-
Notifications
You must be signed in to change notification settings - Fork 108
90 lines (80 loc) · 3.61 KB
/
ci-pre-mergequeue.yml
File metadata and controls
90 lines (80 loc) · 3.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
name: Pre Merge Queue Tasks
on:
pull_request:
types: [opened, synchronize]
env:
RUSTC_WRAPPER: sccache
SCCACHE_CACHE_SIZE: ${{ vars.SCCACHE_CACHE_SIZE }}
SCCACHE_BUCKET: ${{ vars.SCCACHE_BUCKET }}
SCCACHE_ENDPOINT: ${{ vars.SCCACHE_ENDPOINT }}
SCCACHE_REGION: ${{ vars.SCCACHE_REGION }}
AWS_ACCESS_KEY_ID: "${{ secrets.CI_K8S_MINIO_ACCESS_KEY_ID }}"
AWS_SECRET_ACCESS_KEY: "${{ secrets.CI_K8S_MINIO_SECRET_ACCESS_KEY }}"
jobs:
# This job needs to be called main (the same as the ci.yml workflow)
# because of how merge queues work: https://stackoverflow.com/a/78030618
main:
container:
image: ghcr.io/feldera/feldera-dev:sha-db53e1302c944e29edd6d2af516fff7032b90e3b
runs-on: [k8s-runners-amd64]
steps:
- name: Show Kubernetes node
if: always()
run: |
echo "K8S node: ${K8S_NODE_NAME}"
- name: Disable sccache for fork/dependabot PRs (secrets unavailable)
if: ${{ github.event.pull_request.head.repo.full_name != github.repository || github.actor == 'dependabot[bot]' }}
run: |
echo "RUSTC_WRAPPER=" >> "$GITHUB_ENV"
- name: Generate GitHub App token
if: ${{ github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }}
id: app-token
uses: actions/create-github-app-token@v2
with:
app-id: ${{ vars.CI_ACCESS_APP_ID }}
private-key: ${{ secrets.CI_ACCESS_APP_PKEY }}
permission-contents: write
- name: Checkout (internal PRs)
if: ${{ github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }}
uses: actions/checkout@v4
with:
# This needs to be set to a token to trigger a follow-up workflow
# in case some changes were corrected.
token: ${{ steps.app-token.outputs.token }}
- name: Checkout (fork/dependabot PRs)
if: ${{ github.event.pull_request.head.repo.full_name != github.repository || github.actor == 'dependabot[bot]' }}
uses: actions/checkout@v4
- name: Cache uv pre-commit environments
uses: actions/cache@v4
with:
path: |
~/.cache/pre-commit
~/.cache/uv
key: pre-commit-uv-1|${{ hashFiles('.pre-commit-config.yaml') }}
- name: Cache Cargo registry and index
uses: actions/cache@v4
with:
path: |
~/.cargo/registry
~/.cargo/git
key: cargo-registry-${{ runner.os }}-${{ matrix.target }}-${{ hashFiles('**/Cargo.lock') }}
restore-keys: |
cargo-registry-${{ runner.os }}-${{ matrix.target }}-
- run: |
# Don't build the webconsole for rust checks
export WEBCONSOLE_BUILD_DIR="$(mktemp -d)"
touch $WEBCONSOLE_BUILD_DIR/index.html
pre-commit run --show-diff-on-failure --color=always --all-files
shell: bash
if: ${{ vars.CI_DRY_RUN != 'true' }}
- name: Print sccache stats
run: sccache --show-stats
- uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403
# Only attempt auto-fix commits for internal branches (forks and dependabot can't be pushed to)
if: ${{ always() && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }}
with:
commit_message: "[ci] apply automatic fixes"
commit_user_name: feldera-bot
commit_user_email: feldera-bot@feldera.com
commit_author: feldera-bot <feldera-bot@feldera.com>
commit_options: "--no-verify --signoff"