Targetting 4.172.4 #8147
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Nix CI | |
| on: | |
| push: | |
| branches-ignore: | |
| # Exclude the push event for exported diffs, because the CI for export | |
| # should have been covered by GitHub Actions triggered by pull requests. | |
| - 'export-D+' | |
| pull_request: | |
| concurrency: | |
| # If the workflow is triggered by a pull request, then cancel previous runs | |
| # for the same pull request, which share the same `github.ref`, otherwise the | |
| # run ID is used to identify the concurrency group, which is a no-op because | |
| # the run ID is always unique for each trigged event. | |
| group: ${{ github.event_name == 'pull_request' && github.ref || github.run_id }} | |
| cancel-in-progress: true | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| build-and-run-quick-tests: | |
| if: | | |
| github.repository != 'hhvm/hhvm-staging' || | |
| github.event_name == 'pull_request' || | |
| startsWith(github.ref_name, 'HHVM-') | |
| strategy: | |
| # Run tests on all OS's and HHVM versions, even if one fails | |
| fail-fast: false | |
| matrix: | |
| package: | |
| - hhvm | |
| - hhvm_clang | |
| os: | |
| - ${{ github.event_name == 'pull_request' && '16-core' || 'ubuntu-latest' }} | |
| runs-on: ${{matrix.os}} | |
| steps: | |
| - uses: actions/[email protected] | |
| - uses: cachix/install-nix-action@v15 | |
| with: | |
| extra_nix_config: | | |
| extra-access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} | |
| extra-experimental-features = nix-command flakes | |
| extra-substituters = s3://hhvm-nix-cache?region=us-west-2&endpoint=hhvm-nix-cache.s3-accelerate.amazonaws.com | |
| extra-trusted-substituters = s3://hhvm-nix-cache?region=us-west-2&endpoint=hhvm-nix-cache.s3-accelerate.amazonaws.com | |
| extra-trusted-public-keys = hhvm-nix-cache-1:MvKxscw16fAq6835oG8sbRgTGITb+1xGfYNhs+ee4yo= | |
| sandbox = false | |
| - run: nix build --print-build-logs "git+file://$(pwd)?submodules=1&shallow=1#${{matrix.package}}" | |
| - run: nix profile install --print-build-logs "git+file://$(pwd)?submodules=1&shallow=1#${{matrix.package}}" | |
| - run: hhvm --version | |
| - name: Build the deb package | |
| if: runner.os == 'Linux' | |
| run: nix bundle --out-link ${{matrix.package}}.deb --print-build-logs --bundler "git+file://$(pwd)?submodules=1&shallow=1#deb" "git+file://$(pwd)?submodules=1&shallow=1#${{matrix.package}}" | |
| - name: Show the deb package's information | |
| if: runner.os == 'Linux' | |
| run: dpkg-deb --info ${{matrix.package}}.deb | |
| - name: Show the deb package's content | |
| if: runner.os == 'Linux' | |
| run: dpkg-deb --contents ${{matrix.package}}.deb | |
| - name: Save the deb package as build artifact | |
| if: runner.os == 'Linux' | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: ${{matrix.package}}.deb | |
| path: ${{matrix.package}}.deb | |
| - name: Build the rpm package | |
| if: runner.os == 'Linux' | |
| run: nix bundle --out-link ${{matrix.package}}.rpm --print-build-logs --bundler "git+file://$(pwd)?submodules=1&shallow=1#rpm" "git+file://$(pwd)?submodules=1&shallow=1#${{matrix.package}}" | |
| - name: Show the rpm package's information | |
| if: runner.os == 'Linux' | |
| run: rpm --query --info --package ${{matrix.package}}.rpm | |
| - name: Show the rpm package's content | |
| if: runner.os == 'Linux' | |
| run: rpm --query --list --package ${{matrix.package}}.rpm | |
| - name: Save the rpm package as build artifact | |
| if: runner.os == 'Linux' | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: ${{matrix.package}}.rpm | |
| path: ${{matrix.package}}.rpm | |
| - name: Assume the AWS role | |
| continue-on-error: true | |
| id: configure-aws-credentials | |
| if: github.event_name != 'pull_request' | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: arn:aws:iam::223121549624:role/hhvm-github-actions | |
| aws-region: us-west-2 | |
| - name: Sign Nix binaries with a private key downloaded from AWS Secrets Manager | |
| if: steps.configure-aws-credentials.outcome == 'success' | |
| run: nix store sign --recursive --key-file <(aws secretsmanager get-secret-value --secret-id hhvm-nix-cache-1 --query SecretString --output text) --print-build-logs "git+file://$(pwd)?submodules=1&shallow=1#${{matrix.package}}" | |
| - name: Upload Nix binaries to the binary cache server on S3 | |
| if: steps.configure-aws-credentials.outcome == 'success' | |
| run: nix copy --to 's3://hhvm-nix-cache?region=us-west-2&endpoint=hhvm-nix-cache.s3-accelerate.amazonaws.com' --print-build-logs "git+file://$(pwd)?submodules=1&shallow=1#${{matrix.package}}" | |
| install-deb-and-run-repo-mode-tests: | |
| needs: build-and-run-quick-tests | |
| strategy: | |
| # Run tests on all OS's and HHVM versions, even if one fails | |
| fail-fast: false | |
| matrix: | |
| package: | |
| - hhvm | |
| - hhvm_clang | |
| os: | |
| - ${{ github.event_name == 'pull_request' && '16-core' || 'ubuntu-latest' }} | |
| suite: | |
| - quick | |
| - -x hphp/test/github_excluded_tests slow | |
| runs-on: ${{matrix.os}} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - if: matrix.suite != 'quick' | |
| run: | | |
| sudo tee -a /etc/locale.gen << EOF | |
| de_DE.UTF-8 UTF-8 | |
| de_DE ISO-8859-1 | |
| de_DE@euro ISO-8859-15 | |
| en_GB.UTF-8 UTF-8 | |
| en_GB ISO-8859-1 | |
| en_GB.ISO-8859-15 ISO-8859-15 | |
| en_US.UTF-8 UTF-8 | |
| en_US ISO-8859-1 | |
| en_US.ISO-8859-15 ISO-8859-15 | |
| es_ES.UTF-8 UTF-8 | |
| es_ES ISO-8859-1 | |
| es_ES@euro ISO-8859-15 | |
| fr_FR.UTF-8 UTF-8 | |
| fr_FR ISO-8859-1 | |
| fr_FR@euro ISO-8859-15 | |
| pt_PT.UTF-8 UTF-8 | |
| pt_PT ISO-8859-1 | |
| pt_PT@euro ISO-8859-15 | |
| tr_TR.UTF-8 UTF-8 | |
| tr_TR ISO-8859-9 | |
| zh_CN.UTF-8 UTF-8 | |
| zh_CN.GB18030 GB18030 | |
| zh_CN.GBK GBK | |
| zh_CN GB2312 | |
| EOF | |
| - if: matrix.suite != 'quick' | |
| run: sudo dpkg-reconfigure -frontend=noninteractive locales | |
| - name: Download the ${{matrix.package}}.deb from build-and-run-quick-tests job | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: ${{matrix.package}}.deb | |
| - run: sudo apt-get install ./${{matrix.package}}.deb | |
| - run: echo "HHVM_BIN=$(command -v hhvm)" >> "$GITHUB_ENV" | |
| - run: | | |
| "$HHVM_BIN" hphp/test/run.php --repo ${{matrix.suite}} | |
| install-deb-and-run-all-tests: | |
| needs: build-and-run-quick-tests | |
| strategy: | |
| # Run tests on all OS's and HHVM versions, even if one fails | |
| fail-fast: false | |
| matrix: | |
| package: | |
| - hhvm | |
| - hhvm_clang | |
| os: | |
| - ${{ github.event_name == 'pull_request' && '16-core' || 'ubuntu-latest' }} | |
| runs-on: ${{matrix.os}} | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - run: | | |
| sudo tee -a /etc/locale.gen << EOF | |
| de_DE.UTF-8 UTF-8 | |
| de_DE ISO-8859-1 | |
| de_DE@euro ISO-8859-15 | |
| en_GB.UTF-8 UTF-8 | |
| en_GB ISO-8859-1 | |
| en_GB.ISO-8859-15 ISO-8859-15 | |
| en_US.UTF-8 UTF-8 | |
| en_US ISO-8859-1 | |
| en_US.ISO-8859-15 ISO-8859-15 | |
| es_ES.UTF-8 UTF-8 | |
| es_ES ISO-8859-1 | |
| es_ES@euro ISO-8859-15 | |
| fr_FR.UTF-8 UTF-8 | |
| fr_FR ISO-8859-1 | |
| fr_FR@euro ISO-8859-15 | |
| pt_PT.UTF-8 UTF-8 | |
| pt_PT ISO-8859-1 | |
| pt_PT@euro ISO-8859-15 | |
| tr_TR.UTF-8 UTF-8 | |
| tr_TR ISO-8859-9 | |
| zh_CN.UTF-8 UTF-8 | |
| zh_CN.GB18030 GB18030 | |
| zh_CN.GBK GBK | |
| zh_CN GB2312 | |
| EOF | |
| - run: sudo dpkg-reconfigure -frontend=noninteractive locales | |
| - name: Download the ${{matrix.package}}.deb from build-and-run-quick-tests job | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: ${{matrix.package}}.deb | |
| - run: sudo apt-get install ./${{matrix.package}}.deb | |
| - run: echo "HHVM_BIN=$(command -v hhvm)" >> "$GITHUB_ENV" | |
| - run: | | |
| "$HHVM_BIN" hphp/test/run.php -x hphp/test/github_excluded_tests all | |
| upload-deb: | |
| if: github.event_name == 'push' && github.ref_type == 'tag' | |
| runs-on: ubuntu-latest | |
| needs: build-and-run-quick-tests | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Assume the AWS role | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: arn:aws:iam::223121549624:role/hhvm-github-actions | |
| aws-region: us-west-2 | |
| - name: Download the hhvm.deb from build-and-run-quick-tests job | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: hhvm.deb | |
| - uses: cachix/install-nix-action@v15 | |
| with: | |
| extra_nix_config: | | |
| extra-access-tokens = github.com=${{ secrets.GITHUB_TOKEN }} | |
| extra-experimental-features = nix-command flakes | |
| extra-substituters = s3://hhvm-nix-cache?region=us-west-2&endpoint=hhvm-nix-cache.s3-accelerate.amazonaws.com | |
| extra-trusted-substituters = s3://hhvm-nix-cache?region=us-west-2&endpoint=hhvm-nix-cache.s3-accelerate.amazonaws.com | |
| extra-trusted-public-keys = hhvm-nix-cache-1:MvKxscw16fAq6835oG8sbRgTGITb+1xGfYNhs+ee4yo= | |
| # Install s3fs from nix instead of apt because the s3fs version in | |
| # ubuntu-latest is too old to support AWS role | |
| - run: nix profile install nixpkgs#s3fs | |
| - run: sudo apt-get install reprepro | |
| - name: Decrypt the GPG key | |
| run: | | |
| set -o pipefail | |
| aws kms decrypt \ | |
| --ciphertext-blob "fileb://$PWD/gpg-key.kms-ciphertext" \ | |
| --query Plaintext \ | |
| --output text | | |
| base64 --decode | | |
| gpg --import | |
| - name: Mount Apt Repository | |
| env: | |
| # s3fs uses environment variable names without underscores, unlike aws-cli | |
| AWSACCESSKEYID: ${{ env.AWS_ACCESS_KEY_ID }} | |
| AWSSECRETACCESSKEY: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
| AWSSESSIONTOKEN: ${{ env.AWS_SESSION_TOKEN }} | |
| run: | | |
| HHVM_DOWNLOAD="$(mktemp --directory)" && | |
| s3fs -o "endpoint=$AWS_REGION" -o use_session_token hhvm-downloads "$HHVM_DOWNLOAD" && | |
| echo "REPREPRO_BASE_DIR=$HHVM_DOWNLOAD/universal" >> $GITHUB_ENV | |
| - name: Initiate Apt Repository | |
| run: | | |
| set -e | |
| mkdir -p "$REPREPRO_BASE_DIR/conf" | |
| touch "$REPREPRO_BASE_DIR/conf/distributions" | |
| - name: Create nightly suite | |
| if: startsWith(github.ref_name, 'nightly-') | |
| run: | | |
| if [[ ! -d "$REPREPRO_BASE_DIR/dists/nightly" ]] | |
| then | |
| ( | |
| echo '' | |
| echo 'Origin: HHVM' | |
| echo 'Label: HHVM' | |
| echo 'Codename: nightly' | |
| echo 'Suite: nightly' | |
| echo 'Architectures: amd64' | |
| echo 'Components: main' | |
| echo 'Description: Apt suite for HHVM nightly' | |
| echo 'SignWith: D386EB94' | |
| ) >> "$REPREPRO_BASE_DIR/conf/distributions" && | |
| reprepro export nightly | |
| fi | |
| - if: startsWith(github.ref_name, 'nightly-') | |
| run: reprepro --keepunreferencedfiles --keepunusednewfiles includedeb nightly hhvm.deb | |
| - name: Create release suite | |
| if: startsWith(github.ref_name, 'HHVM-') | |
| run: | | |
| if [[ ! -d "$REPREPRO_BASE_DIR/dists/release" ]] | |
| then | |
| ( | |
| echo '' | |
| echo 'Origin: HHVM' | |
| echo 'Label: HHVM' | |
| echo 'Codename: release' | |
| echo 'Suite: release' | |
| echo 'Architectures: amd64' | |
| echo 'Components: main' | |
| echo 'Description: Apt suite for HHVM release versions' | |
| echo 'SignWith: D386EB94' | |
| ) >> "$REPREPRO_BASE_DIR/conf/distributions" && | |
| reprepro export release | |
| fi | |
| - if: startsWith(github.ref_name, 'HHVM-') | |
| run: reprepro --keepunreferencedfiles --keepunusednewfiles includedeb release hhvm.deb | |
| - name: Determine HHVM version | |
| if: startsWith(github.ref_name, 'HHVM-') | |
| run: | | |
| [[ "$GITHUB_REF_NAME" =~ HHVM-([0-9]+\.[0-9]+)\.[0-9]+ ]] && | |
| echo "HHVM_VERSION_MAJAR_MINOR=${BASH_REMATCH[1]}" >> $GITHUB_ENV | |
| - name: Create version specific release suite | |
| if: startsWith(github.ref_name, 'HHVM-') | |
| run: | | |
| if [[ ! -d "$REPREPRO_BASE_DIR/dists/release-$HHVM_VERSION_MAJAR_MINOR" ]] | |
| then | |
| ( | |
| echo '' | |
| echo 'Origin: HHVM' | |
| echo 'Label: HHVM' | |
| echo "Codename: release-$HHVM_VERSION_MAJAR_MINOR" | |
| echo "Suite: release-$HHVM_VERSION_MAJAR_MINOR" | |
| echo 'Architectures: amd64' | |
| echo 'Components: main' | |
| echo "Description: Apt suite for $HHVM_VERSION_MAJAR_MINOR.* release versions" | |
| echo 'SignWith: D386EB94' | |
| ) >> "$REPREPRO_BASE_DIR/conf/distributions" && | |
| reprepro export "release-$HHVM_VERSION_MAJAR_MINOR" | |
| fi | |
| - if: startsWith(github.ref_name, 'HHVM-') | |
| run: reprepro --keepunreferencedfiles --keepunusednewfiles includedeb "release-$HHVM_VERSION_MAJAR_MINOR" hhvm.deb |