name: Gentoo Utils on: [push] defaults: run: shell: bash -el -o pipefail {0} # fixes rare instances of git commands failing because TERM isnt set env: TERM: xterm jobs: build-oci-image: runs-on: ubuntu-latest continue-on-error: true steps: - name: Restore git cache uses: actions/cache@v4 with: path: .git key: gitea-repo-${{ gitea.repository }}-${{ gitea.ref }} - name: Checkout repo uses: actions/checkout@v6 with: fetch-depth: 0 - name: Detect Changes uses: dorny/paths-filter@v3 id: image-changes with: filters: | docker: - ".docker/**" - name: Metadata id: metadata run: | branch_name="${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" default_branch_name="${{ gitea.event.repository.default_branch }}" image_tag=latest if [[ $default_branch_name != $branch_name ]]; then this_image_tag="$(echo "$branch_name" | sed -E 's/[^a-zA-Z0-9]/-/g')" echo "steps... ${{ steps.image-changes.outputs.docker }}" if [[ ${{ steps.image-changes.outputs.docker }} == true ]] || docker manifest inspect ${{ vars.REGISTRY_URL }}/${{ gitea.repository }}:${this_image_tag} >/dev/null 2>&1; then image_tag=$this_image_tag fi else build_image=true fi echo "default_branch_name=$default_branch_name" >> $GITEA_OUTPUT echo "branch_name=$branch_name" >> $GITEA_OUTPUT echo "image_tag=$image_tag" >> $GITEA_OUTPUT echo "build_image=${build_image:-${{ steps.image-changes.outputs.docker }}}" >> $GITEA_OUTPUT cat $GITEA_OUTPUT - name: Set up Docker buildx if: steps.metadata.outputs.build_image == 'true' uses: docker/setup-buildx-action@v3 with: driver-opts: network=runners-net - name: Log in to Github Container Registry if: steps.metadata.outputs.build_image == 'true' uses: docker/login-action@v3 with: registry: ${{ vars.REGISTRY_URL }} username: ${{ vars.CI_BOT_USERNAME }} password: ${{ secrets.CI_BOT_TOKEN }} - name: Build and push if: steps.metadata.outputs.build_image == 'true' uses: docker/build-push-action@v6 with: push: true tags: ${{ vars.REGISTRY_URL }}/${{ gitea.repository }}:${{ steps.metadata.outputs.image_tag }} context: "{{defaultContext}}:.docker" cache-from: type=gha cache-to: type=gha,mode=max outputs: image_tag: ${{ steps.metadata.outputs.image_tag }} build: runs-on: gentoo env: CC: "clang" CXX: "clang++" needs: build-oci-image container: image: ${{ vars.REGISTRY_URL }}/${{ gitea.repository }}:${{ needs.build-oci-image.outputs.image_tag }} steps: - name: Checkout repo uses: actions/checkout@v6 - name: Build Cache Setup uses: actions/cache@v5 with: path: | subprojects build key: build-${{ gitea.repository }}-${{ gitea.sha }} - name: Build run: | meson setup -Dfuzz=enabled -Dtests=enabled -Dbuildtype=debugoptimized -Ddocs=enabled build meson compile -C build # FIXME: Currently this rebuilds everything. Instead we should bring over the build dir from the build job. This will come in handy # when we have multiple build targets and configs. What we have currently is fine until we get lots of builds going test: runs-on: gentoo env: CC: "clang" CXX: "clang++" needs: [build-oci-image, build] container: image: ${{ vars.REGISTRY_URL }}/${{ gitea.repository }}:${{ needs.build-oci-image.outputs.image_tag }} steps: - name: Checkout repo uses: actions/checkout@v6 - name: Restore build cache uses: actions/cache/restore@v5 with: path: | subprojects build key: build-${{ gitea.repository }}-${{ gitea.sha }} - name: test run: | set -x ls build [[ -d build ]] || meson setup -Dfuzz=enabled -Dtests=enabled -Dbuildtype=debugoptimized -Ddocs=enabled build meson compile -C build ninja test -C build set +x fuzz: runs-on: gentoo env: CC: "clang" CXX: "clang++" FUZZER_TIMEOUT_S: 300 needs: [build-oci-image, build] container: image: ${{ vars.REGISTRY_URL }}/${{ gitea.repository }}:${{ needs.build-oci-image.outputs.image_tag }} steps: - name: Checkout repo uses: actions/checkout@v6 - name: Restore Build Cache uses: actions/cache/restore@v5 with: path: | subprojects build key: build-${{ gitea.repository }}-${{ gitea.sha }} # FIXME: Get rid of this step when portage has fixes merged? # needed because portage has fixes upstream we need that arent stable yet - name: Checkout tip of portage run: | git clone https://github.com/gentoo/portage.git cd portage python -m venv .venv && ./.venv/bin/pip install -e . source ./.venv/bin/activate which emerge - name: build and fuzz run: | source ./portage/.venv/bin/activate which emerge [[ -d build ]] || meson setup -Dfuzz=enabled -Dtests=enabled -Dbuildtype=debugoptimized build meson compile atom_parser_fuzzer:alias -C build timeout 10m ./scripts/atom_parser_fuzz.sh continue-on-error: true check-format: runs-on: gentoo needs: [build-oci-image, build] container: image: ${{ vars.REGISTRY_URL }}/${{ gitea.repository }}:${{ needs.build-oci-image.outputs.image_tag }} steps: - name: Checkout repo uses: actions/checkout@v6 - name: Restore Build Cache uses: actions/cache/restore@v5 with: path: | subprojects build key: build-${{ gitea.repository }}-${{ gitea.sha }} - name: Check Formatting run: | [[ -d build ]] || meson setup -Dfuzz=enabled -Dtests=enabled -Dbuildtype=debugoptimized build meson format --check-only --recursive ninja rustfmt -C build docs: runs-on: gentoo needs: [build-oci-image, build] container: image: ${{ vars.REGISTRY_URL }}/${{ gitea.repository }}:${{ needs.build-oci-image.outputs.image_tag }} steps: - name: Checkout repo uses: actions/checkout@v6 - name: Restore Build Cache uses: actions/cache/restore@v5 with: path: | subprojects build key: build-${{ gitea.repository }}-${{ gitea.sha }} - name: Build Documentation run: | [[ -d build ]] || meson setup -Ddocs=enabled build ninja rustdoc -C build grep: runs-on: gentoo needs: [build-oci-image] container: image: ${{ vars.REGISTRY_URL }}/${{ gitea.repository }}:${{ needs.build-oci-image.outputs.image_tag }} steps: - name: Checkout repo uses: actions/checkout@v6 - name: grep for patterns # negate git grep ret code because 1 means no findings run: | git grep -E 'todo!|dbg!' -- '*.rs' && exit 1 || exit 0