mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-28 02:18:50 +00:00
feat(ci): be explicit about runner.arch and key usage (#2341)
This commit is contained in:
Jamil
4
.github/workflows/cd.yml
vendored
4
.github/workflows/cd.yml
vendored
@@ -19,7 +19,7 @@ jobs:
|
||||
secrets: inherit
|
||||
|
||||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
# if: ${{ github.event.workflow_run.conclusion == 'success' }}
|
||||
permissions:
|
||||
contents: write
|
||||
@@ -104,7 +104,7 @@ jobs:
|
||||
|
||||
update_release_draft:
|
||||
needs: deploy
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
permissions:
|
||||
# write permission is required to create a github release
|
||||
contents: write
|
||||
|
||||
2
.github/workflows/ci.yml
vendored
2
.github/workflows/ci.yml
vendored
@@ -115,7 +115,7 @@ jobs:
|
||||
|
||||
integration-tests:
|
||||
needs: build-images
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
permissions:
|
||||
contents: read
|
||||
id-token: write
|
||||
|
||||
40
.github/workflows/elixir.yml
vendored
40
.github/workflows/elixir.yml
vendored
@@ -42,7 +42,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Install Dependencies
|
||||
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
||||
run: mix deps.get --only $MIX_ENV
|
||||
@@ -58,7 +58,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Compile Application
|
||||
run: mix compile --warnings-as-errors
|
||||
- name: Setup Database
|
||||
@@ -81,7 +81,7 @@ jobs:
|
||||
reporter: java-junit
|
||||
|
||||
type-check:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
defaults:
|
||||
run:
|
||||
working-directory: ./elixir
|
||||
@@ -108,7 +108,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Install Dependencies
|
||||
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
||||
run: mix deps.get --only $MIX_ENV
|
||||
@@ -124,7 +124,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Compile Application
|
||||
run: mix compile --warnings-as-errors
|
||||
- uses: actions/cache/restore@v3
|
||||
@@ -132,10 +132,10 @@ jobs:
|
||||
id: plt_cache
|
||||
with:
|
||||
path: elixir/priv/plts
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
# This will make sure that we can incrementally build the PLT from older cache and save it under a new key
|
||||
restore-keys: |
|
||||
${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-
|
||||
ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-
|
||||
- name: Create PLTs
|
||||
if: ${{ steps.plt_cache.outputs.cache-hit != 'true' }}
|
||||
run: mix dialyzer --plt
|
||||
@@ -143,13 +143,13 @@ jobs:
|
||||
if: ${{ steps.plt_cache.outputs.cache-hit != 'true' && github.ref == 'refs/heads/main' }}
|
||||
name: Save PLT cache
|
||||
with:
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
path: elixir/priv/plts
|
||||
- name: Run Dialyzer
|
||||
run: mix dialyzer --format dialyxir
|
||||
|
||||
static-analysis:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
defaults:
|
||||
run:
|
||||
working-directory: ./elixir
|
||||
@@ -175,7 +175,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Install Dependencies
|
||||
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
||||
run: mix deps.get --only $MIX_ENV
|
||||
@@ -191,7 +191,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Compile Application
|
||||
run: mix compile --force --warnings-as-errors
|
||||
- name: Check Formatting
|
||||
@@ -209,7 +209,7 @@ jobs:
|
||||
run: mix deps.unlock --check-unused
|
||||
|
||||
migrations-and-seed-test:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
defaults:
|
||||
run:
|
||||
working-directory: ./elixir
|
||||
@@ -254,7 +254,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Install Dependencies
|
||||
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
||||
run: mix deps.get --only $MIX_ENV
|
||||
@@ -270,7 +270,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Compile
|
||||
run: mix compile --warnings-as-errors
|
||||
- name: Download main branch DB dump
|
||||
@@ -382,7 +382,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Install Dependencies
|
||||
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
||||
run: mix deps.get --only $MIX_ENV
|
||||
@@ -398,7 +398,7 @@ jobs:
|
||||
path: |
|
||||
elixir/deps
|
||||
elixir/_build/${{ env.MIX_ENV }}
|
||||
key: ${{ runner.os }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
||||
- name: Compile Application
|
||||
run: mix compile --warnings-as-errors
|
||||
# Front-End deps cache
|
||||
@@ -412,7 +412,7 @@ jobs:
|
||||
elixir/apps/web/assets/node_modules
|
||||
elixir/esbuild-*
|
||||
elixir/tailwind-*
|
||||
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }}
|
||||
- name: Install Front-End Dependencies
|
||||
if: ${{ steps.pnpm-web-deps-cache.outputs.cache-hit != 'true' }}
|
||||
run: |
|
||||
@@ -428,7 +428,7 @@ jobs:
|
||||
elixir/apps/web/assets/node_modules
|
||||
elixir/esbuild-*
|
||||
elixir/tailwind-*
|
||||
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }}
|
||||
# Front-End build cache, it rarely changes so we cache it agressively too
|
||||
- uses: actions/cache/restore@v3
|
||||
name: Web Assets Cache
|
||||
@@ -439,7 +439,7 @@ jobs:
|
||||
path: |
|
||||
elixir/apps/web/assets/tmp
|
||||
elixir/apps/web/priv/static
|
||||
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }}
|
||||
- name: Build Web Assets
|
||||
if: ${{ steps.pnpm-web-build-cache.outputs.cache-hit != 'true' }}
|
||||
run: |
|
||||
@@ -454,7 +454,7 @@ jobs:
|
||||
path: |
|
||||
elixir/apps/web/assets/tmp
|
||||
elixir/apps/web/priv/static
|
||||
key: ${{ runner.os }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }}
|
||||
# Run tests
|
||||
- name: Setup Database
|
||||
run: |
|
||||
|
||||
4
.github/workflows/kotlin.yml
vendored
4
.github/workflows/kotlin.yml
vendored
@@ -4,7 +4,7 @@ on:
|
||||
|
||||
jobs:
|
||||
static-analysis:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
defaults:
|
||||
run:
|
||||
working-directory: ./kotlin/android
|
||||
@@ -38,7 +38,7 @@ jobs:
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
workspaces: ./rust
|
||||
key: ${{ runner.os }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}
|
||||
save-if: ${{ github.ref == 'refs/heads/main' }}
|
||||
- uses: actions/setup-java@v3
|
||||
with:
|
||||
|
||||
10
.github/workflows/rust.yml
vendored
10
.github/workflows/rust.yml
vendored
@@ -13,12 +13,12 @@ jobs:
|
||||
matrix:
|
||||
runs-on:
|
||||
# We only need to run static analysis checks per OS family
|
||||
- ubuntu-latest
|
||||
- ubuntu-22.04
|
||||
- macos-13
|
||||
- windows-2022
|
||||
# TODO: https://github.com/rust-lang/cargo/issues/5220
|
||||
include:
|
||||
- runs-on: ubuntu-latest
|
||||
- runs-on: ubuntu-22.04
|
||||
packages: # Intentionally blank as a package catch-all linter
|
||||
- runs-on: macos-13
|
||||
packages: -p connlib-client-apple
|
||||
@@ -33,6 +33,7 @@ jobs:
|
||||
with:
|
||||
workspaces: ./rust
|
||||
save-if: ${{ github.ref == 'refs/heads/main' }}
|
||||
key: ${{ matrix.runs-on }}-${{ runner.arch }}
|
||||
- run: cargo fmt -- --check
|
||||
- run: |
|
||||
cargo doc --all-features --no-deps --document-private-items ${{ matrix.packages }}
|
||||
@@ -66,13 +67,13 @@ jobs:
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
# Prevents runner.os caches from conflicting
|
||||
key: ${{ matrix.runs-on }}
|
||||
key: ${{ matrix.runs-on }}-${{ runner.arch }}
|
||||
workspaces: ./rust
|
||||
save-if: ${{ github.ref == 'refs/heads/main' }}
|
||||
- run: cargo test --all-features ${{ matrix.packages }}
|
||||
|
||||
smoke-test-relay:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
defaults:
|
||||
run:
|
||||
working-directory: ./rust/relay
|
||||
@@ -83,5 +84,6 @@ jobs:
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
workspaces: ./rust
|
||||
key: ubuntu-22.04-${{ runner.arch }}
|
||||
save-if: ${{ github.ref == 'refs/heads/main' }}
|
||||
- run: ./run_smoke_test.sh
|
||||
|
||||
11
.github/workflows/static-analysis.yml
vendored
11
.github/workflows/static-analysis.yml
vendored
@@ -4,7 +4,7 @@ on:
|
||||
|
||||
jobs:
|
||||
version-check:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- name: Update toolchain
|
||||
@@ -12,6 +12,7 @@ jobs:
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
workspaces: ./rust
|
||||
key: ubuntu-22.04-${{ runner.arch }}
|
||||
save-if: ${{ github.ref == 'refs/heads/main' }}
|
||||
- name: Check version is up to date
|
||||
run: |
|
||||
@@ -26,7 +27,7 @@ jobs:
|
||||
exit 1
|
||||
fi
|
||||
global-linter:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
- uses: actions/setup-python@v4
|
||||
@@ -36,9 +37,9 @@ jobs:
|
||||
name: Restore Python Cache
|
||||
with:
|
||||
path: ~/.cache/pip
|
||||
key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-pip-${{ hashFiles('requirements.txt') }}
|
||||
restore-keys: |
|
||||
${{ runner.os }}-pip-
|
||||
ubuntu-22.04-${{ runner.arch }}-pip-
|
||||
- name: Install Python Dependencies
|
||||
run: |
|
||||
pip install -r requirements.txt
|
||||
@@ -51,4 +52,4 @@ jobs:
|
||||
name: Save Python Cache
|
||||
with:
|
||||
path: ~/.cache/pip
|
||||
key: ${{ runner.os }}-pip-${{ hashFiles('requirements.txt') }}
|
||||
key: ubuntu-22.04-${{ runner.arch }}-pip-${{ hashFiles('requirements.txt') }}
|
||||
|
||||
8
.github/workflows/swift.yml
vendored
8
.github/workflows/swift.yml
vendored
@@ -54,15 +54,15 @@ jobs:
|
||||
- uses: Swatinem/rust-cache@v2
|
||||
with:
|
||||
workspaces: ./rust
|
||||
key: ${{ matrix.platform }}
|
||||
key: ${{ matrix.runs-on }}-${{ runner.arch }}
|
||||
save-if: ${{ github.ref == 'refs/heads/main' }}
|
||||
- uses: actions/cache/restore@v3
|
||||
name: Restore Swift DerivedData Cache
|
||||
with:
|
||||
path: ~/Library/Developer/Xcode/DerivedData
|
||||
key: ${{ matrix.platform }}-swift-${{ hashFiles('swift/*', 'rust/**/*.rs', 'rust/**/*.toml', 'rust/**/*.lock}') }}
|
||||
key: ${{ matrix.runs-on }}-${{ runner.arch }}-swift-${{ hashFiles('swift/*', 'rust/**/*.rs', 'rust/**/*.toml', 'rust/**/*.lock}') }}
|
||||
restore-keys: |
|
||||
${{ matrix.platform }}-swift-
|
||||
${{ matrix.runs-on }}-${{ runner.arch }}-swift-
|
||||
- name: Install the Apple build certificate and provisioning profile
|
||||
env:
|
||||
BUILD_CERT: ${{ secrets.APPLE_BUILD_CERTIFICATE_BASE64 }}
|
||||
@@ -199,4 +199,4 @@ jobs:
|
||||
path: ~/Library/Developer/Xcode/DerivedData
|
||||
# Swift benefits heavily from build cache, so aggressively write a new one
|
||||
# on each build on `main` and attempt to restore it in PR builds with broader restore-key.
|
||||
key: ${{ matrix.platform }}-swift-${{ hashFiles('swift/*', 'rust/**/*.rs', 'rust/**/*.toml', 'rust/**/*.lock}') }}
|
||||
key: ${{ matrix.runs-on }}-${{ runner.arch }}-swift-${{ hashFiles('swift/*', 'rust/**/*.rs', 'rust/**/*.toml', 'rust/**/*.lock}') }}
|
||||
|
||||
2
.github/workflows/terraform.yml
vendored
2
.github/workflows/terraform.yml
vendored
@@ -4,7 +4,7 @@ on:
|
||||
|
||||
jobs:
|
||||
plan-deploy:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
Reference in New Issue
Block a user