Reuse CCCL's new CI infrastructure

.github/workflows/ci-workflow-nightly.yml

@@ -0,0 +1,119 @@
+# SPDX-FileCopyrightText: Copyright (c) 2024 NVIDIA CORPORATION & AFFILIATES. All rights reserved.
+# SPDX-License-Identifier: Apache-2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# This is the main workflow that runs on every PR and push to main
+name: nightly
+
+defaults:
+  run:
+    shell: bash --noprofile --norc -euo pipefail {0}
+
+on:
+  # !! DISABLED HERE !!
+  # Update to use the schedule to enable.
+  workflow_dispatch:
+  # schedule:
+  #   - cron: '0 7 * * *' # 7AM UTC, 12AM PST, 3AM EST
+
+concurrency:
+  group: ${{ github.workflow }}-on-${{ github.event_name }}-from-${{ github.ref_name }}
+
+jobs:
+
+  build-workflow:
+    name: Build workflow from matrix
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+    outputs:
+      workflow: ${{ steps.build-workflow.outputs.workflow }}
+      workflow_keys: ${{ steps.build-workflow.outputs.workflow_keys }}
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+      - name: Build workflow
+        id: build-workflow
+        uses: NVIDIA/cccl/.github/actions/workflow-build@fbd26456ac5cb6f48fc8c3c86fb59b93c24d1f45
+        with:
+          workflows: nightly
+
+  run-workflow:
+    name: ${{ matrix.name }}
+    needs: build-workflow
+    permissions:
+      id-token: write
+      contents: read
+    strategy:
+      fail-fast: false
+      matrix:
+        name: ${{ fromJSON(needs.build-workflow.outputs.workflow_keys) }}
+    uses: NVIDIA/cccl/.github/workflows/workflow-dispatch.yml@fbd26456ac5cb6f48fc8c3c86fb59b93c24d1f45
+    with:
+      name: ${{ matrix.name }}
+      jobs: ${{ toJSON(fromJSON(needs.build-workflow.outputs.workflow)[matrix.name]) }}
+
+  # This job acts as a sentry and will fail if any leaf job in the workflow tree fails, as
+  # run-workflow always succeeds. Use this job when checking for successful matrix workflow job completion.
+  verify-workflow:
+    name: Verify and summarize workflow results
+    if: ${{ always() && !cancelled() }}
+    needs:
+      - build-workflow
+      - run-workflow
+    permissions:
+      contents: read
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@v3
+
+      - name: Check workflow success
+        id: check-workflow
+        uses: NVIDIA/cccl/.github/actions/workflow-results@fbd26456ac5cb6f48fc8c3c86fb59b93c24d1f45
+
+  # Check all other job statuses. This job gates branch protection checks.
+  ci:
+    name: CI
+    # !! Important: This job is used for branch protection checks.
+    # !! Need to use always() instead of !cancelled() because skipped jobs count as success
+    # !! for Github branch protection checks. Yes, really: by default, branch protections
+    # !! can be bypassed by cancelling CI. See NVIDIA/cccl#605.
+    if: ${{ always() }}
+    needs:
+      - verify-workflow
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check results
+        run: |
+          status="success"
+
+          check_result() {
+            name=$1
+            expected=$2
+            result=$3
+
+            echo "Checking if $name job result ('$result') is '$expected'..."
+            if [[ "$result" != "$expected" ]]; then
+              echo "$name job failed"
+
+              status="failed"
+            fi
+          }
+
+          check_result "verify-workflow"      "success" "${{needs.verify-workflow.result}}"
+
+          if [[ "$status" != "success" ]]; then
+            exit 1
+          fi