update actions, improved security #447
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| pull_request: | |
| workflow_dispatch: | |
| # this cancels workflows currently in progress if you start a new one | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| JUMP_START: 1 | |
| ROC: ./roc_nightly/roc | |
| EXAMPLES_DIR: ./examples/ | |
| jobs: | |
| build-and-test: | |
| runs-on: ${{ matrix.operating-system }} | |
| strategy: | |
| matrix: | |
| operating-system: [ubuntu-22.04, ubuntu-24.04, ubuntu-24.04-arm] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Downloading latest roc nightly | |
| run: | | |
| if [[ "${{ runner.os }}-${{ runner.arch }}" == "Linux-ARM64" ]]; then | |
| curl -fOL https://github.com/roc-lang/roc/releases/download/nightly/roc_nightly-linux_arm64-latest.tar.gz | |
| else | |
| curl -fOL https://github.com/roc-lang/roc/releases/download/nightly/roc_nightly-linux_x86_64-latest.tar.gz | |
| fi | |
| - name: rename nightly tar | |
| run: mv $(ls | grep "roc_nightly.*tar\.gz") roc_nightly.tar.gz | |
| - name: decompress the tar | |
| run: tar -xzf roc_nightly.tar.gz | |
| - run: rm roc_nightly.tar.gz | |
| - name: simplify nightly folder name | |
| run: mv roc_nightly* roc_nightly | |
| - run: ./roc_nightly/roc version | |
| - run: sudo apt install -y expect | |
| # expect for testing | |
| - name: print expect version | |
| run: expect -v | |
| # Run all tests | |
| - run: ./ci/all_tests.sh | |
| - name: Install dependencies for musl build | |
| run: | | |
| sudo apt-get install -y musl-tools | |
| if [[ "${{ matrix.operating-system }}" == *"-arm" ]]; then | |
| # TODO re-enable once TODOs below are gone: rustup target add aarch64-unknown-linux-musl | |
| echo "no-op" | |
| else | |
| rustup target add x86_64-unknown-linux-musl | |
| fi | |
| - name: Test building with musl target | |
| run: | | |
| if [[ "${{ matrix.operating-system }}" == *"-arm" ]]; then | |
| # TODO debug this: CARGO_BUILD_TARGET=aarch64-unknown-linux-musl ./roc_nightly/roc build.roc -- --roc ./roc_nightly/roc | |
| echo "no-op" | |
| else | |
| CARGO_BUILD_TARGET=x86_64-unknown-linux-musl ./roc_nightly/roc build.roc -- --roc ./roc_nightly/roc | |
| fi | |
| - name: Test using musl build | |
| run: | | |
| # TODO remove `if` when above TODOs are done | |
| if [[ "${{ matrix.operating-system }}" != *"-arm" ]]; then | |
| # no need to build platform anymore | |
| NO_BUILD=1 ./ci/all_tests.sh | |
| fi | |
| # TODO clippy, rustfmt, roc fmt check |