1- # Ref: https://securitylab.github.com/research/github-actions-preventing-pwn-requests
2- name : Breakage
3-
4- # read-only repo token
5- # no access to secrets
6- on :
7- pull_request :
8-
9- jobs :
10- break :
11- runs-on : ubuntu-latest
12- strategy :
13- fail-fast : false
14- matrix :
15- pkg : [
16- " JuliaSmoothOptimizers/NLSProblems.jl" ,
17- " JuliaSmoothOptimizers/OptimizationProblems.jl" ,
18- ]
19- pkgversion : [latest, stable]
20-
21- steps :
22- - uses : actions/checkout@v2
23-
24- # Install Julia
25- - uses : julia-actions/setup-julia@v1
26- with :
27- version : 1
28- arch : x64
29- - uses : actions/cache@v1
30- env :
31- cache-name : cache-artifacts
32- with :
33- path : ~/.julia/artifacts
34- key : ${{ runner.os }}-test-${{ env.cache-name }}-${{ hashFiles('**/Project.toml') }}
35- restore-keys : |
36- ${{ runner.os }}-test-${{ env.cache-name }}-
37- ${{ runner.os }}-test-
38- ${{ runner.os }}-
39- uses : julia-actions/julia-buildpkg@v1
40-
41- # Breakage test
42- - name : ' Breakage of ${{ matrix.pkg }}, ${{ matrix.pkgversion }} version'
43- env :
44- URL : ${{ matrix.pkg }}
45- VERSION : ${{ matrix.pkgversion }}
46- run : |
47- set -v
48- mkdir -p ./pr
49- echo "${{ github.event.number }}" > ./pr/NR
50- git clone https://github.com/$URL
51- export PKG=$(echo $URL | cut -f2 -d/)
52- cd $PKG
53- if [ $VERSION == "stable" ]; then
54- TAG=$(git tag -l "v*" --sort=-creatordate | head -n1)
55- if [ -z "$TAG" ]; then
56- TAG="no_tag"
57- else
58- git checkout $TAG
59- fi
60- else
61- TAG=$VERSION
62- fi
63- export TAG
64- julia -e 'using Pkg;
65- PKG, TAG, VERSION = ENV["PKG"], ENV["TAG"], ENV["VERSION"]
66- joburl = joinpath(ENV["GITHUB_SERVER_URL"], ENV["GITHUB_REPOSITORY"], "actions/runs", ENV["GITHUB_RUN_ID"])
67- open("../pr/$PKG-$VERSION", "w") do io
68- try
69- TAG == "no_tag" && error("Not tag for $VERSION")
70- pkg"activate .";
71- pkg"instantiate";
72- pkg"dev ../";
73- pkg"build";
74- pkg"test";
75-
76- print(io, "[]($joburl)");
77- catch e
78- @error e;
79- print(io, "[]($joburl)");
80- end;
81- end'
82-
83- uses : actions/upload-artifact@v2
84- with :
85- name : pr
86- path : pr/
87-
88- upload :
89- needs : break
90- runs-on : ubuntu-latest
91- steps :
92- - uses : actions/checkout@v2
93-
94- - uses : actions/download-artifact@v2
95- with :
96- name : pr
97- path : pr/
98-
99- - run : ls
100- - run : |
101- cd pr
102- echo "| Package name | latest | stable |" > MSG
103- echo "|--|--|--|" >> MSG
104- count=0
105- for file in *
106- do
107- [ "$file" == "NR" ] && continue
108- [ "$file" == "MSG" ] && continue
109- if [ $count == "0" ]; then
110- name=$(echo $file | cut -f1 -d-)
111- echo -n "| $name | "
112- else
113- echo -n "| "
114- fi
115- cat $file
116- if [ $count == "0" ]; then
117- echo -n " "
118- count=1
119- else
120- echo " |"
121- count=0
122- fi
123- done >> MSG
124-
125- uses : actions/upload-artifact@v2
126- with :
127- name : pr
128- path : pr/
1+ # Ref: https://securitylab.github.com/research/github-actions-preventing-pwn-requests
2+ name : Breakage
3+
4+ # read-only repo token
5+ # no access to secrets
6+ on :
7+ pull_request :
8+
9+ jobs :
10+ # Build dynamically the matrix on which the "break" job will run.
11+ # The matrix contains the packages that depend on ${{ env.pkg }}.
12+ # Job "setup_matrix" outputs variable "matrix", which is in turn
13+ # the output of the "getmatrix" step.
14+ # The contents of "matrix" is a JSON description of a matrix used
15+ # in the next step. It has the form
16+ # {
17+ # "pkg": [
18+ # "PROPACK",
19+ # "LLSModels",
20+ # "FletcherPenaltySolver"
21+ # ]
22+ # }
23+ setup_matrix :
24+ runs-on : ubuntu-latest
25+ outputs :
26+ matrix : ${{ steps.getmatrix.outputs.matrix }}
27+ env :
28+ pkg : ${{ github.event.repository.name }}
29+ steps :
30+ - uses : actions/checkout@v4
31+ - uses : julia-actions/setup-julia@v2
32+ with :
33+ version : 1
34+ arch : x64
35+ - id : getmatrix
36+ run : |
37+ julia -e 'using Pkg; Pkg.Registry.add(RegistrySpec(url = "https://github.com/JuliaRegistries/General.git"))'
38+ julia --project=.breakage -e 'using Pkg; Pkg.update(); Pkg.instantiate()'
39+ pkgs=$(julia --project=.breakage .breakage/get_jso_users.jl ${{ env.pkg }})
40+ vs='["latest", "stable"]'
41+ # Check if pkgs is empty, and set it to a JSON array if necessary
42+ if [[ -z "$pkgs" || "$pkgs" == "String[]" ]]; then
43+ echo "No packages found; exiting successfully."
44+ exit 0
45+ fi
46+ vs='["latest", "stable"]'
47+ matrix=$(jq -cn --argjson deps "$pkgs" --argjson vers "$vs" '{pkg: $deps, pkgversion: $vers}') # don't escape quotes like many posts suggest
48+ echo "matrix=$matrix" >> "$GITHUB_OUTPUT"
49+
50+ break :
51+ needs : setup_matrix
52+ if : needs.setup_matrix.result == 'success' && needs.setup_matrix.outputs.matrix != ''
53+ runs-on : ubuntu-latest
54+ strategy :
55+ fail-fast : false
56+ matrix : ${{ fromJSON(needs.setup_matrix.outputs.matrix) }}
57+
58+ steps :
59+ - uses : actions/checkout@v4
60+
61+ # Install Julia
62+ - uses : julia-actions/setup-julia@v2
63+ with :
64+ version : 1
65+ arch : x64
66+ - uses : actions/cache@v4
67+ env :
68+ cache-name : cache-artifacts
69+ with :
70+ path : ~/.julia/artifacts
71+ key : ${{ runner.os }}-test-${{ env.cache-name }}-${{ hashFiles('**/Project.toml') }}
72+ restore-keys : |
73+ ${{ runner.os }}-test-${{ env.cache-name }}-
74+ ${{ runner.os }}-test-
75+ ${{ runner.os }}-
76+ uses : julia-actions/julia-buildpkg@v1
77+
78+ # Breakage test
79+ - name : ' Breakage of ${{ matrix.pkg }}, ${{ matrix.pkgversion }} version'
80+ env :
81+ PKG : ${{ matrix.pkg }}
82+ VERSION : ${{ matrix.pkgversion }}
83+ run : |
84+ set -v
85+ mkdir -p ./breakage
86+ git clone https://github.com/JuliaSmoothOptimizers/$PKG.jl.git
87+ cd $PKG.jl
88+ if [ $VERSION == "stable" ]; then
89+ TAG=$(git tag -l "v*" --sort=-creatordate | head -n1)
90+ if [ -z "$TAG" ]; then
91+ TAG="no_tag"
92+ else
93+ git checkout $TAG
94+ fi
95+ else
96+ TAG=$VERSION
97+ fi
98+ export TAG
99+ julia -e 'using Pkg;
100+ PKG, TAG, VERSION = ENV["PKG"], ENV["TAG"], ENV["VERSION"]
101+ joburl = joinpath(ENV["GITHUB_SERVER_URL"], ENV["GITHUB_REPOSITORY"], "actions/runs", ENV["GITHUB_RUN_ID"])
102+ open("../breakage/breakage-$PKG-$VERSION", "w") do io
103+ try
104+ TAG == "no_tag" && error("No tag for $VERSION")
105+ pkg"activate .";
106+ pkg"instantiate";
107+ pkg"dev ../";
108+ if TAG == "latest"
109+ global TAG = chomp(read(`git rev-parse --short HEAD`, String))
110+ end
111+ pkg"build";
112+ pkg"test";
113+
114+ print(io, "[]($joburl)");
115+ catch e
116+ @error e;
117+ print(io, "[]($joburl)");
118+ end;
119+ end'
120+
121+ uses : actions/upload-artifact@v4
122+ with :
123+ name : breakage-${{ matrix.pkg }}-${{ matrix.pkgversion }}
124+ path : breakage/breakage-*
125+
126+ upload :
127+ needs : break
128+ runs-on : ubuntu-latest
129+ steps :
130+ - uses : actions/checkout@v4
131+
132+ - uses : actions/download-artifact@v4
133+ with :
134+ path : breakage
135+ pattern : breakage-*
136+ merge-multiple : true
137+
138+ - run : ls -R
139+ - run : |
140+ cd breakage
141+ echo "| Package name | latest | stable |" > summary.md
142+ echo "|--|--|--|" >> summary.md
143+ count=0
144+ for file in breakage-*
145+ do
146+ if [ $count == "0" ]; then
147+ name=$(echo $file | cut -f2 -d-)
148+ echo -n "| $name | "
149+ else
150+ echo -n "| "
151+ fi
152+ cat $file
153+ if [ $count == "0" ]; then
154+ echo -n " "
155+ count=1
156+ else
157+ echo " |"
158+ count=0
159+ fi
160+ done >> summary.md
161+
162+ name : PR comment with file
163+ uses : thollander/actions-comment-pull-request@v2
164+ with :
165+ filePath : breakage/summary.md
0 commit comments