diff --git a/.aspect/workflows/config.yaml b/.aspect/workflows/config.yaml deleted file mode 100644 index 614012c1c..000000000 --- a/.aspect/workflows/config.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# See https://docs.aspect.build/v/workflows/config ---- -workspaces: - .: - bazel: - flags: - - --nostamp - - --workspace_status_command= - - --nobuild_tests_only - - --cli_edition=enterprise -tasks: - buildifier: - target: //bazel/ci:buildifier_check - gazelle: - target: //bazel/ci:gazelle_check - test: diff --git a/.github/actionlint.yaml b/.github/actionlint.yaml index 2befef433..21abeaebf 100644 --- a/.github/actionlint.yaml +++ b/.github/actionlint.yaml @@ -1,4 +1,3 @@ self-hosted-runner: # Labels of self-hosted runner in array of string - labels: - [azure-cvm, bazel-cached, bazel-nocache, aspect-workflows, aspect-warming] + labels: [azure-cvm, bazel-cached, bazel-nocache] diff --git a/.github/workflows/.aspect-workflows-reusable.yaml b/.github/workflows/.aspect-workflows-reusable.yaml deleted file mode 100644 index 5927d0cb0..000000000 --- a/.github/workflows/.aspect-workflows-reusable.yaml +++ /dev/null @@ -1,160 +0,0 @@ -# ================================================================================================== -# Aspect Workflows Reusable Workflow for GitHub Actions (v5.7.0-rc5) -# -# https://github.com/marketplace/actions/aspect-workflows?version=5.7.0-rc5 -# -# At this time, GitHub Actions does not allow referencing reusable workflows from public -# repositories in other organizations. See -# https://docs.github.com/en/actions/using-workflows/reusing-workflows#access-to-reusable-workflows -# for more info. -# -# Use the Aspect Workflows Reusable Workflow with GitHub Actions by doing one of the following: -# -# 1. Vendor this file into the `.github/workflows` folder of your repository and reference it with -# `uses:` in a workflow file such as `.github/workflows/aspect-workflows.yaml`: -# -# ``` -# name: Aspect Workflows -# -# on: -# push: -# branches: [main] -# pull_request: -# branches: [main] -# workflow_dispatch: -# -# jobs: -# aspect-workflows: -# name: Aspect Workflows -# uses: ./.github/workflows/.aspect-workflows-reusable.yaml -# ``` -# -# 2. Create a fork of https://github.com/aspect-build/workflows-action in your -# GitHub org and change the `uses` line above to reference the reusable work -# from your fork: -# -# ``` -# jobs: -# aspect-workflows: -# name: Aspect Workflows -# uses: my-github-org/workflows-action/.github/workflows/.aspect-workflows-reusable.yaml@ -# ``` -# ================================================================================================== -name: Aspect Workflows Reusable Workflow (v5.7.0-rc5) - -on: - # Makes this workflow reusable, see - # https://github.blog/2022-02-10-using-reusable-workflows-github-actions - workflow_call: - inputs: - aspect-config: - description: Path to the Aspect Workflows config.yaml file - type: string - default: .aspect/workflows/config.yaml - delivery-workflow: - description: The name of the file which contains the delivery workflow - type: string - default: aspect-workflows-delivery.yaml - queue: - description: The queue / runner pool that the setup step will run on - type: string - default: aspect-default - slack_webhook_url: - description: 'If set, then a webhook notification will be sent for failing builds on a release branch. Input should match the name of a secret. "secrets: inherit" must also be set' - type: string - inherited_secrets: - description: 'Comma separated list of secrets or regex (Oniguruma) describing secrets to be made available during the build. "secrets: inherit" must also be set. The regex is used by jq internally which uses the Oniguruma regular expression library: https://jqlang.github.io/jq/manual/' - type: string - -jobs: - setup: - runs-on: [self-hosted, aspect-workflows, "${{ inputs.queue }}"] - steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - id: rosetta-generate - run: | - echo "json=$( \ - rosetta steps \ - --config "${{ inputs.aspect-config }}" \ - --gha_task generate \ - --gha_json_pretty_print=false \ - )" | tee "${GITHUB_OUTPUT}" - - outputs: - cfg: ${{ steps.rosetta-generate.outputs.json }} - - bazel: - needs: [setup] - runs-on: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].labels }} - strategy: - matrix: ${{ fromJson(needs.setup.outputs.cfg).matrix_config }} - env: - ASPECT_WORKFLOWS_CONFIG: ${{ inputs.aspect-config }} - - steps: - - name: Configure environment - run: configure_workflows_env - - - name: Clone repo - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - - name: Agent health checks - run: agent_health_check - timeout-minutes: ${{ fromJson(needs.setup.outputs.cfg).task_config[fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace].tasks['bazel_health_probe'].timeout_in_minutes }} - - - name: Process Secrets - id: process_secrets - if: inputs.inherited_secrets != '' - run: | - REQUIRED_SECRETS=$(jq -R --compact-output 'gsub("\\s+";"";"g") | split(",")' <<< "${{ inputs.inherited_secrets }}") - FILTERED_SECRETS=$(jq --compact-output --argjson secrets "${REQUIRED_SECRETS}" 'with_entries( select (.key | test($secrets[]) ) )' <<< '''${{ toJson(secrets) }}''' ) - echo "filtered_secrets=${FILTERED_SECRETS}" | tee "${GITHUB_OUTPUT}" - - - name: Branch Freshness - uses: aspect-build/workflows-action@94af6eb5b5319f01de6338f2a20c274825a7c50f # 5.7.0-rc5 - timeout-minutes: ${{ fromJson(needs.setup.outputs.cfg).task_config[fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace].tasks['branch_freshness'].timeout_in_minutes }} - with: - workspace: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace }} - task: branch_freshness - - - name: Prepare archive directories - run: rm -rf ${{ join(fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].artifact_paths, ' ') }} - - - name: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].task }} - uses: aspect-build/workflows-action@94af6eb5b5319f01de6338f2a20c274825a7c50f # 5.7.0-rc5 - env: ${{ inputs.inherited_secrets != '' && fromJson(steps.process_secrets.outputs.filtered_secrets) || fromJson('{}') }} - timeout-minutes: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].timeout_in_minutes }} - with: - workspace: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace }} - task: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].task }} - - - name: Delivery Manifest - if: fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].generate_manifest - uses: aspect-build/workflows-action@94af6eb5b5319f01de6338f2a20c274825a7c50f # 5.7.0-rc5 - timeout-minutes: ${{ fromJson(needs.setup.outputs.cfg).task_config[fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace].tasks['delivery'].timeout_in_minutes }} - with: - workspace: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].workspace }} - task: delivery_manifest - - # Upload all artifacts for the workspace - - name: Upload Artifact - # The `always()` condition is required to ensure this step runs even if the previous - # step fails. Note that setting `continue-on-error: true` on the previous - # step is not ideal as GitHub will misleadingly flag the step as having passed. - if: ${{ always() }} - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 - with: - name: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].artifact_prefix }}${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].task }}.artifacts - path: ${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].artifact_upload_pattern }} - - - name: Trigger Delivery - # This uses the following API: https://docs.github.com/en/rest/actions/workflows?apiVersion=2022-11-28#create-a-workflow-dispatch-event - run: | - curl \ - -X POST \ - -H "Accept: application/vnd.github.v3+json" \ - -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ - https://api.github.com/repos/${{ github.repository }}/actions/workflows/${{ inputs.delivery-workflow }}/dispatches \ - -d "{\"ref\":\"${{ fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].branch }}\",\"inputs\":{\"delivery_commit\":\"${GITHUB_SHA}\"}}" - shell: bash - if: fromJson(needs.setup.outputs.cfg).workflows_config[matrix.job].delivery diff --git a/.github/workflows/aspect-workflows-warming.yaml b/.github/workflows/aspect-workflows-warming.yaml deleted file mode 100644 index c0bae08bc..000000000 --- a/.github/workflows/aspect-workflows-warming.yaml +++ /dev/null @@ -1,27 +0,0 @@ -name: Aspect Workflows Warming - -on: - # Run the workflows on a cron schedule to periodically create an up-to-date warming archive - schedule: - # M-F 15:05, 19:05, 23:05 UTC - - cron: '5 15,19,23 * * 1-5' - - # Allow this to be triggered manually via the GitHub UI Actions tab - workflow_dispatch: - -jobs: - warming-archive: - name: Aspect Workflows Warming - runs-on: [self-hosted, aspect-workflows, aspect-warming] - steps: - - name: Configure environment - run: configure_workflows_env - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - - name: Agent health checks - run: agent_health_check - - name: Create warming archive - uses: aspect-build/workflows-action@94af6eb5b5319f01de6338f2a20c274825a7c50f # 5.7.0-rc5 - with: - task: warming - - name: Archive warming tars - run: warming_archive diff --git a/.github/workflows/aspect-workflows.yaml b/.github/workflows/aspect-workflows.yaml deleted file mode 100644 index 3a7eacb1e..000000000 --- a/.github/workflows/aspect-workflows.yaml +++ /dev/null @@ -1,16 +0,0 @@ -name: Aspect Workflows - -on: - # Triggers the workflow on pull request events and on main - push: - branches: [main] - pull_request: - branches: [main] - - # Allow this to be triggered manually via the GitHub UI Actions tab - workflow_dispatch: - -jobs: - aspect-workflows: - name: Aspect Workflows - uses: ./.github/workflows/.aspect-workflows-reusable.yaml