Skip to content

[CI] [debian] Containerize testing of standalone #872

[CI] [debian] Containerize testing of standalone

[CI] [debian] Containerize testing of standalone #872

Workflow file for this run

name: CI (Coq, Debian)
on:
push:
branches: [ master , sp2019latest ]
pull_request:
merge_group:
workflow_dispatch:
release:
types: [published]
schedule:
- cron: '0 0 1 * *'
jobs:
build:
strategy:
fail-fast: false
matrix:
include:
- debian: "sid"
#- debian: "bookworm" # restore once 8.17 lands in Debian stable
runs-on: 'ubuntu-22.04'
name: debian-${{ matrix.debian }}
container: debian:${{ matrix.debian }}
concurrency:
group: ${{ github.workflow }}-${{ matrix.debian }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
steps:
- name: install system dependencies
run: |
apt-get -o Acquire::Retries=30 update -y
apt-get -q -y --allow-unauthenticated -o Acquire::Retries=30 install sudo git make time jq python3 python-is-python3 ocaml coq libcoq-core-ocaml-dev libfindlib-ocaml-dev ocaml-findlib cabal-install js-of-ocaml
- uses: actions/checkout@v4
with:
submodules: recursive
- name: container build params
run: etc/ci/describe-system-config.sh
- name: make deps
run: etc/ci/github-actions-make.sh -j2 deps
- name: all-except-generated-and-js-of-ocaml
run: etc/ci/github-actions-make.sh -j2 all-except-generated-and-js-of-ocaml
- name: generated-files
run: etc/ci/github-actions-make.sh -j2 generated-files
- run: tar -czvf generated-files.tgz fiat-*/
if: ${{ failure() }}
- name: upload generated files
uses: actions/upload-artifact@v4
with:
name: generated-files-${{ matrix.debian }}
path: generated-files.tgz
if: ${{ failure() }}
- name: install-standalone-unified-ocaml
run: etc/ci/github-actions-make.sh install-standalone-unified-ocaml BINDIR=dist
- name: standalone-js-of-ocaml
run: etc/ci/github-actions-make.sh -j2 standalone-js-of-ocaml
- name: install-standalone-js-of-ocaml
run: etc/ci/github-actions-make.sh install-standalone-js-of-ocaml
- name: upload standalone files
uses: actions/upload-artifact@v4
with:
name: standalone-${{ matrix.debian }}
path: dist/fiat_crypto
- name: upload standalone js files
uses: actions/upload-artifact@v4
with:
name: standalone-html-${{ matrix.debian }}
path: fiat-html
- name: upload OCaml files
uses: actions/upload-artifact@v4
with:
name: ExtractionOCaml-${{ matrix.debian }}
path: src/ExtractionOCaml
if: always ()
- name: upload js_of_ocaml files
uses: actions/upload-artifact@v4
with:
name: ExtractionJsOfOCaml-${{ matrix.debian }}
path: src/ExtractionJsOfOCaml
if: always ()
- name: standalone-haskell
run: etc/ci/github-actions-make.sh -j1 standalone-haskell GHCFLAGS='+RTS -M7G -RTS'
- name: upload Haskell files
uses: actions/upload-artifact@v4
with:
name: ExtractionHaskell-${{ matrix.debian }}
path: src/ExtractionHaskell
if: always ()
- name: only-test-amd64-files-lite
run: etc/ci/github-actions-make.sh -j2 only-test-amd64-files-lite SLOWEST_FIRST=1
- name: install
run: sudo etc/ci/github-actions-make.sh EXTERNAL_DEPENDENCIES=1 SKIP_COQSCRIPTS_INCLUDE=1 install install-standalone-ocaml
- name: install-without-bedrock2
run: sudo etc/ci/github-actions-make.sh EXTERNAL_DEPENDENCIES=1 SKIP_BEDROCK2=1 install-without-bedrock2 install-standalone-ocaml
- name: install-dev
run: sudo etc/ci/github-actions-make.sh EXTERNAL_REWRITER=1 EXTERNAL_COQPRIME=1 install install-standalone-ocaml
- name: display timing info
run: cat time-of-build-pretty.log
- name: display per-line timing info
run: etc/ci/github-actions-display-per-line-timing.sh
test-standalone-host:
strategy:
fail-fast: false
matrix:
include:
- debian: sid
#- debian: bookworm # restore once 8.17 lands in Debian stable
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
- name: Download standalone ${{ matrix.debian }}
uses: actions/download-artifact@v4
with:
name: standalone-${{ matrix.debian }}
path: dist/
- name: List files
run: find dist
- run: chmod +x dist/fiat_crypto
- name: host build params
run: etc/ci/describe-system-config.sh
- name: Test files (host)
run: |
echo "::group::file fiat_crypto"
file dist/fiat_crypto
echo "::endgroup::"
echo "::group::ldd fiat_crypto"
ldd dist/fiat_crypto
echo "::endgroup::"
etc/ci/test-run-fiat-crypto.sh dist/fiat_crypto || {
printf '::warning::Debian ${{ matrix.debian }} binary does not run on ubuntu: %s\n' \
"$(etc/ci/test-run-fiat-crypto.sh dist/fiat_crypto 2>&1 | tr '\n' '~' | sed 's/~/%0A/g')";
}
test-standalone-container:
strategy:
fail-fast: false
matrix:
include:
- debian: sid
#- debian: bookworm # restore once 8.17 lands in Debian stable
runs-on: ubuntu-latest
container: debian:${{ matrix.debian }}
needs: build
steps:
- uses: actions/checkout@v4
- name: Download standalone ${{ matrix.debian }}
uses: actions/download-artifact@v4
with:
name: standalone-${{ matrix.debian }}
path: dist/
- name: install system dependencies
run: |
apt-get -o Acquire::Retries=30 update -y
apt-get -q -y --allow-unauthenticated -o Acquire::Retries=30 install sudo time file
- name: List files
run: find dist
- run: chmod +x dist/fiat_crypto
- name: host build params
run: etc/ci/describe-system-config.sh
- name: Test files (container)
run: |
echo "::group::file fiat_crypto"
file dist/fiat_crypto
echo "::endgroup::"
echo "::group::ldd fiat_crypto"
ldd dist/fiat_crypto
echo "::endgroup::"
etc/ci/test-run-fiat-crypto.sh dist/fiat_crypto
publish-standalone-dry-run:
runs-on: ubuntu-latest
needs: build
# permissions:
# contents: write # IMPORTANT: mandatory for making GitHub Releases
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Fetch all history for all tags and branches
tags: true # Fetch all tags as well, `fetch-depth: 0` might be sufficient depending on Git version
- name: Download standalone sid
uses: actions/download-artifact@v4
with:
name: standalone-sid
path: dist/
- name: List files
run: find dist
- name: Rename files
run: |
echo "::group::find arch"
arch="$(etc/ci/find-arch.sh dist/fiat_crypto "unknown")"
tag="$(git describe --tags HEAD)"
fname="Fiat-Cryptography_${tag}_Linux_debian_sid_${arch}"
echo "$fname"
mv dist/fiat_crypto "dist/$fname"
find dist
# - name: Upload artifacts to GitHub Release
# env:
# GITHUB_TOKEN: ${{ github.token }}
# # Upload to GitHub Release using the `gh` CLI.
# # `dist/` contains the built packages
# run: >-
# gh release upload
# '${{ github.ref_name }}' dist/**
# --repo '${{ github.repository }}'
# if: ${{ startsWith(github.ref, 'refs/tags/') && github.event_name == 'release' }}
debian-check-all:
runs-on: ubuntu-latest
needs: [build, test-standalone-host, test-standalone-container, publish-standalone-dry-run]
if: always()
steps:
- run: echo 'build passed'
if: ${{ needs.build.result == 'success' }}
- run: echo 'test-standalone-host passed'
if: ${{ needs.test-standalone-host.result == 'success' }}
- run: echo 'test-standalone-container passed'
if: ${{ needs.test-standalone-container.result == 'success' }}
- run: echo 'publish-standalone-dry-run passed'
if: ${{ needs.publish-standalone-dry-run.result == 'success' }}
- run: echo 'build failed' && false
if: ${{ needs.build.result != 'success' }}
- run: echo 'test-standalone-host failed' && false
if: ${{ needs.test-standalone-host.result != 'success' }}
- run: echo 'test-standalone-container failed' && false
if: ${{ needs.test-standalone-container.result != 'success' }}
- run: echo 'publish-standalone-dry-run failed' && false
if: ${{ needs.publish-standalone-dry-run.result != 'success' }}