10. CI #2996

Workflow file for this run

	name: 10. CI
	'on':
	push:
	branches:
	- github*
	- master
	pull_request:
	branches:
	- '**'
	schedule:
	- cron: 0 0 * * *
	workflow_dispatch: null
	concurrency:
	group: 'main-${{ github.ref }}'
	cancel-in-progress: true
	jobs:
	main-ubuntu:
	needs:
	- main-smoke
	timeout-minutes: 30
	strategy:
	fail-fast: false
	matrix:
	os:
	- ubuntu-20.04
	yp_ci_brew_install:
	- minimal
	- dev
	name: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	runs-on: '${{ matrix.os }}'
	env:
	GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY: '${{ secrets.YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY }}'
	YP_LOG_BOOTSTRAP: true
	YP_PRINTENV_BOOTSTRAP: '${{ secrets.YP_PRINTENV_BOOTSTRAP }}'
	YP_TRANSCRYPT_PASSWORD: '${{ secrets.YP_TRANSCRYPT_PASSWORD }}'
	V: '${{ secrets.V }}'
	GITHUB_JOB_NAME: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	YP_CI_BREW_INSTALL: '${{ matrix.yp_ci_brew_install }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_DATASET: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	steps:
	- name: yplatform/bin/github-checkout
	shell: bash
	run: >
	set -x

	#!/usr/bin/env bash

	set -euo pipefail


	HOME_REAL=$(eval echo "~$(id -u -n)")

	[[ "${HOME}" = "${HOME_REAL}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[WARN] \$HOME is overriden to ${HOME}."
	>&2 echo "$(date +"%H:%M:%S")" "[INFO] Resetting \$HOME to ${HOME_REAL}..."
	export HOME=${HOME_REAL}
	}


	[[ -n "${GITHUB_REPOSITORY:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REPOSITORY is undefined."
	exit 1
	}


	[[ -n "${GITHUB_REF:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REF is undefined."
	exit 1
	}


	# run with a clean .gitconfig, but restore on exit

	TMP_GITHUB_CHECKOUT=$(mktemp -t yplatform.XXXXXXXXXX)

	touch ${HOME}/.gitconfig

	mv ${HOME}/.gitconfig ${TMP_GITHUB_CHECKOUT}


	function on_exit() {
	mv ${TMP_GITHUB_CHECKOUT} ${HOME}/.gitconfig
	}

	trap on_exit EXIT


	# basic git config

	git config --global core.autocrlf false

	git config --global core.eol lf

	git config --global advice.detachedHead false


	# use https instead of everything else

	# sync with gitconfig/dot.gitconfig.github-https

	git config --global --add url."https://github.com/".insteadOf "https://github.com/" # git canonical https url

	git config --global --add url."https://github.com/".insteadOf "git://github.com/" # git canonical git url

	git config --global --add url."https://github.com/".insteadOf "github://" # github url

	git config --global --add url."https://github.com/".insteadOf "[email protected]:" # git canonical ssh url

	git config --global --add url."https://github.com/".insteadOf "ssh://[email protected]/" # npm package.json's
	canonical git+ssh url # editorconfig-checker-disable-line


	# use github token transparently

	[[ -z "${GITHUB_TOKEN:-}" ]] \|\| {
	BASE64="base64 --wrap 0"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="base64"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="openssl base64 -A"
	echo "" \| ${BASE64} >/dev/null 2>&1
	GIT_HTTP_EXTRAHEADER="AUTHORIZATION: basic $(echo -n "x-access-token:${GITHUB_TOKEN}" \| ${BASE64})"
	git config --global --add http."https://github.com/".extraheader "${GIT_HTTP_EXTRAHEADER}"
	}


	# use git protocol version 2 if available

	GIT_DEPTH_ARG=

	# NOTE may fail if git-man is not installed

	# ! git config --help \| grep -q "wire protocol version 2" \|\| {

	! grep -q "protocol version 2" $(command -v git) \|\| {
	git config --global --add protocol.version 2
	GIT_DEPTH_ARG="--depth=1"
	}


	# ------------------------------------------------------------------------------


	# clone/fetch

	GIT_URL=${GITHUB_SERVER_URL:-${GITHUB_URL:-https://github.com}}/${GITHUB_REPOSITORY}.git

	GIT_BRANCH_ARG=

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/heads\/}"
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/tags\/}"
	fi

	[[ -z "${GITHUB_WORKSPACE:-}" ]] \|\| cd ${GITHUB_WORKSPACE}

	git clone ${GIT_DEPTH_ARG:-} ${GIT_BRANCH_ARG} ${GIT_URL} $(pwd)

	# shellcheck disable=SC2193

	if [[ "${GITHUB_EVENT_NAME:-}" = "pull_request" ]]; then
	git fetch ${GIT_DEPTH_ARG:-} origin ${GITHUB_REF}:refs/remotes/pull/${GITHUB_REF#refs\/pull\/}
	GITHUB_SHA=$(git rev-parse pull/${GITHUB_REF#refs\/pull\/})
	GIT_BRANCH_DEFAULT=$(git ls-remote --symref ${GIT_URL} HEAD \| head -1 \| sed "s,^ref: refs/heads/,," \| sed "s,\s\+HEAD,,")
	GITHUB_REF=refs/heads/${GITHUB_BASE_REF:-${GIT_BRANCH_DEFAULT}}
	fi


	# ------------------------------------------------------------------------------


	# checkout

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	git checkout -B ${GITHUB_REF#refs\/heads\/} ${GITHUB_SHA:-origin/${GITHUB_REF#refs\/heads\/}}
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	git checkout ${GITHUB_REF}
	else
	set -x
	printenv
	cat ${GITHUB_EVENT_PATH:-/dev/null}
	exit 1
	fi


	# submodules

	git submodule sync --recursive

	git submodule update --init --recursive --force ${GIT_DEPTH_ARG:-}
	- shell: bash
	run: ./.ci.sh before_install
	- shell: bash
	run: ./.ci.sh install
	- shell: bash
	run: ./.ci.sh before_script
	- shell: bash
	run: ./.ci.sh script
	- if: failure()
	shell: bash
	run: ./.ci.sh after_failure \|\| true
	- shell: bash
	run: ./.ci.sh after_success \|\| true
	- if: always()
	shell: bash
	run: ./.ci.sh after_script \|\| true
	- if: always()
	shell: bash
	env:
	SLACK_WEBHOOK: '${{ secrets.SLACK_WEBHOOK }}'
	SLACK_CHANNEL: cloud-ci
	YP_CI_STATUS: '${{ job.status }}'
	run: ./.ci.sh notifications \|\| true
	- name: Upload Artifacts
	uses: actions/upload-artifact@v3
	with:
	name: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	path: \|-
	yp-ci-echo-benchmark
	some-job-artifact.md
	log.sh-session
	retention-days: 7
	main-macos:
	needs:
	- main-smoke
	timeout-minutes: 60
	strategy:
	fail-fast: false
	matrix:
	os:
	- macos-11
	- macos-12
	yp_ci_brew_install:
	- minimal
	- dev
	name: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	runs-on: '${{ matrix.os }}'
	env:
	GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY: '${{ secrets.YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY }}'
	YP_LOG_BOOTSTRAP: true
	YP_PRINTENV_BOOTSTRAP: '${{ secrets.YP_PRINTENV_BOOTSTRAP }}'
	YP_TRANSCRYPT_PASSWORD: '${{ secrets.YP_TRANSCRYPT_PASSWORD }}'
	V: '${{ secrets.V }}'
	GITHUB_JOB_NAME: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	YP_CI_BREW_INSTALL: '${{ matrix.yp_ci_brew_install }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_DATASET: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	steps:
	- name: yplatform/bin/github-checkout
	shell: bash
	run: >
	set -x

	#!/usr/bin/env bash

	set -euo pipefail


	HOME_REAL=$(eval echo "~$(id -u -n)")

	[[ "${HOME}" = "${HOME_REAL}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[WARN] \$HOME is overriden to ${HOME}."
	>&2 echo "$(date +"%H:%M:%S")" "[INFO] Resetting \$HOME to ${HOME_REAL}..."
	export HOME=${HOME_REAL}
	}


	[[ -n "${GITHUB_REPOSITORY:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REPOSITORY is undefined."
	exit 1
	}


	[[ -n "${GITHUB_REF:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REF is undefined."
	exit 1
	}


	# run with a clean .gitconfig, but restore on exit

	TMP_GITHUB_CHECKOUT=$(mktemp -t yplatform.XXXXXXXXXX)

	touch ${HOME}/.gitconfig

	mv ${HOME}/.gitconfig ${TMP_GITHUB_CHECKOUT}


	function on_exit() {
	mv ${TMP_GITHUB_CHECKOUT} ${HOME}/.gitconfig
	}

	trap on_exit EXIT


	# basic git config

	git config --global core.autocrlf false

	git config --global core.eol lf

	git config --global advice.detachedHead false


	# use https instead of everything else

	# sync with gitconfig/dot.gitconfig.github-https

	git config --global --add url."https://github.com/".insteadOf "https://github.com/" # git canonical https url

	git config --global --add url."https://github.com/".insteadOf "git://github.com/" # git canonical git url

	git config --global --add url."https://github.com/".insteadOf "github://" # github url

	git config --global --add url."https://github.com/".insteadOf "[email protected]:" # git canonical ssh url

	git config --global --add url."https://github.com/".insteadOf "ssh://[email protected]/" # npm package.json's
	canonical git+ssh url # editorconfig-checker-disable-line


	# use github token transparently

	[[ -z "${GITHUB_TOKEN:-}" ]] \|\| {
	BASE64="base64 --wrap 0"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="base64"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="openssl base64 -A"
	echo "" \| ${BASE64} >/dev/null 2>&1
	GIT_HTTP_EXTRAHEADER="AUTHORIZATION: basic $(echo -n "x-access-token:${GITHUB_TOKEN}" \| ${BASE64})"
	git config --global --add http."https://github.com/".extraheader "${GIT_HTTP_EXTRAHEADER}"
	}


	# use git protocol version 2 if available

	GIT_DEPTH_ARG=

	# NOTE may fail if git-man is not installed

	# ! git config --help \| grep -q "wire protocol version 2" \|\| {

	! grep -q "protocol version 2" $(command -v git) \|\| {
	git config --global --add protocol.version 2
	GIT_DEPTH_ARG="--depth=1"
	}


	# ------------------------------------------------------------------------------


	# clone/fetch

	GIT_URL=${GITHUB_SERVER_URL:-${GITHUB_URL:-https://github.com}}/${GITHUB_REPOSITORY}.git

	GIT_BRANCH_ARG=

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/heads\/}"
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/tags\/}"
	fi

	[[ -z "${GITHUB_WORKSPACE:-}" ]] \|\| cd ${GITHUB_WORKSPACE}

	git clone ${GIT_DEPTH_ARG:-} ${GIT_BRANCH_ARG} ${GIT_URL} $(pwd)

	# shellcheck disable=SC2193

	if [[ "${GITHUB_EVENT_NAME:-}" = "pull_request" ]]; then
	git fetch ${GIT_DEPTH_ARG:-} origin ${GITHUB_REF}:refs/remotes/pull/${GITHUB_REF#refs\/pull\/}
	GITHUB_SHA=$(git rev-parse pull/${GITHUB_REF#refs\/pull\/})
	GIT_BRANCH_DEFAULT=$(git ls-remote --symref ${GIT_URL} HEAD \| head -1 \| sed "s,^ref: refs/heads/,," \| sed "s,\s\+HEAD,,")
	GITHUB_REF=refs/heads/${GITHUB_BASE_REF:-${GIT_BRANCH_DEFAULT}}
	fi


	# ------------------------------------------------------------------------------


	# checkout

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	git checkout -B ${GITHUB_REF#refs\/heads\/} ${GITHUB_SHA:-origin/${GITHUB_REF#refs\/heads\/}}
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	git checkout ${GITHUB_REF}
	else
	set -x
	printenv
	cat ${GITHUB_EVENT_PATH:-/dev/null}
	exit 1
	fi


	# submodules

	git submodule sync --recursive

	git submodule update --init --recursive --force ${GIT_DEPTH_ARG:-}
	- shell: bash
	run: ./.ci.sh before_install
	- shell: bash
	run: ./.ci.sh install
	- shell: bash
	run: ./.ci.sh before_script
	- shell: bash
	run: ./.ci.sh script
	- if: failure()
	shell: bash
	run: ./.ci.sh after_failure \|\| true
	- shell: bash
	run: ./.ci.sh after_success \|\| true
	- if: always()
	shell: bash
	run: ./.ci.sh after_script \|\| true
	- if: always()
	shell: bash
	env:
	SLACK_WEBHOOK: '${{ secrets.SLACK_WEBHOOK }}'
	SLACK_CHANNEL: cloud-ci
	YP_CI_STATUS: '${{ job.status }}'
	run: ./.ci.sh notifications \|\| true
	- name: Upload Artifacts
	uses: actions/upload-artifact@v3
	with:
	name: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	path: \|-
	yp-ci-echo-benchmark
	some-job-artifact.md
	log.sh-session
	retention-days: 7
	main-windows:
	needs:
	- main-smoke
	- main-ubuntu
	- main-macos
	timeout-minutes: 90
	strategy:
	fail-fast: false
	matrix:
	os:
	- windows-2019
	- windows-2022
	yp_ci_brew_install:
	- minimal
	name: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	runs-on: '${{ matrix.os }}'
	env:
	GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY: '${{ secrets.YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY }}'
	YP_LOG_BOOTSTRAP: true
	YP_PRINTENV_BOOTSTRAP: '${{ secrets.YP_PRINTENV_BOOTSTRAP }}'
	YP_TRANSCRYPT_PASSWORD: '${{ secrets.YP_TRANSCRYPT_PASSWORD }}'
	V: '${{ secrets.V }}'
	GITHUB_JOB_NAME: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	YP_CI_BREW_INSTALL: '${{ matrix.yp_ci_brew_install }}'
	WSLENV: >-
	CI:V:YP_LOG_BOOTSTRAP:YP_PRINTENV_BOOTSTRAP:GH_TOKEN:GH_USERNAME:YP_TRANSCRYPT_PASSWORD:SLACK_WEBHOOK:SLACK_CHANNEL:YP_CI_BREW_INSTALL:YP_CI_STATUS
	WSLUSER: github
	WSLGROUP: github
	steps:
	- name: yplatform/bin/github-checkout
	shell: bash
	run: >
	set -x

	#!/usr/bin/env bash

	set -euo pipefail


	HOME_REAL=$(eval echo "~$(id -u -n)")

	[[ "${HOME}" = "${HOME_REAL}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[WARN] \$HOME is overriden to ${HOME}."
	>&2 echo "$(date +"%H:%M:%S")" "[INFO] Resetting \$HOME to ${HOME_REAL}..."
	export HOME=${HOME_REAL}
	}


	[[ -n "${GITHUB_REPOSITORY:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REPOSITORY is undefined."
	exit 1
	}


	[[ -n "${GITHUB_REF:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REF is undefined."
	exit 1
	}


	# run with a clean .gitconfig, but restore on exit

	TMP_GITHUB_CHECKOUT=$(mktemp -t yplatform.XXXXXXXXXX)

	touch ${HOME}/.gitconfig

	mv ${HOME}/.gitconfig ${TMP_GITHUB_CHECKOUT}


	function on_exit() {
	mv ${TMP_GITHUB_CHECKOUT} ${HOME}/.gitconfig
	}

	trap on_exit EXIT


	# basic git config

	git config --global core.autocrlf false

	git config --global core.eol lf

	git config --global advice.detachedHead false


	# use https instead of everything else

	# sync with gitconfig/dot.gitconfig.github-https

	git config --global --add url."https://github.com/".insteadOf "https://github.com/" # git canonical https url

	git config --global --add url."https://github.com/".insteadOf "git://github.com/" # git canonical git url

	git config --global --add url."https://github.com/".insteadOf "github://" # github url

	git config --global --add url."https://github.com/".insteadOf "[email protected]:" # git canonical ssh url

	git config --global --add url."https://github.com/".insteadOf "ssh://[email protected]/" # npm package.json's
	canonical git+ssh url # editorconfig-checker-disable-line


	# use github token transparently

	[[ -z "${GITHUB_TOKEN:-}" ]] \|\| {
	BASE64="base64 --wrap 0"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="base64"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="openssl base64 -A"
	echo "" \| ${BASE64} >/dev/null 2>&1
	GIT_HTTP_EXTRAHEADER="AUTHORIZATION: basic $(echo -n "x-access-token:${GITHUB_TOKEN}" \| ${BASE64})"
	git config --global --add http."https://github.com/".extraheader "${GIT_HTTP_EXTRAHEADER}"
	}


	# use git protocol version 2 if available

	GIT_DEPTH_ARG=

	# NOTE may fail if git-man is not installed

	# ! git config --help \| grep -q "wire protocol version 2" \|\| {

	! grep -q "protocol version 2" $(command -v git) \|\| {
	git config --global --add protocol.version 2
	GIT_DEPTH_ARG="--depth=1"
	}


	# ------------------------------------------------------------------------------


	# clone/fetch

	GIT_URL=${GITHUB_SERVER_URL:-${GITHUB_URL:-https://github.com}}/${GITHUB_REPOSITORY}.git

	GIT_BRANCH_ARG=

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/heads\/}"
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/tags\/}"
	fi

	[[ -z "${GITHUB_WORKSPACE:-}" ]] \|\| cd ${GITHUB_WORKSPACE}

	git clone ${GIT_DEPTH_ARG:-} ${GIT_BRANCH_ARG} ${GIT_URL} $(pwd)

	# shellcheck disable=SC2193

	if [[ "${GITHUB_EVENT_NAME:-}" = "pull_request" ]]; then
	git fetch ${GIT_DEPTH_ARG:-} origin ${GITHUB_REF}:refs/remotes/pull/${GITHUB_REF#refs\/pull\/}
	GITHUB_SHA=$(git rev-parse pull/${GITHUB_REF#refs\/pull\/})
	GIT_BRANCH_DEFAULT=$(git ls-remote --symref ${GIT_URL} HEAD \| head -1 \| sed "s,^ref: refs/heads/,," \| sed "s,\s\+HEAD,,")
	GITHUB_REF=refs/heads/${GITHUB_BASE_REF:-${GIT_BRANCH_DEFAULT}}
	fi


	# ------------------------------------------------------------------------------


	# checkout

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	git checkout -B ${GITHUB_REF#refs\/heads\/} ${GITHUB_SHA:-origin/${GITHUB_REF#refs\/heads\/}}
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	git checkout ${GITHUB_REF}
	else
	set -x
	printenv
	cat ${GITHUB_EVENT_PATH:-/dev/null}
	exit 1
	fi


	# submodules

	git submodule sync --recursive

	git submodule update --init --recursive --force ${GIT_DEPTH_ARG:-}
	- name: Set up WSLENV
	shell: bash
	run: \|-
	set -x
	GITHUB_WSLENV="$(printenv \| grep "^GITHUB" \| cut -d"=" -f1 \| sort \| \
	sed "s\|^GITHUB_ENV\$\|GITHUB_ENV/p\|" \| \
	sed "s\|^GITHUB_EVENT_PATH\$\|GITHUB_EVENT_PATH/p\|" \| \
	sed "s\|^GITHUB_PATH\$\|GITHUB_PATH/p\|" \| \
	sed "s\|^GITHUB_WORKSPACE\$\|GITHUB_WORKSPACE/p\|" \| \
	tr "\n" ":")"
	echo "WSLENV=${WSLENV:-}:${GITHUB_WSLENV}" >> ${GITHUB_ENV}
	- name: Install WSL Distribution
	uses: Vampire/setup-wsl@v2
	with:
	distribution: Ubuntu-22.04
	update: 'false'
	wsl-conf: \|
	# see https://devblogs.microsoft.com/commandline/automatically-configuring-wsl/
	# see https://github.com/MicrosoftDocs/WSL/blob/master/WSL/wsl-config.md

	# DEFAULTS
	# [automount]
	# enabled = true
	# mountFsTab = true
	# root = /mnt/
	# options =
	# [network]
	# generateHosts = true
	# generateResolvConf = true
	# [interop]
	# enabled = true
	# appendWindowsPath = true

	[automount]
	# see https://devblogs.microsoft.com/commandline/chmod-chown-wsl-improvements/
	# using 2000:2000 because of consistency (UID:GID that TravisCI uses)
	options = "metadata,case=dir,uid=2000,gid=2000,umask=22,fmask=11"

	[interop]
	appendWindowsPath = false

	# see https://github.com/microsoft/WSL/issues/8358#issuecomment-1490561393
	[network]
	nameserver 1.1.1.1
	- name: Set up WSL Distribution
	shell: bash
	run: >-
	set -x

	wsl bash -c "cat /etc/os-release"

	wsl bash -c "sudo addgroup --gid 2000 ${WSLGROUP}"

	wsl bash -c "sudo adduser --uid 2000 --ingroup ${WSLGROUP} --home /home/${WSLUSER} --shell /bin/bash
	--disabled-password --gecos \"Linux user\" ${WSLUSER}"

	wsl bash -c "sudo adduser ${WSLUSER} sudo"

	wsl bash -c "sudo echo \"${WSLUSER} ALL=(ALL) NOPASSWD:ALL\" >> /etc/sudoers"
	- shell: bash
	run: bin/wsl-bash -c "./.ci.sh before_install"
	- shell: bash
	run: bin/wsl-bash -c "./.ci.sh install"
	- shell: bash
	run: bin/wsl-bash -c "./.ci.sh before_script"
	- shell: bash
	run: bin/wsl-bash -c "./.ci.sh script"
	- if: failure()
	shell: bash
	run: bin/wsl-bash -c "./.ci.sh after_failure \|\| true"
	- shell: bash
	run: bin/wsl-bash -c "./.ci.sh after_success \|\| true"
	- if: always()
	shell: bash
	run: bin/wsl-bash -c "./.ci.sh after_script \|\| true"
	- if: always()
	shell: bash
	env:
	SLACK_WEBHOOK: '${{ secrets.SLACK_WEBHOOK }}'
	SLACK_CHANNEL: cloud-ci
	YP_CI_STATUS: '${{ job.status }}'
	run: bin/wsl-bash -c "./.ci.sh notifications \|\| true"
	main-smoke:
	needs: []
	timeout-minutes: 60
	strategy:
	fail-fast: false
	matrix:
	os:
	- ubuntu-22.04
	- macos-13
	yp_ci_brew_install:
	- minimal
	- dev
	name: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	runs-on: '${{ matrix.os }}'
	env:
	GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY: '${{ secrets.YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY }}'
	YP_LOG_BOOTSTRAP: true
	YP_PRINTENV_BOOTSTRAP: '${{ secrets.YP_PRINTENV_BOOTSTRAP }}'
	YP_TRANSCRYPT_PASSWORD: '${{ secrets.YP_TRANSCRYPT_PASSWORD }}'
	V: '${{ secrets.V }}'
	GITHUB_JOB_NAME: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	YP_CI_BREW_INSTALL: '${{ matrix.yp_ci_brew_install }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_DATASET: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	steps:
	- name: yplatform/bin/github-checkout
	shell: bash
	run: >
	set -x

	#!/usr/bin/env bash

	set -euo pipefail


	HOME_REAL=$(eval echo "~$(id -u -n)")

	[[ "${HOME}" = "${HOME_REAL}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[WARN] \$HOME is overriden to ${HOME}."
	>&2 echo "$(date +"%H:%M:%S")" "[INFO] Resetting \$HOME to ${HOME_REAL}..."
	export HOME=${HOME_REAL}
	}


	[[ -n "${GITHUB_REPOSITORY:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REPOSITORY is undefined."
	exit 1
	}


	[[ -n "${GITHUB_REF:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REF is undefined."
	exit 1
	}


	# run with a clean .gitconfig, but restore on exit

	TMP_GITHUB_CHECKOUT=$(mktemp -t yplatform.XXXXXXXXXX)

	touch ${HOME}/.gitconfig

	mv ${HOME}/.gitconfig ${TMP_GITHUB_CHECKOUT}


	function on_exit() {
	mv ${TMP_GITHUB_CHECKOUT} ${HOME}/.gitconfig
	}

	trap on_exit EXIT


	# basic git config

	git config --global core.autocrlf false

	git config --global core.eol lf

	git config --global advice.detachedHead false


	# use https instead of everything else

	# sync with gitconfig/dot.gitconfig.github-https

	git config --global --add url."https://github.com/".insteadOf "https://github.com/" # git canonical https url

	git config --global --add url."https://github.com/".insteadOf "git://github.com/" # git canonical git url

	git config --global --add url."https://github.com/".insteadOf "github://" # github url

	git config --global --add url."https://github.com/".insteadOf "[email protected]:" # git canonical ssh url

	git config --global --add url."https://github.com/".insteadOf "ssh://[email protected]/" # npm package.json's
	canonical git+ssh url # editorconfig-checker-disable-line


	# use github token transparently

	[[ -z "${GITHUB_TOKEN:-}" ]] \|\| {
	BASE64="base64 --wrap 0"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="base64"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="openssl base64 -A"
	echo "" \| ${BASE64} >/dev/null 2>&1
	GIT_HTTP_EXTRAHEADER="AUTHORIZATION: basic $(echo -n "x-access-token:${GITHUB_TOKEN}" \| ${BASE64})"
	git config --global --add http."https://github.com/".extraheader "${GIT_HTTP_EXTRAHEADER}"
	}


	# use git protocol version 2 if available

	GIT_DEPTH_ARG=

	# NOTE may fail if git-man is not installed

	# ! git config --help \| grep -q "wire protocol version 2" \|\| {

	! grep -q "protocol version 2" $(command -v git) \|\| {
	git config --global --add protocol.version 2
	GIT_DEPTH_ARG="--depth=1"
	}


	# ------------------------------------------------------------------------------


	# clone/fetch

	GIT_URL=${GITHUB_SERVER_URL:-${GITHUB_URL:-https://github.com}}/${GITHUB_REPOSITORY}.git

	GIT_BRANCH_ARG=

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/heads\/}"
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/tags\/}"
	fi

	[[ -z "${GITHUB_WORKSPACE:-}" ]] \|\| cd ${GITHUB_WORKSPACE}

	git clone ${GIT_DEPTH_ARG:-} ${GIT_BRANCH_ARG} ${GIT_URL} $(pwd)

	# shellcheck disable=SC2193

	if [[ "${GITHUB_EVENT_NAME:-}" = "pull_request" ]]; then
	git fetch ${GIT_DEPTH_ARG:-} origin ${GITHUB_REF}:refs/remotes/pull/${GITHUB_REF#refs\/pull\/}
	GITHUB_SHA=$(git rev-parse pull/${GITHUB_REF#refs\/pull\/})
	GIT_BRANCH_DEFAULT=$(git ls-remote --symref ${GIT_URL} HEAD \| head -1 \| sed "s,^ref: refs/heads/,," \| sed "s,\s\+HEAD,,")
	GITHUB_REF=refs/heads/${GITHUB_BASE_REF:-${GIT_BRANCH_DEFAULT}}
	fi


	# ------------------------------------------------------------------------------


	# checkout

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	git checkout -B ${GITHUB_REF#refs\/heads\/} ${GITHUB_SHA:-origin/${GITHUB_REF#refs\/heads\/}}
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	git checkout ${GITHUB_REF}
	else
	set -x
	printenv
	cat ${GITHUB_EVENT_PATH:-/dev/null}
	exit 1
	fi


	# submodules

	git submodule sync --recursive

	git submodule update --init --recursive --force ${GIT_DEPTH_ARG:-}
	- shell: bash
	run: ./.ci.sh before_install
	- shell: bash
	run: ./.ci.sh install
	- shell: bash
	run: ./.ci.sh before_script
	- shell: bash
	run: ./.ci.sh script
	- if: failure()
	shell: bash
	run: ./.ci.sh after_failure \|\| true
	- shell: bash
	run: ./.ci.sh after_success \|\| true
	- if: always()
	shell: bash
	run: ./.ci.sh after_script \|\| true
	- if: always()
	shell: bash
	env:
	SLACK_WEBHOOK: '${{ secrets.SLACK_WEBHOOK }}'
	SLACK_CHANNEL: cloud-ci
	YP_CI_STATUS: '${{ job.status }}'
	run: ./.ci.sh notifications \|\| true
	- name: Upload Artifacts
	uses: actions/upload-artifact@v3
	with:
	name: 'main-${{ matrix.os }}-${{ matrix.yp_ci_brew_install }}'
	path: \|-
	yp-ci-echo-benchmark
	some-job-artifact.md
	log.sh-session
	retention-days: 7
	mainc-smoke-minimal:
	needs: []
	timeout-minutes: 30
	strategy:
	fail-fast: false
	matrix:
	container:
	- ubuntu-20.04
	yp_ci_brew_install:
	- minimal
	name: 'mainc-${{ matrix.container }}-${{ matrix.yp_ci_brew_install }}'
	runs-on: ubuntu-latest
	env:
	GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY: '${{ secrets.YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY }}'
	YP_LOG_BOOTSTRAP: true
	YP_PRINTENV_BOOTSTRAP: '${{ secrets.YP_PRINTENV_BOOTSTRAP }}'
	YP_TRANSCRYPT_PASSWORD: '${{ secrets.YP_TRANSCRYPT_PASSWORD }}'
	V: '${{ secrets.V }}'
	DOCKER_USERNAME: '${{ secrets.DOCKER_USERNAME }}'
	DOCKER_TOKEN: '${{ secrets.DOCKER_TOKEN }}'
	GITHUB_MATRIX_CONTAINER: '${{ matrix.container }}'
	GITHUB_MATRIX_YP_CI_BREW_INSTALL: '${{ matrix.yp_ci_brew_install }}'
	GITHUB_JOB_NAME: 'mainc-${{ matrix.container }}-${{ matrix.yp_ci_brew_install }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_DATASET: 'mainc-${{ matrix.container }}-${{ matrix.yp_ci_brew_install }}'
	YP_DEPLOY_DRYRUN: true
	steps:
	- name: yplatform/bin/github-checkout
	shell: bash
	run: >
	set -x

	#!/usr/bin/env bash

	set -euo pipefail


	HOME_REAL=$(eval echo "~$(id -u -n)")

	[[ "${HOME}" = "${HOME_REAL}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[WARN] \$HOME is overriden to ${HOME}."
	>&2 echo "$(date +"%H:%M:%S")" "[INFO] Resetting \$HOME to ${HOME_REAL}..."
	export HOME=${HOME_REAL}
	}


	[[ -n "${GITHUB_REPOSITORY:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REPOSITORY is undefined."
	exit 1
	}


	[[ -n "${GITHUB_REF:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REF is undefined."
	exit 1
	}


	# run with a clean .gitconfig, but restore on exit

	TMP_GITHUB_CHECKOUT=$(mktemp -t yplatform.XXXXXXXXXX)

	touch ${HOME}/.gitconfig

	mv ${HOME}/.gitconfig ${TMP_GITHUB_CHECKOUT}


	function on_exit() {
	mv ${TMP_GITHUB_CHECKOUT} ${HOME}/.gitconfig
	}

	trap on_exit EXIT


	# basic git config

	git config --global core.autocrlf false

	git config --global core.eol lf

	git config --global advice.detachedHead false


	# use https instead of everything else

	# sync with gitconfig/dot.gitconfig.github-https

	git config --global --add url."https://github.com/".insteadOf "https://github.com/" # git canonical https url

	git config --global --add url."https://github.com/".insteadOf "git://github.com/" # git canonical git url

	git config --global --add url."https://github.com/".insteadOf "github://" # github url

	git config --global --add url."https://github.com/".insteadOf "[email protected]:" # git canonical ssh url

	git config --global --add url."https://github.com/".insteadOf "ssh://[email protected]/" # npm package.json's
	canonical git+ssh url # editorconfig-checker-disable-line


	# use github token transparently

	[[ -z "${GITHUB_TOKEN:-}" ]] \|\| {
	BASE64="base64 --wrap 0"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="base64"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="openssl base64 -A"
	echo "" \| ${BASE64} >/dev/null 2>&1
	GIT_HTTP_EXTRAHEADER="AUTHORIZATION: basic $(echo -n "x-access-token:${GITHUB_TOKEN}" \| ${BASE64})"
	git config --global --add http."https://github.com/".extraheader "${GIT_HTTP_EXTRAHEADER}"
	}


	# use git protocol version 2 if available

	GIT_DEPTH_ARG=

	# NOTE may fail if git-man is not installed

	# ! git config --help \| grep -q "wire protocol version 2" \|\| {

	! grep -q "protocol version 2" $(command -v git) \|\| {
	git config --global --add protocol.version 2
	GIT_DEPTH_ARG="--depth=1"
	}


	# ------------------------------------------------------------------------------


	# clone/fetch

	GIT_URL=${GITHUB_SERVER_URL:-${GITHUB_URL:-https://github.com}}/${GITHUB_REPOSITORY}.git

	GIT_BRANCH_ARG=

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/heads\/}"
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/tags\/}"
	fi

	[[ -z "${GITHUB_WORKSPACE:-}" ]] \|\| cd ${GITHUB_WORKSPACE}

	git clone ${GIT_DEPTH_ARG:-} ${GIT_BRANCH_ARG} ${GIT_URL} $(pwd)

	# shellcheck disable=SC2193

	if [[ "${GITHUB_EVENT_NAME:-}" = "pull_request" ]]; then
	git fetch ${GIT_DEPTH_ARG:-} origin ${GITHUB_REF}:refs/remotes/pull/${GITHUB_REF#refs\/pull\/}
	GITHUB_SHA=$(git rev-parse pull/${GITHUB_REF#refs\/pull\/})
	GIT_BRANCH_DEFAULT=$(git ls-remote --symref ${GIT_URL} HEAD \| head -1 \| sed "s,^ref: refs/heads/,," \| sed "s,\s\+HEAD,,")
	GITHUB_REF=refs/heads/${GITHUB_BASE_REF:-${GIT_BRANCH_DEFAULT}}
	fi


	# ------------------------------------------------------------------------------


	# checkout

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	git checkout -B ${GITHUB_REF#refs\/heads\/} ${GITHUB_SHA:-origin/${GITHUB_REF#refs\/heads\/}}
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	git checkout ${GITHUB_REF}
	else
	set -x
	printenv
	cat ${GITHUB_EVENT_PATH:-/dev/null}
	exit 1
	fi


	# submodules

	git submodule sync --recursive

	git submodule update --init --recursive --force ${GIT_DEPTH_ARG:-}
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2
	- name: Set up Docker Buildx
	id: buildx
	uses: docker/setup-buildx-action@v2
	with:
	buildkitd-flags: '--debug'
	- name: 'Set up Docker Buildx: remote ssh for arm64'
	id: buildx-arm64-ssh
	uses: shimataro/ssh-key-action@v2
	with:
	key: '${{ secrets.DOCKER_AWS_SSH_PRIVATE_KEY }}'
	known_hosts: unnecessary
	- name: 'Set up Docker Buildx: remote builder for arm64'
	id: buildx-arm64-builder
	shell: bash
	env:
	DOCKER_AWS_SSH_SERVER: docker-arm64.aws.ysoftware.se
	run: \|-
	set -x
	ssh-keyscan -H ${DOCKER_AWS_SSH_SERVER} >> ~/.ssh/known_hosts \|\| exit 0
	ssh ${DOCKER_AWS_SSH_SERVER} "exit 0" \|\| exit 0
	docker context create aws-docker-arm64 --docker host=ssh://${DOCKER_AWS_SSH_SERVER}
	docker buildx create --name localamd64-remotearm64 default --platform linux/amd64
	docker buildx create --name localamd64-remotearm64 aws-docker-arm64 --platform linux/arm64 --append
	docker buildx use localamd64-remotearm64
	- shell: bash
	run: ./.ci.sh before_deploy
	- shell: bash
	run: ./.ci.sh deploy
	- shell: bash
	run: ./.ci.sh after_deploy \|\| true
	- name: Upload Artifacts
	uses: actions/upload-artifact@v3
	with:
	name: 'mainc-${{ matrix.container }}-${{ matrix.yp_ci_brew_install }}'
	path: \|-
	yp-ci-echo-benchmark
	some-job-artifact.md
	log.sh-session
	retention-days: 7
	mainc-smoke-common:
	needs: []
	timeout-minutes: 30
	strategy:
	fail-fast: false
	matrix:
	container:
	- ubuntu-20.04
	yp_ci_brew_install:
	- common
	name: 'mainc-${{ matrix.container }}-${{ matrix.yp_ci_brew_install }}'
	runs-on: ubuntu-latest
	env:
	GITHUB_TOKEN: '${{ secrets.GITHUB_TOKEN }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY: '${{ secrets.YP_CI_ECHO_EXTERNAL_HONEYCOMB_API_KEY }}'
	YP_LOG_BOOTSTRAP: true
	YP_PRINTENV_BOOTSTRAP: '${{ secrets.YP_PRINTENV_BOOTSTRAP }}'
	YP_TRANSCRYPT_PASSWORD: '${{ secrets.YP_TRANSCRYPT_PASSWORD }}'
	V: '${{ secrets.V }}'
	DOCKER_USERNAME: '${{ secrets.DOCKER_USERNAME }}'
	DOCKER_TOKEN: '${{ secrets.DOCKER_TOKEN }}'
	GITHUB_MATRIX_CONTAINER: '${{ matrix.container }}'
	GITHUB_MATRIX_YP_CI_BREW_INSTALL: '${{ matrix.yp_ci_brew_install }}'
	GITHUB_JOB_NAME: 'mainc-${{ matrix.container }}-${{ matrix.yp_ci_brew_install }}'
	YP_CI_ECHO_EXTERNAL_HONEYCOMB_DATASET: 'mainc-${{ matrix.container }}-${{ matrix.yp_ci_brew_install }}'
	YP_DEPLOY_DRYRUN: true
	steps:
	- name: yplatform/bin/github-checkout
	shell: bash
	run: >
	set -x

	#!/usr/bin/env bash

	set -euo pipefail


	HOME_REAL=$(eval echo "~$(id -u -n)")

	[[ "${HOME}" = "${HOME_REAL}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[WARN] \$HOME is overriden to ${HOME}."
	>&2 echo "$(date +"%H:%M:%S")" "[INFO] Resetting \$HOME to ${HOME_REAL}..."
	export HOME=${HOME_REAL}
	}


	[[ -n "${GITHUB_REPOSITORY:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REPOSITORY is undefined."
	exit 1
	}


	[[ -n "${GITHUB_REF:-}" ]] \|\| {
	>&2 echo "$(date +"%H:%M:%S")" "[ERR ] GITHUB_REF is undefined."
	exit 1
	}


	# run with a clean .gitconfig, but restore on exit

	TMP_GITHUB_CHECKOUT=$(mktemp -t yplatform.XXXXXXXXXX)

	touch ${HOME}/.gitconfig

	mv ${HOME}/.gitconfig ${TMP_GITHUB_CHECKOUT}


	function on_exit() {
	mv ${TMP_GITHUB_CHECKOUT} ${HOME}/.gitconfig
	}

	trap on_exit EXIT


	# basic git config

	git config --global core.autocrlf false

	git config --global core.eol lf

	git config --global advice.detachedHead false


	# use https instead of everything else

	# sync with gitconfig/dot.gitconfig.github-https

	git config --global --add url."https://github.com/".insteadOf "https://github.com/" # git canonical https url

	git config --global --add url."https://github.com/".insteadOf "git://github.com/" # git canonical git url

	git config --global --add url."https://github.com/".insteadOf "github://" # github url

	git config --global --add url."https://github.com/".insteadOf "[email protected]:" # git canonical ssh url

	git config --global --add url."https://github.com/".insteadOf "ssh://[email protected]/" # npm package.json's
	canonical git+ssh url # editorconfig-checker-disable-line


	# use github token transparently

	[[ -z "${GITHUB_TOKEN:-}" ]] \|\| {
	BASE64="base64 --wrap 0"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="base64"
	echo "" \| ${BASE64} >/dev/null 2>&1 \|\| BASE64="openssl base64 -A"
	echo "" \| ${BASE64} >/dev/null 2>&1
	GIT_HTTP_EXTRAHEADER="AUTHORIZATION: basic $(echo -n "x-access-token:${GITHUB_TOKEN}" \| ${BASE64})"
	git config --global --add http."https://github.com/".extraheader "${GIT_HTTP_EXTRAHEADER}"
	}


	# use git protocol version 2 if available

	GIT_DEPTH_ARG=

	# NOTE may fail if git-man is not installed

	# ! git config --help \| grep -q "wire protocol version 2" \|\| {

	! grep -q "protocol version 2" $(command -v git) \|\| {
	git config --global --add protocol.version 2
	GIT_DEPTH_ARG="--depth=1"
	}


	# ------------------------------------------------------------------------------


	# clone/fetch

	GIT_URL=${GITHUB_SERVER_URL:-${GITHUB_URL:-https://github.com}}/${GITHUB_REPOSITORY}.git

	GIT_BRANCH_ARG=

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/heads\/}"
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	GIT_BRANCH_ARG="--branch ${GITHUB_REF#refs\/tags\/}"
	fi

	[[ -z "${GITHUB_WORKSPACE:-}" ]] \|\| cd ${GITHUB_WORKSPACE}

	git clone ${GIT_DEPTH_ARG:-} ${GIT_BRANCH_ARG} ${GIT_URL} $(pwd)

	# shellcheck disable=SC2193

	if [[ "${GITHUB_EVENT_NAME:-}" = "pull_request" ]]; then
	git fetch ${GIT_DEPTH_ARG:-} origin ${GITHUB_REF}:refs/remotes/pull/${GITHUB_REF#refs\/pull\/}
	GITHUB_SHA=$(git rev-parse pull/${GITHUB_REF#refs\/pull\/})
	GIT_BRANCH_DEFAULT=$(git ls-remote --symref ${GIT_URL} HEAD \| head -1 \| sed "s,^ref: refs/heads/,," \| sed "s,\s\+HEAD,,")
	GITHUB_REF=refs/heads/${GITHUB_BASE_REF:-${GIT_BRANCH_DEFAULT}}
	fi


	# ------------------------------------------------------------------------------


	# checkout

	if [[ "${GITHUB_REF}" =~ ^refs/heads/ ]]; then
	git checkout -B ${GITHUB_REF#refs\/heads\/} ${GITHUB_SHA:-origin/${GITHUB_REF#refs\/heads\/}}
	elif [[ "${GITHUB_REF}" =~ ^refs/tags/ ]]; then
	git checkout ${GITHUB_REF}
	else
	set -x
	printenv
	cat ${GITHUB_EVENT_PATH:-/dev/null}
	exit 1
	fi


	# submodules

	git submodule sync --recursive

	git submodule update --init --recursive --force ${GIT_DEPTH_ARG:-}
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v2
	- name: Set up Docker Buildx
	id: buildx
	uses: docker/setup-buildx-action@v2
	with:
	buildkitd-flags: '--debug'
	- name: 'Set up Docker Buildx: remote ssh for arm64'
	id: buildx-arm64-ssh
	uses: shimataro/ssh-key-action@v2
	with:
	key: '${{ secrets.DOCKER_AWS_SSH_PRIVATE_KEY }}'
	known_hosts: unnecessary
	- name: 'Set up Docker Buildx: remote builder for arm64'
	id: buildx-arm64-builder
	shell: bash
	env:
	DOCKER_AWS_SSH_SERVER: docker-arm64.aws.ysoftware.se
	run: \|-
	set -x
	ssh-keyscan -H ${DOCKER_AWS_SSH_SERVER} >> ~/.ssh/known_hosts \|\| exit 0
	ssh ${DOCKER_AWS_SSH_SERVER} "exit 0" \|\| exit 0
	docker context create aws-docker-arm64 --docker host=ssh://${DOCKER_AWS_SSH_SERVER}
	docker buildx create --name localamd64-remotearm64 default --platform linux/amd64
	docker buildx create --name localamd64-remotearm64 aws-docker-arm64 --platform linux/arm64 --append
	docker buildx use localamd64-remotearm64
	- shell: bash
	run: ./.ci.sh before_deploy
	- shell: bash
	run: ./.ci.sh deploy
	- shell: bash
	run: ./.ci.sh after_deploy \|\| true
	- name: Upload Artifacts
	uses: actions/upload-artifact@v3
	with:
	name: 'mainc-${{ matrix.container }}-${{ matrix.yp_ci_brew_install }}'
	path: \|-
	yp-ci-echo-benchmark
	some-job-artifact.md
	log.sh-session
	retention-days: 7

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

10. CI #2996

Workflow file

10. CI #2996

Jobs

Run details

Workflow file for this run