Merge remote-tracking branch 'awslabs/main' into davidpz-refactor-con…

…verters-to-numeric-types
smithy-lang · Apr 11, 2022 · ae129ec · ae129ec
2 parents fc23fad + aaed505
commit ae129ec
Show file tree

Hide file tree

Showing 124 changed files with 9,223 additions and 5,545 deletions.
diff --git a/.github/actions/docker-build/action.yml b/.github/actions/docker-build/action.yml
@@ -0,0 +1,64 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0.
+
+# Use this action to execute the action scripts in tools/ci-build/scripts within the Docker build image.
+name: smithy-rs Docker Build
+description: Run Docker build command for smithy-rs
+inputs:
+  # The name of the script in tools/ci-build/scripts to run
+  action:
+    description: What action to run in the Docker build
+    required: true
+runs:
+  using: composite
+  steps:
+  - uses: actions/cache@v2
+    name: Gradle Cache
+    with:
+      path: |
+        gradle/caches
+        gradle/wrapper
+      key: ${{ runner.os }}-gradle-${{ hashFiles('gradle/caches/**/*', 'gradle/wrapper/**/*') }}
+      restore-keys: |
+        ${{ runner.os }}-gradle-
+      # Pinned to the commit hash of v1.3.0
+  - uses: Swatinem/rust-cache@842ef286fff290e445b90b4002cc9807c3669641
+    with:
+      sharedKey: ${{ runner.os }}-${{ github.job }}
+      target-dir: ./smithy-rs-target
+  - name: Download all artifacts
+    uses: ./smithy-rs/.github/actions/download-all-artifacts
+  - name: Prepare build image
+    shell: bash
+    run: |
+      set -x
+
+      # Check the build artifacts to see if a prior step built a new Docker build image.
+      # If smithy-rs-base-image was included in the downloaded build artifacts, then load
+      # it and tag it as the base image to use for this action. This will prevent acquire-build-image
+      # from attempting to download an image from ECR since it will already exist,
+      # which enables testing build image modifications as part of the pull request.
+      if [[ -d smithy-rs-base-image ]]; then
+        IMAGE_TAG="$(./smithy-rs/tools/ci-build/tools-hash)"
+        docker load -i smithy-rs-base-image/smithy-rs-base-image
+        docker tag "smithy-rs-base-image:${IMAGE_TAG}" "smithy-rs-base-image:local"
+      fi
+
+      # For this step, we want images to come from build artifacts (built as part a prior step),
+      # or from ECR. We disable building the image from scratch so that any mistakes in the CI
+      # configuration won't cause each individual action to build its own image, which would
+      # drastically increase the total CI time. Fail fast!
+      ALLOW_LOCAL_BUILD=false ./smithy-rs/tools/ci-build/acquire-build-image
+    # This runs the commands from the matrix strategy
+  - name: Run ${{ inputs.action }}
+    shell: bash
+    run: |
+      ./smithy-rs/tools/ci-build/ci-action ${{ inputs.action }}
+      tar cfz artifacts-${{ inputs.action }}.tar.gz -C artifacts .
+  - name: Upload artifacts
+    uses: actions/upload-artifact@v3
+    with:
+      name: artifacts-${{ inputs.action }}
+      path: artifacts-${{ inputs.action }}.tar.gz
+      if-no-files-found: error
+      retention-days: 3
diff --git a/.github/actions/download-all-artifacts/action.yml b/.github/actions/download-all-artifacts/action.yml
@@ -0,0 +1,13 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: Apache-2.0.
+
+name: Download All Artifacts
+description: Downloads and untars all available build artifacts
+runs:
+  using: composite
+  steps:
+  - name: Download artifacts
+    uses: actions/download-artifact@v3
+  - name: Untar artifacts
+    shell: bash
+    run: find . -maxdepth 2 -iname 'artifacts-*.tar.gz' -print -exec tar vxfz {} \;
diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml
@@ -0,0 +1,53 @@
+# This workflow differs from PR CI in that it uploads a Docker build image to public ECR.
+# This should be done only on push to main so that PRs from forks can successfully run CI
+# since GitHub secrets cannot be shared with a PR from a fork.
+name: CI on Branch `main`
+on:
+  workflow_dispatch:
+  push:
+    branches: [main]
+
+# Allow only one Docker build image build to run at a time for the entire smithy-rs repo
+concurrency:
+  group: ci-docker-build-yml
+  cancel-in-progress: true
+
+env:
+  ecr_repository: public.ecr.aws/w0m4q9l7/github-awslabs-smithy-rs-ci
+
+jobs:
+  # Rebuild and upload the Docker build image
+  rebuild-docker-build-image:
+    runs-on: ubuntu-latest
+    name: Rebuild image
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v2
+    - name: Build image
+      run: |
+        IMAGE_TAG="$(./tools/ci-build/tools-hash)"
+        cd tools
+        docker build \
+          -t "${{ env.ecr_repository }}:${IMAGE_TAG}" \
+          -t "${{ env.ecr_repository }}:main" \
+          .
+    - name: Acquire credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        role-to-assume: ${{ secrets.SMITHY_RS_PUBLIC_ECR_PUSH_ROLE_ARN }}
+        role-session-name: GitHubActions
+        aws-region: us-west-2
+    - name: Upload image
+      run: |
+        IMAGE_TAG="$(./tools/ci-build/tools-hash)"
+        aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws
+        docker push "${{ env.ecr_repository }}:${IMAGE_TAG}"
+        docker push "${{ env.ecr_repository }}:main"
+
+  # Run normal CI, which should pick up the updated build image
+  ci:
+    needs: rebuild-docker-build-image
+    uses: ./.github/workflows/ci.yml