Skip to content

ci

ci #287

Workflow file for this run

name: ci
on:
push:
branches:
- main
tags:
- '*'
pull_request:
workflow_dispatch:
schedule:
- cron: '0 0 * * 2'
## We specify a concurrency group with automated cancellation. This means that
## other pushes on the same `github.ref` (eg. other pushes to the same pull
## request) cancel previous occurrences of the CI.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
## Our CI consists in two kind of jobs: the `docker-based` ones and the
## `github-hosted` ones. Both come with their upsides and downsides.
##
## - `docker-based` jobs rely on the `ocaml/opam` Docker images [1]. These come
## with a variety of tags allowing to selected between various versions of
## OCaml and, more importantly for us, between various OSs (several Linux
## distributions as well as some Windows images). However, OPAM's sandboxing
## mechanism, based on `bubblewrap` [2], does not behave well in Docker and it
## is unavailable in those images [3].
##
## - `github-hosted` jobs rely on the default GitHub Actions runners and the
## `ocaml/setup-ocaml` action [4]. This offers more limited OSes (limited to
## Ubuntu, Windows and macOS) but it is compatible with OPAM's sandboxing
## mechanism.
##
## We need to test that our package behaves well with the OPAM sandboxing
## because Cargo does use network to build by default, which will not be
## available in the sandbox, and which we therefore need to catch in CI.
## Therefore, we need to include these `github-hosted` jobs.
##
## However, we also want to test that our package installs fine on a variety of
## distributions because it depends heavily on detecting external dependencies
## (namely Cargo and Rustc) and installing them correctly. Therefore, we also
## need to include these `docker-based` jobs.
##
## [1]: https://hub.docker.com/r/ocaml/opam
## [2]: https://github.com/containers/bubblewrap
## [3]: https://github.com/ocurrent/docker-base-images/issues/229
## [4]: https://github.com/ocaml/setup-ocaml
jobs:
github-hosted:
name: github-hosted
strategy:
fail-fast: false
matrix:
include:
- {os: ubuntu}
- {os: macos}
runs-on: ${{ matrix.os }}-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: true
## Set up OCaml, pin Topiay and install its system dependencies.
- name: Set-up OCaml 4.14
uses: ocaml/setup-ocaml@v3
with:
ocaml-compiler: 4.14.x
opam-pin: true ## this is the default; set here explicitly
opam-depext: true ## this is the default; set here explicitly
- name: Install Topiary
id: install-topiary
## `continue-on-error` will make this step succeed no matter what. The
## next step will then handle the outcome of this step manually. This is
## what allows us to emulate an expected CI failure.
continue-on-error: true
run: |
## Install Topiary then report where it is and in which version.
echo '::group::Install Topiary'
opam install topiary
echo '::endgroup::'
echo '::group::Where is Topiary and in which version?'
printf 'Topiary is: '
opam exec -- sh -c 'command -v topiary'
printf 'in version: '
opam exec -- sh -c 'topiary --version'
echo '::endgroup::'
- name: Check the outcome of the build
uses: ./.github/actions/expected-failure
with:
step-outcome: ${{ steps.install-topiary.outcome }}
expected-failure: ${{ matrix.ef }}
- name: Run tests
if: steps.install-topiary.outcome == 'success'
uses: ./.github/actions/run-tests
with:
topiary: opam exec -- topiary
samples: topiary/topiary-cli/tests/samples
docker-based:
name: docker-based
strategy:
fail-fast: false
matrix:
include:
- {tag: alpine}
- {tag: archlinux}
- {tag: centos, ef: expected-failure}
- {tag: debian, ef: expected-failure}
- {tag: debian-testing}
- {tag: debian-unstable}
- {tag: fedora}
- {tag: oraclelinux}
- {tag: opensuse}
- {tag: opensuse-tumbleweed}
- {tag: ubuntu}
- {tag: ubuntu-lts}
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
submodules: true
- name: Build Docker image (see next step for failure)
id: build-docker-image
## `continue-on-error` will make this step succeed no matter what. The
## next step will then handle the outcome of this step manually. This is
## what allows us to emulate an expected CI failure.
continue-on-error: true
run: |
docker build \
. \
--tag topiary \
--file .github/workflows/ci.dockerfile \
--build-arg tag=${{matrix.tag}}
- name: Check the outcome of the build
uses: ./.github/actions/expected-failure
with:
step-outcome: ${{ steps.build-docker-image.outcome }}
expected-failure: ${{ matrix.ef }}
- name: Run tests
if: steps.build-docker-image.outcome == 'success'
uses: ./.github/actions/run-tests
with:
topiary: docker run --interactive topiary
samples: topiary/topiary-cli/tests/samples
flake-checks:
name: flake-checks
runs-on: ubuntu-latest
steps:
- name: Check out repository code.
uses: actions/checkout@v4
- name: Install Nix
uses: cachix/install-nix-action@v30
with:
extra_nix_config: |
## Access token to avoid triggering GitHub's rate limiting.
access-tokens = github.com=${{ secrets.GITHUB_TOKEN }}
- name: Run flake checks
run: nix flake check --print-build-logs