team/.github/workflows/main.yml at 3a0400ccef1422102bd033f04e95b7027922b40d · rust-lang/team · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: CI

on:
  pull_request:
  merge_group:
  workflow_dispatch:
  schedule:
    # Run at 4 AM UTC daily to make sure that all changes are up-to-date.
    # We run the cron job at a time where merges don't usually happen, in order to avoid race
    # conditions with the `merge_group` workflow execution.
    - cron: 0 4 * * *

concurrency:
  # We want to make sure that parallel executions (merge queue, cron, manual) of this workflow
  # do not perform the `deploy` job in parallel.
  # At the same time, we want to avoid this workflow running in parallel for multiple PRs
  # (where it only runs tests, without deploy).
  # If we're in a PR, `head_ref` is set, so we allow parallel runs for different PR HEAD refs.
  # If we're elsewhere, we use a constant string to use the same concurrency group.
  group: ${{ github.workflow }}-${{ github.head_ref || 'deploy' }}
  cancel-in-progress: false

jobs:
  test:
    name: Test
    runs-on: ubuntu-latest
    if: github.repository == 'rust-lang/team'
    steps:
      - uses: actions/checkout@v4
        with:
          fetch-depth: 50

      - name: Install Rust Stable
        env:
          RUST_VERSION: "1.91.1"
        run: |
          rustc -vV
          rustup toolchain install $RUST_VERSION
          rustup default $RUST_VERSION
          rustup component add rustfmt clippy
          rustc -vV

      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6

      - name: Build the team binary
        run: RUSTFLAGS="--deny warnings" cargo build

      - name: Validate the repository contents
        run: cargo run -- check --strict
        env:
          GITHUB_TOKEN: ${{ secrets.github_token }}

      - name: Run rustfmt
        run: cargo fmt -- --check

      - name: Run clippy
        run: cargo clippy --workspace --all-targets --all-features -- -D warnings

      - name: Run tests
        run: cargo test --workspace --all-features

      - name: Check CODEOWNERS
        run: cargo run ci check-codeowners

      - name: Build the contents of the static API
        run: |
          cargo run -- static-api build
          echo "team-api.infra.rust-lang.org" > build/CNAME

      - name: Write PR number into the uploaded archive
        if: ${{ github.event_name == 'pull_request' }}
        run: echo "${{ github.event.pull_request.number }}" > build/pr.txt

      - name: Upload the built JSON as a GitHub artifact
        uses: actions/upload-artifact@v4
        with:
          name: team-api-output
          path: build
  deploy:
    name: Deploy
    needs: [ test ]
    runs-on: ubuntu-latest
    environment: deploy
    permissions:
      id-token: write
      pages: write
    if: github.event_name != 'pull_request'
    steps:
      - uses: actions/checkout@v4
        with:
          persist-credentials: false

      - name: Download built JSON API and sync-team
        uses: actions/download-artifact@v4
        with:
          name: team-api-output
          path: build

      - name: Sync changes
        env:
          GITHUB_TOKEN: ${{ secrets.WRITE_GITHUB_TOKEN }}
          MAILGUN_API_TOKEN: ${{ secrets.MAILGUN_API_TOKEN }}
          EMAIL_ENCRYPTION_KEY: ${{ secrets.EMAIL_ENCRYPTION_KEY }}
          ZULIP_API_TOKEN: ${{ secrets.ZULIP_API_TOKEN }}
          ZULIP_USERNAME: ${{ secrets.ZULIP_USERNAME }}
          CRATES_IO_TOKEN: ${{ secrets.CRATES_IO_TOKEN }}
        run: |
          cargo run sync apply --src build

      - name: Disable Jekyll
        run: touch build/.nojekyll

      - name: Upload GitHub pages artifact
        uses: actions/upload-pages-artifact@v3
        with:
          path: build

      # Upload the pages only if the sync succeeded, to always keep the
      # most up-to-date state in the web endpoint.
      - name: Deploy to GitHub Pages
        uses: actions/deploy-pages@v4

  # Summary job for the merge queue.
  # ALL THE PREVIOUS JOBS NEED TO BE ADDED TO THE `needs` SECTION OF THIS JOB!
  CI:
    needs: [ test, deploy ]
    # We need to ensure this job does *not* get skipped if its dependencies fail,
    # because a skipped job is considered a success by GitHub. So we have to
    # overwrite `if:`. We use `!cancelled()` to ensure the job does still not get run
    # when the workflow is canceled manually.
    if: ${{ !cancelled() }}
    runs-on: ubuntu-latest
    steps:
      # Manually check the status of all dependencies. `if: failure()` does not work.
      - name: Conclusion
        run: |
          # Print the dependent jobs to see them in the CI log
          jq -C <<< '${{ toJson(needs) }}'
          # Check if all jobs that we depend on (in the needs array) were successful.
          jq --exit-status 'all(.result == "success" or .result == "skipped")' <<< '${{ toJson(needs) }}'