-
Notifications
You must be signed in to change notification settings - Fork 89
159 lines (148 loc) · 5.93 KB
/
compliance.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: Compliance Tests & CPU builds
on:
pull_request:
types: [opened, synchronize, reopened, edited, assigned]
workflow_dispatch:
# Cancels in-progress workflows for a PR when updated
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
# Please define `build.args.GEOS_TPL_TAG` in `.devcontainer/devcontainer.json`
jobs:
# Checks if PR title follows conventional semantics
semantic_pull_request:
name: Checks if PR title follows conventional semantics
permissions:
pull-requests: write # for amannn/action-semantic-pull-request to analyze PRs and
statuses: write # for amannn/action-semantic-pull-request to mark status of analyzed PR
contents: read
runs-on: ubuntu-latest
steps:
- name: Check if the PR name has conventional semantics
if: github.event_name == 'pull_request'
uses: amannn/action-semantic-pull-request@v5.5.3
id: lint_pr_title
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
wip: true
# Configure that a scope doesn't need to be provided.
requireScope: false
# Jobs will be cancelled if PR is a draft.
# PR status must be "Open" to run CI.
get_docker_image_tag:
name: Get TPL tag
needs: [semantic_pull_request]
# Everywhere in this workflow, we use the most recent ubuntu distribution available in Github Actions
# to ensure maximum support of google cloud's sdk.
runs-on: ubuntu-22.04
outputs:
DOCKER_IMAGE_TAG: ${{ steps.extract_docker_image_tag.outputs.DOCKER_IMAGE_TAG }}
steps:
# The TPL tag is contained in the codespaces configuration to avoid duplications.
- name: Checkout .devcontainer/devcontainer.json
uses: actions/checkout@v4.1.7
with:
sparse-checkout: |
.devcontainer/devcontainer.json
sparse-checkout-cone-mode: false
submodules: false
lfs: false
fetch-depth: 1
- name: Extract docker image tag
id: extract_docker_image_tag
run: |
echo "DOCKER_IMAGE_TAG=$(jq '.build.args.GEOS_TPL_TAG' -r .devcontainer/devcontainer.json)" >> "$GITHUB_OUTPUT"
# PR must be assigned to be merged.
# This job will fail if this is not the case.
if_not_unassigned_pull_request:
name: Check PR assignement
needs: [semantic_pull_request]
runs-on: ubuntu-22.04
steps:
- name: If this is a PR, Check that it is assigned
run: |
if [[ ${{github.event_name}} != 'pull_request' ]]; then exit 0 ; fi
pr_json=$(curl -H "Accept: application/vnd.github+json" https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.number }})
NUM_ASSIGNEES=$(echo ${pr_json} | jq '.assignees | length')
echo "There are ${NUM_ASSIGNEES} assignees on this PR."
if [[ $NUM_ASSIGNEES == 0 ]]; then exit 1 ; fi
# Validates that the PR is still pointing to the HEAD of the main branch of the submodules repositories.
# (There are exceptions, read the script about those).
are_submodules_in_sync:
needs: [if_not_unassigned_pull_request]
runs-on: ubuntu-22.04
steps:
# The integrated test submodule repository contains large data (using git lfs).
# To save time (and money) we do not let Github Actions automatically clone all our (lfs) subrepositories and do it by hand.
- name: Checkout Repository
uses: actions/checkout@v4.1.7
with:
# Let script update submodules; Github Actions submodule history causes error
submodules: false
lfs: false
fetch-depth: 1
- name: Check that submodules are up to date
run: "scripts/test_submodule_updated.sh"
check_code_style_and_documentation:
name: ${{ matrix.name }}
needs:
- if_not_unassigned_pull_request
- get_docker_image_tag
strategy:
fail-fast : false
matrix:
include:
# Validates the code-style using uncrustify
- name: Check code style
BUILD_AND_TEST_ARGS: --test-code-style
# Validates that the documentation generated using doxygen has no hole.
- name: Check documentation
BUILD_AND_TEST_ARGS: --test-documentation
uses: ./.github/workflows/build_and_test.yml
with:
BUILD_AND_TEST_CLI_ARGS: ${{ matrix.BUILD_AND_TEST_ARGS }}
CMAKE_BUILD_TYPE: Release
DOCKER_IMAGE_TAG: ${{ needs.get_docker_image_tag.outputs.DOCKER_IMAGE_TAG }}
DOCKER_REPOSITORY: geosx/ubuntu20.04-gcc9
RUNS_ON: ubuntu-22.04
USE_SCCACHE: false
baseline_log:
needs: [if_not_unassigned_pull_request]
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4.1.7
with:
submodules: false
lfs: false
fetch-depth: 0
sparse-checkout: |
scripts
- name: Check that the baseline logs are modified if rebaselines are detected
run: "scripts/check_baseline_log.sh"
# Convenience job - passes when all other jobs have passed (must pass the CUDA jobs).
check_that_all_jobs_succeeded:
runs-on: ubuntu-22.04
needs:
# - is_not_draft_pull_request
- if_not_unassigned_pull_request
- are_submodules_in_sync
- check_code_style_and_documentation
- baseline_log
steps:
- run: |
echo "if_not_unassigned_pull_request: ${{needs.if_not_unassigned_pull_request.result}}"
echo "are_submodules_in_sync: ${{needs.are_submodules_in_sync.result}}"
echo "check_code_style_and_documentation: ${{needs.check_code_style_and_documentation.result}}"
echo "COMPLIANCE_SUCCESS = ${{
needs.if_not_unassigned_pull_request.result == 'success' &&
needs.are_submodules_in_sync.result == 'success' &&
needs.check_code_style_and_documentation.result == 'success'
}}" >> $GITHUB_ENV
cpu_builds:
name: CPU builds
needs:
- check_that_all_jobs_succeeded
uses: ./.github/workflows/cpu_builds.yml
secrets: inherit