this repo has no description
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

internal/ci: add base steps for the common Go checks and staticcheck

Downstream github packages can use these as needed,
setting the working-directory parameter for multi-module repositories.

The staticcheck step is switched from the upstream action to `go tool`,
because the action hard-codes STATICCHECK_CACHE under `runner.temp`,
which Namespace confirmed to be incompatible with their volume caching
due to the nature of `runner.temp` being wiped once a job finishes.

We already planned to move towards `go tool staticcheck` once Go 1.24
came out, so take advantage of the situation and do the jump now.
We can do this in the cue repo, even though it still supports 1.23,
because we only run staticcheck on CI on the latest Go version.

Note that we add the tool dependency in a new internal/tools.mod module,
so as to keep go.mod as small as possible, and not have MVS mix
tooling dependencies with our regular dependencies.

Signed-off-by: Daniel Martí <mvdan@mvdan.cc>
Change-Id: Ia2a50a4addec22cf20e9e24f444442874e22e8be
Reviewed-on: https://cue.gerrithub.io/c/cue-lang/cue/+/1218982
Reviewed-by: Paul Jolly <paul@myitcv.io>
Unity-Result: CUE porcuepine <cue.porcuepine@gmail.com>
TryBot-Result: CUEcueckoo <cueckoo@cuelang.org>

+80 -38
+8 -10
.github/workflows/trybot.yaml
··· 88 88 uses: namespacelabs/nscloud-cache-action@v1 89 89 with: 90 90 cache: go 91 - path: ${{ runner.temp }}/staticcheck 92 91 - if: |- 93 92 github.repository == 'cue-lang/cue' && (((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, ' 94 93 Dispatch-Trailer: {"type":"')))) || (github.ref == 'refs/heads/ci/test')) ··· 139 138 cd internal/_e2e 140 139 go test -race 141 140 - if: (matrix.go-version == '1.24.x' && matrix.runner == 'ns-linux-amd64-large') 142 - name: Go checks 143 141 run: |- 142 + go mod tidy -diff 144 143 go vet ./... 145 - go mod tidy 146 - (cd internal/_e2e && go test -run=-) 144 + - if: (matrix.go-version == '1.24.x' && matrix.runner == 'ns-linux-amd64-large') 145 + name: Verify the end-to-end tests still build 146 + run: go test -run=- 147 + working-directory: ./internal/_e2e 147 148 - if: (matrix.go-version == '1.24.x' && matrix.runner == 'ns-linux-amd64-large') 148 - name: staticcheck 149 - uses: dominikh/staticcheck-action@v1 150 - with: 151 - version: "2025.1" 152 - install-go: false 153 - use-cache: false 149 + env: 150 + STATICCHECK_CACHE: /cache/staticcheck 151 + run: go tool -modfile=internal/tools.mod staticcheck ./... 154 152 - if: |- 155 153 (((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, ' 156 154 Dispatch-Trailer: {"type":"')))) || (github.ref == 'refs/heads/ci/test')) && (matrix.go-version == '1.24.x' && matrix.runner == 'ns-linux-amd64-large')
+34 -8
internal/ci/base/github.cue
··· 153 153 // Our runner profiles on Namespace are already configured to only update 154 154 // the cache when they run from one of the protected branches. 155 155 // 156 - // We cache for Go (GOCACHE and GOMODCACHE) and for staticcheck by default, 157 - // as the majority of our repos use Go with staticcheck, 158 - // noting that staticcheck-action puts STATICCHECK_CACHE under runner.temp. 159 - // These default caches are harmless for repos not using Go or staticcheck. 160 - // TODO(mvdan): move away from staticcheck-action once we require Go 1.24 or later. 156 + // We cache for Go (GOCACHE and GOMODCACHE) by default, as most repos use it. 157 + // These default caches are harmless for repos not using Go. 158 + // 159 + // Note that `${NSC_CACHE_PATH}` (`/cache`) is always mounted as a cache volume. 161 160 setupCaches: { 162 161 #additionalCaches: [...string] // with.cache 163 162 ··· 175 174 "go", 176 175 ], #additionalCaches]) 177 176 let cachePaths = list.Concat([[ 178 - "${{ runner.temp }}/staticcheck", 177 + // nothing here for now. 179 178 ], #additionalCachePaths]) 180 179 181 - cache: strings.Join(cacheModes, "\n") 182 - path: strings.Join(cachePaths, "\n") 180 + if len(cacheModes) > 0 { 181 + cache: strings.Join(cacheModes, "\n") 182 + } 183 + if len(cachePaths) > 0 { 184 + path: strings.Join(cachePaths, "\n") 185 + } 183 186 } 184 187 }, 185 188 ··· 193 196 run: "go env -w GOFLAGS=-count=1" 194 197 }, 195 198 ] 199 + } 200 + 201 + // TODO: consider adding more checks as per https://github.com/golang/go/issues/42119. 202 + goChecks: githubactions.#Step & { 203 + run: """ 204 + go mod tidy -diff 205 + go vet ./... 206 + """ 207 + } 208 + 209 + staticcheck: githubactions.#Step & { 210 + #modfile: string | *"" // an optional -modfile flag to not use the main go.mod 211 + let gotool = [ 212 + if #modfile != "" { 213 + "go tool -modfile=\(#modfile)" 214 + }, 215 + "go tool", 216 + ][0] 217 + 218 + // TODO(mvdan): swap "/cache" for "${{ env.NSC_CACHE_PATH }}" once Namespace wires up that env var 219 + // for the workspace environment. See: https://discord.com/channels/975088590705012777/1397128547797176340 220 + env: STATICCHECK_CACHE: "/cache/staticcheck" // persist its cache 221 + run: "\(gotool) staticcheck ./..." 196 222 } 197 223 198 224 // isProtectedBranch is an expression that evaluates to true if the
+8 -20
internal/ci/github/trybot.cue
··· 159 159 // For now, to save CI resources, just run the checks on one matrix job. 160 160 if: _isLatestLinux 161 161 }] & [ 162 + _repo.goChecks, 162 163 { 163 - name: "Go checks" 164 - // Also ensure that the end-to-end tests in ./internal/_e2e, which are only run 164 + name: "Verify the end-to-end tests still build" 165 + // Ensure that the end-to-end tests in ./internal/_e2e, which are only run 165 166 // on pushes to protected branches, still build correctly before merging. 166 - // 167 - // TODO: consider adding more checks as per https://github.com/golang/go/issues/42119. 168 - run: """ 169 - go vet ./... 170 - go mod tidy 171 - (cd internal/_e2e && go test -run=-) 172 - """ 173 - }, { 174 - name: "staticcheck" 175 - // TODO(mvdan): once we can do 'go tool staticcheck' with Go 1.24+, 176 - // then using this action is probably no longer worthwhile. 177 - // Note that we should then persist staticcheck's cache too. 178 - uses: "dominikh/staticcheck-action@v1" 179 - with: { 180 - version: "2025.1" // Pin a version for determinism. 181 - "install-go": false // We install Go ourselves. 182 - "use-cache": false // We use a volume cache instead. 183 - } 167 + "working-directory": "./internal/_e2e" 168 + run: "go test -run=-" 184 169 }, 170 + // Note that we don't want tooling dependencies in the go.mod file, 171 + // given how many downstreams rely on the cue module having few dependencies. 172 + _repo.staticcheck & {#modfile: "internal/tools.mod"}, 185 173 ] 186 174 187 175 _checkTags: githubactions.#Step & {
+17
internal/tools.mod
··· 1 + // This module exists just so that we can track extra tooling dependencies 2 + // to be used via `go tool` without polluting the main go.mod file. 3 + // TODO(mvdan): once we stabilize on this model, have CI ensure this module is tidy too. 4 + module test/tools 5 + 6 + go 1.23.0 7 + 8 + tool honnef.co/go/tools/cmd/staticcheck 9 + 10 + require ( 11 + github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c // indirect 12 + golang.org/x/exp/typeparams v0.0.0-20231108232855-2478ac86f678 // indirect 13 + golang.org/x/mod v0.23.0 // indirect 14 + golang.org/x/sync v0.11.0 // indirect 15 + golang.org/x/tools v0.30.0 // indirect 16 + honnef.co/go/tools v0.6.1 // indirect 17 + )
+13
internal/tools.sum
··· 1 + github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c h1:pxW6RcqyfI9/kWtOwnv/G+AzdKuy2ZrqINhenH4HyNs= 2 + github.com/BurntSushi/toml v1.4.1-0.20240526193622-a339e1f7089c/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2lLoLwho= 3 + golang.org/x/exp v0.0.0-20231110203233-9a3e6036ecaa h1:FRnLl4eNAQl8hwxVVC17teOw8kdjVDVAiFMtgUdTSRQ= 4 + golang.org/x/exp/typeparams v0.0.0-20231108232855-2478ac86f678 h1:1P7xPZEwZMoBoz0Yze5Nx2/4pxj6nw9ZqHWXqP0iRgQ= 5 + golang.org/x/exp/typeparams v0.0.0-20231108232855-2478ac86f678/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= 6 + golang.org/x/mod v0.23.0 h1:Zb7khfcRGKk+kqfxFaP5tZqCnDZMjC5VtUBs87Hr6QM= 7 + golang.org/x/mod v0.23.0/go.mod h1:6SkKJ3Xj0I0BrPOZoBy3bdMptDDU9oJrpohJ3eWZ1fY= 8 + golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w= 9 + golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= 10 + golang.org/x/tools v0.30.0 h1:BgcpHewrV5AUp2G9MebG4XPFI1E2W41zU1SaqVA9vJY= 11 + golang.org/x/tools v0.30.0/go.mod h1:c347cR/OJfw5TI+GfX7RUPNMdDRRbjvYTS0jPyvsVtY= 12 + honnef.co/go/tools v0.6.1 h1:R094WgE8K4JirYjBaOpz/AvTyUu/3wbmAoskKN/pxTI= 13 + honnef.co/go/tools v0.6.1/go.mod h1:3puzxxljPCe8RGJX7BIy1plGbxEOZni5mR2aXe3/uk4=