| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115 |
- # Part of the Carbon Language project, under the Apache License v2.0 with LLVM
- # Exceptions. See /LICENSE for license information.
- # SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
- name: Tests
- on:
- push:
- branches: [trunk, action-test]
- pull_request:
- merge_group:
- permissions:
- contents: read # For actions/checkout.
- pull-requests: read # For dorny/paths-filter to read pull requests.
- # Cancel previous workflows on the PR when there are multiple fast commits.
- # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#concurrency
- concurrency:
- group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
- cancel-in-progress: true
- jobs:
- test:
- name:
- Testing ${{ matrix.config.name != 'Default' && format('({0})',
- matrix.config.name) || '' }} (${{ matrix.runner }})
- strategy:
- matrix:
- # Test a recent version of each supported OS.
- runner: ['ubuntu-22.04', 'macos-14']
- # Create a synthetic matrix dimension with the event name for filtering.
- event: ['${{ github.event_name }}']
- config:
- - name: 'Default'
- flags: ''
- - name: 'Opt'
- flags: '-c opt'
- - name: 'ASan'
- flags: '--config=asan'
- exclude:
- - runner: 'macos-14'
- config: { name: 'ASan', flags: '--config=asan' }
- - event: 'pull_request'
- config: { name: 'ASan', flags: '--config=asan' }
- - event: 'merge_group'
- config: { name: 'ASan', flags: '--config=asan' }
- runs-on: ${{ matrix.runner }}
- steps:
- - name: Harden Runner
- uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
- with:
- egress-policy: block
- # When adding endpoints, see README.md.
- # prettier-ignore
- allowed-endpoints: >
- *.blob.storage.azure.net:443
- *.githubapp.com:443
- *.sourceforge.net:443
- api.github.com:443
- api.ipify.org:443
- bcr.bazel.build:443
- downloads.sourceforge.net:443
- files.pythonhosted.org:443
- github.com:443
- go.dev:443
- mirror.bazel.build:443
- mirrors.kernel.org:443
- nodejs.org:443
- oauth2.googleapis.com:443
- objects.githubusercontent.com:443
- pypi.org:443
- registry.npmjs.org:443
- release-assets.githubusercontent.com:443
- releases.bazel.build:443
- storage.googleapis.com:443
- uploads.github.com:443
- www.googleapis.com:443
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
- - id: test-setup
- uses: ./.github/actions/test-setup
- with:
- matrix_runner: ${{ matrix.runner }}
- base_sha:
- ${{ github.event_name == 'pull_request' &&
- github.event.pull_request.base.sha ||
- github.event.merge_group.base_sha }}
- remote_cache_key: ${{ secrets.CARBON_BUILDS_GITHUB }}
- targets_file: ${{ runner.temp }}/targets
- # Build and run just the tests impacted by the PR or merge group.
- - name: Test (${{ matrix.config.name }})
- if: steps.test-setup.outputs.has_code == 'true'
- shell: bash
- env:
- # 'libtool_check_unique failed to generate' workaround.
- # https://github.com/bazelbuild/bazel/issues/14113#issuecomment-999794586
- BAZEL_USE_CPP_ONLY_TOOLCHAIN: 1
- TARGETS_FILE: ${{ runner.temp }}/targets
- run: |
- # Decrease the jobs sharply if we see repeated failures to try to
- # work around transient network errors even if it makes things
- # slower. Note that we allow passing targets that are incompatible and
- # skip thim as-if we were using `//...` style wild card patterns.
- ./scripts/run_bazel.py \
- --attempts=5 --jobs-on-last-attempt=4 \
- test ${{ matrix.config.flags }} \
- --target_pattern_file=$TARGETS_FILE
- # See "Disk space before build" in `test-setup`.
- - name: Disk space after build
- if: steps.test-setup.outputs.has_code == 'true'
- run: df -h
|
