Decouple validation file schema compilation from yaml parsing #6908
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: "Build & Test" | |
| on: # yamllint disable-line rule:truthy | |
| push: | |
| branches: | |
| - "main" | |
| pull_request: | |
| branches: | |
| - "*" | |
| merge_group: | |
| types: | |
| - "checks_requested" | |
| env: | |
| DOCKERHUB_PUBLIC_ACCESS_TOKEN: "dckr_pat_8AEETZWxu8f7FvJUk9NrpyX_ZEQ" | |
| DOCKERHUB_PUBLIC_USER: "spicedbgithubactions" | |
| jobs: | |
| paths-filter: | |
| runs-on: "buildjet-2vcpu-ubuntu-2204" | |
| outputs: | |
| codechange: "${{ steps.code-filter.outputs.codechange }}" | |
| protochange: "${{ steps.proto-filter.outputs.protochange }}" | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "dorny/paths-filter@v3" | |
| id: "code-filter" | |
| with: | |
| filters: | | |
| codechange: | |
| - ".github/workflows/build-test.yaml" | |
| - "Dockerfile" | |
| - "go.mod" | |
| - "go.sum" | |
| - "cmd/**" | |
| - "pkg/**" | |
| - "e2e/**" | |
| - "internal/**" | |
| - uses: "dorny/paths-filter@v3" | |
| id: "proto-filter" | |
| with: | |
| filters: | | |
| protochange: | |
| - "buf.gen.yaml" | |
| - "buf.work.yaml" | |
| - "proto/**" | |
| - "go.mod" | |
| build: | |
| name: "Build Binary & Image" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "authzed/actions/setup-go@main" | |
| - uses: "docker/login-action@v3" | |
| with: | |
| username: "${{ env.DOCKERHUB_PUBLIC_USER }}" | |
| password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}" | |
| - uses: "authzed/actions/go-build@main" | |
| - name: "Image tests" | |
| run: "go run mage.go test:image" | |
| unit: | |
| name: "Unit" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "authzed/actions/setup-go@main" | |
| - name: "Unit tests" | |
| run: "go run mage.go test:unit" | |
| steelthread: | |
| name: "Steelthread" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "authzed/actions/setup-go@main" | |
| - name: "Steelthread tests" | |
| run: "go run mage.go test:steelthread" | |
| integration: | |
| name: "Integration Tests" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "authzed/actions/setup-go@main" | |
| - uses: "docker/login-action@v3" | |
| with: | |
| username: "${{ env.DOCKERHUB_PUBLIC_USER }}" | |
| password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}" | |
| - name: "Integration tests" | |
| run: "go run mage.go test:integration" | |
| datastoreinttest: | |
| name: "Datastore Integration Tests" | |
| runs-on: "buildjet-8vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| datastore: ["mysql", "spanner"] | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "authzed/actions/setup-go@main" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "docker/login-action@v3" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| with: | |
| username: "${{ env.DOCKERHUB_PUBLIC_USER }}" | |
| password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}" | |
| - name: "Integration tests" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| run: "go run mage.go testds:${{ matrix.datastore }}" | |
| datastoreconstest: | |
| name: "Datastore Consistency Tests" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| datastore: ["mysql", "spanner"] | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "authzed/actions/setup-go@main" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "docker/login-action@v3" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| with: | |
| username: "${{ env.DOCKERHUB_PUBLIC_USER }}" | |
| password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}" | |
| - name: "Consistency tests" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| run: "go run mage.go testcons:${{ matrix.datastore }}" | |
| pgdatastoreinttest: | |
| name: "Datastore Integration Tests" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| datastore: ["postgres", "pgbouncer"] | |
| pgversion: ["13.8", "14", "15", "16", "17"] | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "authzed/actions/setup-go@main" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "docker/login-action@v3" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| with: | |
| username: "${{ env.DOCKERHUB_PUBLIC_USER }}" | |
| password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}" | |
| - name: "Integration tests" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| run: "go run mage.go testds:${{ matrix.datastore }}ver ${{ matrix.pgversion }}" | |
| pgdatastoreconstest: | |
| name: "Datastore Consistency Tests" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| datastore: ["postgres"] | |
| pgversion: ["13.8", "14", "15", "16", "17"] | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "authzed/actions/setup-go@main" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "docker/login-action@v3" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| with: | |
| username: "${{ env.DOCKERHUB_PUBLIC_USER }}" | |
| password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}" | |
| - name: "Consistency tests" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| run: "go run mage.go testcons:postgresver ${{ matrix.pgversion }}" | |
| crdbdatastoreinttest: | |
| name: "Datastore Integration Tests" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| datastore: ["crdb"] | |
| crdbversion: ["24.3.6", "25.1.0"] | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "authzed/actions/setup-go@main" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "docker/login-action@v3" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| with: | |
| username: "${{ env.DOCKERHUB_PUBLIC_USER }}" | |
| password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}" | |
| - name: "Integration tests" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| run: "go run mage.go testds:${{ matrix.datastore }}ver ${{ matrix.crdbversion }}" | |
| crdbdatastoreconstest: | |
| name: "Datastore Consistency Tests" | |
| runs-on: "buildjet-4vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| datastore: ["crdb"] | |
| crdbversion: ["24.3.6", "25.1.0"] | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "authzed/actions/setup-go@main" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| - uses: "docker/login-action@v3" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| with: | |
| username: "${{ env.DOCKERHUB_PUBLIC_USER }}" | |
| password: "${{ env.DOCKERHUB_PUBLIC_ACCESS_TOKEN }}" | |
| - name: "Consistency tests" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| run: "go run mage.go testcons:crdbver ${{ matrix.crdbversion }}" | |
| e2e: | |
| name: "E2E" | |
| runs-on: "buildjet-8vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "authzed/actions/setup-go@main" | |
| with: | |
| go-version-file: "e2e/go.mod" | |
| cache-dependency-path: "e2e/go.sum" | |
| - name: "Cache Binaries" | |
| id: "cache-binaries" | |
| uses: "buildjet/cache@v4" | |
| with: | |
| path: | | |
| e2e/newenemy/cockroach | |
| e2e/newenemy/chaosd | |
| e2e/newenemy/watchmaker | |
| # this key will need to be bumped when dependencies are changed | |
| key: "cockroach-v22.1.5-chaosd-v1.1.1" | |
| - name: "Install cockroachdb and chaosd" | |
| if: "steps.cache-binaries.outputs.cache-hit != 'true'" | |
| working-directory: "e2e/newenemy" | |
| run: | | |
| curl https://binaries.cockroachdb.com/cockroach-v22.1.5.linux-amd64.tgz | tar -xz && mv cockroach-v22.1.5.linux-amd64/cockroach ./cockroach | |
| curl -fsSL https://mirrors.chaos-mesh.org/chaosd-v1.1.1-linux-amd64.tar.gz | tar -xz && mv chaosd-v1.1.1-linux-amd64/chaosd ./chaosd | |
| - uses: "buildjet/cache@v4" | |
| with: | |
| path: | | |
| ~/.cache/go-build | |
| ~/go/pkg/mod | |
| key: "${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}" | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: "Build SpiceDB" | |
| run: | | |
| go get -d ./... | |
| go build -o ./e2e/newenemy/spicedb ./cmd/spicedb/... | |
| - name: "Run e2e" | |
| working-directory: "e2e/newenemy" | |
| run: | | |
| go test -v -timeout 11m ./... | |
| - uses: "actions/upload-artifact@v4" | |
| if: "always()" | |
| # this upload step is really flaky, don't fail the job if it fails | |
| continue-on-error: true | |
| with: | |
| name: "node-logs" | |
| path: "e2e/newenemy/*.log" | |
| analyzers-unit-tests: | |
| name: "Analyzers Unit Tests" | |
| runs-on: "buildjet-2vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "authzed/actions/setup-go@main" | |
| with: | |
| go-version-file: "tools/analyzers/go.mod" | |
| cache-dependency-path: "tools/analyzers/go.sum" | |
| - name: "Analyzer tests" | |
| run: "go run mage.go test:analyzers" | |
| development: | |
| name: "WASM Tests" | |
| runs-on: "buildjet-2vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| if: | | |
| needs.paths-filter.outputs.codechange == 'true' | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "authzed/actions/setup-go@main" | |
| - name: "WASM tests" | |
| run: "go run mage.go test:wasm" | |
| protobuf: | |
| name: "Generate Protobufs" | |
| runs-on: "buildjet-2vcpu-ubuntu-2204" | |
| needs: "paths-filter" | |
| if: | | |
| needs.paths-filter.outputs.protochange == 'true' | |
| steps: | |
| - uses: "actions/checkout@v4" | |
| - uses: "authzed/actions/setup-go@main" | |
| - name: "Generate Protos" | |
| run: "go run mage.go gen:proto" | |
| - uses: "chainguard-dev/actions/nodiff@main" | |
| with: | |
| path: "" | |
| fixup-command: "go run mage.go gen:proto" | |
| - uses: "bufbuild/buf-setup-action@v1" | |
| - uses: "bufbuild/buf-breaking-action@v1.1.4" | |
| if: "github.event_name == 'pull_request'" | |
| env: | |
| BUF_INPUT_HTTPS_USERNAME: "${{ github.actor }}" | |
| BUF_INPUT_HTTPS_PASSWORD: "${{ github.token }}" | |
| with: | |
| input: "proto/internal" | |
| against: "https://github.com/authzed/spicedb.git#branch=main,subdir=proto/internal" | |
| buf_token: "${{ secrets.BUF_REGISTRY_TOKEN }}" |