From b3403e712021f2f55e99d7a98cd52c836af2c004 Mon Sep 17 00:00:00 2001 From: Karolin Varner Date: Wed, 9 Apr 2025 00:18:47 +0200 Subject: [PATCH] fix(ci): Do not run mac os CI jobs on pull requests Warpbuild is quite expensive --- .github/workflows/nix-mac.yaml | 113 +++++++++++++++++++++++++++++++++ .github/workflows/nix.yaml | 100 ----------------------------- .github/workflows/qc-mac.yaml | 31 +++++++++ 3 files changed, 144 insertions(+), 100 deletions(-) create mode 100644 .github/workflows/nix-mac.yaml create mode 100644 .github/workflows/qc-mac.yaml diff --git a/.github/workflows/nix-mac.yaml b/.github/workflows/nix-mac.yaml new file mode 100644 index 0000000..4abd6dc --- /dev/null +++ b/.github/workflows/nix-mac.yaml @@ -0,0 +1,113 @@ +name: Nix on Mac +permissions: + contents: write +on: + push: + branches: + - main + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + aarch64-darwin---default: + name: Build aarch64-darwin.default + runs-on: + - warp-macos-13-arm64-6x + needs: + - aarch64-darwin---rosenpass + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + - uses: cachix/cachix-action@v15 + with: + name: rosenpass + authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + - name: Build + run: nix build .#packages.aarch64-darwin.default --print-build-logs + aarch64-darwin---release-package: + name: Build aarch64-darwin.release-package + runs-on: + - warp-macos-13-arm64-6x + needs: + - aarch64-darwin---rosenpass + - aarch64-darwin---rp + - aarch64-darwin---rosenpass-oci-image + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + - uses: cachix/cachix-action@v15 + with: + name: rosenpass + authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + - name: Build + run: nix build .#packages.aarch64-darwin.release-package --print-build-logs + aarch64-darwin---rosenpass: + name: Build aarch64-darwin.rosenpass + runs-on: + - warp-macos-13-arm64-6x + needs: [] + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + - uses: cachix/cachix-action@v15 + with: + name: rosenpass + authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + - name: Build + run: nix build .#packages.aarch64-darwin.rosenpass --print-build-logs + aarch64-darwin---rp: + name: Build aarch64-darwin.rp + runs-on: + - warp-macos-13-arm64-6x + needs: [] + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + - uses: cachix/cachix-action@v15 + with: + name: rosenpass + authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + - name: Build + run: nix build .#packages.aarch64-darwin.rp --print-build-logs + aarch64-darwin---rosenpass-oci-image: + name: Build aarch64-darwin.rosenpass-oci-image + runs-on: + - warp-macos-13-arm64-6x + needs: + - aarch64-darwin---rosenpass + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + - uses: cachix/cachix-action@v15 + with: + name: rosenpass + authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + - name: Build + run: nix build .#packages.aarch64-darwin.rosenpass-oci-image --print-build-logs + aarch64-darwin---check: + name: Run Nix checks on aarch64-darwin + runs-on: + - warp-macos-13-arm64-6x + steps: + - uses: actions/checkout@v4 + - uses: cachix/install-nix-action@v30 + with: + nix_path: nixpkgs=channel:nixos-unstable + - uses: cachix/cachix-action@v15 + with: + name: rosenpass + authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} + - name: Check + run: nix flake check . --print-build-logs diff --git a/.github/workflows/nix.yaml b/.github/workflows/nix.yaml index 0d0b849..8efda2f 100644 --- a/.github/workflows/nix.yaml +++ b/.github/workflows/nix.yaml @@ -77,106 +77,6 @@ jobs: authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - name: Check run: nix flake check . --print-build-logs - aarch64-darwin---default: - name: Build aarch64-darwin.default - runs-on: - - warp-macos-13-arm64-6x - needs: - - aarch64-darwin---rosenpass - steps: - - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v30 - with: - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/cachix-action@v15 - with: - name: rosenpass - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: Build - run: nix build .#packages.aarch64-darwin.default --print-build-logs - aarch64-darwin---release-package: - name: Build aarch64-darwin.release-package - runs-on: - - warp-macos-13-arm64-6x - needs: - - aarch64-darwin---rosenpass - - aarch64-darwin---rp - - aarch64-darwin---rosenpass-oci-image - steps: - - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v30 - with: - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/cachix-action@v15 - with: - name: rosenpass - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: Build - run: nix build .#packages.aarch64-darwin.release-package --print-build-logs - aarch64-darwin---rosenpass: - name: Build aarch64-darwin.rosenpass - runs-on: - - warp-macos-13-arm64-6x - needs: [] - steps: - - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v30 - with: - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/cachix-action@v15 - with: - name: rosenpass - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: Build - run: nix build .#packages.aarch64-darwin.rosenpass --print-build-logs - aarch64-darwin---rp: - name: Build aarch64-darwin.rp - runs-on: - - warp-macos-13-arm64-6x - needs: [] - steps: - - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v30 - with: - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/cachix-action@v15 - with: - name: rosenpass - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: Build - run: nix build .#packages.aarch64-darwin.rp --print-build-logs - aarch64-darwin---rosenpass-oci-image: - name: Build aarch64-darwin.rosenpass-oci-image - runs-on: - - warp-macos-13-arm64-6x - needs: - - aarch64-darwin---rosenpass - steps: - - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v30 - with: - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/cachix-action@v15 - with: - name: rosenpass - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: Build - run: nix build .#packages.aarch64-darwin.rosenpass-oci-image --print-build-logs - aarch64-darwin---check: - name: Run Nix checks on aarch64-darwin - runs-on: - - warp-macos-13-arm64-6x - steps: - - uses: actions/checkout@v4 - - uses: cachix/install-nix-action@v30 - with: - nix_path: nixpkgs=channel:nixos-unstable - - uses: cachix/cachix-action@v15 - with: - name: rosenpass - authToken: ${{ secrets.CACHIX_AUTH_TOKEN }} - - name: Check - run: nix flake check . --print-build-logs x86_64-linux---default: name: Build x86_64-linux.default runs-on: diff --git a/.github/workflows/qc-mac.yaml b/.github/workflows/qc-mac.yaml new file mode 100644 index 0000000..da9029d --- /dev/null +++ b/.github/workflows/qc-mac.yaml @@ -0,0 +1,31 @@ +name: QC +on: + push: + branches: [main] + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +permissions: + checks: write + contents: read + +jobs: + cargo-test: + runs-on: warp-macos-13-arm64-6x + steps: + - uses: actions/checkout@v4 + - uses: actions/cache@v4 + with: + path: | + ~/.cargo/bin/ + ~/.cargo/registry/index/ + ~/.cargo/registry/cache/ + ~/.cargo/git/db/ + target/ + key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }} + # liboqs requires quite a lot of stack memory, thus we adjust + # the default stack size picked for new threads (which is used + # by `cargo test`) to be _big enough_. Setting it to 8 MiB + - run: RUST_MIN_STACK=8388608 cargo test --workspace --all-features