improve CI scripts (#311)

This commit includes several improvements over the previous CI scripts and should significantly reduce the total CI runtime. It also reorganize the docs build and deployment steps to prepare for future work on the documentation. * ci: cache rust toolchains and dependencies * ci: cache mk_vendor dependencies * ci: remove apt-dependencies step in tlspuffin tests * ci: call mk_vendor first in tlspuffin-tests and cache result * ci: split CI responsibilities between PR and merge * ci: don't build prebuilt tlspuffin binaries for PRs * ci: generate test matrix dynamically from file * ci: use dynamic matrix creation for prebuild job * ci: more parallelized validation tests * ci: hide rustup output in just recipes * ci: limit the number of concurrent CI workflows for PRs * ci: run validation and benchmark in parallel for PRs * ci(docs): build empty index page for future project deployments * ci(docs): deploy dev documentation on merge * build(openssl): skip OpenSSL submodules for faster clone * build(boringssl): improve build time by ignoring test targets
tlspuffin · Apr 23, 2024 · b39585d · b39585d
1 parent c070a2a
commit b39585d
Show file tree

Hide file tree

Showing 35 changed files with 1,130 additions and 409 deletions.
diff --git a/.github/actions/mk_vendor/action.yml b/.github/actions/mk_vendor/action.yml
@@ -0,0 +1,45 @@
+name: mk_vendor
+description: build a PUT vendor library
+
+inputs:
+ vendor:
+ description: 'The vendor library name (e.g. "openssl" or "wolfssl")'
+ required: true
+ preset:
+ description: 'The name of the configuration preset (e.g. "openssl111j")'
+ required: true
+ options:
+ description: 'A comma-separated list of additional build options (e.g. "sancov,asan")'
+ required: false
+ default: ''
+ name:
+ description: 'The name of the resulting PUT vendor library'
+ required: false
+ default: ''
+
+runs:
+ using: "composite"
+ steps:
+ - name: compute configuration hash
+ id: compute-hash
+ shell: bash
+ run: |
+ #!/usr/bin/env bash
+ SCRIPTS=${{ hashFiles(format('puts/vendor/configs/{0}.toml',inputs.vendor), format('puts/vendor/scripts/{0}/**',inputs.vendor), format('puts/harness/**')) }}
+ CONFUID=$(just mk_vendor "${{ inputs.vendor }}" "${{ inputs.preset }}" "${{ inputs.name }}" "${{ inputs.options }}" "--quiet --dry-run")
+
+ printf 'scripts=%s\n' "${SCRIPTS}" >> "${GITHUB_OUTPUT}"
+ printf 'confuid=%s\n' "${CONFUID}" >> "${GITHUB_OUTPUT}"
+
+ - uses: actions/cache@v4
+ id: library-cache
+ with:
+ key: mk_vendor_cache-${{ runner.os }}-${{ steps.compute-hash.outputs.scripts }}-${{ steps.compute-hash.outputs.confuid }}
+ path: |
+ vendor/${{ inputs.name }}
+
+ - name: run mk_vendor
+ id: library-build
+ shell: bash
+ run: just mk_vendor "${{ inputs.vendor }}" "${{ inputs.preset }}" "${{ inputs.name }}" "${{ inputs.options }}"
+ if: steps.library-cache.outputs.cache-hit != 'true'
diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml
@@ -2,17 +2,30 @@ name: setup
 description: Setup toolchains and tools
 
 inputs:
- key:
- description: 'Additional key for caching'
+ rust-toolchain:
+ description: 'The Rust toolchain to setup'
  required: false
- save-cache:
- description: 'If the cache is saved'
- default: "true"
+ rust-cachekey:
+ description: 'A cache key for Rust dependencies'
  required: false
 
 runs:
  using: "composite"
  steps:
+ - name: remove dotnet to have more disk space available
+ shell: bash
+ run: sudo rm -rf /usr/share/dotnet
+
+ - name: install Just
+ uses: extractions/setup-just@v2
+
+ - name: setup Git
+ shell: bash
+ run: |
+ git config --global user.email "tlspuffin@tlspuffin"
+ git config --global user.name "tlspuffin"
+ git config --global advice.detachedHead false
+
  - name: setup CI env
  shell: bash
  run: |
@@ -28,20 +41,46 @@ runs:
  export_env CLANG_PATH "$(clang -print-prog-name=clang)"
  export_env LIBCLANG_PATH "$(llvm-config-"$(clang -dumpversion | cut -d '.' -f1)" --libdir)"
  export_env BINDGEN_EXTRA_CLANG_ARGS "-v"
- - name: setup Git
+
+ - name: toolchains configuration
+ id: toolchains-config
  shell: bash
  run: |
- git config --global user.email "tlspuffin@tlspuffin"
- git config --global user.name "tlspuffin"
- git config --global advice.detachedHead false
- - uses: extractions/setup-just@v2
- - name: install Rust toolchain
- shell: bash
- run: just default-toolchain
- - name: remove dotnet to have more disk space available
+ #!/usr/bin/env bash
+ if [[ -n '${{ inputs.rust-toolchain }}' ]]; then
+ export RUSTUP_TOOLCHAIN=${{ inputs.rust-toolchain }}
+ fi
+
+ DEFAULT_TOOLCHAIN=$(just run printf '%s\\n' "\${DEFAULT_TOOLCHAIN}")
+ NIGHTLY_TOOLCHAIN=$(just run printf '%s\\n' "\${NIGHTLY_TOOLCHAIN}")
+ printf 'RUSTUP_TOOLCHAIN=%s\n' "${DEFAULT_TOOLCHAIN}" >> "${GITHUB_ENV}"
+
+ printf 'default=%s\n' "${DEFAULT_TOOLCHAIN}" >> "${GITHUB_OUTPUT}"
+ printf 'nightly=%s\n' "${NIGHTLY_TOOLCHAIN}" >> "${GITHUB_OUTPUT}"
+ printf 'rustup-home=%s\n' "$(just run rustup show home)" >> "${GITHUB_OUTPUT}"
+
+ - uses: actions/cache@v4
+ id: rustup-cache
+ with:
+ key: rustup_cache-${{ runner.os }}-${{ steps.toolchains-config.outputs.default }}-${{ steps.toolchains-config.outputs.nightly }}
+ restore-keys: |
+ rustup_cache-${{ runner.os }}-${{ steps.toolchains-config.outputs.default }}
+ rustup_cache-${{ runner.os }}
+ path: |
+ ${{ steps.toolchains-config.outputs.rustup-home }}
+
+ - name: install Rust toolchains
  shell: bash
- run: sudo rm -rf /usr/share/dotnet
+ run: |
+ #!/usr/bin/env bash
+ just install-rust-toolchain ${{ steps.toolchains-config.outputs.default }}
+ just install-rust-toolchain ${{ steps.toolchains-config.outputs.nightly }}
+
  - uses: Swatinem/rust-cache@v2
  with:
- shared-key: ${{ inputs.key }}
- save-if: ${{ inputs.save-cache }}
+ shared-key: ${{ inputs.rust-cachekey }}
+ cache-all-crates: "true" # include tooling dependencies
+
+ - name: install Rust tooling dependencies
+ shell: bash
+ run: just install-rust-tooling ${{ steps.toolchains-config.outputs.default }}