deps: bump bazel-contrib/setup-bazel from 0.16.0 to 0.18.0 #6966
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # SPDX-License-Identifier: Apache-2.0 | |
| # | |
| # Copyright 2023-2026 The Enola <https://enola.dev> Authors | |
| # | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # https://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions | |
| # Do NOT use special character in this "name", because of | |
| # https://github.com/bazel-contrib/setup-bazel/issues/72. | |
| name: Build Test Deploy CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| # The branches below must be a subset of the branches above | |
| branches: [main] | |
| # https://github.com/orgs/community/discussions/25722 | |
| types: [opened, synchronize, reopened, ready_for_review] | |
| # Cancel any in-progress job or run if there is a newer commit | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| devcontainer: | |
| # https://github.com/orgs/community/discussions/25722 | |
| if: (github.repository == 'enola-dev/enola') && | |
| (github.event.pull_request.draft == false) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - name: DevContainer | |
| # TODO if: ${{ github.event_name == 'push' }} | |
| uses: devcontainers/ci@v0.3 | |
| with: | |
| # TODO imageName: ghcr.io/example/example-devcontainer | |
| # TODO cacheFrom: ghcr.io/example/example-devcontainer | |
| # TODO push: always | |
| push: never | |
| runCmd: echo DevContainer OK! | |
| # TODO runCmd: ./tools/test-ci/test.bash | |
| # https://docs.enola.dev/use#nix non-regression testing | |
| # This is *SO* slow... because as-is it can't re-use the Bazel cache :( | |
| # TODO How could we make this run faster? | |
| nix-run: | |
| # https://github.com/orgs/community/discussions/25722 | |
| if: (github.repository == 'enola-dev/enola') && | |
| (github.event.pull_request.draft == false) | |
| permissions: | |
| contents: read | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: cachix/install-nix-action@v31 | |
| # TODO Remove --no-sandbox after https://github.com/enola-dev/enola/issues/1713 | |
| - run: nix run --no-sandbox . -- help | |
| build: | |
| # https://github.com/orgs/community/discussions/25722 | |
| if: (github.repository == 'enola-dev/enola') && | |
| (github.event.pull_request.draft == false) | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v5 | |
| # https://github.com/enola-dev/enola/issues/1959 | |
| - name: Print Disk Usage | |
| run: tools/disk-use/du.bash | |
| - name: Free Disk Space (Ubuntu) | |
| # https://github.com/jlumbroso/free-disk-space | |
| uses: jlumbroso/free-disk-space@v1.3.1 | |
| with: | |
| tool-cache: true | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: true | |
| docker-images: true | |
| swap-storage: true | |
| - name: Maximize Build Space | |
| # This is likely a bit redundant with the above action, but can't really hurt either: | |
| run: | | |
| sudo rm -rf /usr/share/dotnet | |
| sudo rm -rf /usr/local/lib/android | |
| sudo rm -rf /opt/ghc | |
| sudo rm -rf "/usr/local/share/boost" | |
| sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
| docker system prune -af | |
| - name: Print Disk Usage | |
| run: tools/disk-use/du.bash | |
| - name: Install IPFS Node daemon | |
| uses: oduwsdl/setup-ipfs@678755ac20f92d2dfca7e16138e40ae75f7a0f6f | |
| with: | |
| ipfs_version: ^0.33 | |
| run_daemon: true | |
| - uses: cachix/install-nix-action@v31 | |
| - uses: nicknovitski/nix-develop@v1 | |
| # TODO: remove non-nix paths from PATH | |
| # uvx is used in mcp.yaml, and test-cli.bash runs: ./enola -vv mcp list-tools | |
| # So we need to install https://docs.astral.sh/uv/guides/integration/github here. | |
| # We prefer this over installing it with Nix just because of its enable-cache option. | |
| - name: Install uv for Python MCP servers | |
| uses: astral-sh/setup-uv@v7 | |
| with: | |
| enable-cache: true | |
| version: "0.9.24" # Pin a specific version of uv. | |
| # This could be removed again later; it's only needed until for initial quick testing that this works: | |
| - run: uvx mcp-server-git --help | |
| - name: Check which package versions we are using | |
| run: | | |
| which go | |
| go version | |
| which java | |
| java --version | |
| which uvx | |
| uvx --version | |
| - name: Install Web dependencies | |
| working-directory: web | |
| run: bun install | |
| # - name: Run Typescript Compiler (TSC) | |
| # working-directory: web | |
| # run: bun tsc | |
| - name: Build Web | |
| working-directory: web | |
| run: ./build | |
| - name: protoc | |
| run: tools/protoc/protoc.bash | |
| # This also runs at the end again, but better to fail early | |
| # This must ALWAYS run AFTER java is available, due to https://github.com/google/google-java-format/pull/1228/files. | |
| # TODO Re-enable after fixing https://github.com/enola-dev/enola/issues/1799 | |
| # - name: pre-commit run --all-files | |
| # run: pre-commit run --all-files | |
| - name: Print Disk Usage | |
| run: tools/disk-use/du.bash | |
| - name: Cache Bazel | |
| uses: bazel-contrib/setup-bazel@0.18.0 | |
| with: | |
| # KEEP IN SYNC WITH BELOW! | |
| bazelisk-cache: true | |
| bazelisk-version: 1.25.0 | |
| disk-cache: ${{ github.workflow }} | |
| # TODO manifest: npm: package-lock.json ?? | |
| external-cache: true | |
| repository-cache: true | |
| - name: Cache Node.js | |
| uses: actions/cache@v5 | |
| with: | |
| path: ~/.npm | |
| # -${{ hashFiles('**/package-lock.json') }} | |
| key: ${{ runner.os }}-npm | |
| restore-keys: ${{ runner.os }}-npm | |
| - name: Cache Maven | |
| uses: actions/cache@v5 | |
| with: | |
| path: ~/.m2 | |
| key: ${{ runner.os }}-maven | |
| restore-keys: ${{ runner.os }}-maven | |
| - name: Cache Go | |
| uses: actions/cache@v5 | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Cache Python Virtual Env | |
| uses: actions/cache@v5 | |
| with: | |
| path: .venv/ | |
| key: ${{ runner.os }}-cache-${{ hashFiles('requirements.txt') }} | |
| restore-keys: ${{ runner.os }}-venv- | |
| - name: Cache Pre-Commit | |
| uses: actions/cache@v5 | |
| with: | |
| path: ~/.cache/pre-commit/ | |
| key: ${{ runner.os }}-cache-${{ hashFiles('.pre-commit-config.yaml') }} | |
| restore-keys: ${{ runner.os }}-cache- | |
| - name: Cache Demo | |
| uses: actions/cache@v5 | |
| with: | |
| path: .cache/demo/ | |
| key: ${{ runner.os }}-demo-${{ hashFiles('tools/demo/*.bash') }} | |
| restore-keys: ${{ runner.os }}-demo- | |
| - name: Print Disk Usage | |
| run: tools/disk-use/du.bash | |
| - run: ./tools/test-ci/test.bash | |
| # Build docs/ into site/ (not just on main branch but also for pull requests, as test) | |
| - name: Build Docs Site (but skip [slow] screencast recording, because on PR) | |
| if: ${{ github.event_name == 'pull_request' }} | |
| run: ./tools/docs/build.bash --without-demo-screencasts | |
| - name: Build Docs Site, now with Screencasts (because on branch) | |
| if: ${{ github.event_name == 'push' }} | |
| run: ./tools/docs/build.bash | |
| # Double-check that the build steps have not touched any (non-ignored) files | |
| - name: tools/git/test.bash | |
| run: tools/git/test.bash | |
| - name: Print Disk Usage | |
| run: tools/disk-use/du.bash | |
| # TODO Re-enable after fixing https://github.com/enola-dev/enola/issues/1799 | |
| # Any "dirty" changes will cause build to abort. This intentionally runs again after the build. | |
| # - name: pre-commit run --all-files | |
| # run: pre-commit run --all-files | |
| # The following steps deploy site/ (using GitHub Pages) | |
| # to https://enola-dev.github.io = https://docs.enola.dev | |
| - name: Setup Pages | |
| if: ${{ github.event_name == 'push' }} | |
| uses: actions/configure-pages@v5 | |
| - name: Upload site/ directory as GitHub Pages artifact | |
| if: ${{ github.event_name == 'push' }} | |
| uses: actions/upload-pages-artifact@v4 | |
| with: | |
| path: "site/" | |
| # https://github.com/enola-dev/enola/issues/1959 | |
| - name: Clean a few [BIG] un-cached (!) directories, before (implicit) final "Post * Cache" archival steps | |
| # NB: site/ must obviously be removed AFTER Pages deployment only (just done above) | |
| run: rm -rf generated/ site/ | |
| deploy-website: | |
| needs: build | |
| if: ${{ github.event_name == 'push' }} | |
| runs-on: ubuntu-latest | |
| # https://docs.github.com/en/actions/security-guides/automatic-token-authentication | |
| # Sets required permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages | |
| permissions: | |
| pages: write | |
| id-token: write | |
| environment: | |
| name: github-pages | |
| url: ${{ steps.deployment.outputs.page_url }} | |
| steps: | |
| # https://github.com/actions/deploy-pages | |
| - name: Deploy to GitHub Pages | |
| id: deployment | |
| uses: actions/deploy-pages@v4 | |
| # https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#publishing-a-package-using-an-action | |
| push-container-image: | |
| needs: build | |
| if: ${{ github.event_name == 'push' }} | |
| # This is a separate job from 'build' only because it needs additional permissions which we don't want 'build' to have: | |
| permissions: | |
| contents: read | |
| packages: write | |
| runs-on: ubuntu-latest | |
| env: | |
| REGISTRY: ghcr.io | |
| IMAGE_NAME: ${{ github.repository }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| - uses: cachix/install-nix-action@v31 | |
| - uses: nicknovitski/nix-develop@v1 | |
| # TODO: remove non-nix paths from PATH | |
| - name: Cache Bazel | |
| uses: bazel-contrib/setup-bazel@0.18.0 | |
| with: | |
| # KEEP IN SYNC WITH ABOVE! | |
| bazelisk-cache: true | |
| bazelisk-version: 1.25.0 | |
| disk-cache: ${{ github.workflow }} | |
| # TODO manifest: npm: package-lock.json ?? | |
| external-cache: true | |
| repository-cache: true | |
| - name: Build Container Image # again, because technically it was already built in the 'build' job, but oh well! | |
| run: ./tools/distro/build.bash | |
| # Uses the `docker/login-action` action to log in to the Container registry registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here. | |
| - name: Log in to the Container registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels. | |
| - name: Extract metadata (tags, labels) for Docker | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} | |
| # This step uses the `docker/build-push-action` action to build the image, based on your repository's `Dockerfile`. If the build succeeds, it pushes the image to GitHub Packages. | |
| # It uses the `context` parameter to define the build's context as the set of files located in the specified path. For more information, see "[Usage](https://github.com/docker/build-push-action#usage)" in the README of the `docker/build-push-action` repository. | |
| # It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step. | |
| - name: Build and push Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: true | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} |