1use gh_workflow::*;
2use serde_json::Value;
3
4use crate::tasks::workflows::{
5 runners::Platform,
6 steps::named::function_name,
7 vars::{self, StepOutput},
8};
9
10pub(crate) fn use_clang(job: Job) -> Job {
11 job.add_env(Env::new("CC", "clang"))
12 .add_env(Env::new("CXX", "clang++"))
13}
14
15const SCCACHE_R2_BUCKET: &str = "sccache-zed";
16
17pub(crate) const BASH_SHELL: &str = "bash -euxo pipefail {0}";
18// https://docs.github.com/en/actions/reference/workflows-and-actions/workflow-syntax#jobsjob_idstepsshell
19pub const PWSH_SHELL: &str = "pwsh";
20
21pub(crate) struct Nextest(Step<Run>);
22
23pub(crate) fn cargo_nextest(platform: Platform) -> Nextest {
24 Nextest(named::run(
25 platform,
26 "cargo nextest run --workspace --no-fail-fast --no-tests=warn",
27 ))
28}
29
30impl Nextest {
31 #[allow(dead_code)]
32 pub(crate) fn with_filter_expr(mut self, filter_expr: &str) -> Self {
33 if let Some(nextest_command) = self.0.value.run.as_mut() {
34 nextest_command.push_str(&format!(r#" -E "{filter_expr}""#));
35 }
36 self
37 }
38
39 pub(crate) fn with_changed_packages_filter(mut self, orchestrate_job: &str) -> Self {
40 if let Some(nextest_command) = self.0.value.run.as_mut() {
41 nextest_command.push_str(&format!(
42 r#"${{{{ needs.{orchestrate_job}.outputs.changed_packages && format(' -E "{{0}}"', needs.{orchestrate_job}.outputs.changed_packages) || '' }}}}"#
43 ));
44 }
45 self
46 }
47}
48
49impl From<Nextest> for Step<Run> {
50 fn from(value: Nextest) -> Self {
51 value.0
52 }
53}
54
55#[derive(Default)]
56enum FetchDepth {
57 #[default]
58 Shallow,
59 Full,
60 Custom(serde_json::Value),
61}
62
63#[derive(Default)]
64pub(crate) struct CheckoutStep {
65 fetch_depth: FetchDepth,
66 name: Option<String>,
67 token: Option<String>,
68 path: Option<String>,
69 repository: Option<String>,
70 ref_: Option<String>,
71}
72
73impl CheckoutStep {
74 pub fn with_full_history(mut self) -> Self {
75 self.fetch_depth = FetchDepth::Full;
76 self
77 }
78
79 pub fn with_custom_name(mut self, name: &str) -> Self {
80 self.name = Some(name.to_string());
81 self
82 }
83
84 pub fn with_custom_fetch_depth(mut self, fetch_depth: impl Into<Value>) -> Self {
85 self.fetch_depth = FetchDepth::Custom(fetch_depth.into());
86 self
87 }
88
89 /// Sets `fetch-depth` to `2` on the main branch and `350` on all other branches.
90 pub fn with_deep_history_on_non_main(self) -> Self {
91 self.with_custom_fetch_depth("${{ github.ref == 'refs/heads/main' && 2 || 350 }}")
92 }
93
94 pub fn with_token(mut self, token: &StepOutput) -> Self {
95 self.token = Some(token.to_string());
96 self
97 }
98
99 pub fn with_path(mut self, path: &str) -> Self {
100 self.path = Some(path.to_string());
101 self
102 }
103
104 pub fn with_repository(mut self, repository: &str) -> Self {
105 self.repository = Some(repository.to_string());
106 self
107 }
108
109 pub fn with_ref(mut self, ref_: impl ToString) -> Self {
110 self.ref_ = Some(ref_.to_string());
111 self
112 }
113}
114
115impl From<CheckoutStep> for Step<Use> {
116 fn from(value: CheckoutStep) -> Self {
117 Step::new(value.name.unwrap_or("steps::checkout_repo".to_string()))
118 .uses(
119 "actions",
120 "checkout",
121 "93cb6efe18208431cddfb8368fd83d5badbf9bfd", // v5.0.1
122 )
123 // prevent checkout action from running `git clean -ffdx` which
124 // would delete the target directory
125 .add_with(("clean", false))
126 .map(|step| match value.fetch_depth {
127 FetchDepth::Shallow => step,
128 FetchDepth::Full => step.add_with(("fetch-depth", 0)),
129 FetchDepth::Custom(depth) => step.add_with(("fetch-depth", depth)),
130 })
131 .when_some(value.path, |step, path| step.add_with(("path", path)))
132 .when_some(value.repository, |step, repository| {
133 step.add_with(("repository", repository))
134 })
135 .when_some(value.ref_, |step, ref_| step.add_with(("ref", ref_)))
136 .when_some(value.token, |step, token| step.add_with(("token", token)))
137 }
138}
139
140pub fn checkout_repo() -> CheckoutStep {
141 CheckoutStep::default()
142}
143
144pub fn setup_pnpm() -> Step<Use> {
145 named::uses(
146 "pnpm",
147 "action-setup",
148 "fe02b34f77f8bc703788d5817da081398fad5dd2", // v4.0.0
149 )
150 .add_with(("version", "9"))
151}
152
153pub fn setup_node() -> Step<Use> {
154 named::uses(
155 "actions",
156 "setup-node",
157 "49933ea5288caeca8642d1e84afbd3f7d6820020", // v4
158 )
159 .add_with(("node-version", "20"))
160}
161
162pub fn setup_sentry() -> Step<Use> {
163 named::uses(
164 "matbour",
165 "setup-sentry-cli",
166 "3e938c54b3018bdd019973689ef984e033b0454b",
167 )
168 .add_with(("token", vars::SENTRY_AUTH_TOKEN))
169}
170
171pub fn prettier() -> Step<Run> {
172 named::bash("./script/prettier")
173}
174
175pub fn cargo_fmt() -> Step<Run> {
176 named::bash("cargo fmt --all -- --check")
177}
178
179pub fn cargo_install_nextest() -> Step<Use> {
180 named::uses(
181 "taiki-e",
182 "install-action",
183 "921e2c9f7148d7ba14cd819f417db338f63e733c", // nextest
184 )
185}
186
187pub fn setup_cargo_config(platform: Platform) -> Step<Run> {
188 match platform {
189 Platform::Windows => named::pwsh(indoc::indoc! {r#"
190 New-Item -ItemType Directory -Path "./../.cargo" -Force
191 Copy-Item -Path "./.cargo/ci-config.toml" -Destination "./../.cargo/config.toml"
192 "#}),
193
194 Platform::Linux | Platform::Mac => named::bash(indoc::indoc! {r#"
195 mkdir -p ./../.cargo
196 cp ./.cargo/ci-config.toml ./../.cargo/config.toml
197 "#}),
198 }
199}
200
201pub fn cleanup_cargo_config(platform: Platform) -> Step<Run> {
202 let step = match platform {
203 Platform::Windows => named::pwsh(indoc::indoc! {r#"
204 Remove-Item -Recurse -Path "./../.cargo" -Force -ErrorAction SilentlyContinue
205 "#}),
206 Platform::Linux | Platform::Mac => named::bash(indoc::indoc! {r#"
207 rm -rf ./../.cargo
208 "#}),
209 };
210
211 step.if_condition(Expression::new("always()"))
212}
213
214pub fn clear_target_dir_if_large(platform: Platform) -> Step<Run> {
215 match platform {
216 Platform::Windows => named::pwsh("./script/clear-target-dir-if-larger-than.ps1 350 200"),
217 Platform::Linux => named::bash("./script/clear-target-dir-if-larger-than 350 200"),
218 Platform::Mac => named::bash("./script/clear-target-dir-if-larger-than 350 200"),
219 }
220}
221
222pub fn clippy(platform: Platform, target: Option<&str>) -> Step<Run> {
223 match platform {
224 Platform::Windows => named::pwsh("./script/clippy.ps1"),
225 _ => match target {
226 Some(target) => named::bash(format!("./script/clippy --target {target}")),
227 None => named::bash("./script/clippy"),
228 },
229 }
230}
231
232pub fn install_rustup_target(target: &str) -> Step<Run> {
233 named::bash(format!("rustup target add {target}"))
234}
235
236pub fn cache_rust_dependencies_namespace() -> Step<Use> {
237 named::uses(
238 "namespacelabs",
239 "nscloud-cache-action",
240 "a90bb5d4b27522ce881c6e98eebd7d7e6d1653f9", // v1
241 )
242 .add_with(("cache", "rust"))
243 .add_with(("path", "~/.rustup"))
244}
245
246pub fn setup_sccache(platform: Platform) -> Step<Run> {
247 let step = match platform {
248 Platform::Windows => named::pwsh("./script/setup-sccache.ps1"),
249 Platform::Linux | Platform::Mac => named::bash("./script/setup-sccache"),
250 };
251 step.add_env(("R2_ACCOUNT_ID", vars::R2_ACCOUNT_ID))
252 .add_env(("R2_ACCESS_KEY_ID", vars::R2_ACCESS_KEY_ID))
253 .add_env(("R2_SECRET_ACCESS_KEY", vars::R2_SECRET_ACCESS_KEY))
254 .add_env(("SCCACHE_BUCKET", SCCACHE_R2_BUCKET))
255}
256
257pub fn cargo_build_visual_tests() -> Step<Run> {
258 named::bash("cargo build -p zed --bin zed_visual_test_runner --features visual-tests")
259}
260
261pub fn show_sccache_stats(platform: Platform) -> Step<Run> {
262 match platform {
263 // Use $env:RUSTC_WRAPPER (absolute path) because GITHUB_PATH changes
264 // don't take effect until the next step in PowerShell.
265 // Check if RUSTC_WRAPPER is set first (it won't be for fork PRs without secrets).
266 Platform::Windows => {
267 named::pwsh("if ($env:RUSTC_WRAPPER) { & $env:RUSTC_WRAPPER --show-stats }; exit 0")
268 }
269 Platform::Linux | Platform::Mac => named::bash("sccache --show-stats || true"),
270 }
271}
272
273pub fn cache_nix_dependencies_namespace() -> Step<Use> {
274 named::uses(
275 "namespacelabs",
276 "nscloud-cache-action",
277 "a90bb5d4b27522ce881c6e98eebd7d7e6d1653f9", // v1
278 )
279 .add_with(("cache", "nix"))
280}
281
282pub fn cache_nix_store_macos() -> Step<Use> {
283 // On macOS, `/nix` is on a read-only root filesystem so nscloud's `cache: nix`
284 // cannot mount or symlink there. Instead we cache a user-writable directory and
285 // use nix-store --import/--export in separate steps to transfer store paths.
286 named::uses(
287 "namespacelabs",
288 "nscloud-cache-action",
289 "a90bb5d4b27522ce881c6e98eebd7d7e6d1653f9", // v1
290 )
291 .add_with(("path", "~/nix-cache"))
292}
293
294pub fn setup_linux() -> Step<Run> {
295 named::bash("./script/linux")
296}
297
298fn download_wasi_sdk() -> Step<Run> {
299 named::bash("./script/download-wasi-sdk")
300}
301
302pub(crate) fn install_linux_dependencies(job: Job) -> Job {
303 job.add_step(setup_linux()).add_step(download_wasi_sdk())
304}
305
306pub fn script(name: &str) -> Step<Run> {
307 if name.ends_with(".ps1") {
308 Step::new(name).run(name).shell(PWSH_SHELL)
309 } else {
310 Step::new(name).run(name)
311 }
312}
313
314pub struct NamedJob<J: JobType = RunJob> {
315 pub name: String,
316 pub job: Job<J>,
317}
318
319// impl NamedJob {
320// pub fn map(self, f: impl FnOnce(Job) -> Job) -> Self {
321// NamedJob {
322// name: self.name,
323// job: f(self.job),
324// }
325// }
326// }
327
328pub(crate) const DEFAULT_REPOSITORY_OWNER_GUARD: &str =
329 "(github.repository_owner == 'zed-industries' || github.repository_owner == 'zed-extensions')";
330
331pub fn repository_owner_guard_expression(trigger_always: bool) -> Expression {
332 Expression::new(format!(
333 "{}{}",
334 DEFAULT_REPOSITORY_OWNER_GUARD,
335 trigger_always.then_some(" && always()").unwrap_or_default()
336 ))
337}
338
339pub trait CommonJobConditions: Sized {
340 fn with_repository_owner_guard(self) -> Self;
341}
342
343impl CommonJobConditions for Job {
344 fn with_repository_owner_guard(self) -> Self {
345 self.cond(repository_owner_guard_expression(false))
346 }
347}
348
349pub(crate) fn release_job(deps: &[&NamedJob]) -> Job {
350 dependant_job(deps)
351 .with_repository_owner_guard()
352 .timeout_minutes(60u32)
353}
354
355pub(crate) fn dependant_job(deps: &[&NamedJob]) -> Job {
356 let job = Job::default();
357 if deps.len() > 0 {
358 job.needs(deps.iter().map(|j| j.name.clone()).collect::<Vec<_>>())
359 } else {
360 job
361 }
362}
363
364impl FluentBuilder for Job {}
365impl FluentBuilder for Workflow {}
366impl FluentBuilder for Input {}
367impl<T> FluentBuilder for Step<T> {}
368
369/// A helper trait for building complex objects with imperative conditionals in a fluent style.
370/// Copied from GPUI to avoid adding GPUI as dependency
371/// todo(ci) just put this in gh-workflow
372#[allow(unused)]
373pub trait FluentBuilder {
374 /// Imperatively modify self with the given closure.
375 fn map<U>(self, f: impl FnOnce(Self) -> U) -> U
376 where
377 Self: Sized,
378 {
379 f(self)
380 }
381
382 /// Conditionally modify self with the given closure.
383 fn when(self, condition: bool, then: impl FnOnce(Self) -> Self) -> Self
384 where
385 Self: Sized,
386 {
387 self.map(|this| if condition { then(this) } else { this })
388 }
389
390 /// Conditionally modify self with the given closure.
391 fn when_else(
392 self,
393 condition: bool,
394 then: impl FnOnce(Self) -> Self,
395 else_fn: impl FnOnce(Self) -> Self,
396 ) -> Self
397 where
398 Self: Sized,
399 {
400 self.map(|this| if condition { then(this) } else { else_fn(this) })
401 }
402
403 /// Conditionally unwrap and modify self with the given closure, if the given option is Some.
404 fn when_some<T>(self, option: Option<T>, then: impl FnOnce(Self, T) -> Self) -> Self
405 where
406 Self: Sized,
407 {
408 self.map(|this| {
409 if let Some(value) = option {
410 then(this, value)
411 } else {
412 this
413 }
414 })
415 }
416 /// Conditionally unwrap and modify self with the given closure, if the given option is None.
417 fn when_none<T>(self, option: &Option<T>, then: impl FnOnce(Self) -> Self) -> Self
418 where
419 Self: Sized,
420 {
421 self.map(|this| if option.is_some() { this } else { then(this) })
422 }
423}
424
425// (janky) helper to generate steps with a name that corresponds
426// to the name of the calling function.
427pub mod named {
428 use super::*;
429
430 /// Returns a uses step with the same name as the enclosing function.
431 /// (You shouldn't inline this function into the workflow definition, you must
432 /// wrap it in a new function.)
433 pub fn uses(owner: &str, repo: &str, ref_: &str) -> Step<Use> {
434 Step::new(function_name(1)).uses(owner, repo, ref_)
435 }
436
437 /// Returns a bash-script step with the same name as the enclosing function.
438 /// (You shouldn't inline this function into the workflow definition, you must
439 /// wrap it in a new function.)
440 pub fn bash(script: impl AsRef<str>) -> Step<Run> {
441 Step::new(function_name(1)).run(script.as_ref())
442 }
443
444 /// Returns a pwsh-script step with the same name as the enclosing function.
445 /// (You shouldn't inline this function into the workflow definition, you must
446 /// wrap it in a new function.)
447 pub fn pwsh(script: &str) -> Step<Run> {
448 Step::new(function_name(1)).run(script).shell(PWSH_SHELL)
449 }
450
451 /// Runs the command in either powershell or bash, depending on platform.
452 /// (You shouldn't inline this function into the workflow definition, you must
453 /// wrap it in a new function.)
454 pub fn run(platform: Platform, script: &str) -> Step<Run> {
455 match platform {
456 Platform::Windows => Step::new(function_name(1)).run(script).shell(PWSH_SHELL),
457 Platform::Linux | Platform::Mac => Step::new(function_name(1)).run(script),
458 }
459 }
460
461 /// Returns a Workflow with the same name as the enclosing module with default
462 /// set for the running shell.
463 pub fn workflow() -> Workflow {
464 Workflow::default()
465 .name(
466 named::function_name(1)
467 .split("::")
468 .collect::<Vec<_>>()
469 .into_iter()
470 .rev()
471 .skip(1)
472 .rev()
473 .collect::<Vec<_>>()
474 .join("::"),
475 )
476 .defaults(Defaults::default().run(RunDefaults::default().shell(BASH_SHELL)))
477 }
478
479 /// Returns a Job with the same name as the enclosing function.
480 /// (note job names may not contain `::`)
481 pub fn job<J: JobType>(job: Job<J>) -> NamedJob<J> {
482 NamedJob {
483 name: function_name(1).split("::").last().unwrap().to_owned(),
484 job,
485 }
486 }
487
488 /// Returns the function name N callers above in the stack
489 /// (typically 1).
490 /// This only works because xtask always runs debug builds.
491 pub fn function_name(i: usize) -> String {
492 let mut name = "<unknown>".to_string();
493 let mut count = 0;
494 backtrace::trace(|frame| {
495 if count < i + 3 {
496 count += 1;
497 return true;
498 }
499 backtrace::resolve_frame(frame, |cb| {
500 if let Some(s) = cb.name() {
501 name = s.to_string()
502 }
503 });
504 false
505 });
506
507 name.split("::")
508 .skip_while(|s| s != &"workflows")
509 .skip(1)
510 .collect::<Vec<_>>()
511 .join("::")
512 }
513}
514
515pub fn git_checkout(ref_name: &dyn std::fmt::Display) -> Step<Run> {
516 named::bash(r#"git fetch origin "$REF_NAME" && git checkout "$REF_NAME""#)
517 .add_env(("REF_NAME", ref_name.to_string()))
518}
519
520/// Non-exhaustive list of the permissions to be set for a GitHub app token.
521///
522/// See https://github.com/actions/create-github-app-token?tab=readme-ov-file#permission-permission-name
523/// and beyond for a full list of available permissions.
524#[allow(unused)]
525pub(crate) enum TokenPermissions {
526 Contents,
527 Issues,
528 PullRequests,
529 Workflows,
530}
531
532impl TokenPermissions {
533 pub fn environment_name(&self) -> &'static str {
534 match self {
535 TokenPermissions::Contents => "permission-contents",
536 TokenPermissions::Issues => "permission-issues",
537 TokenPermissions::PullRequests => "permission-pull-requests",
538 TokenPermissions::Workflows => "permission-workflows",
539 }
540 }
541}
542
543pub(crate) struct GenerateAppToken<'a> {
544 job_name: String,
545 app_id: &'a str,
546 app_secret: &'a str,
547 repository_target: Option<RepositoryTarget>,
548 permissions: Option<Vec<(TokenPermissions, Level)>>,
549}
550
551impl<'a> GenerateAppToken<'a> {
552 pub fn for_repository(self, repository_target: RepositoryTarget) -> Self {
553 Self {
554 repository_target: Some(repository_target),
555 ..self
556 }
557 }
558
559 pub fn with_permissions(self, permissions: impl Into<Vec<(TokenPermissions, Level)>>) -> Self {
560 Self {
561 permissions: Some(permissions.into()),
562 ..self
563 }
564 }
565}
566
567impl<'a> From<GenerateAppToken<'a>> for (Step<Use>, StepOutput) {
568 fn from(token: GenerateAppToken<'a>) -> Self {
569 let step = Step::new(token.job_name)
570 .uses(
571 "actions",
572 "create-github-app-token",
573 "f8d387b68d61c58ab83c6c016672934102569859",
574 )
575 .id("generate-token")
576 .add_with(
577 Input::default()
578 .add("app-id", token.app_id)
579 .add("private-key", token.app_secret)
580 .when_some(
581 token.repository_target,
582 |input,
583 RepositoryTarget {
584 owner,
585 repositories,
586 }| {
587 input
588 .when_some(owner, |input, owner| input.add("owner", owner))
589 .when_some(repositories, |input, repositories| {
590 input.add("repositories", repositories)
591 })
592 },
593 )
594 .when_some(token.permissions, |input, permissions| {
595 permissions
596 .into_iter()
597 .fold(input, |input, (permission, level)| {
598 input.add(
599 permission.environment_name(),
600 serde_json::to_value(&level).unwrap_or_default(),
601 )
602 })
603 }),
604 );
605
606 let generated_token = StepOutput::new(&step, "token");
607 (step, generated_token)
608 }
609}
610
611pub(crate) struct RepositoryTarget {
612 owner: Option<String>,
613 repositories: Option<String>,
614}
615
616impl RepositoryTarget {
617 pub fn new<T: ToString>(owner: T, repositories: &[&str]) -> Self {
618 Self {
619 owner: Some(owner.to_string()),
620 repositories: Some(repositories.join("\n")),
621 }
622 }
623
624 pub fn current() -> Self {
625 Self {
626 owner: None,
627 repositories: None,
628 }
629 }
630}
631
632pub(crate) fn generate_token<'a>(
633 app_id_source: &'a str,
634 app_secret_source: &'a str,
635) -> GenerateAppToken<'a> {
636 generate_token_with_job_name(app_id_source, app_secret_source)
637}
638
639pub fn authenticate_as_zippy() -> GenerateAppToken<'static> {
640 generate_token_with_job_name(vars::ZED_ZIPPY_APP_ID, vars::ZED_ZIPPY_APP_PRIVATE_KEY)
641}
642
643fn generate_token_with_job_name<'a>(
644 app_id_source: &'a str,
645 app_secret_source: &'a str,
646) -> GenerateAppToken<'a> {
647 GenerateAppToken {
648 job_name: function_name(1),
649 app_id: app_id_source,
650 app_secret: app_secret_source,
651 repository_target: None,
652 permissions: None,
653 }
654}