chore(flake/nix2container): cc96df7c -> 5fb215a1
#3578
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| branches: | |
| - main | |
| concurrency: | |
| group: ${{ github.repository }}-${{ github.head_ref || github.sha }}-${{ github.workflow }} | |
| cancel-in-progress: true | |
| jobs: | |
| commitlint: | |
| if: ${{ github.event_name == 'pull_request' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: cachix/install-nix-action@v30 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable-small | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: protoletariat | |
| extraPullNames: nix-community,poetry2nix | |
| - name: commitlint | |
| run: nix shell -L -f '<nixpkgs>' commitlint -c commitlint --from=${{ github.event.pull_request.base.sha }} --to=${{ github.sha }} --verbose | |
| pre-commit: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: cachix/install-nix-action@v30 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable-small | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: protoletariat | |
| authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
| extraPullNames: nix-community,poetry2nix | |
| - run: nix develop -c pre-commit run --all-files | |
| nix: | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| - macos-latest | |
| python-version: | |
| - "39" | |
| - "310" | |
| - "311" | |
| - "312" | |
| exclude: | |
| - os: macos-latest | |
| python-version: "310" | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: cachix/install-nix-action@v30 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable-small | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: protoletariat | |
| authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
| extraPullNames: nix-community,poetry2nix | |
| - name: build package and run tests | |
| run: nix build --print-build-logs --no-link --keep-going '.#protoletariat${{ matrix.python-version }}' | |
| - name: show closure info | |
| run: nix path-info --closure-size --human-readable --recursive '.#protoletariat${{ matrix.python-version }}' | |
| docker-image: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: cachix/install-nix-action@v30 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable-small | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: protoletariat | |
| authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
| extraPullNames: nix-community,poetry2nix | |
| - name: build and load docker image | |
| run: nix run --print-build-logs --keep-going '.#protoletariat-image.copyToDockerDaemon' | |
| - run: docker images protoletariat | |
| - name: smoke test docker image | |
| run: | | |
| set -euo pipefail | |
| imagetag="$(nix eval --raw '.#protoletariat-image.imageTag')" | |
| docker run --rm "protoletariat:${imagetag}" | |
| poetry: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: | |
| - ubuntu-latest | |
| - macos-latest | |
| - windows-latest | |
| python-version: | |
| - "3.8" | |
| - "3.9" | |
| - "3.10" | |
| - "3.11" | |
| - "3.12" | |
| buf: | |
| - true | |
| - false | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: bufbuild/buf-setup-action@v1.46.0 | |
| if: matrix.buf | |
| with: | |
| github_token: ${{ github.token }} | |
| - uses: arduino/setup-protoc@v3 | |
| with: | |
| repo-token: ${{ github.token }} | |
| - uses: actions/setup-python@v5 | |
| with: | |
| python-version: ${{ matrix.python-version }} | |
| - name: install poetry | |
| run: pip install poetry | |
| - name: install env | |
| run: poetry install | |
| - name: run tests | |
| run: poetry run pytest -ra | |
| tensorflow: | |
| runs-on: ubuntu-latest | |
| env: | |
| PYTHON_OUT: /tmp/tensorflow-gen | |
| TENSORFLOW_HOME: ${{ github.workspace }}/tensorflow | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| path: protoletariat | |
| - uses: cachix/install-nix-action@v30 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable-small | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: protoletariat | |
| authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} | |
| extraPullNames: nix-community,poetry2nix | |
| - name: Clone Tensorflow | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: tensorflow/tensorflow | |
| path: tensorflow | |
| - run: mkdir -p "$PYTHON_OUT" | |
| - name: Generate tensorflow Python proto code | |
| working-directory: protoletariat | |
| run: | | |
| set -euo pipefail | |
| mapfile -t files < <(find "$TENSORFLOW_HOME" -name '*.proto') | |
| nix develop -c \ | |
| protoc \ | |
| --python_out "$PYTHON_OUT" \ | |
| --proto_path "$TENSORFLOW_HOME/third_party/xla/third_party/tsl" \ | |
| --proto_path "$TENSORFLOW_HOME/third_party/xla" \ | |
| --proto_path "$TENSORFLOW_HOME" \ | |
| "${files[@]}" | |
| - name: Test tensorflow rewriting | |
| working-directory: protoletariat | |
| run: | | |
| set -euo pipefail | |
| mapfile -t files < <(find "$TENSORFLOW_HOME" -name '*.proto') | |
| nix run '.#protoletariat' \ | |
| -- \ | |
| --in-place \ | |
| --create-package \ | |
| --python-out "$PYTHON_OUT" \ | |
| protoc \ | |
| --proto-path "$TENSORFLOW_HOME/third_party/xla/third_party/tsl" \ | |
| --proto-path "$TENSORFLOW_HOME/third_party/xla" \ | |
| --proto-path "$TENSORFLOW_HOME" \ | |
| "${files[@]}" | |
| - name: Check for absolute imports | |
| run: grep -vq -R '^import tensorflow' "$PYTHON_OUT" | |
| dry-release: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - uses: cachix/install-nix-action@v30 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable-small | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: protoletariat | |
| extraPullNames: nix-community,poetry2nix | |
| - name: Configure git info | |
| run: | | |
| set -euo pipefail | |
| # not incredibly important what user we use here | |
| # | |
| # we're making a commit in a temporary worktree that is thrown away | |
| # if the process exits successfully | |
| # | |
| # git requires user information to make commits | |
| git config user.name 'phillip-ground[bot]' | |
| git config user.email 'phillip-ground[bot]@users.noreply.github.com' | |
| - name: run semantic-release | |
| run: ./ci/release/dry_run.sh | |
| release: | |
| runs-on: ubuntu-latest | |
| if: ${{ github.event_name != 'pull_request' }} | |
| needs: | |
| - nix | |
| - poetry | |
| - docker-image | |
| - pre-commit | |
| - tensorflow | |
| - dry-release | |
| steps: | |
| - uses: actions/create-github-app-token@v1 | |
| id: generate_token | |
| with: | |
| app-id: ${{ secrets.APP_ID }} | |
| private-key: ${{ secrets.APP_PRIVATE_KEY }} | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - uses: cachix/install-nix-action@v30 | |
| with: | |
| nix_path: nixpkgs=channel:nixos-unstable-small | |
| - uses: cachix/cachix-action@v15 | |
| with: | |
| name: protoletariat | |
| extraPullNames: nix-community,poetry2nix | |
| - name: run semantic-release | |
| run: ./ci/release/run.sh | |
| env: | |
| POETRY_PYPI_TOKEN_PYPI: ${{ secrets.PYPI_TOKEN }} | |
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} |