daily #784
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: daily | |
on: | |
schedule: | |
- cron: "14 14 * * *" | |
# Uncomment below to test. | |
# push: | |
# branches: [gha-test-*, canary, auto] | |
jobs: | |
audit: | |
runs-on: ubuntu-20.04 | |
container: | |
image: ghcr.io/diem/diem_build_environment:main | |
volumes: | |
- "${{github.workspace}}:/opt/git/diem" | |
strategy: | |
fail-fast: false | |
matrix: | |
#this is a painful solution since it doesn't pick up new branches, other option is lotsa shell in one job.... | |
#to test in canary add in canary here..... | |
target-branch: [main, release-1.5, release-1.4] | |
env: | |
AUDIT_SUMMARY_FILE: /tmp/summary | |
steps: | |
- uses: actions/[email protected] | |
with: | |
ref: ${{ matrix.target-branch }} | |
- uses: ./.github/actions/build-setup | |
- name: install cargo-audit | |
run: cargo install --force cargo-audit | |
- name: audit crates | |
# List of ignored RUSTSEC | |
# 1. RUSTSEC-2021-0073 - Not impacted. | |
# 2. RUSTSEC-2021-0072 - Not impacted. | |
# 3. RUSTSEC-2020-0071 - Not impacted (chronotope/chrono#578). | |
run: | | |
cargo audit --color never --ignore RUSTSEC-2021-0073 --ignore RUSTSEC-2021-0072 --ignore RUSTSEC-2020-0071 > $AUDIT_SUMMARY_FILE | |
- name: set issue body content | |
if: ${{ failure() }} | |
env: | |
JOB_URL: "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
run: | | |
echo "ISSUE_BODY<<EOF" >> $GITHUB_ENV | |
echo "Found RUSTSEC in dependencies in job ${JOB_URL}" >> $GITHUB_ENV | |
echo "\`\`\`" >> $GITHUB_ENV | |
head -100 $AUDIT_SUMMARY_FILE >> $GITHUB_ENV | |
echo "\`\`\`" >> $GITHUB_ENV | |
echo "EOF" >> $GITHUB_ENV | |
- uses: diem/actions/create-issue@faadd16607b77dfa2231a8f366883e01717b3225 | |
if: ${{ failure() }} | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
title: "RUSTSEC in dependencies in branch ${{ matrix.target-branch }}" | |
body: ${{ env.ISSUE_BODY }} | |
labels: "dependecies" | |
- uses: ./.github/actions/build-teardown | |
prover-inconsistency-test: | |
runs-on: ubuntu-20.04-xl | |
container: | |
image: ghcr.io/diem/diem_build_environment:${{ matrix.target-branch }} | |
volumes: | |
- "${{github.workspace}}:/opt/git/diem" | |
env: | |
MESSAGE_PAYLOAD_FILE: /tmp/message | |
strategy: | |
fail-fast: false | |
matrix: | |
target-branch: [main] | |
steps: | |
- uses: actions/[email protected] | |
with: | |
ref: ${{ matrix.target-branch }} | |
- uses: ./.github/actions/build-setup | |
- uses: actions/[email protected] | |
with: | |
path: "/opt/cargo/git\n/opt/cargo/registry\n/opt/cargo/.package-cache" | |
key: crates-${{ runner.os }}-${{ hashFiles('Cargo.lock') }} | |
restore-keys: "crates-${{ runner.os }}" | |
- name: Run the prover tests with the inconsistency check and other nightly checks | |
shell: bash | |
run: | | |
cd /opt/git/diem/ | |
set -o pipefail | |
MVP_TEST_INCONSISTENCY=1 cargo test -p move-prover --release 2>&1 | tee -a $MESSAGE_PAYLOAD_FILE | |
MVP_TEST_FEATURE=cvc5 cargo test -p move-prover --release 2>&1 | tee -a $MESSAGE_PAYLOAD_FILE | |
- uses: ./.github/actions/slack-file | |
with: | |
webhook: ${{ secrets.WEBHOOK_MOVE_PROVER }} | |
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }} | |
if: ${{ failure() }} | |
- uses: ./.github/actions/build-teardown |