Skip to content

Build omes worker image (#1485) #1

Build omes worker image (#1485)

Build omes worker image (#1485) #1

Workflow file for this run

name: Continuous Integration
on: # rebuild any PRs and main branch changes
pull_request:
push:
branches:
- main
- 'releases/*'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
IS_OFFICIAL_REPO: ${{ github.repository == 'temporalio/sdk-typescript' }}
# Is it the official main branch, or an official release branches?
IS_MAIN_OR_RELEASE: |
${{
github.repository == 'temporalio/sdk-typescript'
&& (github.ref == 'refs/heads/main'
|| startsWith(github.ref, 'refs/tags/')
|| startsWith(github.ref, 'refs/heads/releases'))
&& github.event_name != 'pull_request'
}}
# Use these variables to force specific version of CLI/Time Skipping Server for SDK tests
# TESTS_CLI_VERSION: 'v0.13.2'
# TESTS_TIME_SKIPPING_SERVER_VERSION: 'v1.24.1'
jobs:
# Compile native bridge code for each target platform.
# Uploads the native library for each target as a build artifact.
compile-native-binaries:
strategy:
fail-fast: true
matrix:
include:
# For Linux targets, use Buildjet's builders to get the oldest supported glibc version
- platform: linux-x64
runner: buildjet-4vcpu-ubuntu-2204
target: x86_64-unknown-linux-gnu
container: quay.io/pypa/manylinux_2_24_x86_64
out-file: libtemporal_sdk_typescript_bridge.so
- platform: linux-arm
runner: buildjet-4vcpu-ubuntu-2204-arm
target: aarch64-unknown-linux-gnu
container: quay.io/pypa/manylinux_2_24_aarch64
out-file: libtemporal_sdk_typescript_bridge.so
- platform: macos-x64
runner: macos-12
target: x86_64-apple-darwin
out-file: libtemporal_sdk_typescript_bridge.dylib
- platform: macos-arm
runner: macos-14
target: aarch64-apple-darwin
out-file: libtemporal_sdk_typescript_bridge.dylib
- platform: windows-x64
runner: windows-latest
target: x86_64-pc-windows-msvc
out-file: temporal_sdk_typescript_bridge.dll
name: Compile Native Binaries (${{ matrix.platform }})
runs-on: ${{ matrix.runner }}
container: ${{ matrix.container }}
env:
# This is required to allow continuing usage of Node 16 for actions,
# as Node 20 won't run on the docker image we use for linux builds
# (Node 20 require glibc 2.28+, but container image has glibc 2.24).
# https://github.blog/changelog/2024-05-17-updated-dates-for-actions-runner-using-node20-instead-of-node16-by-default/
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
defaults:
run:
shell: bash
steps:
- name: 'Checkout code'
# FIXME: v4+ requires Node 20
uses: actions/checkout@v3
with:
submodules: recursive
- name: 'Cache index.node'
id: cached-artifact
# FIXME: v4+ requires Node 20
uses: actions/cache@v3
with:
path: ./packages/core-bridge/releases
key: corebridge-artifactcache-${{ matrix.platform }}-${{ hashFiles('./packages/core-bridge/**/Cargo.lock', './packages/core-bridge/**/*.rs') }}
- name: Install Rust
if: steps.cached-artifact.outputs.cache-hit != 'true'
uses: dtolnay/rust-toolchain@stable
with:
target: ${{ matrix.target }}
- name: Install protoc
if: steps.cached-artifact.outputs.cache-hit != 'true'
# FIXME: v3+ requires Node 20
uses: arduino/setup-protoc@v2
with:
# TODO: Upgrade proto once https://github.com/arduino/setup-protoc/issues/99 is fixed
version: '23.x'
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Rust Cargo and Build cache
if: steps.cached-artifact.outputs.cache-hit != 'true'
# FIXME: v2.7.2+ requires Node 20
uses: Swatinem/[email protected]
with:
workspaces: packages/core-bridge -> target
prefix-key: corebridge-buildcache
shared-key: ${{ matrix.platform }}
env-vars: ''
save-if: env.IS_MAIN_OR_RELEASE == 'true'
- name: Compile rust code
if: steps.cached-artifact.outputs.cache-hit != 'true'
working-directory: ./packages/core-bridge
run: |
set -x
cargo build --release --target ${{ matrix.target }}
mkdir -p ./releases/${{ matrix.target }}
cp target/${{ matrix.target }}/release/${{ matrix.out-file }} ./releases/${{ matrix.target }}/index.node
- name: Print required GLIBC version
if: startsWith(matrix.platform, 'linux')
working-directory: ./packages/core-bridge
run: |
objdump -T ./releases/${{ matrix.target }}/index.node |
grep GLIBC | sed 's/.*GLIBC_\([.0-9]*\).*/\1/g' | sort -V | tail -1
# FIXME: v4+ requires Node 20
- uses: actions/upload-artifact@v3
with:
name: corebridge-native-${{ matrix.platform }}
# Actual file will be named ${{ matrix.target }}/index.node
path: ./packages/core-bridge/releases/*/index.node
# Gather native binaries for all platforms and build TypeScript @temporalio/* packages.
# Upload the built packages as a Verdaccio repository.
build-packages:
needs:
- compile-native-binaries
name: Build Packages
strategy:
# Using a matrix here ensure that Rust-related actions below can be easily be copied from the
# compile-binaries job and that the Rust build cache will be usable
matrix:
include:
- platform: linux-x64
runner: ubuntu-22.04
target: x86_64-unknown-linux-gnu
runs-on: ${{ matrix.runner }}
defaults:
run:
shell: bash
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
submodules: recursive
- name: Download core-bridge native libraries
# Need v3 here to stay compatible with the compile-native-binaries job.
uses: actions/download-artifact@v3-node20
with:
path: ./packages/core-bridge/releases/tmp
- name: Put native files into place
working-directory: ./packages/core-bridge/releases
run: |
mv tmp/corebridge-*/* ./
rm -rf tmp
- name: Install Node
uses: actions/setup-node@v4
with:
node-version: 20
- name: Get NPM cache directory
id: npm-cache-dir
run: echo "dir=$(npm config get cache)" >> ${GITHUB_OUTPUT}
- name: Restore NPM cache
uses: actions/cache/restore@v4
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: npm-main-${{ matrix.platform }}-${{ hashFiles('./package-lock.json') }}
restore-keys: |
npm-main-${{ matrix.platform }}-
- name: Download dependencies
# Make up to 3 attempts to install NPM dependencies, to work around transient NPM errors :(
run: |
npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose
- name: Compile code
run: npm run build -- --ignore @temporalio/core-bridge
- name: Publish to Verdaccio
run: node scripts/publish-to-verdaccio.js --registry-dir ./tmp/registry
- name: Save Verdaccio repo artifact
uses: actions/upload-artifact@v4
with:
name: verdaccio-repo
path: ./tmp/registry/storage
- name: Save NPM cache
uses: actions/cache/save@v4
# Only saves NPM cache from the main branch, to reduce pressure on the cache (limited to 10GB).
if: env.IS_MAIN_OR_RELEASE == 'true'
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: npm-main-${{ matrix.platform }}-${{ hashFiles('./package-lock.json') }}
# Run integration tests. Uses the native binaries built in compile-native-binaries,
# but build `@temporalio/*` packages locally.
integration-tests:
needs:
- compile-native-binaries
strategy:
fail-fast: false
matrix:
node: [16, 18, 20]
platform: [linux-x64, linux-arm, macos-x64, macos-arm, windows-x64]
reuse-v8-context: [true, false]
server: [cli] # FIXME: Add 'cloud'
include:
- platform: linux-x64
runner: ubuntu-latest
- platform: linux-arm
runner: buildjet-4vcpu-ubuntu-2204-arm
- platform: macos-x64
runner: macos-12
- platform: macos-arm
runner: macos-14
- platform: windows-x64
runner: windows-latest
runs-on: ${{ matrix.runner }}
name: Run Integration Tests (${{ matrix.platform }}, Node ${{ matrix.node }}, Reuse V8 Context ${{ matrix.reuse-v8-context }})
defaults:
run:
shell: bash
steps:
- name: 'Checkout code'
uses: actions/checkout@v4
with:
submodules: recursive
- name: Download core-bridge native libraries
# Need v3 here to stay compatible with the compile-native-binaries job.
uses: actions/download-artifact@v3-node20
with:
name: corebridge-native-${{ matrix.platform }}
path: ./packages/core-bridge/releases
- name: Install Node
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- name: Get NPM cache directory
id: npm-cache-dir
shell: bash
run: echo "dir=$(npm config get cache)" >> ${GITHUB_OUTPUT}
- name: Restore NPM cache
uses: actions/cache/restore@v4
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: npm-main-${{ matrix.platform }}-${{ hashFiles('./package-lock.json') }}
restore-keys: |
npm-main-${{ matrix.platform }}-
- name: Download dependencies
# Make up to 3 attempts to install NPM dependencies, to work around transient NPM errors :(
run: |
npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose
- name: Compile code
run: npm run build -- --ignore @temporalio/core-bridge
- name: Install Temporal CLI
if: matrix.server == 'cli'
uses: temporalio/setup-temporal@v0
- name: Run Temporal CLI
if: matrix.server == 'cli'
shell: bash
run: |
temporal server start-dev --headless &> /tmp/devserver.log &
- name: Run Tests
run: npm test
env:
RUN_INTEGRATION_TESTS: true
REUSE_V8_CONTEXT: ${{ matrix.reuse-v8-context }}
- name: Upload NPM logs
uses: actions/upload-artifact@v4
if: failure() || cancelled()
with:
name: integration-tests-${{ matrix.platform }}-node${{ matrix.node }}-${{ matrix.server }}-${{ matrix.reuse-v8-context && 'reuse' || 'noreuse' }}-logs
path: ${{ startsWith(matrix.platform, 'windows') && 'C:\\npm\\_logs\\' || '~/.npm/_logs/' }}
- name: Upload Dev Server logs
uses: actions/upload-artifact@v4
if: failure() || cancelled()
with:
name: integration-tests-${{ matrix.platform }}-node${{ matrix.node }}-${{ matrix.server }}-${{ matrix.reuse-v8-context && 'reuse' || 'noreuse' }}-devserver-logs
path: /tmp/devserver.log
# Tests that npm init @temporalio results in a working worker and client
test-npm-init:
needs: build-packages
strategy:
fail-fast: false
matrix:
node: [16, 18, 20]
platform: [linux-x64, linux-arm, macos-x64, macos-arm, windows-x64]
sample: [hello-world, fetch-esm, hello-world-mtls]
server: [cli, cloud]
exclude:
# Exclude non-mtls tests on cloud
- sample: hello-world
server: cloud
# Exclude mtls tests on cli
- sample: hello-world-mtls
server: cli
- sample: fetch-esm
server: cloud
# FIXME: investigate why 'fetch-esm' always hangs on Windows
- sample: fetch-esm
platform: windows-x64
# Exclude cloud tests if we don't have cloud namespace and certs
- server: ${{ vars.TEMPORAL_CLIENT_NAMESPACE == '' && 'cloud' || '' }}
include:
- platform: linux-x64
runner: ubuntu-latest
- platform: linux-arm
runner: buildjet-4vcpu-ubuntu-2204-arm
- platform: macos-x64
runner: macos-12
- platform: macos-arm
runner: macos-14
- platform: windows-x64
runner: windows-latest
runs-on: ${{ matrix.runner }}
name: Run Samples Tests - ${{ matrix.sample }} (${{ matrix.platform }}, Node ${{ matrix.node }}, ${{ matrix.server }})
env:
TEMPORAL_CLIENT_CERT: ${{ secrets.TEMPORAL_CLIENT_CERT }}
TEMPORAL_CLIENT_KEY: ${{ secrets.TEMPORAL_CLIENT_KEY }}
steps:
- name: 'Checkout code'
uses: actions/checkout@v4
with:
# We don't need the core submodule here since won't build the project
submodules: false
- name: Install Node
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- name: Get NPM cache directory
id: npm-cache-dir
shell: bash
run: echo "dir=$(npm config get cache)" >> ${GITHUB_OUTPUT}
- name: Restore NPM cache
uses: actions/cache/restore@v4
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: npm-main-${{ matrix.platform }}-${{ hashFiles('./package-lock.json') }}
restore-keys: |
npm-main-${{ matrix.platform }}-
# No need to compile anything, we just need the package ./scripts and their dependencies
- name: Install dependencies without compilation
run: |
npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose
- name: Restore Verdaccio repo artifact
uses: actions/download-artifact@v4
with:
name: verdaccio-repo
path: ./tmp/registry/storage
# Note: here, `npx create` fails on windows if shell is bash.
- name: Instantiate sample project using verdaccio artifacts
run: node scripts/init-from-verdaccio.js --registry-dir ./tmp/registry --sample https://github.com/temporalio/samples-typescript/tree/next/${{ matrix.sample }} --target-dir ${{ runner.temp }}/example
- name: Install Temporal CLI
if: matrix.server == 'cli'
uses: temporalio/setup-temporal@v0
- name: Run Temporal CLI
if: matrix.server == 'cli'
shell: bash
run: |
temporal server start-dev --headless &
# We write the certs to disk because it serves the sample. Written into /tmp/temporal-certs
- name: Create certs dir
shell: bash
run: node scripts/create-certs-dir.js "${{ runner.temp }}/certs"
if: matrix.server == 'cloud'
- name: Test run a workflow (non-cloud)
run: node scripts/test-example.js --work-dir "${{ runner.temp }}/example"
shell: bash
if: matrix.server == 'cli'
- name: Test run a workflow (cloud)
run: node scripts/test-example.js --work-dir "${{ runner.temp }}/example"
shell: bash
env:
# These env vars are used by the hello-world-mtls sample
TEMPORAL_ADDRESS: ${{ vars.TEMPORAL_CLIENT_NAMESPACE }}.tmprl.cloud
TEMPORAL_NAMESPACE: ${{ vars.TEMPORAL_CLIENT_NAMESPACE }}
TEMPORAL_CLIENT_CERT_PATH: ${{ runner.temp }}/certs/client.pem
TEMPORAL_CLIENT_KEY_PATH: ${{ runner.temp }}/certs/client.key
TEMPORAL_TASK_QUEUE: ${{ format('{0}-{1}-{2}', matrix.platform, matrix.node, matrix.sample) }}
if: matrix.server == 'cloud'
- name: Destroy certs dir
if: always()
shell: bash
run: rm -rf ${{ runner.temp }}/certs
continue-on-error: true
# Runs the features repo tests with this repo's current SDK code
# FIXME: Update this job to reuse native build artifacts from compile-native-binaries
features-tests:
name: Features Tests
uses: temporalio/features/.github/workflows/typescript.yaml@main
with:
typescript-repo-path: ${{github.event.pull_request.head.repo.full_name}}
version: ${{github.event.pull_request.head.ref}}
version-is-repo-ref: true
features-repo-ref: sdk-1403-ts-startUpdate-require-wait-stage
stress-tests-no-reuse-context:
name: Stress Tests (No Reuse V8 Context)
# FIXME: Update this job to reuse native build artifacts from compile-native-binaries
uses: ./.github/workflows/stress.yml
with:
test-type: ci-stress
test-timeout-minutes: 20
reuse-v8-context: false
stress-tests-reuse-context:
name: Stress Tests (Reuse V8 Context)
# FIXME: Update this job to reuse native build artifacts from compile-native-binaries
uses: ./.github/workflows/stress.yml
with:
test-type: ci-stress
test-timeout-minutes: 20
reuse-v8-context: true
# Run TS linting and ts-prune to find unused code
lint-and-prune:
name: Lint and Prune
strategy:
# Using a matrix here ensure that Rust-related actions below can be easily be copied from the
# compile-binairies job and that the Rust build cache will be usable
matrix:
include:
- platform: linux-x64
runner: ubuntu-22.04
target: x86_64-unknown-linux-gnu
runs-on: ${{ matrix.runner }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
submodules: recursive
- name: Install Node
uses: actions/setup-node@v4
with:
node-version: 20
- name: Get NPM cache directory
id: npm-cache-dir
shell: bash
run: echo "dir=$(npm config get cache)" >> ${GITHUB_OUTPUT}
- name: Restore NPM cache
uses: actions/cache/restore@v4
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: npm-main-${{ matrix.platform }}-${{ hashFiles('./package-lock.json') }}
restore-keys: |
npm-main-${{ matrix.platform }}-
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
with:
target: ${{ matrix.target }}
- name: Install protoc
uses: arduino/setup-protoc@v3
with:
# TODO: Upgrade proto once https://github.com/arduino/setup-protoc/issues/99 is fixed
version: '23.x'
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Rust Cargo and Build cache
uses: Swatinem/rust-cache@v2
with:
workspaces: packages/core-bridge -> target
prefix-key: corebridge-buildcache
shared-key: ${{ matrix.platform }}
env-vars: ''
save-if: false
- name: Download dependencies
run: |
npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose
# eslint-import-resolver-typescript requires packages to be built
- name: Compile all non-rust code
run: npm run build -- --ignore @temporalio/core-bridge
- run: npm run lint.check
- run: npm run lint.prune
build-docs:
name: Build Docs
strategy:
# Using a matrix here ensure that Rust-related actions below can be easily be copied from the
# compile-binairies job and that the Rust build cache will be usable
matrix:
include:
- platform: linux-x64
runner: ubuntu-22.04
target: x86_64-unknown-linux-gnu
runs-on: ${{ matrix.runner }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
submodules: recursive
- name: Install Node
uses: actions/setup-node@v4
with:
node-version: 20
- name: Get NPM cache directory
id: npm-cache-dir
shell: bash
run: echo "dir=$(npm config get cache)" >> ${GITHUB_OUTPUT}
- name: Restore NPM cache
uses: actions/cache/restore@v4
with:
path: ${{ steps.npm-cache-dir.outputs.dir }}
key: npm-main-${{ matrix.platform }}-${{ hashFiles('./package-lock.json') }}
restore-keys: |
npm-main-${{ matrix.platform }}-
# Don't build during install phase since we're going to explicitly build
- name: Download dependencies
# Make up to 3 attempts to install NPM dependencies, to work around transient NPM errors
run: |
npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose || npm ci --ignore-scripts --verbose
- run: npm run build -- --ignore @temporalio/core-bridge
# Do docs stuff (only on one host)
- name: Build docs
run: npm run docs
env:
ALGOLIA_API_KEY: ${{ secrets.ALGOLIA_API_KEY }}
- name: Deploy prod docs # TODO: only deploy prod docs when we publish a new version
if: env.IS_MAIN_OR_RELEASE == 'true'
run: npx vercel deploy packages/docs/build -t ${{ secrets.VERCEL_TOKEN }} --name typescript --scope temporal --prod --yes
# FIXME: This is not working properly, and should probably be done only from the main branch anyway
# (and "Deploy prod docs" should only be done when we publish a new release)
# - name: Deploy draft docs
# # Don't run on forks, since secrets won't be available, and command will fail
# if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository && github.ref != 'refs/heads/main'
# run: npx vercel deploy packages/docs/build -t ${{ secrets.VERCEL_TOKEN }} --name typescript --scope temporal --yes