Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check workflows for issues during CI #1916

Merged
merged 3 commits into from
Sep 11, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 14 additions & 0 deletions .github/actionlint.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
# Labels of self-hosted runner in array of strings.

# NB. oqs-arm64 is not self-hosted but this configuration
# is required for liboqs to lint correctly with actionlint v1.7.1

self-hosted-runner:
# Labels of self-hosted runner in array of string
labels:
- oqs-arm64
# Configuration variables in array of strings defined in your repository or organization
config-variables:
# - DEFAULT_RUNNER
# - JOB_NAME
# - ENVIRONMENT_STAGE
14 changes: 13 additions & 1 deletion .github/workflows/basic.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,19 @@ on: [workflow_call, workflow_dispatch]

jobs:

workflowcheck:
name: Check validity of GitHub workflows
runs-on: ubuntu-latest
container: openquantumsafe/ci-ubuntu-latest:latest
steps:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4
- name: Ensure GitHub actions are valid
run: actionlint -shellcheck "" # run *without* shellcheck

stylecheck:
name: Check code formatting
needs: [ workflowcheck ]
runs-on: ubuntu-latest
container: openquantumsafe/ci-ubuntu-latest:latest
steps:
Expand All @@ -23,6 +34,7 @@ jobs:

upstreamcheck:
name: Check upstream code is properly integrated
needs: [ workflowcheck ]
runs-on: ubuntu-latest
container: openquantumsafe/ci-ubuntu-latest:latest
steps:
Expand All @@ -47,7 +59,7 @@ jobs:

buildcheck:
name: Check that code passes a basic build
needs: [ stylecheck, upstreamcheck ]
needs: [ workflowcheck, stylecheck, upstreamcheck ]
runs-on: ubuntu-latest
container: openquantumsafe/ci-ubuntu-latest:latest
env:
Expand Down
17 changes: 14 additions & 3 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,20 @@ GitHub CI jobs. When executed in the main `liboqs` directory,

When installing `act` as a GitHub extension, prefix the commands with `gh `.

## Modifications to CI

Modifications to GitHub Actions workflows are checked with [actionlint](https://github.com/rhysd/actionlint) during the [basic.yml](.github/workflows/basic.yml) job, protecting the CI chain and against wrong approval decisions based on improper CI runs. Changes to these workflows can be validated locally with `actionlint`:

```bash
actionlint .github/workflows/*.yml
```

or running the CI locally (as above):

```bash
act workflow_call -W '.github/workflows/basic.yml'
```

### New features

Any PR introducing a new feature is expected to contain a test of this feature
Expand All @@ -70,6 +84,3 @@ add a tag to one or more of our [most active contributors](https://github.com/op

If you feel like contributing but don't know what specific topic to work on,
please check the [open issues tagged "good first issue" or "help wanted"](https://github.com/open-quantum-safe/liboqs/issues).



Loading