-
Notifications
You must be signed in to change notification settings - Fork 0
126 lines (106 loc) · 3.61 KB
/
ci.yaml
File metadata and controls
126 lines (106 loc) · 3.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: CI
on:
push:
branches:
- main
pull_request:
branches:
- main
env:
TEST_MIN_COVERAGE: 40
jobs:
check:
name: Run `mix check`
runs-on: ubuntu-latest
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}-check
cancel-in-progress: true
permissions:
security-events: write
actions: read
contents: read
steps:
- name: Setup Elixir
uses: erlef/setup-beam@v1
with:
otp-version: '27'
elixir-version: '1.18.0'
- name: Checkout code
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Restore cache
uses: actions/cache/restore@v4
with:
path: |
./_build/
./deps/
key: ${{ github.head_ref || github.ref_name }}-${{ github.sha }}
restore-keys: |
${{ github.head_ref }}
main
- name: Fix mtimes
run: find ./ -type f -path './_build/*/lib/*/.mix/*' -exec touch -d "@0" {} \;
- name: Run `mix check`
run: |
export MIX_ENV=test
mix local.rebar --force
mix local.hex --force
mix deps.get
# Compile via mix_machine to avoid double compilation
.check/tools/compiler.sh
mix check
- name: Upload compiler SARIF
if: always() && github.event.workflow_run.conclusion != 'cancelled'
continue-on-error: true
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: reports/compiler/sarif.json
category: compiler
- name: Upload credo SARIF
if: always() && github.event.workflow_run.conclusion != 'cancelled'
continue-on-error: true
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: reports/credo/sarif.json
category: credo
- name: Upload sobelow SARIF
if: always() && github.event.workflow_run.conclusion != 'cancelled'
continue-on-error: true
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: reports/sobleow/sarif.json
category: sobelow
- name: Produce GH Annotations from reports
if: always() && github.event.workflow_run.conclusion != 'cancelled'
continue-on-error: true
run: .check/report/annotations.sh
- name: Output GH Summary from reports
if: always() && github.event.workflow_run.conclusion != 'cancelled'
continue-on-error: true
run: .check/report/summary.sh > $GITHUB_STEP_SUMMARY
- name: Store reports artifact
if: always() && github.event.workflow_run.conclusion != 'cancelled'
continue-on-error: true
uses: actions/upload-artifact@v4
with:
name: ${{ github.head_ref || github.ref_name }}-reports
path: reports
- name: Store coverage artifact
if: steps.mix-check.outcome == 'success'
continue-on-error: true
uses: actions/upload-artifact@v4
with:
name: ${{ github.head_ref || github.ref_name }}-coverage
path: reports/ex_unit/coverage.txt
- name: Fix permissions
if: always() && github.event.workflow_run.conclusion != 'cancelled'
run: test -d ~/.werf/shared_context && sudo chown -R $(id -u):$(id -g) ~/.werf/shared_context || true
- name: Save cache
if: always() && github.event.workflow_run.conclusion != 'cancelled'
uses: actions/cache/save@v4
with:
path: |
./_build/
./deps/
key: ${{ github.head_ref || github.ref_name }}-${{ github.sha }}