lambda-runtime-factory/.github/workflows/ci.yml at main · TartarusCode/lambda-runtime-factory · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
name: ci

on:
  push:
    branches:
      - main
  pull_request:

permissions:
  contents: read

jobs:
  prepare-matrix:
    if: ${{ !(github.event_name == 'pull_request' && github.actor == 'dependabot[bot]') }}
    runs-on: ubuntu-latest
    outputs:
      matrix: ${{ steps.matrix.outputs.matrix }}
    steps:
      - uses: actions/checkout@v6
      - uses: actions/setup-python@v6
        with:
          python-version: "3.11"
      - id: matrix
        run: echo "matrix=$(python3 tools/runtime_lib/runtime_manifest.py matrix)" >> "$GITHUB_OUTPUT"

  runtime-checks:
    if: ${{ !(github.event_name == 'pull_request' && github.actor == 'dependabot[bot]') }}
    needs: prepare-matrix
    runs-on: ${{ matrix.runner }}
    strategy:
      fail-fast: false
      matrix: ${{ fromJson(needs.prepare-matrix.outputs.matrix) }}
    env:
      SAM_CLI_TELEMETRY: "0"
      BUILD_BEST_EFFORT_AUDIT: "0"
    steps:
      - uses: actions/checkout@v6
      - uses: actions/setup-python@v6
        with:
          python-version: "3.11"
      - name: Install SAM CLI
        run: pip install --quiet aws-sam-cli
      - name: Prepare cache directories
        run: |
          echo "DOWNLOAD_CACHE_DIR=${RUNNER_TEMP}/lambda-runtime-monorepo/cache/downloads" >> "$GITHUB_ENV"
          mkdir -p "${RUNNER_TEMP}/lambda-runtime-monorepo/cache/downloads"
      - name: Cache runtime downloads
        uses: actions/cache@v5
        with:
          path: ${{ env.DOWNLOAD_CACHE_DIR }}
          key: downloads-${{ runner.os }}-${{ matrix.runtime }}-${{ matrix.arch }}-${{ hashFiles(format('runtimes/{0}/runtime.json', matrix.runtime), format('runtimes/{0}/checksums/**', matrix.runtime)) }}
      - name: Install shell tooling
        run: sudo apt-get update && sudo apt-get install -y shellcheck zip unzip
      - name: Install Grype
        run: curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin
      - name: Validate manifests
        run: bash tools/bin/validate-runtimes
      - name: Validate shell scripts
        run: |
          bash -n tools/bin/*.sh
      - name: Validate Python sources
        run: bash tools/bin/check-runtime "${{ matrix.runtime }}" "${{ matrix.arch }}"
      - name: Build runtime package
        run: make build RUNTIME=${{ matrix.runtime }} ARCH=${{ matrix.arch }}
      - name: Audit runtime package
        run: bash tools/bin/audit-runtime "${{ matrix.runtime }}" "${{ matrix.arch }}"
      - name: Build local SAM example
        if: matrix.arch == 'x86_64' && !matrix.skip_local_invoke
        run: make local-build RUNTIME=${{ matrix.runtime }} ARCH=${{ matrix.arch }}
      - name: Invoke local SAM example
        if: matrix.arch == 'x86_64' && !matrix.skip_local_invoke
        run: make local-invoke RUNTIME=${{ matrix.runtime }} ARCH=${{ matrix.arch }}
      - name: Upload runtime artifact
        uses: actions/upload-artifact@v7
        with:
          name: ${{ matrix.runtime }}-${{ matrix.arch }}-artifact
          path: ${{ runner.temp }}/lambda-runtime-monorepo/${{ matrix.runtime }}/${{ matrix.arch }}/artifacts/*.zip