Combine access token and pull request checks in workflow #1398
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI Checks | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| jobs: | |
| formatting: | |
| runs-on: ubuntu-20.04 | |
| env: | |
| DFX_NETWORK: mainnet | |
| # In order to trigger the CLA after committing formatting changes, we need | |
| # to use the GIX_CREATE_PR_PAT token. This token is not available for all | |
| # users. So on PRs where the token is not available, we don't commit | |
| # changes and instead just fail if the formatting is incorrect. | |
| steps: | |
| - name: Check if commits can be added | |
| id: check_can_add_commit | |
| run: | | |
| echo "can_add_commit=${{ secrets.GIX_CREATE_PR_PAT != '' && github.event_name == 'pull_request' }}" >> $GITHUB_OUTPUT | |
| - name: Checkout | |
| if: steps.check_can_add_commit.outputs.can_add_commit == 'true' | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| token: ${{ secrets.GIX_CREATE_PR_PAT }} | |
| - name: Checkout | |
| if: steps.check_can_add_commit.outputs.can_add_commit == 'false' | |
| uses: actions/checkout@v4 | |
| - name: Install shfmt | |
| run: sudo snap install --classic shfmt | |
| - name: Format shell scripts | |
| run: ./scripts/fmt-sh | |
| - name: Restore dfx.json | |
| run: cp dfx.json.original dfx.json | |
| - name: Check formatting changes | |
| id: check_format | |
| run: | | |
| if git diff --exit-code; then | |
| echo "formatting_needed=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "formatting_needed=true" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Commit Formatting changes | |
| if: steps.check_can_add_commit.outputs.can_add_commit == 'true' && steps.check_format.outputs.formatting_needed == 'true' | |
| uses: EndBug/[email protected] | |
| with: | |
| add: . | |
| default_author: github_actions | |
| message: "Updating formatting" | |
| # do not pull: if this branch is behind, then we might as well let | |
| # the pushing fail | |
| pull_strategy: "NO-PULL" | |
| - name: Fail for formatting issues without personal access token | |
| if: steps.check_can_add_commit.outputs.can_add_commit == 'false' && steps.check_format.outputs.formatting_needed == 'true' | |
| run: | | |
| echo "Formatting changes are needed but couldn't be committed because the personal access token isn't available or this isn't a pull request." | |
| exit 1 | |
| shell-checks: | |
| needs: formatting | |
| name: ShellCheck | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Install apt-dependencies | |
| run: sudo apt-get update && sudo apt-get install moreutils -yy && command -v more | |
| - uses: actions/checkout@v3 | |
| - name: Run ShellCheck | |
| uses: ludeeus/action-shellcheck@master | |
| env: | |
| SHELLCHECK_OPTS: -e SC1090 -e SC2119 -e SC1091 -e SC2121 -e SC2155 -e SC2094 -e SC2015 | |
| clap-checks: | |
| needs: formatting | |
| name: Clap checks | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Clap works | |
| run: ./bin/clap.test | |
| sns-aggregator-canister-checks: | |
| needs: formatting | |
| name: SNS aggregator tools | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Install apt-dependencies | |
| run: sudo apt-get update && sudo apt-get install moreutils -yy && command -v more | |
| - name: Install cargo binstall | |
| uses: ./.github/actions/install_binstall | |
| - name: Install tools | |
| run: | | |
| . bin/versions.bash | |
| cargo binstall --force --no-confirm "ic-wasm@${IC_WASM_VERSION}" | |
| - name: "Test the sns aggregator version command" | |
| run: ./bin/dfx-software-sns-aggregator-version.test | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| - name: "Test the aggregator wasm download command" | |
| run: ./bin/dfx-software-sns-aggregator-ci-wasm-url.test --verbose | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| - name: Install dfx | |
| uses: dfinity/setup-dfx@main | |
| - name: "Test the aggregator wasm install command" | |
| run: ./bin/dfx-software-sns-aggregator-install.test --verbose | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| ckbtc-checks: | |
| needs: formatting | |
| name: CKBTC tools | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Install apt-dependencies | |
| run: sudo apt-get update && sudo apt-get install moreutils -yy && command -v more | |
| - uses: actions/checkout@v3 | |
| - name: Install dfx | |
| uses: dfinity/setup-dfx@main | |
| - name: Import ckbtc works | |
| run: | | |
| set -euxo pipefail | |
| echo "This modifies files, so make sure the state is clean before and after" | |
| git clean -dfx | |
| bin/dfx-ckbtc-import.test | |
| git clean -dfx | |
| - name: Deploy ckbtc works | |
| run: | | |
| set -euxo pipefail | |
| echo "This modifies files, so make sure the state is clean before and after" | |
| git clean -dfx | |
| bin/dfx-ckbtc-deploy.test | |
| git clean -dfx | |
| - name: Import token works | |
| run: | | |
| set -euxo pipefail | |
| echo "This modifies files, so make sure the state is clean before and after" | |
| git clean -dfx | |
| bin/dfx-token-import.test | |
| git clean -dfx | |
| - name: Deploy token works | |
| run: | | |
| set -euxo pipefail | |
| echo "This modifies files, so make sure the state is clean before and after" | |
| git clean -dfx | |
| bin/dfx-token-deploy.test | |
| git clean -dfx | |
| - name: Install mock bitcoin canister works | |
| run: | | |
| set -euxo pipefail | |
| echo "This modifies files, so make sure the state is clean before and after" | |
| git clean -dfx | |
| bin/dfx-software-mock-bitcoin-install.test | |
| git clean -dfx | |
| nns-dapp-canister-checks: | |
| needs: formatting | |
| name: NNS dapp tools | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: "Test the nns-dapp version command" | |
| run: ./bin/dfx-software-nns-dapp-version.test | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| - name: Install cargo binstall | |
| uses: ./.github/actions/install_binstall | |
| - name: Install tools | |
| run: | | |
| . bin/versions.bash | |
| cargo binstall --force --no-confirm "ic-wasm@${IC_WASM_VERSION}" | |
| - name: "Test the nns-dapp url command" | |
| run: ./bin/dfx-software-nns-dapp-ci-wasm-url.test | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| dfx-canister-url-checks: | |
| needs: formatting | |
| name: Canister URL checks | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Install apt-dependencies | |
| run: sudo apt-get update && sudo apt-get install moreutils -yy && command -v more | |
| - uses: actions/checkout@v3 | |
| - name: Install dfx | |
| uses: dfinity/setup-dfx@main | |
| - name: dfx-canister-url works | |
| run: | | |
| set -euxo pipefail | |
| echo "This modifies files, so make sure the state is clean before and after" | |
| git clean -dfx | |
| bin/dfx-canister-url.test --verbose | |
| git clean -dfx |