Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch CI to Roles #591

Merged
merged 6 commits into from
Dec 6, 2024
Merged

Switch CI to Roles #591

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
c3c157d
switch ci ti using roles
DmitriyMusatkin Dec 6, 2024
b205cba
syntax
DmitriyMusatkin Dec 6, 2024
7aa260c
indent
DmitriyMusatkin Dec 6, 2024
0cb4f23
indent
DmitriyMusatkin Dec 6, 2024
3f266ad
typo
DmitriyMusatkin Dec 6, 2024
334d7fb
remove clang 17
DmitriyMusatkin Dec 6, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
155 changes: 99 additions & 56 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,21 +7,21 @@ on:
- 'docs'

env:
BUILDER_VERSION: v0.9.62
BUILDER_VERSION: v0.9.73
BUILDER_SOURCE: releases
BUILDER_HOST: https://d19elf31gohf1l.cloudfront.net
PACKAGE_NAME: aws-crt-nodejs
LINUX_BASE_IMAGE: ubuntu-18-x64
RUN: ${{ github.run_id }}-${{ github.run_number }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
AWS_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
CRT_CI_ROLE: ${{ secrets.CRT_CI_ROLE_ARN }}
AWS_DEFAULT_REGION: us-east-1

jobs:
permissions:
id-token: write # This is required for requesting the JWT

jobs:
linux-compat:
runs-on: ubuntu-20.04 # latest
runs-on: ubuntu-24.04 # latest
strategy:
fail-fast: false
matrix:
Expand All @@ -35,54 +35,63 @@ jobs:
- rhel8-x64
- raspbian-bullseye
steps:
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }}

musl-linux:
runs-on: ubuntu-20.04 # latest
runs-on: ubuntu-24.04 # latest
strategy:
fail-fast: false
matrix:
image:
- alpine-3.16-x64
steps:
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }}

- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-${{ matrix.image }} build -p ${{ env.PACKAGE_NAME }}

linux-musl-armv7:
runs-on: ubuntu-20.04 # latest
strategy:
fail-fast: false
matrix:
image:
- alpine-3.16-x64
steps:
- name: Install qemu/docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Checkout Sources
uses: actions/checkout@v2
with:
submodules: true
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages
- name: Build ${{ env.PACKAGE_NAME }}
run: |
export AWS_CRT_ARCH=armv7
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-alpine-3.16-armv7 build -p ${{ env.PACKAGE_NAME }}


runs-on: ubuntu-24.04 # latest
strategy:
fail-fast: false
matrix:
image:
- alpine-3.16-x64
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Install qemu/docker
run: docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
- name: Checkout Sources
uses: actions/checkout@v2
with:
submodules: true
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages
- name: Build ${{ env.PACKAGE_NAME }}
run: |
export AWS_CRT_ARCH=armv7
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
./linux-container-ci.sh ${{ env.BUILDER_VERSION }} aws-crt-alpine-3.16-armv7 build -p ${{ env.PACKAGE_NAME }}

linux-compiler-compat:
runs-on: ubuntu-20.04 # latest
runs-on: ubuntu-24.04 # latest
strategy:
fail-fast: false
matrix:
Expand All @@ -93,14 +102,20 @@ jobs:
clang-9,
clang-10,
clang-11,
clang-15,
gcc-4.8,
gcc-5,
gcc-6,
gcc-7,
gcc-8
gcc-8,
gcc-11
]
steps:
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
# We can't use the `uses: docker://image` version yet, GitHub lacks authentication for actions -> packages
- name: Build ${{ env.PACKAGE_NAME }}
run: |
aws s3 cp s3://aws-crt-test-stuff/ci/${{ env.BUILDER_VERSION }}/linux-container-ci.sh ./linux-container-ci.sh && chmod a+x ./linux-container-ci.sh
Expand All @@ -109,6 +124,10 @@ jobs:
windows:
runs-on: windows-2022 # latest
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }} + consumers
run: |
python -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder.pyz')"
Expand All @@ -117,6 +136,10 @@ jobs:
windows-vc14-x86:
runs-on: windows-2019 # windows-2019 is last env with Visual Studio 2015 (v14.0)
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }} + consumers
env:
AWS_CMAKE_TOOLSET: v140
Expand All @@ -132,6 +155,10 @@ jobs:
macos:
runs-on: macos-14 # latest
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }} + consumers
run: |
python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')"
Expand All @@ -145,6 +172,10 @@ jobs:
macos-x64:
runs-on: macos-14-large # latest
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Build ${{ env.PACKAGE_NAME }} + consumers
run: |
python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')"
Expand All @@ -165,19 +196,27 @@ jobs:

# check that docs can still build
check-docs:
runs-on: ubuntu-20.04 # latest
runs-on: ubuntu-24.04 # latest
steps:
- uses: actions/checkout@v4
with:
submodules: true
- name: Check docs
run: |
npm ci
./make-docs.sh
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- uses: actions/checkout@v4
with:
submodules: true
- name: Check docs
run: |
npm ci
./make-docs.sh

check-submodules:
runs-on: ubuntu-20.04 # latest
runs-on: ubuntu-24.04 # latest
steps:
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- name: Checkout Source
uses: actions/checkout@v4
with:
Expand All @@ -189,11 +228,15 @@ jobs:
uses: awslabs/aws-crt-builder/.github/actions/check-submodules@main

check-lockfile-version:
runs-on: ubuntu-20.04 # latest
runs-on: ubuntu-24.04 # latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check for edits to package-lock.json
run: |
test `jq -r '.lockfileVersion' package-lock.json` = 1
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ env.CRT_CI_ROLE }}
aws-region: ${{ env.AWS_DEFAULT_REGION }}
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check for edits to package-lock.json
run: |
test `jq -r '.lockfileVersion' package-lock.json` = 1
4 changes: 2 additions & 2 deletions .github/workflows/docs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,12 @@ on:

jobs:
update-docs-branch:
runs-on: ubuntu-20.04 # latest
runs-on: ubuntu-24.04 # latest
permissions:
contents: write # allow push
steps:
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
submodules: true

Expand Down
Loading