From 2098060dcc52539a995238539725aa01bc02b43c Mon Sep 17 00:00:00 2001 From: Jamil Date: Wed, 31 Jan 2024 14:12:23 -0800 Subject: [PATCH] feat(ci): Standardize matrix job names to prevent dupes, move jobs to macos-14 (#3447) This should be faster than the Intel runners. Seems to be at least twice as fast for uncached builds compared to `ubuntu-22.04`. - [x] ~~Move elixir checks to `macos-14`~~ can't; Depends on `docker` and `erlef/setup-beam` - [x] Add macOS targets to rust checks - [x] Move swift build to macos-14 - [x] Move kotlin build to macos-14 - [x] Name all jobs that are required for merge group to not depend on job config - [x] Update PR branch protection rules --- .github/workflows/_codeql.yml | 4 ++-- .github/workflows/_elixir.yml | 1 + .github/workflows/_kotlin.yml | 7 ++----- .github/workflows/_rust.yml | 15 ++++++++++----- .github/workflows/_static-analysis.yml | 12 ++++++------ .github/workflows/_swift.yml | 13 ++++--------- .github/workflows/ci.yml | 16 ++++++++++------ .tool-versions | 2 +- kotlin/android/app/build.gradle.kts | 2 +- kotlin/android/build.gradle.kts | 2 +- 10 files changed, 38 insertions(+), 36 deletions(-) diff --git a/.github/workflows/_codeql.yml b/.github/workflows/_codeql.yml index 10a419598..9e12f7f84 100644 --- a/.github/workflows/_codeql.yml +++ b/.github/workflows/_codeql.yml @@ -4,8 +4,8 @@ on: jobs: analyze: - name: Analyze - runs-on: ${{ (matrix.language == 'swift' && 'macos-13') || 'ubuntu-22.04' }} + name: analyze-${{ matrix.working-directory }} + runs-on: ${{ (matrix.language == 'swift' && 'macos-14') || 'ubuntu-22.04' }} timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} permissions: actions: read diff --git a/.github/workflows/_elixir.yml b/.github/workflows/_elixir.yml index dd34d580f..e0048e419 100644 --- a/.github/workflows/_elixir.yml +++ b/.github/workflows/_elixir.yml @@ -342,6 +342,7 @@ jobs: run: mix ecto.seed acceptance-test: + name: acceptance-test-${{ matrix.MIX_TEST_PARTITION }} permissions: checks: write runs-on: ubuntu-22.04 diff --git a/.github/workflows/_kotlin.yml b/.github/workflows/_kotlin.yml index 42919e641..440ff3c3d 100644 --- a/.github/workflows/_kotlin.yml +++ b/.github/workflows/_kotlin.yml @@ -9,7 +9,7 @@ permissions: jobs: static-analysis: - runs-on: ubuntu-22.04 + runs-on: macos-14 defaults: run: working-directory: ./kotlin/android @@ -31,7 +31,7 @@ jobs: run: ./gradlew spotlessCheck build: - runs-on: ubuntu-22.04 + runs-on: macos-14 defaults: run: working-directory: ./kotlin/android @@ -66,9 +66,6 @@ jobs: # TODO: See https://github.com/firezone/firezone/issues/2311 # TODO: See https://github.com/firezone/firezone/issues/2309 ./gradlew testReleaseUnitTest - - name: Android Test Report - uses: asadmansr/android-test-report-action@v1.2.0 - if: "!cancelled()" - name: Upload release if: ${{ github.event_name == 'workflow_dispatch' || (github.ref == 'refs/heads/main' && contains(github.event.head_commit.modified, 'elixir/VERSION')) }} env: diff --git a/.github/workflows/_rust.yml b/.github/workflows/_rust.yml index afc04b198..828362ca5 100644 --- a/.github/workflows/_rust.yml +++ b/.github/workflows/_rust.yml @@ -12,19 +12,20 @@ permissions: jobs: static-analysis: + name: static-analysis-${{ matrix.runs-on }} strategy: fail-fast: false matrix: runs-on: # We only need to run static analysis checks per OS family - ubuntu-22.04 - - macos-13 + - macos-14 - windows-2022 # TODO: https://github.com/rust-lang/cargo/issues/5220 include: - runs-on: ubuntu-22.04 packages: # Intentionally blank as a package catch-all linter - - runs-on: macos-13 + - runs-on: macos-14 packages: -p connlib-client-apple -p snownet - runs-on: windows-2022 packages: -p connlib-client-shared -p firezone-windows-client -p snownet @@ -41,6 +42,7 @@ jobs: cargo clippy --all-targets --all-features ${{ matrix.packages }} -- -D warnings test: + name: test-${{ matrix.runs-on }} strategy: fail-fast: false matrix: @@ -54,6 +56,8 @@ jobs: packages: -p connlib-client-apple -p snownet - runs-on: macos-13 packages: -p connlib-client-apple -p snownet + - runs-on: macos-14 + packages: -p connlib-client-apple -p snownet - runs-on: windows-2019 packages: -p firezone-windows-client -p connlib-client-shared -p snownet - runs-on: windows-2022 @@ -66,6 +70,7 @@ jobs: # This should be identical to `build-push-windows-release-artifacts` in `cd.yml` except for the Github permissions, needs tag, and uploading step build-tauri: + name: build-tauri-${{ matrix.artifact }} runs-on: windows-2019 defaults: run: @@ -75,11 +80,11 @@ jobs: # The matrix is 1x1 to match the style of build-push-linux-release-artifacts # In the future we could try to cross-compile aarch64-windows here. matrix: - name: + include: - package: firezone-windows-client artifact: windows-client env: - BINARY_DEST_PATH: ${{ matrix.name.artifact }} + BINARY_DEST_PATH: ${{ matrix.artifact }} steps: - uses: actions/checkout@v4 - uses: ./.github/actions/setup-node @@ -98,7 +103,7 @@ jobs: # I'm running the multi-process test here because I don't think it can be # embedded in a test binary. It requires the client to call subcommands # from its own exe. - cargo run -p firezone-windows-client -- debug test-ipc + cargo run -p ${{ matrix.package }} -- debug test-ipc pnpm build diff --git a/.github/workflows/_static-analysis.yml b/.github/workflows/_static-analysis.yml index b378d8f81..3981d0112 100644 --- a/.github/workflows/_static-analysis.yml +++ b/.github/workflows/_static-analysis.yml @@ -4,7 +4,7 @@ on: jobs: version-check: - runs-on: ubuntu-22.04 + runs-on: macos-14 steps: - uses: actions/checkout@v4 - name: Check version is up to date @@ -20,19 +20,19 @@ jobs: exit 1 fi global-linter: - runs-on: ubuntu-22.04 + runs-on: macos-14 steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v5 with: - python-version: "3.9" + python-version: "3.11" - uses: actions/cache/restore@v4 name: Restore Python Cache with: path: ~/.cache/pip - key: ubuntu-22.04-${{ runner.arch }}-pip-${{ hashFiles('requirements.txt') }} + key: macos-14-${{ runner.arch }}-pip-${{ hashFiles('requirements.txt') }} restore-keys: | - ubuntu-22.04-${{ runner.arch }}-pip- + macos-14-${{ runner.arch }}-pip- - name: Install Python Dependencies run: | pip install -r requirements.txt @@ -45,4 +45,4 @@ jobs: name: Save Python Cache with: path: ~/.cache/pip - key: ubuntu-22.04-${{ runner.arch }}-pip-${{ hashFiles('requirements.txt') }} + key: macos-14-${{ runner.arch }}-pip-${{ hashFiles('requirements.txt') }} diff --git a/.github/workflows/_swift.yml b/.github/workflows/_swift.yml index 82ae41a6e..037bcc20d 100644 --- a/.github/workflows/_swift.yml +++ b/.github/workflows/_swift.yml @@ -5,21 +5,20 @@ on: jobs: build: + name: build-${{ matrix.sdk }} runs-on: ${{ matrix.runs-on }} strategy: fail-fast: false matrix: include: - sdk: macosx - runs-on: macos-13 + runs-on: macos-14 platform: macOS destination: platform=macOS - xcode: "15.0" - sdk: iphoneos - runs-on: macos-13 + runs-on: macos-14 platform: iOS destination: generic/platform=iOS - xcode: "15.0" permissions: contents: read id-token: 'write' @@ -30,7 +29,7 @@ jobs: - uses: actions/checkout@v4 - uses: ./.github/actions/setup-rust with: - targets: aarch64-apple-darwin aarch64-apple-ios + targets: aarch64-apple-darwin aarch64-apple-ios x86_64-apple-darwin - uses: actions/cache/restore@v4 name: Restore Swift DerivedData Cache with: @@ -95,11 +94,7 @@ jobs: ONLY_ACTIVE_ARCH: no # Needed because `productbuild` doesn't support picking this up automatically like Xcode does INSTALLER_CODE_SIGN_IDENTITY: "3rd Party Mac Developer Installer: Firezone, Inc. (47R2M6779T)" - REQUESTED_XCODE_VERSION: ${{ matrix.xcode }} run: | - # Set Xcode version to use if provided - [[ ! -z "$REQUESTED_XCODE_VERSION" ]] && sudo xcode-select -s /Applications/Xcode_$REQUESTED_XCODE_VERSION.app - # Copy xcconfig cp Firezone/xcconfig/release.xcconfig Firezone/xcconfig/config.xcconfig diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6d33e6755..e73b716a8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -34,6 +34,7 @@ jobs: # less overhead to keep things in GH actions. See work on building these # in GCP with Cloud Build: https://github.com/firezone/firezone/pull/2234 build-images: + name: build-images-${{ matrix.image_name }} runs-on: ubuntu-22.04 strategy: matrix: @@ -140,6 +141,7 @@ jobs: tags: ${{ steps.build_docker_tags.outputs.tags }} snownet-integration-tests: + name: snownet-integration-tests-${{ matrix.name }} needs: build-images runs-on: ubuntu-22.04 permissions: @@ -151,11 +153,13 @@ jobs: strategy: fail-fast: false matrix: - file: [ - 'docker-compose.lan.yml', - 'docker-compose.wan-hp.yml', - 'docker-compose.wan-relay.yml', - ] + include: + - file: docker-compose.lan.yml + name: lan + - file: docker-compose.wan-hp.yml + name: wan-hp + - file: docker-compose.wan-relay.yml + name: wan-relay steps: - uses: actions/checkout@v4 - uses: ./.github/actions/gcp-docker-login @@ -168,7 +172,7 @@ jobs: timeout 600 docker compose -f rust/snownet-tests/${{ matrix.file }} up --exit-code-from dialer --abort-on-container-exit integration-tests: - name: Integration Test ${{ matrix.test_name }} + name: integration-tests-${{ matrix.test_name }} needs: build-images runs-on: ubuntu-22.04 permissions: diff --git a/.tool-versions b/.tool-versions index 8a4171000..b7cc88693 100644 --- a/.tool-versions +++ b/.tool-versions @@ -6,4 +6,4 @@ erlang 26.1.2 terraform 1.6.6 # Used for static analysis -python 3.9.13 +python 3.11.7 diff --git a/kotlin/android/app/build.gradle.kts b/kotlin/android/app/build.gradle.kts index 0023eaa6e..04e462d33 100644 --- a/kotlin/android/app/build.gradle.kts +++ b/kotlin/android/app/build.gradle.kts @@ -221,6 +221,6 @@ cargo { } tasks.matching { it.name.matches(Regex("merge.*JniLibFolders")) }.configureEach { - inputs.dir(File(buildDir, "rustJniLibs/android")) + inputs.dir(layout.buildDirectory.file("rustJniLibs/android")) dependsOn("cargoBuild") } diff --git a/kotlin/android/build.gradle.kts b/kotlin/android/build.gradle.kts index 08d71af36..e35edf434 100644 --- a/kotlin/android/build.gradle.kts +++ b/kotlin/android/build.gradle.kts @@ -23,5 +23,5 @@ plugins { } tasks.register("clean", Delete::class) { - delete(rootProject.buildDir) + delete(layout.buildDirectory) }