Add weekly CI #1240
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
# Run the checks on any push to any branch of the repo that doesn't start with `_`. | |
push: | |
branches-ignore: [ '_**' ] | |
# Run the check for any pull request. The check is run on a merge between the | |
# PR commit and the `main` branch at the time of running the check. | |
pull_request: | |
# Runs the check when a PR is added to the merge queue. | |
merge_group: | |
# Makes it possible to run the forkflow by hand from GItHub's interface. | |
workflow_dispatch: | |
# Minimum permissions required by skip-duplicate-actions | |
permissions: | |
actions: write | |
contents: read | |
jobs: | |
# Avoid `push` and `pull_request` running the same job twice | |
check_if_skip_duplicate_job: | |
runs-on: [self-hosted, linux, nix] | |
steps: | |
- id: skip_check | |
uses: fkirc/skip-duplicate-actions@v5 | |
with: | |
concurrent_skipping: 'same_content_newer' | |
skip_after_successful_duplicate: 'true' | |
cancel_others: 'true' | |
outputs: | |
should_skip: ${{ steps.skip_check.outputs.should_skip }} | |
nix: | |
needs: check_if_skip_duplicate_job | |
if: needs.check_if_skip_duplicate_job.outputs.should_skip != 'true' | |
#runs-on: ubuntu-latest | |
runs-on: [self-hosted, linux, nix] | |
steps: | |
#- uses: cachix/install-nix-action@v22 | |
- uses: actions/checkout@v4 | |
- run: nix build -L .#charon | |
- run: nix build -L .#charon-ml | |
- run: nix flake check -L | |
check-version-number: | |
runs-on: [self-hosted, linux, nix] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # deep clone in order to get access to other commits | |
- run: nix develop --command ./scripts/ci-check-version-number.sh | |
aeneas: | |
needs: [check_if_skip_duplicate_job, nix] | |
if: needs.check_if_skip_duplicate_job.outputs.should_skip != 'true' | |
runs-on: [self-hosted, linux, nix] | |
steps: | |
- run: | | |
nix flake check --refresh -L github:aeneasverif/aeneas \ | |
--override-input charon github:aeneasverif/charon/${{ github.sha }} \ | |
--override-input charon/rust-overlay github:oxalica/rust-overlay/master | |
eurydice: | |
needs: [check_if_skip_duplicate_job, nix] | |
if: needs.check_if_skip_duplicate_job.outputs.should_skip != 'true' | |
runs-on: [self-hosted, linux, nix] | |
steps: | |
- run: | | |
nix flake check --refresh -L github:aeneasverif/eurydice \ | |
--override-input charon github:aeneasverif/charon/${{ github.sha }} \ | |
--override-input charon/rust-overlay github:oxalica/rust-overlay/master | |
kyber: | |
needs: [check_if_skip_duplicate_job, eurydice] | |
if: needs.check_if_skip_duplicate_job.outputs.should_skip != 'true' | |
runs-on: [self-hosted, linux, nix] | |
steps: | |
- run: | | |
nix build --refresh -L github:cryspen/libcrux#ml-kem \ | |
--override-input charon github:aeneasverif/charon/${{ github.sha }} \ | |
--update-input charon/rust-overlay \ | |
--update-input eurydice \ | |
--update-input crane |