#Step & {
name: "Restore git file modification times"
uses: "chetan/git-restore-mtime-action@075f9bc9d159805603419d50f794bd9f33252ebe"
},

{
json.#step & {
githubactions.#Step & {
name: "Try to extract \(dispatchTrailer)"
id: dispatchTrailerStepID
run: """
Expand All @@ -124,7 +124,7 @@ checkoutCode: {

// Safety nets to flag if we ever have a Dispatch-Trailer slip through the
// net and make it to master
json.#step & {
githubactions.#Step & {
name: "Check we don't have \(dispatchTrailer) on a protected branch"
if: "\(isProtectedBranch) && \(containsDispatchTrailer)"
run: """
Expand All @@ -135,9 +135,9 @@ checkoutCode: {
]
}

earlyChecks: json.#step & {
earlyChecks: githubactions.#Step & {
name: "Early git and code sanity checks"
run: "go run cuelang.org/go/internal/ci/[email protected]"
run: *"go run cuelang.org/go/internal/ci/[email protected]" | string
}

curlGitHubAPI: {
Expand Down Expand Up @@ -177,7 +177,7 @@ setupGoActionsCaches: {

let cacheRestoreKeys = "\(#os)-\(#goVersion)"

let cacheStep = json.#step & {
let cacheStep = githubactions.#Step & {
with: {
path: strings.Join(cacheDirs, "\n")

Expand All @@ -197,12 +197,12 @@ setupGoActionsCaches: {
[
// TODO: once https://github.com/actions/setup-go/issues/54 is fixed,
// we could use `go env` outputs from the setup-go step.
json.#step & {
githubactions.#Step & {
name: "Get go mod cache directory"
id: goModCacheDirID
run: #"echo "dir=$(go env GOMODCACHE)" >> ${GITHUB_OUTPUT}"#
},
json.#step & {
githubactions.#Step & {
name: "Get go build/test cache directory"
id: goCacheDirID
run: #"echo "dir=$(go env GOCACHE)" >> ${GITHUB_OUTPUT}"#
Expand Down Expand Up @@ -240,7 +240,7 @@ setupGoActionsCaches: {
//
// Critically we only want to do this in the main repo, not the trybot
// repo.
json.#step & {
githubactions.#Step & {
if: "github.repository == '\(githubRepositoryPath)' && (\(isProtectedBranch) || github.ref == 'refs/heads/\(testDefaultBranch)')"
run: "go clean -testcache"
}
Expand Down Expand Up @@ -270,13 +270,13 @@ isReleaseTag: {
(_matchPattern & {variable: "github.ref", pattern: "refs/tags/\(releaseTagPattern)"}).expr
}

checkGitClean: json.#step & {
checkGitClean: githubactions.#Step & {
name: "Check that git is clean at the end of the job"
if: "always()"
run: "test -z \"$(git status --porcelain)\" || (git status; git diff; false)"
}

repositoryDispatch: json.#step & {
repositoryDispatch: githubactions.#Step & {
#githubRepositoryPath: *githubRepositoryPath | string
#botGitHubUserTokenSecretsKey: *botGitHubUserTokenSecretsKey | string
#arg: _
Expand All @@ -285,7 +285,25 @@ repositoryDispatch: json.#step & {

name: string
run: #"""
\#(_curlGitHubAPI) --fail --request POST --data-binary \#(strconv.Quote(encjson.Marshal(#arg))) https://api.github.com/repos/\#(#githubRepositoryPath)/dispatches
\#(_curlGitHubAPI) --fail --request POST --data-binary \#(strconv.Quote(json.Marshal(#arg))) https://api.github.com/repos/\#(#githubRepositoryPath)/dispatches
"""#
}

workflowDispatch: githubactions.#Step & {
#githubRepositoryPath: *githubRepositoryPath | string
#botGitHubUserTokenSecretsKey: *botGitHubUserTokenSecretsKey | string
#workflowID: string

// params are defined per https://docs.github.com/en/rest/actions/workflows?apiVersion=2022-11-28#create-a-workflow-dispatch-event
#params: *{
ref: defaultBranch
} | _

_curlGitHubAPI: curlGitHubAPI & {#tokenSecretsKey: #botGitHubUserTokenSecretsKey, _}

name: string
run: #"""
\#(_curlGitHubAPI) --fail --request POST --data-binary \#(strconv.Quote(json.Marshal(#params))) https://api.github.com/repos/\#(#githubRepositoryPath)/actions/workflows/\#(#workflowID)/dispatches
"""#
}

Expand Down
4 changes: 2 additions & 2 deletions internal/ci/base/helpers.cue
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ import (
_matchPattern: {
variable: string
pattern: string
expr: [
if strings.HasSuffix(pattern, "*") {
expr: [
if strings.HasSuffix(pattern, "*") {
let prefix = strings.TrimSuffix(pattern, "*")
"startsWith(\(variable), '\(prefix)')"
},
Expand Down
1 change: 0 additions & 1 deletion internal/ci/gen.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,5 +14,4 @@

package ci

//go:generate cue cmd importjsonschema ./vendor
//go:generate cue cmd gen
Loading

0 comments on commit 7bf1822

Please sign in to comment.