Update .github/workflows/relyance-sci.yml #23

Workflow file for this run

	name: "CI"

	env:
	GIT_CONFIG_KEY_0: url.https://${{ secrets.GIT_HUB_TOKEN }}:[email protected]/worldcoin/.insteadOf
	GIT_CONFIG_VALUE_0: https://github.com/worldcoin/
	GIT_CONFIG_COUNT: 1
	# I don't like this but it's mandatory, as GitHub actions have a git-lfs config in /etc/gitconfig
	# that breaks nix git-lfs support. The following variable explicitly ignores the system config in
	# /etc/gitconfig. Notice that this method will create issues if we start using git-lfs in orb-core.
	GIT_CONFIG_NOSYSTEM: 1

	on:
	pull_request:
	push:
	branches:
	- main
	- prod
	tags:
	- "*"

	jobs:
	deny:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # [email protected]
	with:
	token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # pin@ v27
	with:
	github_access_token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # pin@v15
	with:
	name: worldcoin
	authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
	- run: nix/cross.sh nix/ci.sh --server deny

	format:
	runs-on: ubuntu-22.04
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # [email protected]
	with:
	token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # pin@ v27
	with:
	github_access_token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # pin@v15
	with:
	name: worldcoin
	authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
	- run: nix/cross.sh nix/ci.sh --server fmt

	clippy:
	runs-on: ubuntu-22.04-32core
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # [email protected]
	with:
	token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # pin@ v27
	with:
	github_access_token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # pin@v15
	with:
	name: worldcoin
	authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
	- name: Generate git_version
	run: \|
	git describe --always > git_version
	git add git_version
	- run: nix/cross.sh nix/ci.sh --server clippy

	check_debug_report_version:
	runs-on: ubuntu-22.04-32core
	environment: release
	permissions:
	id-token: write
	contents: read
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # [email protected]
	with:
	token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # pin@ v27
	with:
	github_access_token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # pin@v15
	with:
	name: worldcoin
	authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # [email protected]
	with:
	aws-region: eu-central-1
	role-to-assume: ${{ secrets.INTERNAL_TOOLS_AWS_ROLE }}
	- name: Check Debug Report Version and export schema
	run: nix/native.sh nix/ci.sh --server check_debug_report_version
	- name: Copy artifacts due to https://github.com/actions/upload-artifact/issues/92
	run: cp -rL result artifacts
	- name: Upload CSV & JSON files as artifacts
	if: ${{ github.ref_name == 'main' \|\| github.ref_name == 'prod' }}
	uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # [email protected]
	with:
	name: debug-report-schema
	path: \|
	artifacts/debug_report_schema.csv
	artifacts/debug_report_schema.json
	- name: Upload CSV & JSON files on AWS S3
	if: ${{ github.ref_name == 'main' \|\| github.ref_name == 'prod' }}
	run: \|
	zip -j debug_report_schema.zip artifacts/debug_report_schema.csv artifacts/debug_report_schema.json
	FILENAME=$(echo debug_report_schema_$(date -u +"%Y-%m-%d")_$GITHUB_SHA.zip)
	aws s3 cp --only-show-errors debug_report_schema.zip s3://wld-signup-data-schema/$FILENAME

	test:
	runs-on: ubuntu-22.04-32core
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # [email protected]
	with:
	token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # pin@ v27
	with:
	github_access_token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # pin@v15
	with:
	name: worldcoin
	authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
	- name: Generate git_version
	run: \|
	git describe --always > git_version
	git add git_version
	- run: nix/native.sh nix/ci.sh --server test

	doc:
	runs-on: ubuntu-22.04-32core
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # [email protected]
	with:
	token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # pin@ v27
	with:
	github_access_token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # pin@v15
	with:
	name: worldcoin
	authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
	- name: Generate git_version
	run: \|
	git describe --always > git_version
	git add git_version
	- run: nix/native.sh nix/ci.sh --server doc

	build:
	if: ${{ github.ref_name == 'main' \|\| github.ref_name == 'prod' \|\| (github.ref_type == 'tag' && startsWith(github.ref_name, 'v')) }}
	runs-on: ubuntu-22.04-32core
	needs: [ format, clippy, test, doc, check_debug_report_version ]
	steps:
	- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # [email protected]
	with:
	token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/install-nix-action@ba0dd844c9180cbf77aa72a116d6fbc515d0e87b # pin@ v27
	with:
	github_access_token: ${{ secrets.GIT_HUB_TOKEN }}
	- uses: cachix/cachix-action@ad2ddac53f961de1989924296a1f236fcfbaa4fc # pin@v15
	with:
	name: worldcoin
	authToken: ${{ secrets.CACHIX_AUTH_TOKEN }}
	- name: Generate git_version
	run: \|
	git describe --always > git_version
	git add git_version
	- name: Build release binaries
	run: \|
	nix/cross.sh nix/ci.sh --server build
	mkdir -p artifacts
	cp -rL result/* artifacts/
	nix/cross.sh nix/ci.sh --server build_livestream_client
	cp -rL result/* artifacts/
	- name: Archive artifacts due to https://github.com/actions/upload-artifact/issues/92
	run: \|
	tar -czvhf orb-core-artifacts.tar.gz artifacts
	- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # [email protected]
	with:
	name: orb-core-artifacts
	path: artifacts
	- name: Upload Release
	uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # [email protected]
	# only run this for release tags (e.g. v1.1.0)
	if: ${{ github.ref_type == 'tag' && startsWith(github.ref_name, 'v') }}
	with:
	fail_on_unmatched_files: true
	files: \|
	orb-core-artifacts.tar.gz
	- name: Upload Development Build
	# only run this for main branch
	if: ${{ github.ref_name == 'main' }}
	run: \|
	gh release delete latest \
	--yes \
	--cleanup-tag \
	--repo ${{ github.repository }} \|\| true
	gh release create latest \
	--title 'Development Build' \
	--notes 'Latest successful build of main' \
	--prerelease \
	--repo ${{ github.repository }} \
	orb-core-artifacts.tar.gz
	env:
	GH_TOKEN: ${{ github.token }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update .github/workflows/relyance-sci.yml #23

Workflow file

Update .github/workflows/relyance-sci.yml #23

Uh oh!

Workflow file for this run