ci: run semver-checks on a pull_request_target
trigger
#2292
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous integration | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- '*' | |
merge_group: | |
types: [checks_requested] | |
workflow_dispatch: {} | |
env: | |
CARGO_TERM_COLOR: always | |
CARGO_INCREMENTAL: 0 | |
RUSTFLAGS: "--cfg=ci_run" | |
MIRIFLAGS: '-Zmiri-permissive-provenance' # Required due to warnings in bitvec 1.0.1 | |
CI: true # insta snapshots behave differently on ci | |
SCCACHE_GHA_ENABLED: "true" | |
RUSTC_WRAPPER: "sccache" | |
# Pinned version for the uv package manager | |
UV_VERSION: "0.4.20" | |
UV_FROZEN: 1 | |
# The highest and lowest supported Python versions, used for testing | |
PYTHON_HIGHEST: "3.13" | |
PYTHON_LOWEST: "3.10" | |
jobs: | |
# Check if changes were made to the relevant files. | |
# Always returns true if running on the default branch, to ensure all changes are throughly checked. | |
changes: | |
name: Check for changes | |
runs-on: ubuntu-latest | |
# Required permissions | |
permissions: | |
pull-requests: read | |
# Set job outputs to values from filter step | |
# These outputs are always true when running after a merge to main, or if the PR has a `run-ci-checks` label. | |
outputs: | |
rust: ${{ steps.filter.outputs.rust == 'true' || steps.override.outputs.out == 'true' }} | |
python: ${{ steps.filter.outputs.python == 'true' || steps.override.outputs.out == 'true' }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Override label | |
id: override | |
run: | | |
echo "Labels: ${{ github.event.pull_request.labels.*.name }}" | |
echo "Label contains run-ci-checks: ${{ contains( github.event.pull_request.labels.*.name, 'run-ci-checks') }}" | |
if [ "${{ github.event_name == 'pull_request' && contains( github.event.pull_request.labels.*.name, 'run-ci-checks') }}" == "true" ]; then | |
echo "Overriding due to label 'run-ci-checks'" | |
echo "out=true" >> $GITHUB_OUTPUT | |
elif [ "${{ github.ref_name == github.event.repository.default_branch }}" == "true" ]; then | |
echo "Overriding due to running on the default branch" | |
echo "out=true" >> $GITHUB_OUTPUT | |
fi | |
- uses: dorny/paths-filter@v3 | |
id: filter | |
with: | |
filters: .github/change-filters.yml | |
check-rs: | |
name: Check Rust code 🦀 | |
needs: changes | |
if: ${{ needs.changes.outputs.rust == 'true' }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- name: Install stable toolchain | |
uses: dtolnay/rust-toolchain@stable | |
with: | |
components: rustfmt, clippy | |
- name: Check formatting | |
run: cargo fmt -- --check | |
- name: Run clippy | |
run: cargo clippy --all-targets --all-features --workspace -- -D warnings | |
- name: Build docs | |
run: cargo doc --no-deps --all-features --workspace | |
env: | |
RUSTDOCFLAGS: "-Dwarnings" | |
check-py: | |
name: Check Python code 🐍 | |
needs: changes | |
if: ${{ needs.changes.outputs.python == 'true' }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- name: Set up uv | |
uses: astral-sh/setup-uv@v3 | |
with: | |
version: ${{ env.UV_VERSION }} | |
enable-cache: true | |
- name: Install Python ${{ env.PYTHON_HIGHEST }} | |
run: uv python install ${{ env.PYTHON_HIGHEST }} | |
- name: Setup dependencies | |
run: uv sync --python ${{ env.PYTHON_HIGHEST }} | |
- name: Type check with mypy | |
run: uv run mypy . | |
- name: Check formatting with ruff | |
run: uv run ruff format --check | |
- name: Lint with ruff | |
run: uv run ruff check | |
benches: | |
name: Build benchmarks 🏋️ | |
needs: changes | |
if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- name: Install stable toolchain | |
uses: dtolnay/rust-toolchain@stable | |
- name: Build benchmarks with no features | |
run: cargo bench --verbose --no-run --workspace --no-default-features | |
- name: Build benchmarks with all features | |
run: cargo bench --verbose --no-run --workspace --all-features | |
# Run tests on Rust stable | |
tests-rs-stable-no-features: | |
needs: changes | |
if: ${{ needs.changes.outputs.rust == 'true' }} | |
runs-on: ubuntu-latest | |
name: tests (Rust stable, no features) | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- id: toolchain | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: 'stable' | |
- name: Configure default rust toolchain | |
run: rustup override set ${{steps.toolchain.outputs.name}} | |
- name: Build with no features | |
run: cargo test --verbose --workspace --no-default-features --no-run | |
- name: Tests with no features | |
run: cargo test --verbose --workspace --no-default-features | |
# Run tests on Rust stable | |
tests-rs-stable-all-features: | |
needs: changes | |
if: ${{ needs.changes.outputs.rust == 'true' }} | |
runs-on: ubuntu-latest | |
name: tests (Rust stable, all features) | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- id: toolchain | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: 'stable' | |
- name: Configure default rust toolchain | |
run: rustup override set ${{steps.toolchain.outputs.name}} | |
- name: Build with all features | |
run: cargo test --verbose --workspace --all-features --no-run | |
- name: Tests with all features | |
run: cargo test --verbose --workspace --all-features | |
# Run tests on other toolchains | |
tests-rs-other: | |
needs: changes | |
if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }} | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: true | |
matrix: | |
# Stable is covered by `tests-stable-no-features` and `tests-stable-all-features` | |
# Nightly is covered by `tests-nightly-coverage` | |
rust: ['1.75', beta] | |
name: tests (Rust ${{ matrix.rust }}) | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- id: toolchain | |
uses: dtolnay/rust-toolchain@master | |
with: | |
toolchain: ${{ matrix.rust }} | |
- name: Configure default rust toolchain | |
run: rustup override set ${{steps.toolchain.outputs.name}} | |
- name: Build with no features | |
run: cargo test --verbose --workspace --no-default-features --no-run | |
- name: Tests with no features | |
run: cargo test --verbose --workspace --no-default-features | |
- name: Build with all features | |
run: cargo test --verbose --workspace --all-features --no-run | |
- name: Tests with all features | |
run: cargo test --verbose --workspace --all-features | |
tests-nightly-coverage: | |
needs: changes | |
# Run only if there are changes in the relevant files | |
if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }} | |
runs-on: ubuntu-latest | |
name: tests (Rust nightly, coverage) | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- uses: dtolnay/rust-toolchain@master | |
with: | |
# Nightly is required to count doctests coverage | |
toolchain: 'nightly' | |
components: llvm-tools-preview | |
- name: Install cargo-llvm-cov | |
uses: taiki-e/install-action@cargo-llvm-cov | |
- name: Run tests with coverage instrumentation | |
run: | | |
cargo llvm-cov clean --workspace | |
cargo llvm-cov --no-report --workspace --no-default-features --doctests | |
cargo llvm-cov --no-report --workspace --all-features --doctests | |
- name: Generate coverage report | |
run: cargo llvm-cov --all-features report --codecov --output-path coverage.json | |
- name: Upload coverage to codecov.io | |
uses: codecov/codecov-action@v4 | |
with: | |
files: coverage.json | |
name: rust | |
flags: rust | |
fail_ci_if_error: true | |
token: ${{ secrets.CODECOV_TOKEN }} | |
tests-py: | |
needs: changes | |
if: ${{ needs.changes.outputs.python == 'true' }} | |
runs-on: ubuntu-latest | |
name: tests (Python, coverage) | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- name: Install stable toolchain | |
uses: dtolnay/rust-toolchain@stable | |
- name: Set up uv | |
uses: astral-sh/setup-uv@v3 | |
with: | |
version: ${{ env.UV_VERSION }} | |
enable-cache: true | |
- name: Install Python ${{ env.PYTHON_LOWEST }} | |
run: uv python install ${{ env.PYTHON_LOWEST }} | |
- name: Setup dependencies | |
run: uv sync --python ${{ env.PYTHON_LOWEST }} | |
- name: Run python tests with coverage instrumentation | |
run: uv run pytest --cov=./ --cov-report=xml | |
- name: Upload python coverage to codecov.io | |
if: github.event_name != 'merge_group' | |
uses: codecov/codecov-action@v4 | |
with: | |
files: ./coverage.xml | |
# Ensures we only upload this file | |
disable_search: true | |
name: python | |
flags: python | |
fail_ci_if_error: true | |
token: ${{ secrets.CODECOV_TOKEN }} | |
# Ensure that serialized extensions match rust implementation | |
tket2-extensions: | |
needs: [changes, tests-rs-stable-all-features] | |
if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }} | |
name: Check standard extensions | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: mozilla-actions/[email protected] | |
- name: Install stable toolchain | |
uses: dtolnay/rust-toolchain@stable | |
- uses: extractions/setup-just@v2 | |
- name: Generate the updated definitions | |
run: just gen-extensions | |
- name: Check if the declarations are up to date | |
run: | | |
git diff --exit-code --name-only tket2-exts/src/tket2_exts/data | |
if [ $? -ne 0 ]; then | |
echo "The serialized standard extensions are not up to date" | |
echo "Please run 'just gen-extensions' and commit the changes. | |
Bump the version of tket2-exts according to semver. | |
" | |
exit 1 | |
fi | |
# This is a meta job to mark successful completion of the required checks, | |
# even if they are skipped due to no changes in the relevant files. | |
required-checks: | |
name: Required checks 🦀+🐍 | |
needs: [changes, check-rs, check-py, tests-rs-stable-no-features, tests-rs-stable-all-features, tests-py, tket2-extensions] | |
if: ${{ !cancelled() }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Debug changes step output | |
run: | | |
echo "Rust: ${{ needs.changes.outputs.rust }}" | |
echo "Python: ${{ needs.changes.outputs.python }}" | |
- name: Fail if required checks failed | |
# This condition should simply be `if: failure() || cancelled()`, | |
# but there seems to be a bug in the github workflow runner. | |
# | |
# See https://github.com/orgs/community/discussions/80788 | |
if: | | |
needs.changes.result == 'failure' || needs.changes.result == 'cancelled' || | |
needs.check-rs.result == 'failure' || needs.check-rs.result == 'cancelled' || | |
needs.check-py.result == 'failure' || needs.check-py.result == 'cancelled' || | |
needs.tests-rs-stable-no-features.result == 'failure' || needs.tests-rs-stable-no-features.result == 'cancelled' || | |
needs.tests-rs-stable-all-features.result == 'failure' || needs.tests-rs-stable-all-features.result == 'cancelled' || | |
needs.tests-py.result == 'failure' || needs.tests-py.result == 'cancelled' | |
run: | | |
echo "Required checks failed" | |
echo "Please check the logs for more information" | |
exit 1 | |
- name: Pass if required checks passed | |
run: | | |
echo "All required checks passed" |