ci: use reusable workflow for MacOs build #25048
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Check neon with extra platform builds | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
defaults: | |
run: | |
shell: bash -euxo pipefail {0} | |
concurrency: | |
# Allow only one workflow per any non-`main` branch. | |
group: ${{ github.workflow }}-${{ github.ref_name }}-${{ github.ref_name == 'main' && github.sha || 'anysha' }} | |
cancel-in-progress: true | |
env: | |
RUST_BACKTRACE: 1 | |
COPT: '-Werror' | |
jobs: | |
check-permissions: | |
if: ${{ !contains(github.event.pull_request.labels.*.name, 'run-no-ci') }} | |
uses: ./.github/workflows/check-permissions.yml | |
with: | |
github-event-name: ${{ github.event_name}} | |
build-build-tools-image: | |
needs: [ check-permissions ] | |
uses: ./.github/workflows/build-build-tools-image.yml | |
secrets: inherit | |
files-changed: | |
name: Detect what files changed | |
runs-on: ubuntu-22.04 | |
timeout-minutes: 3 | |
outputs: | |
v17: ${{ steps.files_changed.outputs.v17 }} | |
postgres_changes: ${{ steps.postgres_changes.outputs.changes }} | |
rebuild_rust_code: ${{ steps.files_changed.outputs.rust_code }} | |
rebuild_everything: ${{ steps.files_changed.outputs.rebuild_neon_extra || steps.files_changed.outputs.rebuild_macos }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- name: Check for Postgres changes | |
uses: dorny/paths-filter@1441771bbfdd59dcd748680ee64ebd8faab1a242 #v3 | |
id: files_changed | |
with: | |
token: ${{ github.token }} | |
filters: .github/file-filters.yaml | |
base: ${{ github.event_name != 'pull_request' && (github.event.merge_group.base_ref || github.ref_name) || '' }} | |
ref: ${{ github.event_name != 'pull_request' && (github.event.merge_group.head_ref || github.ref) || '' }} | |
- name: Filter out only v-string for build matrix | |
id: postgres_changes | |
run: | | |
v_strings_only_as_json_array=$(echo ${{ steps.files_changed.outputs.chnages }} | jq '.[]|select(test("v\\d+"))' | jq --slurp -c) | |
echo "changes=${v_strings_only_as_json_array}" | tee -a "${GITHUB_OUTPUT}" | |
check-macos-build: | |
needs: [ check-permissions, files-changed ] | |
if: | | |
contains(github.event.pull_request.labels.*.name, 'run-extra-build-macos') || | |
contains(github.event.pull_request.labels.*.name, 'run-extra-build-*') || | |
github.ref_name == 'main' | |
uses: ./.github/workflows/build-macos.yml | |
with: | |
pg_versions: ${{ needs.files-changed.outputs.postgres_changes }} | |
rebuild_rust_code: ${{ needs.files-changed.outputs.rebuild_rust_code }} | |
rebuild_everything: ${{ fromJson(needs.files-changed.outputs.rebuild_everything) }} | |
gather-rust-build-stats: | |
needs: [ check-permissions, build-build-tools-image, files-changed ] | |
permissions: | |
id-token: write # aws-actions/configure-aws-credentials | |
statuses: write | |
contents: write | |
if: | | |
(needs.files-changed.outputs.v17 == 'true' || needs.files-changed.outputs.rebuild_everything == 'true') && ( | |
contains(github.event.pull_request.labels.*.name, 'run-extra-build-stats') || | |
contains(github.event.pull_request.labels.*.name, 'run-extra-build-*') || | |
github.ref_name == 'main' | |
) | |
runs-on: [ self-hosted, large ] | |
container: | |
image: ${{ needs.build-build-tools-image.outputs.image }}-bookworm | |
credentials: | |
username: ${{ secrets.NEON_DOCKERHUB_USERNAME }} | |
password: ${{ secrets.NEON_DOCKERHUB_PASSWORD }} | |
options: --init | |
env: | |
BUILD_TYPE: release | |
# build with incremental compilation produce partial results | |
# so do not attempt to cache this build, also disable the incremental compilation | |
CARGO_INCREMENTAL: 0 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
# Some of our rust modules use FFI and need those to be checked | |
- name: Get postgres headers | |
run: make postgres-headers -j$(nproc) | |
- name: Build walproposer-lib | |
run: make walproposer-lib -j$(nproc) | |
- name: Produce the build stats | |
run: PQ_LIB_DIR=$(pwd)/pg_install/v17/lib cargo build --all --release --timings -j$(nproc) | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: eu-central-1 | |
role-to-assume: ${{ vars.DEV_AWS_OIDC_ROLE_ARN }} | |
role-duration-seconds: 3600 | |
- name: Upload the build stats | |
id: upload-stats | |
env: | |
BUCKET: neon-github-public-dev | |
SHA: ${{ github.event.pull_request.head.sha || github.sha }} | |
run: | | |
REPORT_URL=https://${BUCKET}.s3.amazonaws.com/build-stats/${SHA}/${GITHUB_RUN_ID}/cargo-timing.html | |
aws s3 cp --only-show-errors ./target/cargo-timings/cargo-timing.html "s3://${BUCKET}/build-stats/${SHA}/${GITHUB_RUN_ID}/" | |
echo "report-url=${REPORT_URL}" >> $GITHUB_OUTPUT | |
- name: Publish build stats report | |
uses: actions/github-script@v7 | |
env: | |
REPORT_URL: ${{ steps.upload-stats.outputs.report-url }} | |
SHA: ${{ github.event.pull_request.head.sha || github.sha }} | |
with: | |
# Retry script for 5XX server errors: https://github.com/actions/github-script#retries | |
retries: 5 | |
script: | | |
const { REPORT_URL, SHA } = process.env | |
await github.rest.repos.createCommitStatus({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
sha: `${SHA}`, | |
state: 'success', | |
target_url: `${REPORT_URL}`, | |
context: `Build stats (release)`, | |
}) |