From 305dc1d4cc594b076a747b46753685342beec91e Mon Sep 17 00:00:00 2001 From: Paul Jolly Date: Fri, 24 Mar 2023 15:06:17 +0000 Subject: [PATCH] internal/ci: move away from using defs as params in base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is a purely mechanical change to shift from using definitions to regular fields for the "params" of base. We embed base into core in order to validate that core satisfies those parameters. We finally confirm this change as working by switching to use core instead of explicit parameters in workflows.cue This change should not result in any .github/workflows changes. Signed-off-by: Paul Jolly Change-Id: Ie0542eae26cfa4a7e7011b5b3b9714cdec6f48c1 Reviewed-on: https://review.gerrithub.io/c/cue-lang/cue/+/551590 Reviewed-by: Daniel Martí Unity-Result: CUEcueckoo TryBot-Result: CUEcueckoo --- internal/ci/base/base.cue | 34 ++++++++++++++++---------------- internal/ci/base/gerrithub.cue | 30 ++++++++++++++-------------- internal/ci/base/github.cue | 12 +++++------ internal/ci/core/core.cue | 2 ++ internal/ci/github/release.cue | 2 +- internal/ci/github/trybot.cue | 4 ++-- internal/ci/github/workflows.cue | 21 +------------------- 7 files changed, 44 insertions(+), 61 deletions(-) diff --git a/internal/ci/base/base.cue b/internal/ci/base/base.cue index fc52c06dff0..a99d6c008ff 100644 --- a/internal/ci/base/base.cue +++ b/internal/ci/base/base.cue @@ -36,27 +36,27 @@ import ( ) // Package parameters -#githubRepositoryURL: string -#defaultBranch: string -#testDefaultBranch: "ci/test" -#botGitHubUser: string -#botGitHubUserTokenSecretsKey: string -#protectedBranchPatterns: [...string] -#releaseTagPattern: string +githubRepositoryURL: string +defaultBranch: string +testDefaultBranch: "ci/test" +botGitHubUser: string +botGitHubUserTokenSecretsKey: string +protectedBranchPatterns: [...string] +releaseTagPattern: string -#linuxMachine: string -#gerritHubHostname: string -#gerritHubRepositoryURL: string -#trybotRepositoryURL: *(#githubRepositoryURL + "-" + trybot.key) | string -#botGitHubUserEmail: string -#botGerritHubUser: *#botGitHubUser | string -#botGerritHubUserPasswordSecretsKey: string -#botGerritHubUserEmail: *#botGitHubUserEmail | string +linuxMachine: string +gerritHubHostname: string +gerritHubRepositoryURL: string +trybotRepositoryURL: *(githubRepositoryURL + "-" + trybot.key) | string +botGitHubUserEmail: string +botGerritHubUser: *botGitHubUser | string +botGerritHubUserPasswordSecretsKey: string +botGerritHubUserEmail: *botGitHubUserEmail | string // Pending cuelang.org/issue/1433, hack around defaulting #gerritHubRepository // based on #repository -let _#repositoryURLNoScheme = strings.Split(#githubRepositoryURL, "//")[1] -#gerritHubRepository: *("https://\(#gerritHubHostname)/a/" + path.Base(path.Dir(_#repositoryURLNoScheme)) + "/" + path.Base(_#repositoryURLNoScheme)) | _ +let _#repositoryURLNoScheme = strings.Split(githubRepositoryURL, "//")[1] +gerritHubRepository: *("https://\(gerritHubHostname)/a/" + path.Base(path.Dir(_#repositoryURLNoScheme)) + "/" + path.Base(_#repositoryURLNoScheme)) | _ // Define some shared keys and human-readable names. // diff --git a/internal/ci/base/gerrithub.cue b/internal/ci/base/gerrithub.cue index 7df752aed00..4453782aa19 100644 --- a/internal/ci/base/gerrithub.cue +++ b/internal/ci/base/gerrithub.cue @@ -14,7 +14,7 @@ import ( jobs: [string]: defaults: run: shell: "bash" jobs: { (#type): { - "runs-on": #linuxMachine + "runs-on": linuxMachine if: "${{ github.event.client_payload.type == '\(#type)' }}" steps: [ #writeNetrcFile, @@ -34,16 +34,16 @@ import ( mkdir tmpgit cd tmpgit git init - git config user.name \(#botGitHubUser) - git config user.email \(#botGitHubUserEmail) - git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n \(#botGitHubUser):${{ secrets.\(#botGitHubUserTokenSecretsKey) }} | base64)" - git fetch \(#gerritHubRepository) "${{ github.event.client_payload.payload.ref }}" + git config user.name \(botGitHubUser) + git config user.email \(botGitHubUserEmail) + git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n \(botGitHubUser):${{ secrets.\(botGitHubUserTokenSecretsKey) }} | base64)" + git fetch \(gerritHubRepositoryURL) "${{ github.event.client_payload.payload.ref }}" git checkout -b \(_#branchNameExpression) FETCH_HEAD - git remote add origin \(#trybotRepositoryURL) + git remote add origin \(trybotRepositoryURL) git fetch origin "${{ github.event.client_payload.payload.branch }}" git push origin \(_#branchNameExpression) echo ${{ secrets.CUECKOO_GITHUB_PAT }} | gh auth login --with-token - gh pr --repo=\(#trybotRepositoryURL) create --base="${{ github.event.client_payload.payload.branch }}" --fill + gh pr --repo=\(trybotRepositoryURL) create --base="${{ github.event.client_payload.payload.branch }}" --fill """ }, ] @@ -67,11 +67,11 @@ import ( mkdir tmpgit cd tmpgit git init - git config user.name \(#botGitHubUser) - git config user.email \(#botGitHubUserEmail) - git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n \(#botGitHubUser):${{ secrets.\(#botGitHubUserTokenSecretsKey) }} | base64)" - git remote add origin \(#gerritHubRepository) - git remote add trybot \(#trybotRepositoryURL) + git config user.name \(botGitHubUser) + git config user.email \(botGitHubUserEmail) + git config http.https://github.com/.extraheader "AUTHORIZATION: basic $(echo -n \(botGitHubUser):${{ secrets.\(botGitHubUserTokenSecretsKey) }} | base64)" + git remote add origin \(gerritHubRepositoryURL) + git remote add trybot \(trybotRepositoryURL) git fetch origin "${{ github.ref }}" git push trybot "FETCH_HEAD:${{ github.ref }}" """ @@ -85,9 +85,9 @@ import ( name: "Write netrc file for cueckoo Gerrithub" run: """ cat < ~/.netrc - machine \(#gerritHubHostname) - login \(#botGerritHubUser) - password ${{ secrets.\(#botGerritHubUserPasswordSecretsKey) }} + machine \(gerritHubHostname) + login \(botGerritHubUser) + password ${{ secrets.\(botGerritHubUserPasswordSecretsKey) }} EOD chmod 600 ~/.netrc """ diff --git a/internal/ci/base/github.cue b/internal/ci/base/github.cue index 2e0fdb9edeb..72e4f9b8376 100644 --- a/internal/ci/base/github.cue +++ b/internal/ci/base/github.cue @@ -119,7 +119,7 @@ import ( } #curlGitHubAPI: #""" - curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.\#(#botGitHubUserTokenSecretsKey) }}" -H "X-GitHub-Api-Version: 2022-11-28" + curl -s -L -H "Accept: application/vnd.github+json" -H "Authorization: Bearer ${{ secrets.\#(botGitHubUserTokenSecretsKey) }}" -H "X-GitHub-Api-Version: 2022-11-28" """# #setupGoActionsCaches: { @@ -181,7 +181,7 @@ import ( // It would be nice to use the "contains" builtin for simplicity, // but array literals are not yet supported in expressions. #isProtectedBranch: { - "(" + strings.Join([ for branch in #protectedBranchPatterns { + "(" + strings.Join([ for branch in protectedBranchPatterns { (_#matchPattern & {variable: "github.ref", pattern: "refs/heads/\(branch)"}).expr }], " || ") + ")" } @@ -190,7 +190,7 @@ import ( // pattern, that evaluates to true if called in the context of a workflow that // is part of a release. #isReleaseTag: { - (_#matchPattern & {variable: "github.ref", pattern: "refs/tags/\(#releaseTagPattern)"}).expr + (_#matchPattern & {variable: "github.ref", pattern: "refs/tags/\(releaseTagPattern)"}).expr } #checkGitClean: json.#step & { @@ -198,9 +198,9 @@ import ( run: "test -z \"$(git status --porcelain)\" || (git status; git diff; false)" } -let _#repositoryURL = #githubRepositoryURL -let _#botGitHubUser = #botGitHubUser -let _#botGitHubUserTokenSecretsKey = #botGitHubUserTokenSecretsKey +let _#repositoryURL = githubRepositoryURL +let _#botGitHubUser = botGitHubUser +let _#botGitHubUserTokenSecretsKey = botGitHubUserTokenSecretsKey #repositoryDispatch: json.#step & { #repositoryURL: *_#repositoryURL | string diff --git a/internal/ci/core/core.cue b/internal/ci/core/core.cue index 1251d9c22c4..0f485b2e584 100644 --- a/internal/ci/core/core.cue +++ b/internal/ci/core/core.cue @@ -7,6 +7,8 @@ import ( "cuelang.org/go/internal/ci/base" ) +base + // The machines that we use linuxMachine: "ubuntu-22.04" macosMachine: "macos-11" diff --git a/internal/ci/github/release.cue b/internal/ci/github/release.cue index 1c56af1430f..66b1725be06 100644 --- a/internal/ci/github/release.cue +++ b/internal/ci/github/release.cue @@ -38,7 +38,7 @@ workflows: release: _base.#bashWorkflow & { on: push: { tags: [core.releaseTagPattern, "!" + core.zeroReleaseTagPattern] - branches: list.Concat([[_base.#testDefaultBranch], core.protectedBranchPatterns]) + branches: list.Concat([[_base.testDefaultBranch], core.protectedBranchPatterns]) } jobs: goreleaser: { "runs-on": core.linuxMachine diff --git a/internal/ci/github/trybot.cue b/internal/ci/github/trybot.cue index 546fe487327..00efad8dfb0 100644 --- a/internal/ci/github/trybot.cue +++ b/internal/ci/github/trybot.cue @@ -28,7 +28,7 @@ workflows: trybot: _base.#bashWorkflow & { on: { push: { - branches: list.Concat([["trybot/*/*", _base.#testDefaultBranch], core.protectedBranchPatterns]) // do not run PR branches + branches: list.Concat([["trybot/*/*", _base.testDefaultBranch], core.protectedBranchPatterns]) // do not run PR branches "tags-ignore": [core.releaseTagPattern] } pull_request: {} @@ -55,7 +55,7 @@ workflows: trybot: _base.#bashWorkflow & { // subsequent CLs in the trybot repo can leverage the updated // cache. Therefore, we instead perform a clean of the testcache. json.#step & { - if: "github.repository == '\(core.githubRepositoryPath)' && (\(_base.#isProtectedBranch) || github.ref == 'refs/heads/\(_base.#testDefaultBranch)')" + if: "github.repository == '\(core.githubRepositoryPath)' && (\(_base.#isProtectedBranch) || github.ref == 'refs/heads/\(_base.testDefaultBranch)')" run: "go clean -testcache" }, diff --git a/internal/ci/github/workflows.cue b/internal/ci/github/workflows.cue index 9e6ab3b947f..2db9670b340 100644 --- a/internal/ci/github/workflows.cue +++ b/internal/ci/github/workflows.cue @@ -17,7 +17,6 @@ package github import ( "cuelang.org/go/internal/ci/core" - "cuelang.org/go/internal/ci/base" "github.com/SchemaStore/schemastore/src/schemas/json" ) @@ -56,22 +55,4 @@ workflows: close({ // TODO: revisit the naming strategy here. _base and base are very similar. // Perhaps rename the import to something more obviously not intended to be // used, and then rename the field base? -_base: base & { - #githubRepositoryURL: core.githubRepositoryURL - #defaultBranch: core.defaultBranch - #botGitHubUser: core.botGitHubUser - #botGitHubUserTokenSecretsKey: core.botGitHubUserTokenSecretsKey - #protectedBranchPatterns: core.protectedBranchPatterns - #releaseTagPattern: core.releaseTagPattern - - #githubRepositoryURL: core.githubRepositoryURL - #trybotKey: _base.trybot.key - #botGitHubUser: core.botGitHubUser - #botGitHubUserTokenSecretsKey: core.botGitHubUserTokenSecretsKey - #botGitHubUserEmail: core.botGitHubUserEmail - #botGerritHubUser: core.botGitHubUser - #botGerritHubUserPasswordSecretsKey: core.botGerritHubUserPasswordSecretsKey - #botGerritHubUserEmail: core.botGitHubUserEmail - #gerritHubHostname: core.gerritHubHostname - #linuxMachine: core.linuxMachine -} +_base: core