name: concretefhe CI Pipeline on: pull_request: push: branches: - main # Allows external webhook trigger repository_dispatch: types: - env-docker-preflight jobs: build: concurrency: group: ${{ github.ref }}-${{ github.event_name }} cancel-in-progress: true runs-on: ubuntu-20.04 container: image: ${{ github.event.client_payload.image || 'ghcr.io/zama-ai/concretefhe-env' }} credentials: username: ${{ secrets.BOT_USERNAME }} password: ${{ secrets.BOT_TOKEN }} strategy: matrix: python-version: [3.8] steps: - name: Checkout Code uses: actions/checkout@v2 with: fetch-depth: 0 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v2 with: python-version: ${{ matrix.python-version }} - name: Cache Installation Files uses: actions/cache@v2 with: # Paths are Unix specific for now path: | ~/.cache/pip ~/.cache/pypoetry # Ignore line break in the evaluated double quoted string key: "${{ runner.os }}-build-${{ matrix.python-version }}-\ ${{ hashFiles('poetry.lock') }}" restore-keys: | ${{ runner.os }}-build-${{ matrix.python-version }}- ${{ runner.os }}-build- ${{ runner.os }}- - name: Install dependencies run: | python -m pip install --upgrade pip python -m pip install poetry make setup_env - name: Conformance and Docs build id: conformance if: ${{ success() && !cancelled() }} env: # TODO: remove this when JIT doesn't need this # Required to be sure that docs reads all files with MLIR imports properly LD_PRELOAD: /compiler/build/lib/Runtime/libZamalangRuntime.so # pcc launches an internal target with proper flags # docs is run here too as it can fail and we catch errors during the build run: | make --keep-going pcc docs - name: Archive docs artifacts if: ${{ steps.conformance.outcome == 'success' && !cancelled() }} uses: actions/upload-artifact@v2 with: name: html-docs path: docs/_build/html - name: PyTest id: pytest if: ${{ steps.conformance.outcome == 'success' && !cancelled() }} env: # TODO: remove this when JIT doesn't need this LD_PRELOAD: /compiler/build/lib/Runtime/libZamalangRuntime.so run: | make pytest - name: Notebooks if: ${{ steps.conformance.outcome == 'success' && !cancelled() }} env: # TODO: remove this when JIT doesn't need this LD_PRELOAD: /compiler/build/lib/Runtime/libZamalangRuntime.so run: | make strip_nb make notebook_timeout make pytest_nb - name: Test coverage id: coverage if: ${{ steps.pytest.outcome != 'skipped' && !cancelled() }} run: | ./script/actions_utils/coverage.sh ${{ github.base_ref }} - name: Archive test coverage uses: actions/upload-artifact@v2 if: ${{ steps.coverage.outcome != 'skipped' && !cancelled() }} with: name: coverage path: coverage.html - name: Comment with coverage uses: marocchino/sticky-pull-request-comment@v2 if: ${{ steps.coverage.outcome != 'skipped' && !cancelled() }} with: path: diff-coverage.txt recreate: true - name: Trigger docker push workflow if: ${{ always() && github.event_name == 'repository_dispatch' && github.event.event_type == 'env-docker-preflight' }} run: | curl \ -X POST \ -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.BOT_TOKEN }}" \ https://api.github.com/repos/${{ github.repository }}/dispatches \ -d '{"event_type":"publish-env-docker","client_payload":{"preflight_status":"${{ job.status }}"}}' - name: Slack Notification if: ${{ always() }} continue-on-error: true uses: rtCamp/action-slack-notify@v2 env: SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} SLACK_ICON: https://pbs.twimg.com/profile_images/1274014582265298945/OjBKP9kn_400x400.png SLACK_COLOR: ${{ job.status }} SLACK_MESSAGE: 'Build finished with status ${{ job.status }}' SLACK_USERNAME: ${{ secrets.BOT_USERNAME }} SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} publish-docs: needs: [build] runs-on: ubuntu-20.04 if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' }} steps: - name: Download Documentation id: download uses: actions/download-artifact@v2 with: name: html-docs - name: Publish Documentation to S3 id: publish if: ${{ steps.download.outcome == 'success' && !cancelled() }} uses: jakejarvis/s3-sync-action@master with: args: --delete env: AWS_S3_BUCKET: ${{ secrets.AWS_REPO_DOCUMENTATION_BUCKET_NAME }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} AWS_REGION: ${{ secrets.AWS_REGION }} SOURCE_DIR: '.' - name: Invalidate CloudFront Cache if: ${{ steps.publish.outcome == 'success' }} uses: awact/cloudfront-action@master env: SOURCE_PATH: '/*' AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} DISTRIBUTION_ID: ${{ secrets.AWS_REPO_DOCUMENTATION_DISTRIBUTION_ID }} - name: Slack Notification if: ${{ always() }} continue-on-error: true uses: rtCamp/action-slack-notify@v2 env: SLACK_CHANNEL: ${{ secrets.SLACK_CHANNEL }} SLACK_ICON: https://pbs.twimg.com/profile_images/1274014582265298945/OjBKP9kn_400x400.png SLACK_COLOR: ${{ job.status }} SLACK_MESSAGE: 'Publishing documentation finished with status ${{ job.status }}' SLACK_USERNAME: ${{ secrets.BOT_USERNAME }} SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}