-
Notifications
You must be signed in to change notification settings - Fork 90
88 lines (85 loc) · 3.11 KB
/
verify-devcontainers.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
name: Verify devcontainers
on:
workflow_call:
defaults:
run:
shell: bash -euo pipefail {0}
jobs:
verify-make-devcontainers:
name: Verify devcontainers
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Setup jq and yq
run: |
sudo apt-get update
sudo apt-get install jq -y
sudo wget -O /usr/local/bin/yq https://github.com/mikefarah/yq/releases/download/v4.34.2/yq_linux_amd64
sudo chmod +x /usr/local/bin/yq
- name: Run the script to generate devcontainer files
run: |
./.devcontainer/make_devcontainers.sh --verbose
- name: Check for changes
run: |
if [[ $(git diff --stat) != '' ]]; then
git diff --minimal
echo "::error:: Dev Container files are out of date. Run the .devcontainer/make_devcontainers.sh script and commit the changes."
exit 1
else
echo "::note::Dev Container files are up-to-date."
fi
get-devcontainer-list:
needs: verify-make-devcontainers
name: List devcontainers
runs-on: ubuntu-latest
outputs:
devcontainers: ${{ steps.get-list.outputs.devcontainers }}
steps:
- name: Check out the code
uses: actions/checkout@v3
- name: Get list of devcontainer.json paths and names
id: get-list
run: |
devcontainers=$(find .devcontainer/ -name 'devcontainer.json' | while read -r devcontainer; do
jq --arg path "$devcontainer" '{path: $path, name: .name}' "$devcontainer"
done | jq -s -c .)
echo "devcontainers=${devcontainers}" | tee --append "${GITHUB_OUTPUT}"
verify-devcontainers:
needs: get-devcontainer-list
name: ${{matrix.devcontainer.name}}
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
devcontainer: ${{fromJson(needs.get-devcontainer-list.outputs.devcontainers)}}
permissions:
id-token: write
contents: read
steps:
- name: Check out the code
uses: actions/checkout@v3
# devcontainer/ci doesn't supported nested devcontainer.json files, so we need to copy the devcontainer.json
# file to the top level .devcontainer/ directory
- name: Copy devcontainer.json to .devcontainer/
run: |
src="${{ matrix.devcontainer.path }}"
dst=".devcontainer/devcontainer.json"
if [[ "$src" != "$dst" ]]; then
cp "$src" "$dst"
fi
# We don't really need sccache configured, but we need the AWS credentials envvars to be set
# in order to avoid the devcontainer hanging waiting for GitHub authentication
- name: Configure credentials and environment variables for sccache
uses: ./.github/actions/configure_cccl_sccache
- name: Run in devcontainer
uses: devcontainers/[email protected]
with:
push: never
env: |
SCCACHE_REGION=${{ env.SCCACHE_REGION }}
AWS_ACCESS_KEY_ID=${{ env.AWS_ACCESS_KEY_ID }}
AWS_SESSION_TOKEN=${{ env.AWS_SESSION_TOKEN }}
AWS_SECRET_ACCESS_KEY=${{ env.AWS_SECRET_ACCESS_KEY }}
runCmd: |
.devcontainer/verify_devcontainer.sh