Skip to content

Commit

Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
internal/ci: initial commit of working CI
Browse files Browse the repository at this point in the history
Change-Id: I6af7953873972be09edaa5fb04126f719f0c8737
Signed-off-by: Paul Jolly <[email protected]>
myitcv committed May 15, 2024
1 parent 4be817e commit aac4631
Showing 19 changed files with 2,557 additions and 0 deletions.
138 changes: 138 additions & 0 deletions .github/workflows/evict_caches.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,138 @@
# Code generated internal/ci/ci_tool.cue; DO NOT EDIT.

name: Evict caches
"on":
schedule:
- cron: 0 2 * * *
jobs:
test:
if: ${{github.repository == 'cue-lang/cue-api-java'}}
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Reset git directory modification times
run: touch -t 202211302355 $(find * -type d)
- name: Restore git file modification times
uses: chetan/git-restore-mtime-action@075f9bc9d159805603419d50f794bd9f33252ebe
- id: DispatchTrailer
name: Try to extract Dispatch-Trailer
run: |-
x="$(git log -1 --pretty='%(trailers:key=Dispatch-Trailer,valueonly)')"
if [[ "$x" == "" ]]
then
# Some steps rely on the presence or otherwise of the Dispatch-Trailer.
# We know that we don't have a Dispatch-Trailer in this situation,
# hence we use the JSON value null in order to represent that state.
# This means that GitHub expressions can determine whether a Dispatch-Trailer
# is present or not by checking whether the fromJSON() result of the
# output from this step is the JSON value null or not.
x=null
fi
echo "value<<EOD" >> $GITHUB_OUTPUT
echo "$x" >> $GITHUB_OUTPUT
echo "EOD" >> $GITHUB_OUTPUT
- if: |-
((github.ref == 'refs/heads/main') && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) && (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
name: Check we don't have Dispatch-Trailer on a protected branch
run: |-
echo "github.event.head_commit.message contains Dispatch-Trailer"
echo "github.event.head_commit.message value"
cat <<EOD
${{ github.event.head_commit.message }}
EOD
echo "containsDispatchTrailer expression"
cat <<EOD
(contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
EOD
false
- name: Delete caches
run: |-
set -x
echo ${{ secrets.CUECKOO_GITHUB_PAT }} | gh auth login --with-token
gh extension install actions/gh-actions-cache
for i in https://github.com/cue-lang/cue-api-java https://github.com/cue-lang/cue-api-java-trybot
do
echo "Evicting caches for $i"
cd $(mktemp -d)
git init -b initialbranch
git remote add origin $i
for j in $(gh actions-cache list -L 100 | grep refs/ | awk '{print $1}')
do
gh actions-cache delete --confirm $j
done
done
- name: Trigger workflow runs to repopulate caches
run: |-
# Prepare git for pushes to trybot repo. Note
# because we have already checked out code we don't
# need origin. Fetch origin default branch for later use
git config user.name cueckoo
git config user.email [email protected]
git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)"
git remote add trybot https://github.com/cue-lang/cue-api-java-trybot
# Now trigger the most recent workflow run on each of the default branches.
# We do this by listing all the branches on the main repo and finding those
# which match the protected branch patterns (globs).
for j in $(curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.CUECKOO_GITHUB_PAT }}" -H "X-GitHub-Api-Version: 2022-11-28" -f https://api.github.com/repos/cue-lang/cue-api-java/branches | jq -r '.[] | .name')
do
for i in main
do
if [[ "$j" != $i ]]; then
continue
fi
echo Branch: $j
sha=$(curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.CUECKOO_GITHUB_PAT }}" -H "X-GitHub-Api-Version: 2022-11-28" "https://api.github.com/repos/cue-lang/cue-api-java/commits/$j" | jq -r '.sha')
echo Latest commit: $sha
echo "Trigger workflow on cue-lang/cue-api-java"
curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.CUECKOO_GITHUB_PAT }}" -H "X-GitHub-Api-Version: 2022-11-28" --fail-with-body -X POST https://api.github.com/repos/cue-lang/cue-api-java/actions/workflows/trybot.yml/dispatches -d "{\"ref\":\"$j\"}"
# Ensure that the trybot repo has the latest commit for
# this branch. If the force-push results in a commit
# being pushed, that will trigger the trybot workflows
# so we don't need to do anything, otherwise we need to
# trigger the most recent commit on that branch
git remote -v
git fetch origin refs/heads/$j
git log -1 FETCH_HEAD
success=false
for try in {1..20}; do
echo "Push to trybot try $try"
exitCode=0; push="$(git push -f trybot FETCH_HEAD:$j 2>&1)" || exitCode=$?
echo "$push"
if [[ $exitCode -eq 0 ]]; then
success=true
break
fi
sleep 1
done
if ! $success; then
echo "Giving up"
exit 1
fi
if echo "$push" | grep up-to-date
then
# We are up-to-date, i.e. the push did nothing, hence we need to trigger a workflow_dispatch
# in the trybot repo.
echo "Trigger workflow on cue-lang/cue-api-java-trybot"
curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.CUECKOO_GITHUB_PAT }}" -H "X-GitHub-Api-Version: 2022-11-28" --fail-with-body -X POST https://api.github.com/repos/cue-lang/cue-api-java-trybot/actions/workflows/trybot.yml/dispatches -d "{\"ref\":\"$j\"}"
else
echo "Force-push to cue-lang/cue-api-java-trybot did work; nothing to do"
fi
done
done
50 changes: 50 additions & 0 deletions .github/workflows/push_tip_to_trybot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# Code generated internal/ci/ci_tool.cue; DO NOT EDIT.

name: Push tip to trybot
"on":
push:
branches:
- main
concurrency: push_tip_to_trybot
jobs:
push:
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
if: ${{github.repository == 'cue-lang/cue-api-java'}}
steps:
- name: Write netrc file for cueckoo Gerrithub
run: |-
cat <<EOD > ~/.netrc
machine review.gerrithub.io
login cueckoo
password ${{ secrets.CUECKOO_GERRITHUB_PASSWORD }}
EOD
chmod 600 ~/.netrc
- name: Push tip to trybot
run: |-
mkdir tmpgit
cd tmpgit
git init -b initialbranch
git config user.name cueckoo
git config user.email [email protected]
git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n cueckoo:${{ secrets.CUECKOO_GITHUB_PAT }} | base64)"
git remote add origin https://review.gerrithub.io/a/cue-lang/cue-api-java
git remote add trybot https://github.com/cue-lang/cue-api-java-trybot
git fetch origin "${{ github.ref }}"
success=false
for try in {1..20}; do
echo "Push to trybot try $try"
if git push -f trybot "FETCH_HEAD:${{ github.ref }}"; then
success=true
break
fi
sleep 1
done
if ! $success; then
echo "Giving up"
exit 1
fi
112 changes: 112 additions & 0 deletions .github/workflows/trybot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
# Code generated internal/ci/ci_tool.cue; DO NOT EDIT.

name: TryBot
"on":
push:
branches:
- ci/test
- main
pull_request: {}
workflow_dispatch: {}
jobs:
test:
runs-on: ubuntu-22.04
defaults:
run:
shell: bash
if: |-
(contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"trybot"')) || ! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Reset git directory modification times
run: touch -t 202211302355 $(find * -type d)
- name: Restore git file modification times
uses: chetan/git-restore-mtime-action@075f9bc9d159805603419d50f794bd9f33252ebe
- id: DispatchTrailer
name: Try to extract Dispatch-Trailer
run: |-
x="$(git log -1 --pretty='%(trailers:key=Dispatch-Trailer,valueonly)')"
if [[ "$x" == "" ]]
then
# Some steps rely on the presence or otherwise of the Dispatch-Trailer.
# We know that we don't have a Dispatch-Trailer in this situation,
# hence we use the JSON value null in order to represent that state.
# This means that GitHub expressions can determine whether a Dispatch-Trailer
# is present or not by checking whether the fromJSON() result of the
# output from this step is the JSON value null or not.
x=null
fi
echo "value<<EOD" >> $GITHUB_OUTPUT
echo "$x" >> $GITHUB_OUTPUT
echo "EOD" >> $GITHUB_OUTPUT
- if: |-
((github.ref == 'refs/heads/main') && (! (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"')))) && (contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
name: Check we don't have Dispatch-Trailer on a protected branch
run: |-
echo "github.event.head_commit.message contains Dispatch-Trailer"
echo "github.event.head_commit.message value"
cat <<EOD
${{ github.event.head_commit.message }}
EOD
echo "containsDispatchTrailer expression"
cat <<EOD
(contains(github.event.head_commit.message, '
Dispatch-Trailer: {"type":"'))
EOD
false
- uses: cue-lang/[email protected]
with:
version: v0.8.0
- name: Early git and code sanity checks
run: |-
# Ensure that commit messages have a blank second line.
# We know that a commit message must be longer than a single
# line because each commit must be signed-off.
if git log --format=%B -n 1 HEAD | sed -n '2{/^$/{q1}}'; then
echo "second line of commit message must be blank"
exit 1
fi
# All authors, including co-authors, must have a signed-off trailer by email.
# Note that trailers are in the form "Name <email>", so grab the email with sed.
# For now, we require the sorted lists of author and signer emails to match.
# Note that this also fails if a commit isn't signed-off at all.
#
# In Gerrit we already enable a form of this via https://gerrit-review.googlesource.com/Documentation/project-configuration.html#require-signed-off-by,
# but it does not support co-authors nor can it be used when testing GitHub PRs.
commit_authors="$(
{
git log -1 --pretty='%ae'
git log -1 --pretty='%(trailers:key=Co-authored-by,valueonly)' | sed -ne 's/.* <\(.*\)>/\1/p'
} | sort -u
)"
commit_signers="$(
{
git log -1 --pretty='%(trailers:key=Signed-off-by,valueonly)' | sed -ne 's/.* <\(.*\)>/\1/p'
} | sort -u
)"
if [[ "${commit_authors}" != "${commit_signers}" ]]; then
echo "Error: commit author email addresses do not match signed-off-by trailers"
echo
echo "Authors:"
echo "${commit_authors}"
echo
echo "Signers:"
echo "${commit_signers}"
exit 1
fi
- name: Re-generate CI
run: |-
cue cmd importjsonschema ./vendor
cue cmd gen
working-directory: ./internal/ci
- name: Check that git is clean at the end of the job
run: test -z "$(git status --porcelain)" || (git status; git diff; false)
Loading

0 comments on commit aac4631

Please sign in to comment.