diff --git a/.github/workflows/aot.yml b/.github/workflows/aot.yml index 967c882f..17dddb47 100644 --- a/.github/workflows/aot.yml +++ b/.github/workflows/aot.yml @@ -6,15 +6,14 @@ on: - main - dev push: - branches: - - main - - dev + # branch pushes (merges) are not re-tested here; the pull_request run above is + # the merge gate. Tag pushes still trigger explicit on-demand analysis. tags: - aot* env: IS_TAG: ${{ github.ref_type == 'tag' }} - GO_VERSION: '~1.22' + GO_VERSION: 'stable' # stackql-core (built from main) tracks recent Go; stable always satisfies its go.mod STACKQL_CORE_REPOSITORY: ${{ vars.STACKQL_CORE_REPOSITORY != '' && vars.STACKQL_CORE_REPOSITORY || 'stackql/stackql' }} STACKQL_CORE_REF: ${{ vars.STACKQL_CORE_REF != '' && vars.STACKQL_CORE_REF || 'main' }} STACKQL_ANY_SDK_REPOSITORY: ${{ vars.STACKQL_ANY_SDK_REPOSITORY != '' && vars.STACKQL_ANY_SDK_REPOSITORY || 'stackql/any-sdk' }} @@ -42,13 +41,13 @@ jobs: REG_DENO_DEPLOY_API_PROD: stackql-registry steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v7 name: "[SETUP] checkout repo" with: fetch-depth: 0 - name: Set up Go 1.x - uses: actions/setup-go@v5.0.0 + uses: actions/setup-go@v6 with: go-version: ${{ env.GO_VERSION }} check-latest: true @@ -56,7 +55,7 @@ jobs: id: go - name: Download core - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v7 with: repository: ${{ env.STACKQL_CORE_REPOSITORY }} ref: ${{ env.STACKQL_CORE_REF }} @@ -64,7 +63,7 @@ jobs: path: stackql-core - name: Download any-sdk - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v7 with: repository: ${{ env.STACKQL_ANY_SDK_REPOSITORY }} ref: ${{ env.STACKQL_ANY_SDK_REF }} @@ -72,7 +71,7 @@ jobs: path: stackql-any-sdk - name: Setup Python - uses: actions/setup-python@v5.0.0 + uses: actions/setup-python@v6 with: python-version: '3.12' @@ -143,7 +142,7 @@ jobs: fi - name: Upload AOT analysis logs - uses: actions/upload-artifact@v4.3.1 + uses: actions/upload-artifact@v7 if: always() with: name: aot_analysis_logs_${{ github.event.repository.name }}_${{ github.run_id }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 09c62c28..3d9488f4 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -30,7 +30,7 @@ jobs: REG_DENO_DEPLOY_API_PROD: stackql-registry steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v7 name: "[SETUP] checkout repo" with: fetch-depth: 0 @@ -67,7 +67,7 @@ jobs: - name: '[PACKAGE] set up golang' if: env.NUM_PROVIDERS > 0 - uses: actions/setup-go@v5.0.0 + uses: actions/setup-go@v6 with: go-version: ^1.19 check-latest: true @@ -184,16 +184,17 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }} AWS_SESSION_TOKEN: "" AWS_DEFAULT_REGION: auto + AWS_REGION: auto R2_BUCKET: stackql-provider-registry-dev run: | # version-pinned .tgz are immutable -> --size-only keeps R2 ops low and skips re-uploads aws s3 sync "${REG_WEBSITE_DIR}/${REG_PROVIDER_PATH}" "s3://${R2_BUCKET}/${REG_PROVIDER_PATH}" \ --endpoint-url "https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com" \ - --size-only --delete --no-progress + --region auto --size-only --delete --no-progress # providers.yaml can change without changing size -> always overwrite it aws s3 cp "${REG_WEBSITE_DIR}/${REG_PROVIDER_PATH}/providers.yaml" "s3://${R2_BUCKET}/${REG_PROVIDER_PATH}/providers.yaml" \ --endpoint-url "https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com" \ - --no-progress + --region auto --no-progress - name: "[DEPLOY-CF] sync docs to R2 (prod)" if: env.REG_TARGET_BRANCH == 'main' && env.REG_EVENT == 'push' @@ -202,6 +203,7 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.R2_SECRET_ACCESS_KEY }} AWS_SESSION_TOKEN: "" AWS_DEFAULT_REGION: auto + AWS_REGION: auto R2_BUCKET: stackql-provider-registry run: | aws s3 sync "${REG_WEBSITE_DIR}/${REG_PROVIDER_PATH}" "s3://${R2_BUCKET}/${REG_PROVIDER_PATH}" \ diff --git a/.github/workflows/regression.yml b/.github/workflows/regression.yml index 5ed2dc10..da1282eb 100644 --- a/.github/workflows/regression.yml +++ b/.github/workflows/regression.yml @@ -6,9 +6,8 @@ on: - main - dev push: - branches: - - main - - dev + # branch pushes (merges) are not re-tested here; the pull_request run above is + # the merge gate. Tag pushes still trigger explicit on-demand analysis. tags: - robot* - regression* @@ -16,7 +15,7 @@ on: env: IS_TAG: ${{ github.ref_type == 'tag' }} - GO_VERSION: '~1.22' + GO_VERSION: 'stable' # stackql-core (built from main) tracks recent Go; stable always satisfies its go.mod STACKQL_CORE_REPOSITORY: ${{ vars.STACKQL_CORE_REPOSITORY != '' && vars.STACKQL_CORE_REPOSITORY || 'stackql/stackql' }} STACKQL_CORE_REF: ${{ vars.STACKQL_CORE_REF != '' && vars.STACKQL_CORE_REF || 'main' }} STACKQL_ANY_SDK_REPOSITORY: ${{ vars.STACKQL_ANY_SDK_REPOSITORY != '' && vars.STACKQL_ANY_SDK_REPOSITORY || 'stackql/any-sdk' }} @@ -32,7 +31,7 @@ jobs: steps: - name: Check out code into the Go module directory - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v7 with: repository: ${{ env.STACKQL_CORE_REPOSITORY }} ref: ${{ env.STACKQL_CORE_REF }} @@ -40,7 +39,7 @@ jobs: path: stackql-core-pkg - name: Setup Python - uses: actions/setup-python@v5.0.0 + uses: actions/setup-python@v6 with: cache: pip python-version: '3.12' @@ -61,7 +60,7 @@ jobs: cicd/util/01-build-robot-lib.sh - name: Upload python package artifact - uses: actions/upload-artifact@v4.3.1 + uses: actions/upload-artifact@v7 with: name: python-package-dist-folder path: stackql-core-pkg/test/dist @@ -86,13 +85,13 @@ jobs: REG_DENO_DEPLOY_API_PROD: stackql-registry steps: - - uses: actions/checkout@v4.1.1 + - uses: actions/checkout@v7 name: "[SETUP] checkout repo" with: fetch-depth: 0 - name: Set up Go 1.x - uses: actions/setup-go@v5.0.0 + uses: actions/setup-go@v6 with: go-version: ${{ env.GO_VERSION }} check-latest: true @@ -100,7 +99,7 @@ jobs: id: go - name: Download core - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v7 with: repository: ${{ env.STACKQL_CORE_REPOSITORY }} ref: ${{ env.STACKQL_CORE_REF }} @@ -108,7 +107,7 @@ jobs: path: stackql-core - name: Download any-sdk - uses: actions/checkout@v4.1.1 + uses: actions/checkout@v7 with: repository: ${{ env.STACKQL_ANY_SDK_REPOSITORY }} ref: ${{ env.STACKQL_ANY_SDK_REF }} @@ -116,7 +115,7 @@ jobs: path: stackql-any-sdk - name: Setup Python - uses: actions/setup-python@v5.0.0 + uses: actions/setup-python@v6 with: python-version: '3.12' @@ -276,7 +275,7 @@ jobs: python3 scripts/cicd/python/robot-parse.py --robot-output-file stackql-core/test/robot/reports/output.xml > stackql-core/test/robot/reports/proxied_parsed_output.json - name: Upload core traffic lights - uses: actions/upload-artifact@v4.3.1 + uses: actions/upload-artifact@v7 if: success() with: name: proxied-core-traffic-lights @@ -315,7 +314,7 @@ jobs: python3 scripts/cicd/python/robot-parse.py --robot-output-file test/robot/reports/mocked/output.xml > test/robot/reports/mocked/parsed_output.json - name: Upload local registry mocked traffic lights - uses: actions/upload-artifact@v4.3.1 + uses: actions/upload-artifact@v7 if: success() with: name: local-registry-mocked-traffic-lights @@ -352,7 +351,7 @@ jobs: python3 scripts/cicd/python/robot-parse.py --robot-output-file test/robot/reports/readonly/output.xml > test/robot/reports/readonly/parsed_output.json - name: Upload readonly traffic lights - uses: actions/upload-artifact@v4.3.1 + uses: actions/upload-artifact@v7 if: success() with: name: local-registry-readonly-traffic-lights @@ -381,7 +380,7 @@ jobs: python3 scripts/cicd/python/robot-parse.py --robot-output-file test/robot/reports/readwrite/output.xml > test/robot/reports/readwrite/parsed_output.json - name: Upload readonly traffic lights - uses: actions/upload-artifact@v4.3.1 + uses: actions/upload-artifact@v7 if: success() with: name: local-registry-readwrite-traffic-lights