mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-15 19:04:23 -05:00
abbe3853cb
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
193 lines
6.9 KiB
YAML
193 lines
6.9 KiB
YAML
name: Setup bazel and Nix
|
|
description: Setup Bazel and Nix for CI builds and tests
|
|
|
|
inputs:
|
|
useCache:
|
|
description: "Cache Bazel artifacts. Use 'true' to enable with rw, 'readonly' to download, 'log' to disable cache but upload logs, and 'false' to disable."
|
|
default: "false"
|
|
required: true
|
|
buildBuddyApiKey:
|
|
description: "BuildBuddy API key for caching Bazel artifacts"
|
|
required: false
|
|
|
|
runs:
|
|
using: "composite"
|
|
steps:
|
|
- name: Check inputs
|
|
id: check_inputs
|
|
shell: bash
|
|
run: |
|
|
echo "::group::Check inputs"
|
|
if [[ "${{ inputs.useCache }}" != "true" && "${{ inputs.useCache }}" != "readonly" && "${{ inputs.useCache }}" != "logs" && "${{ inputs.useCache }}" != "false" ]]; then
|
|
echo "Invalid value for 'useCache' input: '${{ inputs.useCache }}'. Must be 'true', 'readonly', or 'false'."
|
|
exit 1
|
|
fi
|
|
if [[ "${{ inputs.useCache }}" == "true" || "${{ inputs.useCache }}" == "readonly" || "${{ inputs.useCache }}" == "logs" ]] && [[ -z "${{ inputs.buildBuddyApiKey }}" ]]; then
|
|
echo "BuildBuddy API key is required when cache is enabled."
|
|
exit 1
|
|
fi
|
|
if command -v nix; then
|
|
echo "nixPreinstalled=true" | tee -a "$GITHUB_OUTPUT"
|
|
else
|
|
echo "nixPreinstalled=false" | tee -a "$GITHUB_OUTPUT"
|
|
fi
|
|
if command -v bazel; then
|
|
echo "bazelPreinstalled=true" | tee -a "$GITHUB_OUTPUT"
|
|
else
|
|
echo "bazelPreinstalled=false" | tee -a "$GITHUB_OUTPUT"
|
|
fi
|
|
if [[ -f /etc/NIXOS ]]; then
|
|
echo "nixOS=true" | tee -a "$GITHUB_OUTPUT"
|
|
else
|
|
echo "nixOS=false" | tee -a "$GITHUB_OUTPUT"
|
|
fi
|
|
if [[ "$RUNNER_OS" == "Linux" ]]; then
|
|
echo "os=linux" | tee -a "$GITHUB_OUTPUT"
|
|
elif [[ "$RUNNER_OS" == "Windows" ]]; then
|
|
echo "os=windows" | tee -a "$GITHUB_OUTPUT"
|
|
elif [[ "$RUNNER_OS" == "macOS" ]]; then
|
|
echo "os=darwin" | tee -a "$GITHUB_OUTPUT"
|
|
else
|
|
echo "$RUNNER_OS not supported"
|
|
exit 1
|
|
fi
|
|
if [[ "$RUNNER_ARCH" == "X64" ]]; then
|
|
echo "arch=amd64" | tee -a "$GITHUB_OUTPUT"
|
|
elif [[ "$RUNNER_ARCH" == "ARM64" ]]; then
|
|
echo "arch=arm64" | tee -a "$GITHUB_OUTPUT"
|
|
else
|
|
echo "$RUNNER_ARCH not supported"
|
|
exit 1
|
|
fi
|
|
echo "::endgroup::"
|
|
|
|
- name: Install nix
|
|
if: steps.check_inputs.outputs.nixPreinstalled == 'false'
|
|
uses: cachix/install-nix-action@6a9a9e84a173d90b3ffb42c5ddaf9ea033fad011 # v23
|
|
|
|
- name: Set $USER if not set
|
|
shell: bash
|
|
run: |
|
|
echo "::group::Set \$USER if not set"
|
|
if [[ -z "$USER" ]]; then
|
|
echo "USER=$(id -un)" | tee -a "$GITHUB_ENV"
|
|
fi
|
|
echo "::endgroup::"
|
|
|
|
|
|
- uses: cachix/cachix-action@6a9a34cdd93d0ae4b4b59fd678660efb08109f2f # v12
|
|
with:
|
|
name: katexochen
|
|
extraPullNames: nix-community
|
|
|
|
- name: Install Bazelisk
|
|
if: steps.check_inputs.outputs.bazelPreinstalled == 'false' && steps.check_inputs.outputs.nixOS == 'false'
|
|
shell: bash
|
|
env:
|
|
OS: ${{ steps.check_inputs.outputs.os }}
|
|
ARCH: ${{ steps.check_inputs.outputs.arch }}
|
|
run: |
|
|
echo "::group::Install Bazelisk"
|
|
curl -fsSLo /usr/local/bin/bazel "https://github.com/bazelbuild/bazelisk/releases/download/v1.18.0/bazelisk-${OS}-${ARCH}"
|
|
chmod +x /usr/local/bin/bazel
|
|
echo "::endgroup::"
|
|
|
|
- name: Free up space (Ubuntu)
|
|
shell: bash
|
|
if: startsWith(runner.name, 'GitHub Actions') && runner.os == 'Linux'
|
|
run: |
|
|
echo "::group::Free up space (Ubuntu)"
|
|
echo "Available storage (before):"
|
|
df -h
|
|
|
|
sudo apt-get update || true
|
|
sudo apt-get remove -y '^dotnet-.*' || true
|
|
sudo apt-get remove -y '^llvm-.*' || true
|
|
sudo apt-get remove -y 'php.*' || true
|
|
sudo apt-get remove -y '^mongodb-.*' || true
|
|
sudo apt-get remove -y '^mysql-.*' || true
|
|
sudo rm -rf /usr/share/dotnet
|
|
sudo rm -rf /usr/local/lib/android
|
|
sudo rm -rf /opt/ghc
|
|
sudo rm -rf /opt/hostedtoolcache/CodeQL
|
|
sudo docker image prune --all --force
|
|
sudo apt-get autoremove -y || true
|
|
sudo apt-get clean || true
|
|
|
|
echo "Available storage (after):"
|
|
df -h
|
|
echo "::endgroup::"
|
|
|
|
- name: Configure Bazel (general)
|
|
shell: bash
|
|
env:
|
|
WORKSPACE: ${{ github.workspace }}
|
|
run: |
|
|
echo "::group::Configure Bazel"
|
|
cat <<EOF >> "${WORKSPACE}/.bazeloverwriterc"
|
|
import %workspace%/bazel/bazelrc/ci.bazelrc
|
|
EOF
|
|
echo "::endgroup::"
|
|
|
|
- name: Configure Bazel (rw)
|
|
if: inputs.useCache == 'true' || inputs.useCache == 'readonly'
|
|
shell: bash
|
|
env:
|
|
BUILDBUDDY_ORG_API_KEY: ${{ inputs.buildBuddyApiKey }}
|
|
WORKSPACE: ${{ github.workspace }}
|
|
run: |
|
|
echo "::group::Configure Bazel"
|
|
cat <<EOF >> "${WORKSPACE}/.bazeloverwriterc"
|
|
common --bes_results_url=https://app.buildbuddy.io/invocation/
|
|
common --bes_backend=grpcs://remote.buildbuddy.io
|
|
common --remote_cache=grpcs://remote.buildbuddy.io
|
|
common --remote_header=x-buildbuddy-api-key=${BUILDBUDDY_ORG_API_KEY}
|
|
cquery --bes_results_url=
|
|
cquery --bes_backend=
|
|
cquery --remote_cache=
|
|
query --bes_results_url=
|
|
query --bes_backend=
|
|
query --remote_cache=
|
|
EOF
|
|
echo "::endgroup::"
|
|
|
|
- name: Configure Bazel (readonly)
|
|
if: inputs.useCache == 'readonly'
|
|
shell: bash
|
|
env:
|
|
WORKSPACE: ${{ github.workspace }}
|
|
run: |
|
|
echo "::group::Configure Bazel (readonly)"
|
|
echo "common --remote_upload_local_results=false" >> "${WORKSPACE}/.bazeloverwriterc"
|
|
echo "::endgroup::"
|
|
|
|
- name: Configure Bazel (logs)
|
|
if: inputs.useCache == 'logs'
|
|
shell: bash
|
|
env:
|
|
BUILDBUDDY_ORG_API_KEY: ${{ inputs.buildBuddyApiKey }}
|
|
WORKSPACE: ${{ github.workspace }}
|
|
run: |
|
|
echo "::group::Configure Bazel"
|
|
cat <<EOF >> "${WORKSPACE}/.bazeloverwriterc"
|
|
common --bes_results_url=https://app.buildbuddy.io/invocation/
|
|
common --bes_backend=grpcs://remote.buildbuddy.io
|
|
common --remote_header=x-buildbuddy-api-key=${BUILDBUDDY_ORG_API_KEY}
|
|
cquery --bes_results_url=
|
|
cquery --bes_backend=
|
|
query --bes_results_url=
|
|
query --bes_backend=
|
|
EOF
|
|
echo "::endgroup::"
|
|
|
|
- name: Disable disk cache on GitHub Actions runners
|
|
if: startsWith(runner.name , 'GitHub Actions')
|
|
shell: bash
|
|
env:
|
|
WORKSPACE: ${{ github.workspace }}
|
|
run: |
|
|
echo "::group::Configure Bazel (disk cache)"
|
|
echo "common --disk_cache=" >> "${WORKSPACE}/.bazeloverwriterc"
|
|
echo "common --repository_cache=" >> "${WORKSPACE}/.bazeloverwriterc"
|
|
echo "::endgroup::"
|