Skip to content

ci: run semver-checks on a pull_request_target trigger #2292

ci: run semver-checks on a pull_request_target trigger

ci: run semver-checks on a pull_request_target trigger #2292

Workflow file for this run

name: Continuous integration
on:
push:
branches:
- main
pull_request:
branches:
- '*'
merge_group:
types: [checks_requested]
workflow_dispatch: {}
env:
CARGO_TERM_COLOR: always
CARGO_INCREMENTAL: 0
RUSTFLAGS: "--cfg=ci_run"
MIRIFLAGS: '-Zmiri-permissive-provenance' # Required due to warnings in bitvec 1.0.1
CI: true # insta snapshots behave differently on ci
SCCACHE_GHA_ENABLED: "true"
RUSTC_WRAPPER: "sccache"
# Pinned version for the uv package manager
UV_VERSION: "0.4.20"
UV_FROZEN: 1
# The highest and lowest supported Python versions, used for testing
PYTHON_HIGHEST: "3.13"
PYTHON_LOWEST: "3.10"
jobs:
# Check if changes were made to the relevant files.
# Always returns true if running on the default branch, to ensure all changes are throughly checked.
changes:
name: Check for changes
runs-on: ubuntu-latest
# Required permissions
permissions:
pull-requests: read
# Set job outputs to values from filter step
# These outputs are always true when running after a merge to main, or if the PR has a `run-ci-checks` label.
outputs:
rust: ${{ steps.filter.outputs.rust == 'true' || steps.override.outputs.out == 'true' }}
python: ${{ steps.filter.outputs.python == 'true' || steps.override.outputs.out == 'true' }}
steps:
- uses: actions/checkout@v4
- name: Override label
id: override
run: |
echo "Labels: ${{ github.event.pull_request.labels.*.name }}"
echo "Label contains run-ci-checks: ${{ contains( github.event.pull_request.labels.*.name, 'run-ci-checks') }}"
if [ "${{ github.event_name == 'pull_request' && contains( github.event.pull_request.labels.*.name, 'run-ci-checks') }}" == "true" ]; then
echo "Overriding due to label 'run-ci-checks'"
echo "out=true" >> $GITHUB_OUTPUT
elif [ "${{ github.ref_name == github.event.repository.default_branch }}" == "true" ]; then
echo "Overriding due to running on the default branch"
echo "out=true" >> $GITHUB_OUTPUT
fi
- uses: dorny/paths-filter@v3
id: filter
with:
filters: .github/change-filters.yml
check-rs:
name: Check Rust code 🦀
needs: changes
if: ${{ needs.changes.outputs.rust == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@stable
with:
components: rustfmt, clippy
- name: Check formatting
run: cargo fmt -- --check
- name: Run clippy
run: cargo clippy --all-targets --all-features --workspace -- -D warnings
- name: Build docs
run: cargo doc --no-deps --all-features --workspace
env:
RUSTDOCFLAGS: "-Dwarnings"
check-py:
name: Check Python code 🐍
needs: changes
if: ${{ needs.changes.outputs.python == 'true' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- name: Set up uv
uses: astral-sh/setup-uv@v3
with:
version: ${{ env.UV_VERSION }}
enable-cache: true
- name: Install Python ${{ env.PYTHON_HIGHEST }}
run: uv python install ${{ env.PYTHON_HIGHEST }}
- name: Setup dependencies
run: uv sync --python ${{ env.PYTHON_HIGHEST }}
- name: Type check with mypy
run: uv run mypy .
- name: Check formatting with ruff
run: uv run ruff format --check
- name: Lint with ruff
run: uv run ruff check
benches:
name: Build benchmarks 🏋️
needs: changes
if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@stable
- name: Build benchmarks with no features
run: cargo bench --verbose --no-run --workspace --no-default-features
- name: Build benchmarks with all features
run: cargo bench --verbose --no-run --workspace --all-features
# Run tests on Rust stable
tests-rs-stable-no-features:
needs: changes
if: ${{ needs.changes.outputs.rust == 'true' }}
runs-on: ubuntu-latest
name: tests (Rust stable, no features)
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- id: toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: 'stable'
- name: Configure default rust toolchain
run: rustup override set ${{steps.toolchain.outputs.name}}
- name: Build with no features
run: cargo test --verbose --workspace --no-default-features --no-run
- name: Tests with no features
run: cargo test --verbose --workspace --no-default-features
# Run tests on Rust stable
tests-rs-stable-all-features:
needs: changes
if: ${{ needs.changes.outputs.rust == 'true' }}
runs-on: ubuntu-latest
name: tests (Rust stable, all features)
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- id: toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: 'stable'
- name: Configure default rust toolchain
run: rustup override set ${{steps.toolchain.outputs.name}}
- name: Build with all features
run: cargo test --verbose --workspace --all-features --no-run
- name: Tests with all features
run: cargo test --verbose --workspace --all-features
# Run tests on other toolchains
tests-rs-other:
needs: changes
if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }}
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
# Stable is covered by `tests-stable-no-features` and `tests-stable-all-features`
# Nightly is covered by `tests-nightly-coverage`
rust: ['1.75', beta]
name: tests (Rust ${{ matrix.rust }})
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- id: toolchain
uses: dtolnay/rust-toolchain@master
with:
toolchain: ${{ matrix.rust }}
- name: Configure default rust toolchain
run: rustup override set ${{steps.toolchain.outputs.name}}
- name: Build with no features
run: cargo test --verbose --workspace --no-default-features --no-run
- name: Tests with no features
run: cargo test --verbose --workspace --no-default-features
- name: Build with all features
run: cargo test --verbose --workspace --all-features --no-run
- name: Tests with all features
run: cargo test --verbose --workspace --all-features
tests-nightly-coverage:
needs: changes
# Run only if there are changes in the relevant files
if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }}
runs-on: ubuntu-latest
name: tests (Rust nightly, coverage)
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- uses: dtolnay/rust-toolchain@master
with:
# Nightly is required to count doctests coverage
toolchain: 'nightly'
components: llvm-tools-preview
- name: Install cargo-llvm-cov
uses: taiki-e/install-action@cargo-llvm-cov
- name: Run tests with coverage instrumentation
run: |
cargo llvm-cov clean --workspace
cargo llvm-cov --no-report --workspace --no-default-features --doctests
cargo llvm-cov --no-report --workspace --all-features --doctests
- name: Generate coverage report
run: cargo llvm-cov --all-features report --codecov --output-path coverage.json
- name: Upload coverage to codecov.io
uses: codecov/codecov-action@v4
with:
files: coverage.json
name: rust
flags: rust
fail_ci_if_error: true
token: ${{ secrets.CODECOV_TOKEN }}
tests-py:
needs: changes
if: ${{ needs.changes.outputs.python == 'true' }}
runs-on: ubuntu-latest
name: tests (Python, coverage)
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@stable
- name: Set up uv
uses: astral-sh/setup-uv@v3
with:
version: ${{ env.UV_VERSION }}
enable-cache: true
- name: Install Python ${{ env.PYTHON_LOWEST }}
run: uv python install ${{ env.PYTHON_LOWEST }}
- name: Setup dependencies
run: uv sync --python ${{ env.PYTHON_LOWEST }}
- name: Run python tests with coverage instrumentation
run: uv run pytest --cov=./ --cov-report=xml
- name: Upload python coverage to codecov.io
if: github.event_name != 'merge_group'
uses: codecov/codecov-action@v4
with:
files: ./coverage.xml
# Ensures we only upload this file
disable_search: true
name: python
flags: python
fail_ci_if_error: true
token: ${{ secrets.CODECOV_TOKEN }}
# Ensure that serialized extensions match rust implementation
tket2-extensions:
needs: [changes, tests-rs-stable-all-features]
if: ${{ needs.changes.outputs.rust == 'true' && github.event_name != 'merge_group' }}
name: Check standard extensions
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: mozilla-actions/[email protected]
- name: Install stable toolchain
uses: dtolnay/rust-toolchain@stable
- uses: extractions/setup-just@v2
- name: Generate the updated definitions
run: just gen-extensions
- name: Check if the declarations are up to date
run: |
git diff --exit-code --name-only tket2-exts/src/tket2_exts/data
if [ $? -ne 0 ]; then
echo "The serialized standard extensions are not up to date"
echo "Please run 'just gen-extensions' and commit the changes.
Bump the version of tket2-exts according to semver.
"
exit 1
fi
# This is a meta job to mark successful completion of the required checks,
# even if they are skipped due to no changes in the relevant files.
required-checks:
name: Required checks 🦀+🐍
needs: [changes, check-rs, check-py, tests-rs-stable-no-features, tests-rs-stable-all-features, tests-py, tket2-extensions]
if: ${{ !cancelled() }}
runs-on: ubuntu-latest
steps:
- name: Debug changes step output
run: |
echo "Rust: ${{ needs.changes.outputs.rust }}"
echo "Python: ${{ needs.changes.outputs.python }}"
- name: Fail if required checks failed
# This condition should simply be `if: failure() || cancelled()`,
# but there seems to be a bug in the github workflow runner.
#
# See https://github.com/orgs/community/discussions/80788
if: |
needs.changes.result == 'failure' || needs.changes.result == 'cancelled' ||
needs.check-rs.result == 'failure' || needs.check-rs.result == 'cancelled' ||
needs.check-py.result == 'failure' || needs.check-py.result == 'cancelled' ||
needs.tests-rs-stable-no-features.result == 'failure' || needs.tests-rs-stable-no-features.result == 'cancelled' ||
needs.tests-rs-stable-all-features.result == 'failure' || needs.tests-rs-stable-all-features.result == 'cancelled' ||
needs.tests-py.result == 'failure' || needs.tests-py.result == 'cancelled'
run: |
echo "Required checks failed"
echo "Please check the logs for more information"
exit 1
- name: Pass if required checks passed
run: |
echo "All required checks passed"