Remove cache of Python .venv as it added complexity (#12) #26
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# All-in-one continuous integration (CI) workflow. | |
# Runs on all platforms (Windows, macOS, and Linux) | |
# for all events (pull request, release, and schedule). | |
name: CI | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: Deskflow version number | |
push: | |
branches: [master-*] | |
pull_request: | |
types: | |
- opened | |
- reopened | |
- synchronize | |
- ready_for_review | |
schedule: | |
- cron: "0 5 * * *" # 5am UTC | |
env: | |
GIT_SHA: ${{ github.event.pull_request.head.sha || github.sha }} | |
PACKAGE_PREFIX: "deskflow" | |
PACKAGE_PATH: ./dist | |
jobs: | |
pr-comment-flags: | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'pull_request' }} | |
outputs: | |
no-sonar: ${{ steps.check.outputs.no-sonar }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Check PR comment for flags | |
id: check | |
env: | |
PR_BODY: ${{ github.event.pull_request.body }} | |
run: | | |
no_sonar="{no-sonar}" | |
if echo $PR_BODY | grep -q "$no_sonar"; then | |
echo "Flag $no_sonar found in PR body." | |
echo "no-sonar=true" >> $GITHUB_OUTPUT | |
else | |
echo "No $no_sonar flag found in PR body." | |
fi | |
# Quality gate to allow PR merge, used in the branch protection rules. | |
ci-passed: | |
runs-on: ubuntu-latest | |
needs: [lint-cmake, lint-clang, windows, macos, linux, unix] | |
steps: | |
- run: echo "✅ CI passed" > $GITHUB_STEP_SUMMARY | |
# Summary of test results, combined from test result artifacts. | |
# Runs even if the tests fail to provide a summary of the failures. | |
test-results: | |
needs: [windows, macos, linux] | |
if: always() | |
runs-on: ubuntu-latest | |
timeout-minutes: 5 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Test summary | |
uses: ./.github/actions/test-summary | |
lint-cmake: | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: ./.github/workflows/lint-cmake.yml | |
lint-clang: | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: ./.github/workflows/lint-clang.yml | |
analyse-valgrind: | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: ./.github/workflows/valgrind-analysis.yml | |
analyse-codeql: | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: ./.github/workflows/codeql-analysis.yml | |
analyse-sonarcloud: | |
needs: pr-comment-flags | |
if: ${{ github.event_name == 'pull_request' && needs.pr-comment-flags.outputs.no-sonar != 'true' }} | |
uses: ./.github/workflows/sonarcloud-analysis.yml | |
secrets: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
windows: | |
name: ${{ matrix.target.name }} | |
runs-on: ${{ matrix.target.runs-on }} | |
container: ${{ matrix.target.container }} | |
timeout-minutes: 20 | |
strategy: | |
# Normally, we want to fail fast, but in this case we shouldn't since one target may | |
# fail due to transient issues unrelated to the build. | |
fail-fast: false | |
matrix: | |
target: | |
- name: windows-2022-x64 | |
runs-on: ${{ vars.CI_WINDOWS_RUNNER || 'windows-2022' }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Get version | |
uses: ./.github/actions/get-version | |
- name: Cache vcpkg dir | |
uses: actions/cache@v4 | |
with: | |
# We also need to cache the `LOCALAPPDATA` dir; without doing so, openssl | |
# rebuilds (after it is detected in cache) every time, which takes around 10 mins. | |
path: | | |
vcpkg | |
vcpkg_installed | |
${{ env.LOCALAPPDATA }}/vcpkg | |
key: vcpkg-${{ runner.os }}-${{ hashFiles('vcpkg.json', 'vcpkg-configuration.json') }} | |
- name: Cache deps dir | |
uses: actions/cache@v4 | |
with: | |
path: ./deps | |
key: ${{ runner.os }}-deps-${{ hashFiles('config.yaml') }} | |
# This effectively runs `vcvarsall.bat`, etc. It's not actually installing | |
# VC++ as that's already pre-installed on the Windows runner. | |
- name: Setup VC++ environment | |
uses: ilammy/msvc-dev-cmd@v1 | |
# Install Ninja with an action instead of using Chocolatey, as it's more | |
# reliable and faster. The Ninja install action is pretty good as it | |
# downloads directly from the `ninja-build` GitHub project releases. | |
- name: Install Ninja | |
uses: seanmiddleditch/gha-setup-ninja@master | |
- name: Install dependencies | |
env: | |
VCPKG_ROOT: "" # Unset deliberately to suppress 'already installed' warning. | |
run: python ./scripts/install_deps.py | |
- name: Configure | |
run: cmake -B build --preset=windows-release | |
- name: Build | |
run: cmake --build build -j8 | |
- name: Tests | |
uses: ./.github/actions/run-tests | |
timeout-minutes: 2 | |
with: | |
job: ${{ matrix.target.name }} | |
- name: Package | |
run: python ./scripts/package.py | |
env: | |
WINDOWS_PFX_CERTIFICATE: ${{ secrets.WINDOWS_PFX }} | |
WINDOWS_PFX_PASSWORD: ${{ secrets.WINDOWS_PFX_PASS }} | |
- name: Upload | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.PACKAGE_PREFIX }}-${{ matrix.target.name }} | |
path: ${{ env.PACKAGE_PATH }} | |
macos: | |
name: ${{ matrix.target.name }} | |
runs-on: ${{ matrix.target.os }} | |
timeout-minutes: ${{ matrix.target.timeout }} | |
defaults: | |
run: | |
shell: ${{ matrix.target.shell }} | |
strategy: | |
# Normally, we want to fail fast, but in this case we shouldn't since one target may | |
# fail due to transient issues unrelated to the build. | |
fail-fast: false | |
matrix: | |
target: | |
- name: "macos-14-arm64" | |
timeout: 10 | |
os: "macos-14" | |
arch: arm64 | |
shell: "/usr/bin/arch -arch arm64e /bin/bash --noprofile --norc -eo pipefail {0}" | |
- name: ${{ vars.CI_MAC_INTEL_NAME || 'macos-13-x64' }} | |
timeout: 20 | |
os: ${{ vars.CI_MAC_INTEL_RUNNER || 'macos-13' }} | |
arch: x64 | |
shell: "bash" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Get version | |
uses: ./.github/actions/get-version | |
- name: Cache deps dir | |
uses: actions/cache@v4 | |
with: | |
path: ./deps | |
key: ${{ runner.os }}-deps-${{ hashFiles('config.yaml') }} | |
- name: Install dependencies | |
run: ./scripts/install_deps.py | |
- name: Configure | |
run: cmake -B build --preset=macos-release | |
- name: Build | |
run: cmake --build build -j8 | |
- name: Tests | |
uses: ./.github/actions/run-tests | |
timeout-minutes: 2 | |
with: | |
job: ${{ matrix.target.name }} | |
- name: Package | |
run: ./scripts/package.py | |
env: | |
APPLE_CODESIGN_ID: ${{ secrets.APPLE_CODESIGN_ID }} | |
APPLE_P12_CERTIFICATE: ${{ secrets.APPLE_P12_CERTIFICATE }} | |
APPLE_P12_PASSWORD: ${{ secrets.APPLE_P12_PASSWORD }} | |
APPLE_NOTARY_USER: ${{ secrets.APPLE_NOTARY_USER }} | |
APPLE_NOTARY_PASSWORD: ${{ secrets.APPLE_NOTARY_PASSWORD }} | |
APPLE_TEAM_ID: ${{ secrets.APPLE_TEAM_ID }} | |
- name: Upload | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.PACKAGE_PREFIX }}-${{ matrix.target.name }} | |
path: ${{ env.PACKAGE_PATH }} | |
linux-matrix: | |
runs-on: ubuntu-latest | |
outputs: | |
json-matrix: ${{ steps.filter.outputs.json }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Filter JSON | |
uses: ./.github/actions/filter-json | |
id: filter | |
with: | |
json-file: .github/workflows/ci-linux.json | |
condition: '"${{ vars.CI_USE_LINUX_ARM_RUNNER }}" != "true"' | |
jq-filter: .distro |= map(select(.["runs-on"] | contains("arm64") | not)) | |
linux: | |
needs: linux-matrix | |
name: linux-${{ matrix.distro.name }} | |
runs-on: ${{ matrix.distro.runs-on }} | |
container: ${{ matrix.distro.container }} | |
timeout-minutes: 20 | |
strategy: | |
# Normally, we want to fail fast, but in this case we shouldn't since one distro may | |
# fail due to transient issues unrelated to the build. | |
fail-fast: false | |
matrix: ${{fromJson(needs.linux-matrix.outputs.json-matrix)}} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Get version | |
uses: ./.github/actions/get-version | |
- name: Config Git safe dir | |
run: git config --global --add safe.directory $GITHUB_WORKSPACE | |
- name: Install dependencies | |
run: ./scripts/install_deps.py ${{ matrix.distro.extra-dep-args }} | |
env: | |
# Prevent apt prompting for input. | |
DEBIAN_FRONTEND: noninteractive | |
- name: Configure | |
run: cmake -B build --preset=linux-release ${{ matrix.distro.extra-cmake-args }} | |
- name: Build | |
run: cmake --build build -j8 | |
- name: Tests | |
uses: ./.github/actions/run-tests | |
timeout-minutes: 2 | |
with: | |
job: linux-${{ matrix.distro.name }} | |
- name: Package | |
env: | |
LINUX_PACKAGE_USER: ${{ matrix.distro.package-user }} | |
run: ./scripts/package.py | |
- name: Upload | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ env.PACKAGE_PREFIX }}-${{ matrix.distro.name }} | |
path: ${{ env.PACKAGE_PATH }} | |
# Technically, "unix" is a misnomer, but we use it here to mean "Unix-like BSD-derived". | |
unix: | |
name: unix-${{ matrix.distro.name }} | |
runs-on: ${{ vars.CI_UNIX_RUNNER || 'ubuntu-24.04' }} | |
timeout-minutes: 20 | |
env: | |
DESKFLOW_BUILD_CMD: | | |
./scripts/install_deps.sh; | |
cmake -B build; | |
cmake --build build -j16; | |
export QT_QPA_PLATFORM=offscreen; | |
./build/bin/unittests | |
./build/bin/integtests | |
strategy: | |
fail-fast: false | |
matrix: | |
distro: | |
- name: freebsd | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Build on FreeBSD | |
if: ${{ matrix.distro.name == 'freebsd' }} | |
uses: vmactions/freebsd-vm@v1 | |
with: | |
usesh: true | |
run: ${{ env.DESKFLOW_BUILD_CMD }} |