chore(deps): bump actions/checkout from 3.6.0 to 4.2.2 #277
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: test | |
| # Controls when the action will run. | |
| on: | |
| # Triggers the workflow on push or pull request events but only for the main branch | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| concurrency: | |
| # Cancel previous actions from the same PR: https://stackoverflow.com/a/72408109 | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| # matrix-prep-* steps generate JSON used to create a dynamic actions matrix. | |
| # Inspired from | |
| # https://stackoverflow.com/questions/65384420/how-to-make-a-github-action-matrix-element-conditional | |
| matrix-prep-os: | |
| # Prepares the 'os' axis of the test matrix, to reduce costs since GitHub hosted runners cost more on some platforms. | |
| # https://docs.github.com/en/billing/managing-billing-for-github-actions/about-billing-for-github-actions#included-storage-and-minutes | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 | |
| with: | |
| egress-policy: audit | |
| - id: linux | |
| run: echo "os=ubuntu-latest" >> $GITHUB_OUTPUT | |
| - id: windows | |
| run: echo "os=windows-latest" >> $GITHUB_OUTPUT | |
| # Only run on main branch (or PR branches that contain 'windows') to minimize Windows minutes (billed at 2X) | |
| if: (github.ref == 'refs/heads/main' || contains(github.head_ref, 'windows')) && !inputs.exclude_windows | |
| - id: macos | |
| run: echo "os=macos-latest" >> $GITHUB_OUTPUT | |
| # Only run on main branch (or PR branches that contain 'macos') to minimize macOS minutes (billed at 10X) | |
| if: github.ref == 'refs/heads/main' || contains(github.head_ref, 'macos') | |
| outputs: | |
| # Will look like ["ubuntu-latest", "windows-latest", "macos-latest"] | |
| os: ${{ toJSON(steps.*.outputs.os) }} | |
| matrix-prep-bazelversion: | |
| # Prepares the 'bazelversion' axis of the test matrix | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| # NB: we assume this is Bazel 7 | |
| - id: bazel_from_bazelversion | |
| run: echo "bazelversion=$(head -n 1 .bazelversion)" >> $GITHUB_OUTPUT | |
| - id: bazel_6 | |
| run: echo "bazelversion=6.3.0" >> $GITHUB_OUTPUT | |
| outputs: | |
| # Will look like ["<version from .bazelversion>", "x.y.z"] | |
| bazelversions: ${{ toJSON(steps.*.outputs.bazelversion) }} | |
| test: | |
| # The type of runner that the job will run on | |
| runs-on: ${{ matrix.os }} | |
| needs: | |
| - matrix-prep-bazelversion | |
| - matrix-prep-os | |
| # Run bazel test in each workspace with each version of Bazel supported | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: ${{ fromJSON(needs.matrix-prep-os.outputs.os) }} | |
| bazelversion: ${{ fromJSON(needs.matrix-prep-bazelversion.outputs.bazelversions) }} | |
| folder: | |
| - . | |
| - e2e/smoke | |
| bzlmodEnabled: [true, false] | |
| exclude: | |
| # Root module is BZLMOD only, do not test it without bzlmod enabled. | |
| - bzlmodEnabled: false | |
| folder: . | |
| # Root module uses newer stardoc that requires Bazel 7 or greater | |
| - bazelversion: 6.3.0 | |
| folder: . | |
| # Steps represent a sequence of tasks that will be executed as part of the job | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 | |
| with: | |
| egress-policy: audit | |
| # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| - uses: bazel-contrib/setup-bazel@e403ad507104847c3539436f64a9e9eecc73eeec # v0.8.5 | |
| with: | |
| repository-cache: true | |
| bazelrc: | | |
| common --announce_rc --color=yes --enable_bzlmod=${{ matrix.bzlmodEnabled }} | |
| test --test_output=errors | |
| ${{ (matrix.bazelversion == '6.4.0' && 'try-import %workspace%/.apko/.bazelrc') || '' }} | |
| - name: Configure Bazel version | |
| working-directory: ${{ matrix.folder }} | |
| run: echo "${{ matrix.bazelversion }}" > .bazelversion | |
| # See https://github.com/bazel-contrib/publish-to-bcr#including-patches | |
| - name: verify bcr patches | |
| if: matrix.bzlmodEnabled && hashFiles('.bcr/patches/*.patch') != '' | |
| run: patch --dry-run -p1 < .bcr/patches/*.patch | |
| # Required for rules_apko to make range requests | |
| - name: Add bazel 6 workaround | |
| if: ${{ matrix.bazelversion == '6.3.0' }} | |
| run: echo 'try-import %workspace%/.apko/.bazelrc' >> .bazelrc | |
| - name: Test | |
| working-directory: ${{ matrix.folder }} | |
| run: bazel test //... |