-
Notifications
You must be signed in to change notification settings - Fork 697
346 lines (299 loc) · 13.2 KB
/
validate.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
name: Validate
# We use bash as default even in windows
# to try keep the workflow as uniform as possible
defaults:
run:
shell: bash
# See: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#concurrency.
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
cancel-in-progress: true
# Note: This workflow file contains the required job "Validate post job". We are using path filtering
# here to ignore PRs which only change documentation. This can cause a problem, see the workflow file
# "validate.skip.yml" for a description of the problem and the solution provided in that file.
on:
push:
paths-ignore:
- 'doc/**'
- '**/README.md'
- 'CONTRIBUTING.md'
branches:
- master
pull_request:
paths-ignore:
- 'doc/**'
- '**/README.md'
- 'CONTRIBUTING.md'
release:
types:
- created
env:
# We choose a stable ghc version across all os's
# which will be used to do the next release
GHC_FOR_RELEASE: '9.2.8'
# Ideally we should use the version about to be released for hackage tests and benchmarks
GHC_FOR_SOLVER_BENCHMARKS: '9.2.8'
GHC_FOR_COMPLETE_HACKAGE_TESTS: '9.2.8'
COMMON_FLAGS: '-j 2 -v'
jobs:
validate:
name: Validate ${{ matrix.os }} ghc-${{ matrix.ghc }}
runs-on: ${{ matrix.os }}
outputs:
GHC_FOR_RELEASE: ${{ format('["{0}"]', env.GHC_FOR_RELEASE) }}
strategy:
matrix:
os: ["ubuntu-latest", "macos-latest", "windows-latest"]
ghc: ["9.6.3", "9.4.7", "9.2.8", "9.0.2", "8.10.7", "8.8.4", "8.6.5", "8.4.4"]
exclude:
# corrupts GHA cache or the fabric of reality itself, see https://github.com/haskell/cabal/issues/8356
- os: "windows-latest"
ghc: "8.10.7"
# lot of segfaults caused by ghc bugs
- os: "windows-latest"
ghc: "8.8.4"
# it also throws segfaults randomly
- os: "windows-latest"
ghc: "8.4.4"
# it often randomly does "C:\Users\RUNNER~1\AppData\Local\Temp\ghcFEDE.c: DeleteFile "\\\\?\\C:\\Users\\RUNNER~1\\AppData\\Local\\Temp\\ghcFEDE.c": permission denied (Access is denied.)"
- os: "windows-latest"
ghc: "8.6.5"
steps:
- uses: actions/checkout@v4
# See the following link for a breakdown of the following step
# https://github.com/haskell/actions/issues/7#issuecomment-745697160
- uses: actions/cache@v3
with:
# validate.sh uses a special build dir
path: |
${{ steps.setup-haskell.outputs.cabal-store }}
dist-*
key: ${{ runner.os }}-${{ matrix.ghc }}-${{ github.sha }}
restore-keys: ${{ runner.os }}-${{ matrix.ghc }}-
- uses: haskell/actions/setup@v2
id: setup-haskell
with:
ghc-version: ${{ matrix.ghc }}
cabal-version: '3.10.1.0'
- name: Work around git problem https://bugs.launchpad.net/ubuntu/+source/git/+bug/1993586 (cabal PR #8546)
run: |
git config --global protocol.file.allow always
# The tool is not essential to the rest of the test suite. If
# hackage-repo-tool is not present, any test that requires it will
# be skipped.
# We want to keep this in the loop but we don't want to fail if
# hackage-repo-tool breaks or fails to support a newer GHC version.
- name: Install hackage-repo-tool
continue-on-error: true
run: |
cd $(mktemp -d)
cabal install hackage-repo-tool
# Needed by cabal-testsuite/PackageTests/Configure/setup.test.hs
- name: Install Autotools
if: runner.os == 'macOS'
run: |
brew install automake
- name: Set validate inputs
run: |
FLAGS="${{ env.COMMON_FLAGS }}"
if [[ ${{ matrix.ghc }} == ${{ env.GHC_FOR_SOLVER_BENCHMARKS }} ]]; then
FLAGS="$FLAGS --solver-benchmarks"
fi
if [[ ${{ matrix.ghc }} == ${{ env.GHC_FOR_COMPLETE_HACKAGE_TESTS }} ]]; then
FLAGS="$FLAGS --complete-hackage-tests"
fi
echo "FLAGS=$FLAGS" >> $GITHUB_ENV
- name: Allow newer dependencies when built with latest GHC
if: ${{ matrix.ghc }} == '9.6.3'
run: |
echo "allow-newer: rere:base, rere:transformers" >> cabal.project.validate
- name: Validate print-config
run: sh validate.sh $FLAGS -s print-config
- name: Validate print-tool-versions
run: sh validate.sh $FLAGS -s print-tool-versions
- name: Validate build
run: sh validate.sh $FLAGS -s build
- name: Tar cabal head executable
if: matrix.ghc == env.GHC_FOR_RELEASE
run: |
CABAL_EXEC=$(cabal list-bin --builddir=dist-newstyle-validate-ghc-${{ matrix.ghc }} --project-file=cabal.project.validate cabal-install:exe:cabal)
# We have to tar the executable to preserve executable permissions
# see https://github.com/actions/upload-artifact/issues/38
if [[ ${{ runner.os }} == 'Windows' ]]; then
# `cabal list-bin` gives us a windows path but tar needs the posix one
CABAL_EXEC=$(cygpath $CABAL_EXEC)
fi
if [[ "${{ runner.os }}" == "macOS" ]]; then
# Workaround to avoid bsdtar corrupts the executable
# so executing it after untar throws `cannot execute binary file`
# see https://github.com/actions/virtual-environments/issues/2619#issuecomment-788397841
sudo /usr/sbin/purge
fi
export CABAL_EXEC_TAR="cabal-head-${{ runner.os }}-x86_64.tar.gz"
tar -czvf $CABAL_EXEC_TAR -C $(dirname "$CABAL_EXEC") $(basename "$CABAL_EXEC")
echo "CABAL_EXEC_TAR=$CABAL_EXEC_TAR" >> $GITHUB_ENV
# We upload the cabal executable built with the ghc used in the release for:
# - Reuse it in the dogfooding job (although we could use the cached build dir)
# - Make it available in the workflow to make easier testing it locally
- name: Upload cabal-install executable to workflow artifacts
if: matrix.ghc == env.GHC_FOR_RELEASE
uses: actions/upload-artifact@v3
with:
name: cabal-${{ runner.os }}-x86_64
path: ${{ env.CABAL_EXEC_TAR }}
- name: Validate lib-tests
env:
# `rawSystemStdInOut reports text decoding errors`
# test does not find ghc without the full path in windows
GHCPATH: ${{ steps.setup-haskell.outputs.ghc-exe }}
run: sh validate.sh $FLAGS -s lib-tests
- name: Validate lib-suite
# Have to disable *-suite validation:
# - the [email protected] problem is tracked at https://github.com/haskell/cabal/issues/8858
# - but curently can't run it with GHC 9.6, tracking: https://github.com/haskell/cabal/issues/8883
run: sh validate.sh $FLAGS -s lib-suite
- name: Validate cli-tests
run: sh validate.sh $FLAGS -s cli-tests
- name: Validate cli-suite
# Have to disable *-suite validation, see above the comment for lib-suite
run: sh validate.sh $FLAGS -s cli-suite
validate-old-ghcs:
name: Validate old ghcs ${{ matrix.extra-ghc }}
runs-on: ubuntu-latest
needs: validate
# This job needs an older ubuntu (16.04) cause
# the required old ghcs using the `-dyn` flavour
# are not installable from ppa/hvr in newer ones
# see https://github.com/haskell/cabal/issues/8011
container:
image: phadej/ghc:8.8.4-xenial
strategy:
matrix:
# Newer ghc versions than 8.8.4 have to be installed with ghcup cause
# they are not available in ppa/hvr. The ghcup installation
# needs `sudo` which is not available in the xenial container
ghc: ["8.8.4"]
extra-ghc: ["7.10.3", "7.8.4", "7.6.3", "7.4.2", "7.2.2", "7.0.4"]
steps:
# We can't use actions/checkout with the xenial docker container
# cause it does not work with the git version included in it, see:
# https://github.com/actions/checkout/issues/170
# https://github.com/actions/checkout/issues/295
# - uses: actions/checkout@v4
- name: Checkout
run: |
echo $GITHUB_REF $GITHUB_SHA
git clone --depth 1 https://github.com/$GITHUB_REPOSITORY.git .
git fetch origin $GITHUB_SHA:temporary-ci-branch
git checkout $GITHUB_SHA || (git fetch && git checkout $GITHUB_SHA)
- name: Install extra compiler
run: |
apt-get update
apt-get install -y ghc-${{ matrix.extra-ghc }}-dyn
- uses: haskell/actions/setup@v2
id: setup-haskell
with:
ghc-version: ${{ matrix.ghc }}
cabal-version: latest # latest is mandatory for cabal-testsuite, see https://github.com/haskell/cabal/issues/8133
# As we are reusing the cached build dir from the previous step
# the generated artifacts are available here,
# including the cabal executable and the test suite
- uses: actions/cache@v3
with:
path: |
${{ steps.setup-haskell.outputs.cabal-store }}
dist-*
key: ${{ runner.os }}-${{ matrix.ghc }}-${{ github.sha }}
restore-keys: ${{ runner.os }}-${{ matrix.ghc }}-
- name: Validate build
run: sh validate.sh ${{ env.COMMON_FLAGS }} -s build
- name: "Validate lib-suite-extras --extra-hc ghc-${{ matrix.extra-ghc }}"
env:
EXTRA_GHC: "/opt/ghc/${{ matrix.extra-ghc }}/bin/ghc-${{ matrix.extra-ghc }}"
run: sh validate.sh ${{ env.COMMON_FLAGS }} --lib-only -s lib-suite-extras --extra-hc ${{ env.EXTRA_GHC }}
# The previous jobs use a released version of cabal to build cabal HEAD itself
# This one uses the cabal HEAD generated executable in the previous step
# to build itself again, as sanity check
dogfooding:
name: Dogfooding ${{ matrix.os }} ghc-${{ matrix.ghc }}
runs-on: ${{ matrix.os }}
needs: validate
strategy:
matrix:
os: ["ubuntu-latest", "macos-latest", "windows-latest"]
# We only use one ghc version the used one for the next release (defined at top of the workflow)
# We need to build an array dynamically to inject the appropiate env var in a previous job,
# see https://docs.github.com/en/actions/learn-github-actions/expressions#fromjson
ghc: ${{ fromJSON (needs.validate.outputs.GHC_FOR_RELEASE) }}
steps:
- uses: actions/checkout@v4
# See https://github.com/haskell/cabal/pull/8739
- name: Sudo chmod to permit ghcup to update its cache
run: |
if [[ "${{ runner.os }}" == "Linux" ]]; then
sudo ls -lah /usr/local/.ghcup/cache
sudo mkdir -p /usr/local/.ghcup/cache
sudo ls -lah /usr/local/.ghcup/cache
sudo chown -R $USER /usr/local/.ghcup
sudo chmod -R 777 /usr/local/.ghcup
fi
- uses: haskell/actions/setup@v2
id: setup-haskell
with:
ghc-version: ${{ matrix.ghc }}
cabal-version: latest # default, we are not using it in this job
- name: Download cabal executable from workflow artifacts
uses: actions/download-artifact@v3
with:
name: cabal-${{ runner.os }}-x86_64
path: cabal-head
- name: Untar the cabal executable
run: tar -xzf ./cabal-head/cabal-head-${{ runner.os }}-x86_64.tar.gz -C cabal-head
- name: print-config using cabal HEAD
run: sh validate.sh ${{ env.COMMON_FLAGS }} --with-cabal ./cabal-head/cabal -s print-config
# We dont use cache to force a build with a fresh store dir and build dir
# This way we check cabal can build all its dependencies
- name: Build using cabal HEAD
run: sh validate.sh ${{ env.COMMON_FLAGS }} --with-cabal ./cabal-head/cabal -s build
prerelease-head:
name: Create a GitHub prerelease with the binary artifacts
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
# IMPORTANT! Any job added to the workflow should be added here too
needs: [validate, validate-old-ghcs, dogfooding]
steps:
- uses: actions/download-artifact@v3
with:
name: cabal-Windows-x86_64
- uses: actions/download-artifact@v3
with:
name: cabal-Linux-x86_64
- uses: actions/download-artifact@v3
with:
name: cabal-macOS-x86_64
- name: Create GitHub prerelease
uses: "marvinpinto/[email protected]"
with:
repo_token: "${{ secrets.GITHUB_TOKEN }}"
automatic_release_tag: "cabal-head"
prerelease: true
title: "cabal-head"
files: |
cabal-head-Windows-x86_64.tar.gz
cabal-head-Linux-x86_64.tar.gz
cabal-head-macOS-x86_64.tar.gz
# We use this job as a summary of the workflow
# It will fail if any of the previous jobs does it
# This way we can use it exclusively in branch protection rules
# and abstract away the concrete jobs of the workflow, including their names
validate-post-job:
if: always()
name: Validate post job
runs-on: ubuntu-latest
# IMPORTANT! Any job added to the workflow should be added here too
needs: [validate, validate-old-ghcs, dogfooding]
steps:
- run: |
echo "jobs info: ${{ toJSON(needs) }}"
- if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
run: exit 1