Skip to content

Commit

Permalink
Improve CI workflow (#130)
Browse files Browse the repository at this point in the history 
Make sure workflow has no permissions. Make sure at most one workflow is
running per pull request. Save the cache if it was modified (improves on
#122).
  • Loading branch information
@ia0
ia0 authored Feb 2, 2025
1 parent 8a9537c commit 5e86676
Show file tree
Hide file tree
Showing 3 changed files with 71 additions and 22 deletions.
21 changes: 18 additions & 3 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,16 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- run: rustup install nightly
- run: rustup component add --toolchain=nightly clippy miri rustfmt
- uses: actions/cache@v4
- uses: actions/cache/restore@v4
with:
key: cargo-home-${{ runner.os }}
path: |
~/.cargo/bin
~/.cargo/.crates*
- id: before
run: echo snapshot="$(cargo install --list | sha256sum)" >> $GITHUB_OUTPUT
- run: rustup install nightly
- run: rustup component add --toolchain=nightly clippy miri rustfmt
- run: cargo +nightly install cargo-audit --locked
- name: cd lib && cargo +nightly fmt -- --check
run: cargo +nightly fmt -- --check
Expand Down Expand Up @@ -270,6 +272,15 @@ jobs:
working-directory: lib/macro
- run: cd lib/macro && rm Cargo.lock
- run: cd lib/macro && mv Cargo.lock.backup Cargo.lock
- id: after
run: echo snapshot="$(cargo install --list | sha256sum)" >> $GITHUB_OUTPUT
- if: ${{ steps.before.outputs.snapshot != steps.after.outputs.snapshot }}
uses: actions/cache/save@v4
with:
key: cargo-home-${{ runner.os }}
path: |
~/.cargo/bin
~/.cargo/.crates*
windows:
runs-on: windows-latest
steps:
Expand Down Expand Up @@ -391,3 +402,7 @@ jobs:
working-directory: lib/macro
- run: cd lib/macro && rm Cargo.lock
- run: cd lib/macro && mv Cargo.lock.backup Cargo.lock
concurrency:
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
group: ci-${{ github.ref }}
permissions: {}
2 changes: 1 addition & 1 deletion .github/workflows/coverage.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: coverage
name: Coverage

on:
push:
Expand Down
70 changes: 52 additions & 18 deletions xtask/src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,8 @@ struct Workflow {
name: String,
on: WorkflowOn,
jobs: BTreeMap<String, WorkflowJob>,
concurrency: BTreeMap<String, String>,
permissions: BTreeMap<String, String>,
}

#[derive(Serialize)]
Expand Down Expand Up @@ -358,6 +360,10 @@ struct WorkflowStep {
#[serde(skip_serializing_if = "Option::is_none")]
name: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
id: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
r#if: Option<String>,
#[serde(skip_serializing_if = "Option::is_none")]
uses: Option<String>,
#[serde(skip_serializing_if = "BTreeMap::is_empty")]
env: BTreeMap<String, String>,
Expand All @@ -381,15 +387,44 @@ impl Flags {
pull_request: WorkflowEvents { branches: vec!["main".to_owned()] },
schedule: vec![WorkflowSchedule { cron: "38 11 * * 6".to_owned() }],
},
concurrency: BTreeMap::new(),
permissions: BTreeMap::new(),
jobs: BTreeMap::new(),
};
ci.concurrency.insert("group".to_string(), "ci-${{ github.ref }}".to_string());
ci.concurrency.insert(
"cancel-in-progress".to_string(),
"${{ github.event_name == 'pull_request' }}".to_string(),
);
for actions in actions.chunk_by(|x, y| x.os == y.os) {
let mut job =
WorkflowJob { runs_on: format!("{}-latest", actions[0].os), steps: vec![] };
job.steps.push(WorkflowStep {
uses: Some("actions/checkout@v4".to_owned()),
..Default::default()
});
let use_cache = matches!(
actions[0],
Action { os: Os::Ubuntu, toolchain: Toolchain::Nightly, .. }
);
let with = [
("path".to_string(), "~/.cargo/bin\n~/.cargo/.crates*\n".to_string()),
("key".to_string(), "cargo-home-${{ runner.os }}".to_string()),
];
let snapshot =
"echo snapshot=\"$(cargo install --list | sha256sum)\" >> $GITHUB_OUTPUT";
if use_cache {
job.steps.push(WorkflowStep {
uses: Some("actions/cache/restore@v4".to_owned()),
with: with.iter().cloned().collect(),
..Default::default()
});
job.steps.push(WorkflowStep {
id: Some("before".to_string()),
run: Some(snapshot.to_string()),
..Default::default()
});
}
for actions in actions.chunk_by(|x, y| x.toolchain == y.toolchain) {
job.steps.push(WorkflowStep {
run: Some(format!("rustup install {}", actions[0].toolchain)),
Expand All @@ -415,24 +450,6 @@ impl Flags {
}
job.steps.push(WorkflowStep { run: Some(run), ..Default::default() });
}
if matches!(
actions[0],
Action { os: Os::Ubuntu, toolchain: Toolchain::Nightly, .. }
) {
job.steps.push(WorkflowStep {
uses: Some("actions/cache@v4".to_owned()),
with: [
(
"path".to_owned(),
"~/.cargo/bin\n~/.cargo/.crates*\n".to_owned(),
),
("key".to_owned(), "cargo-home-${{ runner.os }}".to_owned()),
]
.into_iter()
.collect(),
..Default::default()
});
}
for task in [Task::Audit, Task::SemverChecks] {
if actions.iter().any(|x| x.task == task) {
job.steps.push(WorkflowStep {
Expand All @@ -451,6 +468,23 @@ impl Flags {
}
}
}
if use_cache {
job.steps.push(WorkflowStep {
id: Some("after".to_string()),
run: Some(snapshot.to_string()),
..Default::default()
});
job.steps.push(WorkflowStep {
uses: Some("actions/cache/save@v4".to_owned()),
with: with.iter().cloned().collect(),
r#if: Some(
"${{ steps.before.outputs.snapshot != \
steps.after.outputs.snapshot }}"
.to_string(),
),
..Default::default()
});
}
ci.jobs.insert(actions[0].os.to_string(), job);
}
let ci = serde_yaml::to_string(&ci).unwrap();
Expand Down

0 comments on commit 5e86676

Please sign in to comment.