prog:githubactions
SSH
Ajout d'une clé SSH
Pour pouvoir pousser sur un dépôt automatiquement.
- Création de la clé
Il faut commencer par créer la clé d'authentification (sans mot de passe, au format RSA PRIVATE KEY).
- Ajout de la clé au dépôt à modifier
Puis ouvrir le fichier file.key.pub et créer une clé de déploiement à l'adresse https://github.com/USER/PROJET/settings/keys
Bien sûr, cocher Allow write access.
- Ajout de la clé au dépôt voulant pousser vers le dépôt à modifier
Ajouter le contenu du fichier key converti au format -----BEGIN RSA PRIVATE KEY----- (voir Création d'une clé) à l'adresse https://github.com/USER/PROJET/settings/secrets/actions
- Configurer le projet pour utiliser la clé
- name: Install SSH key uses: shimataro/ssh-key-action@v2 with: key: ${{ secrets.SSH_KEY_TRAVIS_CI }} known_hosts: # write here the content of `ssh-keyscan localhost` when executed on the CI machine of course. - name: Publish results run: | eval `ssh-agent` # ~/.ssh/id_rsa is when shimataro/ssh-key-action@v2 installed the key. ssh-add ~/.ssh/id_rsa git clone depot_a_modifier cd xxx # insert modification git add git commit -m "text" # Here you should success git push
Sous Windows, ssh-keyscan localhost ne fonctionne pas. On peut directement mettre le résultat de ssh-keyscan -t rsa github.com.
Serveurs
/proc/cpuinfo
2 processeurs :
processor : 1 et 2 vendor_id : GenuineIntel cpu family : 6 model : 79 model name : Intel(R) Xeon(R) CPU E5-2673 v4 @ 2.30GHz stepping : 1 microcode : 0xffffffff cpu MHz : 2294.686 cache size : 51200 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 20 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology cpuid pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single pti fsgsbase bmi1 hle avx2 smep bmi2 erms invpcid rtm rdseed adx smap xsaveopt md_clear bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs taa itlb_multihit bogomips : 4589.37 clflush size : 64 cache_alignment : 64 address sizes : 46 bits physical, 48 bits virtual power management:
/etc/apt/sources.list
## Note, this file is written by cloud-init on first boot of an instance ## modifications made here will not survive a re-bundle. ## if you wish to make changes you can: ## a.) add 'apt_preserve_sources_list: true' to /etc/cloud/cloud.cfg ## or do the same in user-data ## b.) add sources in /etc/apt/sources.list.d ## c.) make changes to template file /etc/cloud/templates/sources.list.tmpl # See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to # newer versions of the distribution. deb http://azure.archive.ubuntu.com/ubuntu/ focal main restricted # deb-src http://azure.archive.ubuntu.com/ubuntu/ focal main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://azure.archive.ubuntu.com/ubuntu/ focal-updates main restricted # deb-src http://azure.archive.ubuntu.com/ubuntu/ focal-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team. Also, please note that software in universe WILL NOT receive any ## review or updates from the Ubuntu security team. deb http://azure.archive.ubuntu.com/ubuntu/ focal universe # deb-src http://azure.archive.ubuntu.com/ubuntu/ focal universe deb http://azure.archive.ubuntu.com/ubuntu/ focal-updates universe # deb-src http://azure.archive.ubuntu.com/ubuntu/ focal-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. deb http://azure.archive.ubuntu.com/ubuntu/ focal multiverse # deb-src http://azure.archive.ubuntu.com/ubuntu/ focal multiverse deb http://azure.archive.ubuntu.com/ubuntu/ focal-updates multiverse # deb-src http://azure.archive.ubuntu.com/ubuntu/ focal-updates multiverse ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://azure.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse # deb-src http://azure.archive.ubuntu.com/ubuntu/ focal-backports main restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. ## This software is not part of Ubuntu, but is offered by Canonical and the ## respective vendors as a service to Ubuntu users. # deb http://archive.canonical.com/ubuntu focal partner # deb-src http://archive.canonical.com/ubuntu focal partner deb http://security.ubuntu.com/ubuntu focal-security main restricted # deb-src http://security.ubuntu.com/ubuntu focal-security main restricted deb http://security.ubuntu.com/ubuntu focal-security universe # deb-src http://security.ubuntu.com/ubuntu focal-security universe deb http://security.ubuntu.com/ubuntu focal-security multiverse # deb-src http://security.ubuntu.com/ubuntu focal-security multiverse
env
Voir Environment variables Archive du 24/06/2021 le 27/06/2021
SELENIUM_JAR_PATH=/usr/share/java/selenium-server-standalone.jar CONDA=/usr/share/miniconda GITHUB_WORKSPACE=/home/runner/work/jessica/jessica JAVA_HOME_11_X64=/usr/lib/jvm/adoptopenjdk-11-hotspot-amd64 GITHUB_PATH=/home/runner/work/_temp/_runner_file_commands/add_path_199a78a9-6d56-44de-96e0-31e3d0ec5c8d GITHUB_ACTION=run2 JAVA_HOME=/usr/lib/jvm/adoptopenjdk-11-hotspot-amd64 GITHUB_RUN_NUMBER=286 GRADLE_HOME=/usr/share/gradle-7.0.2 XDG_CONFIG_HOME=/home/runner/.config DOTNET_SKIP_FIRST_TIME_EXPERIENCE=1 ANT_HOME=/usr/share/ant JAVA_HOME_8_X64=/usr/lib/jvm/adoptopenjdk-8-hotspot-amd64 HOMEBREW_PREFIX="/home/linuxbrew/.linuxbrew" HOMEBREW_CLEANUP_PERIODIC_FULL_DAYS=3650 BOOTSTRAP_HASKELL_NONINTERACTIVE=1 *** PIPX_BIN_DIR=/opt/pipx_bin DEPLOYMENT_BASEPATH=/opt/runner GITHUB_ACTIONS=true ANDROID_NDK_LATEST_HOME=/usr/local/lib/android/sdk/ndk/22.1.7171670 GITHUB_SHA=5bcc406df60fcf617baec49cf66436cfac3f35d8 POWERSHELL_DISTRIBUTION_CHANNEL=GitHub-Actions-ubuntu20 DOTNET_MULTILEVEL_LOOKUP=0 GITHUB_REF=refs/heads/master RUNNER_OS=Linux HOME=/home/runner GITHUB_API_URL=https://api.github.com LANG=C.UTF-8 RUNNER_TRACKING_ID=github_0c419c59-170c-44ec-90e9-9b7328f5b6ba RUNNER_TEMP=/home/runner/work/_temp GITHUB_ENV=/home/runner/work/_temp/_runner_file_commands/set_env_199a78a9-6d56-44de-96e0-31e3d0ec5c8d GITHUB_EVENT_PATH=/home/runner/work/_temp/_github_workflow/event.json INVOCATION_ID=82c3e95da20a49b79e0f36288d8232d1 GITHUB_EVENT_NAME=workflow_run GITHUB_RUN_ID=976282352 ANDROID_NDK_HOME=/usr/local/lib/android/sdk/ndk-bundle HOMEBREW_NO_AUTO_UPDATE=1 GITHUB_ACTOR=bansan85 NVM_DIR=/home/runner/.nvm ANDROID_HOME=/usr/local/lib/android/sdk GOROOT_1_14_X64=/opt/hostedtoolcache/go/1.14.15/x64 GITHUB_GRAPHQL_URL=https://api.github.com/graphql RUNNER_USER=runner ACCEPT_EULA=Y USER=runner GITHUB_SERVER_URL=https://github.com HOMEBREW_CELLAR="/home/linuxbrew/.linuxbrew/Cellar" PIPX_HOME=/opt/pipx GECKOWEBDRIVER=/usr/local/share/gecko_driver CHROMEWEBDRIVER=/usr/local/share/chrome_driver SHLVL=1 ANDROID_SDK_ROOT=/usr/local/lib/android/sdk VCPKG_INSTALLATION_ROOT=/usr/local/share/vcpkg HOMEBREW_REPOSITORY="/home/linuxbrew/.linuxbrew/Homebrew" RUNNER_TOOL_CACHE=/opt/hostedtoolcache ImageVersion=20210614.1 DOTNET_NOLOGO=1 GRAALVM_11_ROOT=/usr/local/graalvm/graalvm-ce-java11-21.1.0 GITHUB_JOB=build AZURE_EXTENSION_DIR=/opt/az/azcliextensions PERFLOG_LOCATION_SETTING=RUNNER_PERFLOG GITHUB_REPOSITORY=bansan85/jessica CHROME_BIN=/usr/bin/google-chrome ANDROID_NDK_ROOT=/usr/local/lib/android/sdk/ndk-bundle GITHUB_RETENTION_DAYS=90 JOURNAL_STREAM=8:22578 RUNNER_WORKSPACE=/home/runner/work/jessica LEIN_HOME=/usr/local/lib/lein LEIN_JAR=/usr/local/lib/lein/self-installs/leiningen-2.9.6-standalone.jar GITHUB_ACTION_REPOSITORY= PATH=/home/linuxbrew/.linuxbrew/bin:/home/linuxbrew/.linuxbrew/sbin:/home/runner/.local/bin:/opt/pipx_bin:/usr/share/rust/.cargo/bin:/home/runner/.config/composer/vendor/bin:/usr/local/.ghcup/bin:/home/runner/.dotnet/tools:/snap/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin RUNNER_PERFLOG=/home/runner/perflog GITHUB_BASE_REF= CI=true SWIFT_PATH=/usr/share/swift/usr/bin ImageOS=ubuntu20 GITHUB_REPOSITORY_OWNER=bansan85 GITHUB_HEAD_REF= GITHUB_ACTION_REF= GITHUB_WORKFLOW=Emscripten DEBIAN_FRONTEND=noninteractive GOROOT_1_15_X64=/opt/hostedtoolcache/go/1.15.13/x64 AGENT_TOOLSDIRECTORY=/opt/hostedtoolcache GOROOT_1_16_X64=/opt/hostedtoolcache/go/1.16.5/x64 _=/usr/bin/env
Exemples
Projets en cmake
En plus de la configuration / compilation / test avec cmake, il y a une procédure pour initialiser et commiter vers un dépôt externe.
Sous Linux :
- .github/workflows/build-linux.yml
--- name: Linux build on: workflow_run: workflows: ['format'] types: - completed jobs: build: runs-on: ubuntu-22.04 strategy: matrix: include: - name: ubuntu-gcc ar: /usr/bin/ar cc: /usr/bin/gcc-12 cxx: /usr/bin/g++-12 ranlib: /usr/bin/ranlib - name: ubuntu-clang ar: /usr/bin/llvm-ar-14 cc: /usr/bin/clang-14 cxx: /usr/bin/clang++-14 ranlib: /usr/bin/llvm-ranlib-14 steps: - name: Stop if format failed if: ${{ github.event.workflow_run.conclusion != 'success' }} run: | echo ${{ github.event.workflow_run.conclusion }} exit 1 - uses: bansan85/action-workflow_run-status@main env: MATRIX_CONTEXT: ${{ toJSON(matrix) }} - uses: actions/checkout@v3 with: submodules: recursive ref: ${{ github.event.workflow_run.head_commit.id }} - name: Install SSH key if: ${{ github.event.workflow_run.head_branch == 'master' }} uses: shimataro/ssh-key-action@v2 with: key: ${{ secrets.GITHUBCI_PRIVATE_KEY }} known_hosts: localhost ssh-rsa ${{ secrets.GITHUBCI_KNOW_HOSTS }} - name: Install gcc if: contains(matrix.cc, 'gcc') run: sudo apt-get install -yq g++-12 gcc-12 - name: Install clang if: contains(matrix.cc, 'clang') run: sudo apt-get install -yq clang-14 llvm-14 - name: Install 3rdparty run: xargs -a config/apt-get.txt sudo apt-get install -yq - name: cmake run: | ls /usr/bin mkdir build cmake -S . -B build -DCMAKE_C_COMPILER="${{ matrix.cc }}" -DCMAKE_CXX_COMPILER="${{ matrix.cxx }}" -DCMAKE_AR="${{ matrix.ar }}" -DCMAKE_RANLIB="${{ matrix.ranlib }}" -DCMAKE_CXX_FLAGS="-DSPDLOG_FMT_EXTERNAL -DFMT_HEADER_ONLY" cmake --build build/ --target all --config Release - name: ctest shell: bash run: | cd build || exit 1 ctest -O test-result.xml --output-on-failure --verbose cd .. || exit 1 - name: Publish test if: ${{ github.event.workflow_run.head_branch == 'master' }} env: COMMIT_MESSAGE: ${{ github.event.workflow_run.head_commit.message }} run: | eval `ssh-agent` git clone --depth 1 ssh://git@github.com/bansan85/jessica-ci.git -b ${{ matrix.name }} rm -Rf jessica-ci/* cp build/test-result.xml jessica-ci apt list --installed > jessica-ci/apt-installed.txt ssh-add ~/.ssh/id_rsa gpg --version gpg --quiet --batch --yes --decrypt --passphrase="${{ secrets.ENCRYPT_PASSWORD }}" --output .github/encrypted/github-ci-private.key .github/encrypted/github-ci-private.key.gpg gpg --import .github/encrypted/github-ci-private.key cd jessica-ci || exit 1 git config --global user.name "Github CI" git config --global user.email "github-ci@le-garrec.fr" git add . if [ -n "$(git diff-index --name-only HEAD --)" ]; \ then \ git commit -S${{ secrets.GPG_KEY_ID }} -m "${COMMIT_MESSAGE//\"/\"\"}" -m "Update from bansan85/jessica@$GITHUB_SHA"; \ git push || { echo "Failure git push" && exit 1; } \ fi cd .. || exit 1
Sous Windows, inclus vcpkg :
- .github/workflows/build-windows.yml
--- name: Windows build on: workflow_run: workflows: ['format'] types: - completed jobs: build: runs-on: windows-latest strategy: matrix: include: - name: windows-msbuild cc: cl cxx: cl env: VCPKG_DEFAULT_TRIPLET: 'x64-windows' VCPKG_INSTALLED_DIR: '${{ github.workspace }}/vcpkg/installed' steps: - name: Stop if format failed if: ${{ github.event.workflow_run.conclusion != 'success' }} run: | echo ${{ github.event.workflow_run.conclusion }} exit 1 - uses: bansan85/action-workflow_run-status@main env: MATRIX_CONTEXT: ${{ toJSON(matrix) }} - uses: actions/checkout@v3 with: submodules: recursive ref: ${{ github.event.workflow_run.head_commit.id }} - name: Install SSH key if: ${{ github.event.workflow_run.head_branch == 'master' }} uses: shimataro/ssh-key-action@v2 with: key: ${{ secrets.GITHUBCI_PRIVATE_KEY }} known_hosts: github.com ssh-rsa ${{ secrets.GITHUBCI_KNOW_HOSTS_WINDOWS }} - name: Install Windows Vcpkg uses: lukka/run-vcpkg@v10 with: vcpkgJsonGlob: '**/config/windows/vcpkg.json' runVcpkgInstall: true - name: CMake run: | mkdir "${{ github.workspace }}/build" cmake -S "${{ github.workspace }}" -B "${{ github.workspace }}/build" -G "Visual Studio 17 2022" -A x64 -DCMAKE_TOOLCHAIN_FILE="${{ github.workspace }}/vcpkg/scripts/buildsystems/vcpkg.cmake" cmake --build "${{ github.workspace }}/build" --target ALL_BUILD --config Debug - name: ctest shell: bash run: | cd build || exit 1 ctest -C Debug -O test-result.xml --output-on-failure --verbose cd .. || exit 1 - name: Publish test shell: bash if: ${{ github.event.workflow_run.head_branch == 'master' }} env: COMMIT_MESSAGE: ${{ github.event.workflow_run.head_commit.message }} run: | eval `ssh-agent` git clone --depth 1 ssh://git@github.com/bansan85/jessica-ci.git -b ${{ matrix.name }} rm -Rf jessica-ci/* cp build/test-result.xml jessica-ci ssh-add ~/.ssh/id_rsa gpg --version gpg --quiet --batch --yes --decrypt --passphrase="${{ secrets.ENCRYPT_PASSWORD }}" --output .github/encrypted/github-ci-private.key .github/encrypted/github-ci-private.key.gpg gpg --import .github/encrypted/github-ci-private.key cd jessica-ci || exit 1 git config --global user.name "Github CI" git config --global user.email "github-ci@le-garrec.fr" git add . if [ -n "$(git diff-index --name-only HEAD --)" ]; \ then \ git commit -S${{ secrets.GPG_KEY_ID }} -m "${COMMIT_MESSAGE//\"/\"\"}" -m "Update from bansan85/jessica@$GITHUB_SHA"; \ git push || { echo "Failure git push" && exit 1; } \ fi cd .. || exit 1
Variables
- Variable globale
github
github.event.workflow_run.conclusion : success / failure en fonction du succès du précédent workflow.
github.event.workflow_run.head_branch : master ou le nom de la branche.
Pour avoir la liste de tous les paramètres et leurs valeurs, on peut simplement ajouter dans un workflow :
- name: Show github variable env: GITHUB_VAR: ${{ toJSON(github) }} run: exit 0
workflow Archive du 05/05/2021 le 09/05/2021
- Variable globale de github et double quote
Certaines variables à l'intérieur de la variable globale github peuvent contenir des doubles quotes. Par exemple, github.event.head_commit.message contient le log du commit.
Cela pose un problème si on veut utiliser utiliser cette variable dans un script bash car il est impossible de faire une substitution des double quotes.
La solution est de passer par une variable d'environnement pour enfin utiliser la substitution bash ${variable//\"/\"\"}:
- env: COMMIT_MESSAGE: ${{ github.event.head_commit.message }} run: | echo "${COMMIT_MESSAGE//\"/\"\"}"
Fonctions
Quand on utilise une fonction, les variables n'ont pas à être ${{ xxx }}:
if: contains(matrix.cc, 'clang')
Dans ce cas, il n'est plus possible d'utiliser le formatage : Compilateur : ${{ matrix.cc }}. Il faut utiliser la fonction format :
if: contains( format('Compilateur : {0}', matrix.cc), 'clang')
Context and expression syntax for GitHub Actions Archive du 25/05/2021 le 12/06/2021
Marketplace
codecov
Envoyer les données à codecov :
git clone --depth 1 https://github.com/henry2cox/lcov.git -b diffcov_initial ./lcov/bin/lcov --capture --directory build --gcov-tool /usr/bin/gcov-10 --rc lcov_branch_coverage=1 --output-file build/coverage.info ./lcov/bin/lcov --remove build/coverage.info "/usr/include/*" --rc lcov_branch_coverage=1 -o build/coverage2.info bash <(curl -s https://codecov.io/bash) -f build/coverage2.info
Le badge par défaut : https://codecov.io/gh/bansan85/jessica/branch/master/graph/badge.svg 
- Flags coté validation github
Les flags peuvent se définir de deux façons différentes. Soit les flags pour la validation des build Github, soit les flags pour le badge.
Pour la validation des build Github, un simple fichier de configuration est possible. Il va s'occuper de séparer les pourcentages de couverture en fonction des chemins des fichiers.
- .codecov.yml
--- coverage: status: project: backend: target: auto paths: - src/backend - include/jessica
Cela va bien ajouter une ligne. Exemple ci-dessous avec demo et index.
Il est possible de désactiver la validation d'une build en fonction des indicateurs de couverture.
- .codecov.yml
--- coverage: status: patch: false project: false
- Flags coté badge
Par contre, les flags ne fonctionnent pas avec les badges. Pour les faire fonctionner, il faut pousser une couverture de code spécifique au flag dédié avec l'option -F.
git clone --depth 1 https://github.com/henry2cox/lcov.git -b diffcov_initial ./lcov/bin/lcov --capture --directory build --gcov-tool /usr/bin/gcov-10 --rc lcov_branch_coverage=1 --output-file build/coverage.info ./lcov/bin/lcov --remove build/coverage.info "/usr/include/*" --rc lcov_branch_coverage=1 -o build/coverage2.info bash <(curl -s https://codecov.io/bash) -f build/coverage2.info ./lcov/bin/lcov --extract build/coverage.info "*/include/jessica/*" "*/src/backend/*" --rc lcov_branch_coverage=1 -o build/coverage_backend.info bash <(curl -s https://codecov.io/bash) -f build/coverage_backend.info -F backend
Là, le badge https://codecov.io/gh/bansan85/jessica/branch/master/graph/badge.svg?flag=backend fonctionne.
prog/githubactions.txt · Dernière modification : 2021/07/14 23:55 de root