Google Git
Sign in
cobalt / cobalt / HEAD / . / .github / workflows / main.yaml
blob: 77915c6699d7e14da2fc4e4316845367b011a7a9 [file] [log] [blame]
# Reusable Cobalt CI workflow.
name: main
on:
workflow_call:
inputs:
platform:
description: 'Cobalt platform.'
required: true
type: string
nightly:
description: 'Nightly workflow.'
required: true
type: string
default: 'false'
run_api_leak_detector:
description: 'Whether to run the api leak detector.'
required: false
type: boolean
default: false
leak_manifest_filename:
description: 'Path to the leak manifest.'
required: false
type: string
default: ""
modular:
description: 'Whether this is a modular build.'
required: false
type: boolean
default: false
keep_artifacts:
description: 'Which artifacts to keep for releases'
required: false
type: string
default: ''
# Global env vars.
env:
REGISTRY: ghcr.io
IPV6_AVAILABLE: 0
LANG: en_US.UTF-8
IS_BUILDBOT_DOCKER: 1
IS_CI: 1
IS_DOCKER: 1
NINJA_STATUS: '[%e sec | %f/%t %u remaining | %c/sec | j%r]'
SCCACHE: 1
SCCACHE_GCS_BUCKET: cobalt-actions-sccache-linux
SCCACHE_GCS_OAUTH_URL: http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token
SCCACHE_GCS_RW_MODE: READ_WRITE
SCCACHE_IDLE_TIMEOUT: 0 # prevent sccache server from shutting down after long idle.
STARBOARD_TOOLCHAINS_DIR: /root/starboard-toolchains
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}-${{ inputs.platform }} @ ${{ github.event.label.name || github.event.pull_request.number || github.sha }} @ ${{ github.event.label.name && github.event.pull_request.number || github.event.action }}
cancel-in-progress: true
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# Retrieves configuration from json file.
initialize:
runs-on: ubuntu-latest
permissions:
pull-requests: write
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
GITHUB_PR_REPO_URL: ${{ github.event.pull_request.base.repo.url }}
GITHUB_EVENT_NUMBER: ${{ github.event.number }}
if: |
github.event.action != 'labeled' ||
github.event.pull_request.merged == false &&
(
github.event.action == 'labeled' &&
github.event.label.name == 'runtest' ||
github.event.label.name == 'on_device'
)
steps:
- id: checkout
uses: kaidokert/checkout@v3.5.999
timeout-minutes: 30
with:
fetch-depth: 1
persist-credentials: false
- name: Remove runtest if exists
if: github.event_name == 'pull_request'
continue-on-error: true # Ignore this step if we cannot remove the label.
run: |
set +e
curl \
-X DELETE \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${GITHUB_TOKEN}" \
${GITHUB_PR_REPO_URL}/issues/${GITHUB_EVENT_NUMBER}/labels/runtest
shell: bash
- id: set-platforms
shell: bash
run: |
platforms=$(cat ${GITHUB_WORKSPACE}/.github/config/${{ inputs.platform }}.json | jq -c '.platforms')
echo "platforms=${platforms}" >> $GITHUB_ENV
- id: set-includes
shell: bash
run: |
includes=$(cat ${GITHUB_WORKSPACE}/.github/config/${{ inputs.platform }}.json | jq -c '.includes')
echo "includes=${includes}" >> $GITHUB_ENV
- id: set-on-device-test
shell: bash
run: |
on_device_test=$(cat ${GITHUB_WORKSPACE}/.github/config/${{ inputs.platform }}.json | jq -rc '.on_device_test')
echo "on_device_test=${on_device_test}" >> $GITHUB_ENV
- id: set-on-device-test-attempts
shell: bash
run: |
on_device_test_attempts=$(cat ${GITHUB_WORKSPACE}/.github/config/${{ inputs.platform }}.json | jq -rc '.on_device_test.test_attempts // empty')
echo "on_device_test_attempts=${on_device_test_attempts}" >> $GITHUB_ENV
- id: set-on-host-test
shell: bash
run: |
on_host_test=$(cat ${GITHUB_WORKSPACE}/.github/config/${{ inputs.platform }}.json | jq -rc '.on_host_test')
echo "on_host_test=${on_host_test}" >> $GITHUB_ENV
- id: set-on-host-test-shards
shell: bash
run: |
on_host_test_shards=$(cat ${GITHUB_WORKSPACE}/.github/config/${{ inputs.platform }}.json | jq -c '.on_host_test_shards')
echo "on_host_test_shards=${on_host_test_shards}" >> $GITHUB_ENV
- id: set-on-host-test-evergreen-loader
shell: bash
run: |
evergreen_loader=$(cat ${GITHUB_WORKSPACE}/.github/config/${{ inputs.platform }}.json | jq -rc '.evergreen_loader')
echo "evergreen_loader=${evergreen_loader}" >> $GITHUB_ENV
- id: set-docker-service
shell: bash
run: |
docker_service=$(cat ${GITHUB_WORKSPACE}/.github/config/${{ inputs.platform }}.json | jq -r '.docker_service')
echo "docker_service=${docker_service}" >> $GITHUB_ENV
outputs:
platforms: ${{ env.platforms }}
includes: ${{ env.includes }}
on_device_test: ${{ env.on_device_test }}
on_device_test_attempts: ${{ env.on_device_test_attempts }}
on_host_test: ${{ env.on_host_test }}
on_host_test_shards: ${{ env.on_host_test_shards }}
evergreen_loader: ${{ env.evergreen_loader }}
docker_service: ${{ env.docker_service }}
# Builds, tags, and pushes Cobalt docker build images to ghr.
docker-build-image:
needs: [initialize]
runs-on: [self-hosted, linux-runner]
permissions:
packages: write
steps:
- name: Checkout files
uses: kaidokert/checkout@v3.5.999
timeout-minutes: 30
with:
fetch-depth: 0
persist-credentials: false
- name: Login to Docker Registry ${{env.REGISTRY}}
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build docker image
id: build-docker-image
uses: ./.github/actions/docker
with:
docker_service: ${{ needs.initialize.outputs.docker_service }}
docker_image: cobalt-${{ needs.initialize.outputs.docker_service }}
- name: Set Docker Tag Output
id: set-docker-tag-output
shell: bash
run: |
set -u
echo $DOCKER_TAG
echo "docker_tag=$DOCKER_TAG" >> $GITHUB_ENV
outputs:
docker_tag: ${{env.docker_tag}}
# Builds, tags, and pushes Cobalt unit test image to ghr.
docker-unittest-image:
if: needs.initialize.outputs.on_host_test == 'true'
needs: [initialize]
permissions:
packages: write
runs-on: [self-hosted, linux-runner]
steps:
- name: Checkout files
uses: kaidokert/checkout@v3.5.999
timeout-minutes: 30
with:
fetch-depth: 2
persist-credentials: false
- name: Login to Docker Registry ${{env.REGISTRY}}
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build docker image
id: build-docker-image
uses: ./.github/actions/docker
with:
docker_service: linux-x64x11-unittest
docker_image: cobalt-linux-x64x11-unittest
- name: Set Docker Tag Output
id: set-docker-unittest-tag-output
shell: bash
run: |
set -u
echo $DOCKER_TAG
echo "docker_unittest_tag=$DOCKER_TAG" >> $GITHUB_ENV
outputs:
docker_unittest_tag: ${{env.docker_unittest_tag}}
# Runs builds.
build:
needs: [initialize, docker-build-image]
permissions: {}
runs-on: [self-hosted, linux-runner]
name: ${{matrix.name}}_${{matrix.config}}
strategy:
fail-fast: false
matrix:
platform: ${{ fromJson(needs.initialize.outputs.platforms) }}
include: ${{ fromJson(needs.initialize.outputs.includes) }}
config: [devel, debug, qa, gold]
container: ${{ needs.docker-build-image.outputs.docker_tag }}
env:
# We want temp folder to be on tmpfs which makes workloads faster.
# However, dind container ends up having / folder mounted on overlay
# filesystem, whereas /__w which contains Cobalt source code is on tmpfs.
TMPDIR: /__w/_temp
steps:
- name: Checkout
uses: kaidokert/checkout@v3.5.999
timeout-minutes: 30
with:
# Use fetch depth of 0 to get full history for a valid build id.
fetch-depth: 0
persist-credentials: false
- name: GN
uses: ./.github/actions/gn
- name: Build Cobalt
uses: ./.github/actions/build
- name: 'Upload Artifact'
uses: actions/upload-artifact@v4
if: inputs.keep_artifacts
with:
name: ${{ matrix.platform }}-${{ matrix.config }}
path: out/${{ matrix.platform }}_${{ matrix.config }}/${{ inputs.keep_artifacts }}
retention-days: 7
compression-level: 0 # We expect kept artifacts to be already compressed
if-no-files-found: error
- name: Run API Leak Detector
uses: ./.github/actions/api_leak_detector
if: inputs.run_api_leak_detector
with:
relative_manifest_path: ${{ inputs.leak_manifest_filename }}
- name: Upload On Host Test Artifacts
if: ${{ matrix.config == 'devel' && needs.initialize.outputs.on_host_test == 'true' }}
uses: ./.github/actions/upload_test_artifacts
with:
type: onhost
os: linux
# For some reason passing needs.initialize.outputs.evergreen_loader as parameter to build
# action didn't work, so instead we set an env var.
- name: Set Evergreen loader config
if: ${{ needs.initialize.outputs.evergreen_loader != 'null' }}
shell: bash
run: |
set -u
COBALT_EVERGREEN_LOADER="${{needs.initialize.outputs.evergreen_loader}}"
echo "COBALT_EVERGREEN_LOADER=${COBALT_EVERGREEN_LOADER}" >> $GITHUB_ENV
# Build Evergreen loader for on-host tests if necessary.
- name: Evergreen loader GN
if: ${{ needs.initialize.outputs.evergreen_loader != 'null' && ( matrix.config == 'devel' || matrix.config == 'qa' ) }}
uses: ./.github/actions/gn
- name: Build Evergreen loader
if: ${{ needs.initialize.outputs.evergreen_loader != 'null' && ( matrix.config == 'devel' || matrix.config == 'qa' ) }}
uses: ./.github/actions/build
- name: Upload Nightly Artifacts
if: ${{ ( inputs.nightly == 'true' || github.event_name == 'schedule' ) && matrix.config != 'debug' }}
uses: ./.github/actions/upload_nightly_artifacts
- name: Upload Evergreen loader On Host Test Artifacts
if: ${{ needs.initialize.outputs.evergreen_loader != 'null' && matrix.config == 'devel' && needs.initialize.outputs.on_host_test == 'true'}}
uses: ./.github/actions/upload_test_artifacts
with:
type: onhost
os: linux
- name: Upload On Device Test Artifacts
if: |
matrix.config == 'devel' &&
fromJSON(needs.initialize.outputs.on_device_test).enabled == true &&
(
github.event_name != 'pull_request' ||
contains(github.event.pull_request.labels.*.name, 'on_device')
)
uses: ./.github/actions/upload_test_artifacts
with:
type: ondevice
os: linux
# Runs on-device integration and unit tests.
on-device-test:
needs: [initialize, build]
# Run ODT when on_device label is applied on PR.
# Also, run ODT on push and schedule if not explicitly disabled via repo vars.
if: |
fromJSON(needs.initialize.outputs.on_device_test).enabled == true && ((
github.event_name == 'pull_request' &&
contains(github.event.pull_request.labels.*.name, 'on_device') ) || ((
inputs.nightly == 'true' || github.event_name == 'schedule') &&
vars.RUN_ODT_TESTS_ON_NIGHTLY != 'False') ||
( github.event_name == 'push' && vars.RUN_ODT_TESTS_ON_POSTSUBMIT != 'False' ) )
runs-on: [self-hosted, odt-runner]
name: ${{ matrix.name }}_on_device_${{ matrix.shard }}
permissions: {}
strategy:
fail-fast: false
matrix:
platform: ${{ fromJson(needs.initialize.outputs.platforms) }}
config: [devel]
shard: ${{ fromJson(needs.initialize.outputs.on_device_test).tests }}
include: ${{ fromJson(needs.initialize.outputs.includes) }}
env:
COBALT_EVERGREEN_LOADER: ${{ needs.initialize.outputs.evergreen_loader }}
ON_DEVICE_TEST_ATTEMPTS: ${{ needs.initialize.outputs.on_device_test_attempts }}
MODULAR_BUILD: ${{ inputs.modular && 1 || 0 }}
steps:
- name: Checkout
uses: kaidokert/checkout@v3.5.999
timeout-minutes: 30
with:
fetch-depth: 1
persist-credentials: false
- name: Run Tests (${{ matrix.shard }})
uses: ./.github/actions/on_device_tests
# Runs on-host integration and unit tests.
on-host-test:
needs: [initialize, docker-unittest-image, build]
permissions: {}
if: needs.initialize.outputs.on_host_test == 'true'
runs-on: [self-hosted, linux-runner]
name: ${{matrix.name}}_${{matrix.shard}}_test
strategy:
fail-fast: false
matrix:
platform: ${{ fromJson(needs.initialize.outputs.platforms) }}
shard: ${{ fromJson(needs.initialize.outputs.on_host_test_shards) }}
config: [devel]
include: ${{ fromJson(needs.initialize.outputs.includes) }}
container: ${{ needs.docker-unittest-image.outputs.docker_unittest_tag }}
env:
DISPLAY: :99
# For some reason tests complaining about HOME set to /github/home
# with permission denied error.
HOME: /root
COBALT_EVERGREEN_LOADER: ${{needs.initialize.outputs.evergreen_loader}}
MODULAR_BUILD: ${{ inputs.modular && 1 || 0 }}
steps:
- name: Checkout
uses: kaidokert/checkout@v3.5.999
timeout-minutes: 30
with:
fetch-depth: 1
persist-credentials: false
- name: Run Tests
uses: ./.github/actions/on_host_test
with:
os: linux