1 ######################################################
2 # WARNING! Action needed when changing this file #
3 ######################################################
5 # Due to GitHub Actions limitations, we can't use YAML Anchors directly in the
6 # CI configuration stored on the repository. To work around that this file is
7 # expanded by a tool in the repository, and the expansion is committed as well.
9 # After you make any change to the file you'll need to run this command:
11 # ./x.py run src/tools/expand-yaml-anchors
13 # ...and commit the file it updated in addition to this one. If you forget this
18 ###############################
19 # YAML Anchors Definition #
20 ###############################
22 # This key contains most of the YAML anchors that will be used later in the
23 # document. YAML anchors allows us to greatly reduce duplication inside the CI
24 # configuration by reusing parts of the configuration.
26 # YAML anchors work by defining an anchor with `&anchor-name` and reusing its
27 # content in another place with `*anchor-name`. The special `<<` map key merges
28 # the content of the map with the content of the anchor (or list of anchors).
30 # The expand-yaml-anchors tool will automatically remove this block from the
32 x--expand-yaml-anchors--remove:
34 - &shared-ci-variables
35 CI_JOB_NAME: ${{ matrix.name }}
38 SCCACHE_BUCKET: rust-lang-ci-sccache2
39 TOOLSTATE_REPO: https://github.com/rust-lang-nursery/rust-toolstate
40 CACHE_DOMAIN: ci-caches.rust-lang.org
43 SCCACHE_BUCKET: rust-lang-ci-sccache2
44 DEPLOY_BUCKET: rust-lang-ci2
45 TOOLSTATE_REPO: https://github.com/rust-lang-nursery/rust-toolstate
46 TOOLSTATE_ISSUES_API_URL: https://api.github.com/repos/rust-lang/rust/issues
48 # AWS_SECRET_ACCESS_KEYs are stored in GitHub's secrets storage, named
49 # AWS_SECRET_ACCESS_KEY_<keyid>. Including the key id in the name allows to
50 # rotate them in a single branch while keeping the old key in another
51 # branch, which wouldn't be possible if the key was named with the kind
52 # (caches, artifacts...).
53 CACHES_AWS_ACCESS_KEY_ID: AKIA46X5W6CZI5DHEBFL
54 ARTIFACTS_AWS_ACCESS_KEY_ID: AKIA46X5W6CZN24CBO55
55 CACHE_DOMAIN: ci-caches.rust-lang.org
58 SCCACHE_BUCKET: rust-lang-gha-caches
59 DEPLOY_BUCKET: rust-lang-gha
60 TOOLSTATE_REPO: https://github.com/pietroalbini/rust-toolstate
61 TOOLSTATE_ISSUES_API_URL: https://api.github.com/repos/pietroalbini/rust-toolstate/issues
63 # AWS_SECRET_ACCESS_KEYs are stored in GitHub's secrets storage, named
64 # AWS_SECRET_ACCESS_KEY_<keyid>. Including the key id in the name allows to
65 # rotate them in a single branch while keeping the old key in another
66 # branch, which wouldn't be possible if the key was named with the kind
67 # (caches, artifacts...).
68 CACHES_AWS_ACCESS_KEY_ID: AKIA46X5W6CZOMUQATD5
69 ARTIFACTS_AWS_ACCESS_KEY_ID: AKIA46X5W6CZH5AYXDVF
70 CACHE_DOMAIN: ci-caches-gha.rust-lang.org
80 os: macos-latest # We don't have an XL builder for this
88 os: [self-hosted, ARM64, linux]
91 if: success() && !env.SKIP_JOB
95 runs-on: "${{ matrix.os }}"
96 env: *shared-ci-variables
98 - name: disable git crlf conversion
99 run: git config --global core.autocrlf false
101 - name: checkout the source code
102 uses: actions/checkout@v2
106 # Rust Log Analyzer can't currently detect the PR number of a GitHub
107 # Actions build on its own, so a hint in the log message is needed to
108 # point it in the right direction.
109 - name: configure the PR in which the error message will be posted
110 run: echo "[CI_PR_NUMBER=$num]"
112 num: ${{ github.event.number }}
113 if: success() && !env.SKIP_JOB && github.event_name == 'pull_request'
115 - name: add extra environment variables
116 run: src/ci/scripts/setup-environment.sh
118 # Since it's not possible to merge `${{ matrix.env }}` with the other
119 # variables in `job.<name>.env`, the variables defined in the matrix
120 # are passed to the `setup-environment.sh` script encoded in JSON,
121 # which then uses log commands to actually set them.
122 EXTRA_VARIABLES: ${{ toJson(matrix.env) }}
125 - name: decide whether to skip this job
126 run: src/ci/scripts/should-skip-this.sh
129 - name: ensure the channel matches the target branch
130 run: src/ci/scripts/verify-channel.sh
133 - name: configure GitHub Actions to kill the build when outdated
134 uses: rust-lang/simpleinfra/github-actions/cancel-outdated-builds@master
136 github_token: "${{ secrets.github_token }}"
137 if: success() && !env.SKIP_JOB && github.ref != 'refs/heads/try'
140 - name: collect CPU statistics
141 run: src/ci/scripts/collect-cpu-stats.sh
144 - name: show the current environment
145 run: src/ci/scripts/dump-environment.sh
148 - name: install awscli
149 run: src/ci/scripts/install-awscli.sh
152 - name: install sccache
153 run: src/ci/scripts/install-sccache.sh
156 - name: install clang
157 run: src/ci/scripts/install-clang.sh
161 run: src/ci/scripts/install-wix.sh
164 - name: ensure the build happens on a partition with enough space
165 run: src/ci/scripts/symlink-build-dir.sh
168 - name: disable git crlf conversion
169 run: src/ci/scripts/disable-git-crlf-conversion.sh
172 - name: install MSYS2
173 run: src/ci/scripts/install-msys2.sh
176 - name: install MinGW
177 run: src/ci/scripts/install-mingw.sh
180 - name: install ninja
181 run: src/ci/scripts/install-ninja.sh
184 - name: enable ipv6 on Docker
185 run: src/ci/scripts/enable-docker-ipv6.sh
188 # Disable automatic line ending conversion (again). On Windows, when we're
189 # installing dependencies, something switches the git configuration directory or
190 # re-enables autocrlf. We've not tracked down the exact cause -- and there may
191 # be multiple -- but this should ensure submodules are checked out with the
192 # appropriate line endings.
193 - name: disable git crlf conversion
194 run: src/ci/scripts/disable-git-crlf-conversion.sh
197 - name: checkout submodules
198 run: src/ci/scripts/checkout-submodules.sh
201 - name: ensure line endings are correct
202 run: src/ci/scripts/verify-line-endings.sh
205 - name: ensure backported commits are in upstream branches
206 run: src/ci/scripts/verify-backported-commits.sh
209 - name: ensure the stable version number is correct
210 run: src/ci/scripts/verify-stable-version-number.sh
213 - name: run the build
214 run: src/ci/scripts/run-build-from-ci.sh
216 AWS_ACCESS_KEY_ID: ${{ env.CACHES_AWS_ACCESS_KEY_ID }}
217 AWS_SECRET_ACCESS_KEY: ${{ secrets[format('AWS_SECRET_ACCESS_KEY_{0}', env.CACHES_AWS_ACCESS_KEY_ID)] }}
218 TOOLSTATE_REPO_ACCESS_TOKEN: ${{ secrets.TOOLSTATE_REPO_ACCESS_TOKEN }}
221 - name: upload artifacts to S3
222 run: src/ci/scripts/upload-artifacts.sh
224 AWS_ACCESS_KEY_ID: ${{ env.ARTIFACTS_AWS_ACCESS_KEY_ID }}
225 AWS_SECRET_ACCESS_KEY: ${{ secrets[format('AWS_SECRET_ACCESS_KEY_{0}', env.ARTIFACTS_AWS_ACCESS_KEY_ID)] }}
226 # Adding a condition on DEPLOY=1 or DEPLOY_ALT=1 is not needed as all deploy
227 # builders *should* have the AWS credentials available. Still, explicitly
228 # adding the condition is helpful as this way CI will not silently skip
229 # deploying artifacts from a dist builder if the variables are misconfigured,
230 # erroring about invalid credentials instead.
231 if: success() && !env.SKIP_JOB && (github.event_name == 'push' || env.DEPLOY == '1' || env.DEPLOY_ALT == '1')
234 # These snippets are used by the try-success, try-failure, auto-success and auto-failure jobs.
235 # Check out their documentation for more information on why they're needed.
238 name: bors build finished
239 runs-on: ubuntu-latest
243 - name: mark the job as a success
246 <<: *base-outcome-job
250 - name: mark the job as a failure
253 <<: *base-outcome-job
255 ###########################
256 # Builders definition #
257 ###########################
273 # On Linux, macOS, and Windows, use the system-provided bash as the default
274 # shell. (This should only make a difference on Windows, where the default
275 # shell is PowerShell.)
283 <<: [*shared-ci-variables, *public-variables]
284 if: github.event_name == 'pull_request'
291 - name: x86_64-gnu-llvm-12
294 - name: x86_64-gnu-tools
296 CI_ONLY_WHEN_SUBMODULES_CHANGED: 1
303 <<: [*shared-ci-variables, *prod-variables]
304 if: github.event_name == 'push' && github.ref == 'refs/heads/auto' && github.repository == 'rust-lang-ci/rust'
308 #############################
309 # Linux/Docker builders #
310 #############################
313 <<: *job-aarch64-linux
321 - name: dist-aarch64-linux
327 - name: dist-arm-linux
330 - name: dist-armhf-linux
333 - name: dist-armv7-linux
336 - name: dist-i586-gnu-i586-i686-musl
339 - name: dist-i686-linux
342 - name: dist-mips-linux
345 - name: dist-mips64-linux
348 - name: dist-mips64el-linux
351 - name: dist-mipsel-linux
354 - name: dist-powerpc-linux
357 - name: dist-powerpc64-linux
360 - name: dist-powerpc64le-linux
363 - name: dist-riscv64-linux
366 - name: dist-s390x-linux
369 - name: dist-various-1
372 - name: dist-various-2
375 - name: dist-x86_64-freebsd
378 - name: dist-x86_64-illumos
382 name: dist-x86_64-linux
385 - name: dist-x86_64-linux-alt
387 IMAGE: dist-x86_64-linux
390 - name: dist-x86_64-musl
393 - name: dist-x86_64-netbsd
399 - name: i686-gnu-nopt
414 # This job ensures commits landing on nightly still pass the full
415 # test suite on the stable channel. There are some UI tests that
416 # depend on the channel being built (for example if they include the
417 # channel name on the output), and this builder prevents landing
418 # changes that would result in broken builds after a promotion.
419 - name: x86_64-gnu-stable
422 RUST_CI_OVERRIDE_RELEASE_CHANNEL: stable
423 # Only run this job on the nightly channel. Running this on beta
424 # could cause failures when `dev: 1` in `stage0.txt`, and running
425 # this on stable is useless.
426 CI_ONLY_WHEN_CHANNEL: nightly
429 - name: x86_64-gnu-aux
432 - name: x86_64-gnu-debug
435 - name: x86_64-gnu-distcheck
438 - name: x86_64-gnu-llvm-12
443 - name: x86_64-gnu-nopt
446 - name: x86_64-gnu-tools
448 DEPLOY_TOOLSTATES_JSON: toolstates-linux.json
455 # Only generate documentation for x86_64-apple-darwin, not other
456 # tier 2 targets produced by this builder.
457 - name: dist-x86_64-apple
459 SCRIPT: ./x.py dist --exclude rust-docs --exclude extended && ./x.py dist --target=x86_64-apple-darwin rust-docs && ./x.py dist extended
460 RUST_CONFIGURE_ARGS: --host=x86_64-apple-darwin --target=x86_64-apple-darwin,aarch64-apple-ios,x86_64-apple-ios,aarch64-apple-ios-sim --enable-full-tools --enable-sanitizers --enable-profiler --set rust.jemalloc --set llvm.ninja=false
461 RUSTC_RETRY_LINKER_ON_SEGFAULT: 1
462 MACOSX_DEPLOYMENT_TARGET: 10.7
463 NO_LLVM_ASSERTIONS: 1
464 NO_DEBUG_ASSERTIONS: 1
465 NO_OVERFLOW_CHECKS: 1
466 DIST_REQUIRE_ALL_TOOLS: 1
469 - name: dist-x86_64-apple-alt
472 RUST_CONFIGURE_ARGS: --enable-extended --enable-profiler --set rust.jemalloc --set llvm.ninja=false
473 RUSTC_RETRY_LINKER_ON_SEGFAULT: 1
474 MACOSX_DEPLOYMENT_TARGET: 10.7
475 NO_LLVM_ASSERTIONS: 1
476 NO_DEBUG_ASSERTIONS: 1
477 NO_OVERFLOW_CHECKS: 1
482 SCRIPT: ./x.py --stage 2 test
483 RUST_CONFIGURE_ARGS: --build=x86_64-apple-darwin --enable-sanitizers --enable-profiler --set rust.jemalloc --set llvm.ninja=false
484 RUSTC_RETRY_LINKER_ON_SEGFAULT: 1
485 MACOSX_DEPLOYMENT_TARGET: 10.8
486 MACOSX_STD_DEPLOYMENT_TARGET: 10.7
487 NO_LLVM_ASSERTIONS: 1
488 NO_DEBUG_ASSERTIONS: 1
489 NO_OVERFLOW_CHECKS: 1
492 # This target only needs to support 11.0 and up as nothing else supports the hardware
493 - name: dist-aarch64-apple
495 SCRIPT: ./x.py dist --stage 2
496 RUST_CONFIGURE_ARGS: >-
497 --build=x86_64-apple-darwin
498 --host=aarch64-apple-darwin
499 --target=aarch64-apple-darwin
505 --set llvm.ninja=false
506 RUSTC_RETRY_LINKER_ON_SEGFAULT: 1
508 MACOSX_DEPLOYMENT_TARGET: 11.0
509 MACOSX_STD_DEPLOYMENT_TARGET: 11.0
510 NO_LLVM_ASSERTIONS: 1
511 NO_DEBUG_ASSERTIONS: 1
512 NO_OVERFLOW_CHECKS: 1
513 DIST_REQUIRE_ALL_TOOLS: 1
514 # Corresponds to 16K page size
516 # Shouldn't be needed if jemalloc-sys is updated to
517 # handle this platform like iOS or if we build on
518 # aarch64-apple-darwin itself.
520 # https://github.com/gnzlbg/jemallocator/blob/c27a859e98e3cb790dc269773d9da71a1e918458/jemalloc-sys/build.rs#L237
521 JEMALLOC_SYS_WITH_LG_PAGE: 14
524 ######################
526 ######################
528 - name: x86_64-msvc-1
530 RUST_CONFIGURE_ARGS: --build=x86_64-pc-windows-msvc --enable-profiler
531 SCRIPT: make ci-subset-1
534 - name: x86_64-msvc-2
536 RUST_CONFIGURE_ARGS: --build=x86_64-pc-windows-msvc --enable-profiler
537 SCRIPT: make ci-subset-2
542 RUST_CONFIGURE_ARGS: --build=i686-pc-windows-msvc
543 SCRIPT: make ci-subset-1
548 RUST_CONFIGURE_ARGS: --build=i686-pc-windows-msvc
549 SCRIPT: make ci-subset-2
552 - name: x86_64-msvc-cargo
554 SCRIPT: python x.py --stage 2 test src/tools/cargotest src/tools/cargo
555 RUST_CONFIGURE_ARGS: --build=x86_64-pc-windows-msvc --enable-lld
558 - name: x86_64-msvc-tools
560 SCRIPT: src/ci/docker/host-x86_64/x86_64-gnu-tools/checktools.sh x.py /tmp/toolstate/toolstates.json windows
561 RUST_CONFIGURE_ARGS: --build=x86_64-pc-windows-msvc --save-toolstates=/tmp/toolstate/toolstates.json
562 DEPLOY_TOOLSTATES_JSON: toolstates-windows.json
565 # 32/64-bit MinGW builds.
567 # We are using MinGW with POSIX threads since LLVM requires
568 # C++'s std::thread which is disabled in libstdc++ with win32 threads.
569 # FIXME: Libc++ doesn't have this limitation so we can avoid
570 # winpthreads if we switch to it.
572 # Instead of relying on the MinGW version installed on CI we download
573 # and install one ourselves so we won't be surprised by changes to CI's
576 # Finally, note that the downloads below are all in the `rust-lang-ci` S3
577 # bucket, but they clearly didn't originate there! The downloads originally
578 # came from the mingw-w64 SourceForge download site. Unfortunately
579 # SourceForge is notoriously flaky, so we mirror it on our own infrastructure.
583 RUST_CONFIGURE_ARGS: --build=i686-pc-windows-gnu
584 SCRIPT: make ci-mingw-subset-1
590 RUST_CONFIGURE_ARGS: --build=i686-pc-windows-gnu
591 SCRIPT: make ci-mingw-subset-2
595 - name: x86_64-mingw-1
597 SCRIPT: make ci-mingw-subset-1
598 RUST_CONFIGURE_ARGS: --build=x86_64-pc-windows-gnu --enable-profiler
602 - name: x86_64-mingw-2
604 SCRIPT: make ci-mingw-subset-2
605 RUST_CONFIGURE_ARGS: --build=x86_64-pc-windows-gnu --enable-profiler
609 - name: dist-x86_64-msvc
611 RUST_CONFIGURE_ARGS: >-
612 --build=x86_64-pc-windows-msvc
613 --host=x86_64-pc-windows-msvc
614 --target=x86_64-pc-windows-msvc
617 SCRIPT: python x.py dist
618 DIST_REQUIRE_ALL_TOOLS: 1
621 - name: dist-i686-msvc
623 RUST_CONFIGURE_ARGS: >-
624 --build=i686-pc-windows-msvc
625 --host=i686-pc-windows-msvc
626 --target=i686-pc-windows-msvc,i586-pc-windows-msvc
629 SCRIPT: python x.py dist
630 DIST_REQUIRE_ALL_TOOLS: 1
633 - name: dist-aarch64-msvc
635 RUST_CONFIGURE_ARGS: >-
636 --build=x86_64-pc-windows-msvc
637 --host=aarch64-pc-windows-msvc
640 SCRIPT: python x.py dist
641 # RLS does not build for aarch64-pc-windows-msvc. See rust-lang/rls#1693
642 DIST_REQUIRE_ALL_TOOLS: 0
643 # Hack around this SDK version, because it doesn't work with clang.
644 # See https://github.com/rust-lang/rust/issues/88796
645 WINDOWS_SDK_20348_HACK: 1
648 - name: dist-i686-mingw
650 RUST_CONFIGURE_ARGS: --build=i686-pc-windows-gnu --enable-full-tools --enable-profiler
651 SCRIPT: python x.py dist
653 DIST_REQUIRE_ALL_TOOLS: 1
656 - name: dist-x86_64-mingw
658 SCRIPT: python x.py dist
659 RUST_CONFIGURE_ARGS: --build=x86_64-pc-windows-gnu --enable-full-tools --enable-profiler
661 DIST_REQUIRE_ALL_TOOLS: 1
664 - name: dist-x86_64-msvc-alt
666 RUST_CONFIGURE_ARGS: --build=x86_64-pc-windows-msvc --enable-extended --enable-profiler
667 SCRIPT: python x.py dist
674 <<: [*shared-ci-variables, *prod-variables]
675 if: github.event_name == 'push' && (github.ref == 'refs/heads/try' || github.ref == 'refs/heads/try-perf') && github.repository == 'rust-lang-ci/rust'
680 name: dist-x86_64-linux
685 runs-on: ubuntu-latest
687 <<: [*prod-variables]
688 if: github.event_name == 'push' && github.ref == 'refs/heads/master' && github.repository == 'rust-lang-ci/rust'
690 - name: checkout the source code
691 uses: actions/checkout@v2
695 - name: publish toolstate
696 run: src/ci/publish_toolstate.sh
699 TOOLSTATE_REPO_ACCESS_TOKEN: ${{ secrets.TOOLSTATE_REPO_ACCESS_TOKEN }}
702 # These jobs don't actually test anything, but they're used to tell bors the
703 # build completed, as there is no practical way to detect when a workflow is
704 # successful listening to webhooks only.
707 if: "success() && github.event_name == 'push' && (github.ref == 'refs/heads/try' || github.ref == 'refs/heads/try-perf') && github.repository == 'rust-lang-ci/rust'"
708 <<: *base-success-job
711 if: "!success() && github.event_name == 'push' && (github.ref == 'refs/heads/try' || github.ref == 'refs/heads/try-perf') && github.repository == 'rust-lang-ci/rust'"
712 <<: *base-failure-job
715 if: "success() && github.event_name == 'push' && github.ref == 'refs/heads/auto' && github.repository == 'rust-lang-ci/rust'"
716 <<: *base-success-job
719 if: "!success() && github.event_name == 'push' && github.ref == 'refs/heads/auto' && github.repository == 'rust-lang-ci/rust'"
720 <<: *base-failure-job