From fd02272c3dff0ecde706a29853dbbcc2e63dcafe Mon Sep 17 00:00:00 2001 From: Kaslo Date: Sat, 20 Dec 2025 11:26:27 -0600 Subject: [PATCH] remove github actions workflows --- .gitattributes | 1 + .github/workflows/docker.yml | 155 ---- .github/workflows/docs-pr-netlify.yaml | 34 - .github/workflows/docs-pr.yaml | 71 -- .github/workflows/docs.yaml | 99 --- .github/workflows/fix_lint.yaml | 52 -- .github/workflows/latest_deps.yml | 243 ------ .github/workflows/poetry_lockfile.yaml | 24 - .github/workflows/push_complement_image.yml | 74 -- .github/workflows/release-artifacts.yml | 208 ----- .github/workflows/schema.yaml | 57 -- .github/workflows/tests.yml | 792 -------------------- .github/workflows/triage-incoming.yml | 14 - .github/workflows/triage_labelled.yml | 31 - .github/workflows/twisted_trunk.yml | 226 ------ 15 files changed, 1 insertion(+), 2080 deletions(-) create mode 100644 .gitattributes delete mode 100644 .github/workflows/docker.yml delete mode 100644 .github/workflows/docs-pr-netlify.yaml delete mode 100644 .github/workflows/docs-pr.yaml delete mode 100644 .github/workflows/docs.yaml delete mode 100644 .github/workflows/fix_lint.yaml delete mode 100644 .github/workflows/latest_deps.yml delete mode 100644 .github/workflows/poetry_lockfile.yaml delete mode 100644 .github/workflows/push_complement_image.yml delete mode 100644 .github/workflows/release-artifacts.yml delete mode 100644 .github/workflows/schema.yaml delete mode 100644 .github/workflows/tests.yml delete mode 100644 .github/workflows/triage-incoming.yml delete mode 100644 .github/workflows/triage_labelled.yml delete mode 100644 .github/workflows/twisted_trunk.yml diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000000..7d377dcc26 --- /dev/null +++ b/.gitattributes @@ -0,0 +1 @@ +.github/workflows/* merge=ours diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index aaf1e22d3c..0000000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,155 +0,0 @@ -# GitHub actions workflow which builds and publishes the docker images. - -name: Build docker images - -on: - push: - tags: ["v*"] - branches: [master, main, develop] - workflow_dispatch: - -permissions: - contents: read - packages: write - id-token: write # needed for signing the images with GitHub OIDC Token -jobs: - build: - name: Build and push image for ${{ matrix.platform }} - runs-on: ${{ matrix.runs_on }} - strategy: - matrix: - include: - - platform: linux/amd64 - runs_on: ubuntu-24.04 - suffix: linux-amd64 - - platform: linux/arm64 - runs_on: ubuntu-24.04-arm - suffix: linux-arm64 - steps: - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - - - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Extract version from pyproject.toml - # Note: explicitly requesting bash will mean bash is invoked with `-eo pipefail`, see - # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsshell - shell: bash - run: | - echo "SYNAPSE_VERSION=$(grep "^version" pyproject.toml | sed -E 's/version\s*=\s*["]([^"]*)["]/\1/')" >> $GITHUB_ENV - - - name: Log in to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Log in to GHCR - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Build and push by digest - id: build - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 - with: - push: true - labels: | - gitsha1=${{ github.sha }} - org.opencontainers.image.version=${{ env.SYNAPSE_VERSION }} - tags: | - docker.io/matrixdotorg/synapse - ghcr.io/element-hq/synapse - file: "docker/Dockerfile" - platforms: ${{ matrix.platform }} - outputs: type=image,push-by-digest=true,name-canonical=true,push=true - - - name: Export digest - run: | - mkdir -p ${{ runner.temp }}/digests - digest="${{ steps.build.outputs.digest }}" - touch "${{ runner.temp }}/digests/${digest#sha256:}" - - - name: Upload digest - uses: actions/upload-artifact@v5 - with: - name: digests-${{ matrix.suffix }} - path: ${{ runner.temp }}/digests/* - if-no-files-found: error - retention-days: 1 - - merge: - name: Push merged images to ${{ matrix.repository }} - runs-on: ubuntu-latest - strategy: - matrix: - repository: - - docker.io/matrixdotorg/synapse - - ghcr.io/element-hq/synapse - - needs: - - build - steps: - - name: Download digests - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - with: - path: ${{ runner.temp }}/digests - pattern: digests-* - merge-multiple: true - - - name: Log in to DockerHub - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - if: ${{ startsWith(matrix.repository, 'docker.io') }} - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Log in to GHCR - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - if: ${{ startsWith(matrix.repository, 'ghcr.io') }} - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - - - name: Install Cosign - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 - - - name: Calculate docker image tag - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 - with: - images: ${{ matrix.repository }} - flavor: | - latest=false - tags: | - type=raw,value=develop,enable=${{ github.ref == 'refs/heads/develop' }} - type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }} - type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }} - type=pep440,pattern={{raw}} - type=sha - - - name: Create manifest list and push - working-directory: ${{ runner.temp }}/digests - env: - REPOSITORY: ${{ matrix.repository }} - run: | - docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ - $(printf "$REPOSITORY@sha256:%s " *) - - - name: Sign each manifest - env: - REPOSITORY: ${{ matrix.repository }} - run: | - DIGESTS="" - for TAG in $(echo "$DOCKER_METADATA_OUTPUT_JSON" | jq -r '.tags[]'); do - DIGEST="$(docker buildx imagetools inspect $TAG --format '{{json .Manifest}}' | jq -r '.digest')" - DIGESTS="$DIGESTS $REPOSITORY@$DIGEST" - done - cosign sign --yes $DIGESTS diff --git a/.github/workflows/docs-pr-netlify.yaml b/.github/workflows/docs-pr-netlify.yaml deleted file mode 100644 index 53a2d6b597..0000000000 --- a/.github/workflows/docs-pr-netlify.yaml +++ /dev/null @@ -1,34 +0,0 @@ -name: Deploy documentation PR preview - -on: - workflow_run: - workflows: [ "Prepare documentation PR preview" ] - types: - - completed - -jobs: - netlify: - if: github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'pull_request' - runs-on: ubuntu-latest - steps: - # There's a 'download artifact' action, but it hasn't been updated for the workflow_run action - # (https://github.com/actions/download-artifact/issues/60) so instead we get this mess: - - name: 📥 Download artifact - uses: dawidd6/action-download-artifact@ac66b43f0e6a346234dd65d4d0c8fbb31cb316e5 # v11 - with: - workflow: docs-pr.yaml - run_id: ${{ github.event.workflow_run.id }} - name: book - path: book - - - name: 📤 Deploy to Netlify - uses: matrix-org/netlify-pr-preview@9805cd123fc9a7e421e35340a05e1ebc5dee46b5 # v3 - with: - path: book - owner: ${{ github.event.workflow_run.head_repository.owner.login }} - branch: ${{ github.event.workflow_run.head_branch }} - revision: ${{ github.event.workflow_run.head_sha }} - token: ${{ secrets.NETLIFY_AUTH_TOKEN }} - site_id: ${{ secrets.NETLIFY_SITE_ID }} - desc: Documentation preview - deployment_env: PR Documentation Preview diff --git a/.github/workflows/docs-pr.yaml b/.github/workflows/docs-pr.yaml deleted file mode 100644 index 4d28533a27..0000000000 --- a/.github/workflows/docs-pr.yaml +++ /dev/null @@ -1,71 +0,0 @@ -name: Prepare documentation PR preview - -on: - pull_request: - paths: - - docs/** - - book.toml - - .github/workflows/docs-pr.yaml - - scripts-dev/schema_versions.py - -jobs: - pages: - name: GitHub Pages - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - with: - # Fetch all history so that the schema_versions script works. - fetch-depth: 0 - - - name: Setup mdbook - uses: peaceiris/actions-mdbook@ee69d230fe19748b7abf22df32acaa93833fad08 # v2.0.0 - with: - mdbook-version: '0.4.17' - - - name: Setup python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - - run: "pip install 'packaging>=20.0' 'GitPython>=3.1.20'" - - - name: Build the documentation - # mdbook will only create an index.html if we're including docs/README.md in SUMMARY.md. - # However, we're using docs/README.md for other purposes and need to pick a new page - # as the default. Let's opt for the welcome page instead. - run: | - mdbook build - cp book/welcome_and_overview.html book/index.html - - - name: Upload Artifact - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - with: - name: book - path: book - # We'll only use this in a workflow_run, then we're done with it - retention-days: 1 - - link-check: - name: Check links in documentation - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Setup mdbook - uses: peaceiris/actions-mdbook@ee69d230fe19748b7abf22df32acaa93833fad08 # v2.0.0 - with: - mdbook-version: '0.4.17' - - - name: Setup htmltest - run: | - wget https://github.com/wjdp/htmltest/releases/download/v0.17.0/htmltest_0.17.0_linux_amd64.tar.gz - echo '775c597ee74899d6002cd2d93076f897f4ba68686bceabe2e5d72e84c57bc0fb htmltest_0.17.0_linux_amd64.tar.gz' | sha256sum -c - tar zxf htmltest_0.17.0_linux_amd64.tar.gz - - - name: Test links with htmltest - # Build the book with `./` as the site URL (to make checks on 404.html possible) - # Then run htmltest (without checking external links since that involves the network and is slow). - run: | - MDBOOK_OUTPUT__HTML__SITE_URL="./" mdbook build - ./htmltest book --skip-external diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml deleted file mode 100644 index 51944b13e8..0000000000 --- a/.github/workflows/docs.yaml +++ /dev/null @@ -1,99 +0,0 @@ -name: Deploy the documentation - -on: - push: - branches: - # For bleeding-edge documentation - - develop - # For documentation specific to a release - - 'release-v*' - # stable docs - - master - - workflow_dispatch: - -jobs: - pre: - name: Calculate variables for GitHub Pages deployment - runs-on: ubuntu-latest - steps: - # Figure out the target directory. - # - # The target directory depends on the name of the branch - # - - name: Get the target directory name - id: vars - run: | - # first strip the 'refs/heads/' prefix with some shell foo - branch="${GITHUB_REF#refs/heads/}" - - case $branch in - release-*) - # strip 'release-' from the name for release branches. - branch="${branch#release-}" - ;; - master) - # deploy to "latest" for the master branch. - branch="latest" - ;; - esac - - # finally, set the 'branch-version' var. - echo "branch-version=$branch" >> "$GITHUB_OUTPUT" - outputs: - branch-version: ${{ steps.vars.outputs.branch-version }} - -################################################################################ - pages-docs: - name: GitHub Pages - runs-on: ubuntu-latest - needs: - - pre - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - with: - # Fetch all history so that the schema_versions script works. - fetch-depth: 0 - - - name: Setup mdbook - uses: peaceiris/actions-mdbook@ee69d230fe19748b7abf22df32acaa93833fad08 # v2.0.0 - with: - mdbook-version: '0.4.17' - - - name: Set version of docs - run: echo 'window.SYNAPSE_VERSION = "${{ needs.pre.outputs.branch-version }}";' > ./docs/website_files/version.js - - - name: Setup python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - - run: "pip install 'packaging>=20.0' 'GitPython>=3.1.20'" - - - name: Build the documentation - # mdbook will only create an index.html if we're including docs/README.md in SUMMARY.md. - # However, we're using docs/README.md for other purposes and need to pick a new page - # as the default. Let's opt for the welcome page instead. - run: | - mdbook build - cp book/welcome_and_overview.html book/index.html - - - name: Prepare and publish schema files - run: | - sudo apt-get update && sudo apt-get install -y yq - mkdir -p book/schema - # Remove developer notice before publishing. - rm schema/v*/Do\ not\ edit\ files\ in\ this\ folder - # Copy schema files that are independent from current Synapse version. - cp -r -t book/schema schema/v*/ - # Convert config schema from YAML source file to JSON. - yq < schema/synapse-config.schema.yaml \ - > book/schema/synapse-config.schema.json - - # Deploy to the target directory. - - name: Deploy to gh pages - uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - publish_dir: ./book - destination_dir: ./${{ needs.pre.outputs.branch-version }} diff --git a/.github/workflows/fix_lint.yaml b/.github/workflows/fix_lint.yaml deleted file mode 100644 index 9daea3f378..0000000000 --- a/.github/workflows/fix_lint.yaml +++ /dev/null @@ -1,52 +0,0 @@ -# A helper workflow to automatically fixup any linting errors on a PR. Must be -# triggered manually. - -name: Attempt to automatically fix linting errors - -on: - workflow_dispatch: - -env: - # We use nightly so that `fmt` correctly groups together imports, and - # clippy correctly fixes up the benchmarks. - RUST_VERSION: nightly-2025-06-24 - -jobs: - fixup: - name: Fix up - runs-on: ubuntu-latest - - steps: - - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - components: clippy, rustfmt - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - name: Setup Poetry - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - install-project: "false" - poetry-version: "2.1.1" - - - name: Run ruff check - continue-on-error: true - run: poetry run ruff check --fix . - - - name: Run ruff format - continue-on-error: true - run: poetry run ruff format --quiet . - - - run: cargo clippy --all-features --fix -- -D warnings - continue-on-error: true - - - run: cargo fmt - continue-on-error: true - - - uses: stefanzweifel/git-auto-commit-action@28e16e81777b558cc906c8750092100bbb34c5e3 # v7.0.0 - with: - commit_message: "Attempt to fix linting" diff --git a/.github/workflows/latest_deps.yml b/.github/workflows/latest_deps.yml deleted file mode 100644 index c356ee8e3d..0000000000 --- a/.github/workflows/latest_deps.yml +++ /dev/null @@ -1,243 +0,0 @@ -# People who are freshly `pip install`ing from PyPI will pull in the latest versions of -# dependencies which match the broad requirements. Since most CI runs are against -# the locked poetry environment, run specifically against the latest dependencies to -# know if there's an upcoming breaking change. -# -# As an overview this workflow: -# - checks out develop, -# - installs from source, pulling in the dependencies like a fresh `pip install` would, and -# - runs mypy and test suites in that checkout. -# -# Based on the twisted trunk CI job. - -name: Latest dependencies - -on: - schedule: - - cron: 0 7 * * * - workflow_dispatch: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -env: - RUST_VERSION: 1.87.0 - -jobs: - check_repo: - # Prevent this workflow from running on any fork of Synapse other than element-hq/synapse, as it is - # only useful to the Synapse core team. - # All other workflow steps depend on this one, thus if 'should_run_workflow' is not 'true', the rest - # of the workflow will be skipped as well. - runs-on: ubuntu-latest - outputs: - should_run_workflow: ${{ steps.check_condition.outputs.should_run_workflow }} - steps: - - id: check_condition - run: echo "should_run_workflow=${{ github.repository == 'element-hq/synapse' }}" >> "$GITHUB_OUTPUT" - - mypy: - needs: check_repo - if: needs.check_repo.outputs.should_run_workflow == 'true' - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - # The dev dependencies aren't exposed in the wheel metadata (at least with current - # poetry-core versions), so we install with poetry. - - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - python-version: "3.x" - poetry-version: "2.1.1" - extras: "all" - # Dump installed versions for debugging. - - run: poetry run pip list > before.txt - # Upgrade all runtime dependencies only. This is intended to mimic a fresh - # `pip install matrix-synapse[all]` as closely as possible. - - run: poetry update --without dev - - run: poetry run pip list > after.txt && (diff -u before.txt after.txt || true) - - name: Remove unhelpful options from mypy config - run: sed -e '/warn_unused_ignores = True/d' -e '/warn_redundant_casts = True/d' -i mypy.ini - - run: poetry run mypy - trial: - needs: check_repo - if: needs.check_repo.outputs.should_run_workflow == 'true' - runs-on: ubuntu-latest - strategy: - matrix: - include: - - database: "sqlite" - - database: "postgres" - postgres-version: "14" - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - run: sudo apt-get -qq install xmlsec1 - - name: Set up PostgreSQL ${{ matrix.postgres-version }} - if: ${{ matrix.postgres-version }} - run: | - docker run -d -p 5432:5432 \ - -e POSTGRES_PASSWORD=postgres \ - -e POSTGRES_INITDB_ARGS="--lc-collate C --lc-ctype C --encoding UTF8" \ - postgres:${{ matrix.postgres-version }} - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - run: pip install .[all,test] - - name: Await PostgreSQL - if: ${{ matrix.postgres-version }} - timeout-minutes: 2 - run: until pg_isready -h localhost; do sleep 1; done - - # We nuke the local copy, as we've installed synapse into the virtualenv - # (rather than use an editable install, which we no longer support). If we - # don't do this then python can't find the native lib. - - run: rm -rf synapse/ - - - run: python -m twisted.trial --jobs=2 tests - env: - SYNAPSE_POSTGRES: ${{ matrix.database == 'postgres' || '' }} - SYNAPSE_POSTGRES_HOST: localhost - SYNAPSE_POSTGRES_USER: postgres - SYNAPSE_POSTGRES_PASSWORD: postgres - - name: Dump logs - # Logs are most useful when the command fails, always include them. - if: ${{ always() }} - # Note: Dumps to workflow logs instead of using actions/upload-artifact - # This keeps logs colocated with failing jobs - # It also ignores find's exit code; this is a best effort affair - run: >- - find _trial_temp -name '*.log' - -exec echo "::group::{}" \; - -exec cat {} \; - -exec echo "::endgroup::" \; - || true - - - sytest: - needs: check_repo - if: needs.check_repo.outputs.should_run_workflow == 'true' - runs-on: ubuntu-latest - container: - image: matrixdotorg/sytest-synapse:testing - volumes: - - ${{ github.workspace }}:/src - strategy: - fail-fast: false - matrix: - include: - - sytest-tag: bookworm - - - sytest-tag: bookworm - postgres: postgres - workers: workers - redis: redis - env: - POSTGRES: ${{ matrix.postgres && 1}} - WORKERS: ${{ matrix.workers && 1 }} - REDIS: ${{ matrix.redis && 1 }} - BLACKLIST: ${{ matrix.workers && 'synapse-blacklist-with-workers' }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - name: Ensure sytest runs `pip install` - # Delete the lockfile so sytest will `pip install` rather than `poetry install` - run: rm /src/poetry.lock - working-directory: /src - - name: Prepare test blacklist - run: cat sytest-blacklist .ci/worker-blacklist > synapse-blacklist-with-workers - - name: Run SyTest - run: /bootstrap.sh synapse - working-directory: /src - - name: Summarise results.tap - if: ${{ always() }} - run: /sytest/scripts/tap_to_gha.pl /logs/results.tap - - name: Upload SyTest logs - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - if: ${{ always() }} - with: - name: Sytest Logs - ${{ job.status }} - (${{ join(matrix.*, ', ') }}) - path: | - /logs/results.tap - /logs/**/*.log* - - - complement: - needs: check_repo - if: "!failure() && !cancelled() && needs.check_repo.outputs.should_run_workflow == 'true'" - runs-on: ubuntu-latest - - strategy: - fail-fast: false - matrix: - include: - - arrangement: monolith - database: SQLite - - - arrangement: monolith - database: Postgres - - - arrangement: workers - database: Postgres - - steps: - - name: Check out synapse codebase - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - with: - path: synapse - - - name: Prepare Complement's Prerequisites - run: synapse/.ci/scripts/setup_complement_prerequisites.sh - - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 - with: - cache-dependency-path: complement/go.sum - go-version-file: complement/go.mod - - - run: | - set -o pipefail - TEST_ONLY_IGNORE_POETRY_LOCKFILE=1 POSTGRES=${{ (matrix.database == 'Postgres') && 1 || '' }} WORKERS=${{ (matrix.arrangement == 'workers') && 1 || '' }} COMPLEMENT_DIR=`pwd`/complement synapse/scripts-dev/complement.sh -json 2>&1 | synapse/.ci/scripts/gotestfmt - shell: bash - name: Run Complement Tests - - # Open an issue if the build fails, so we know about it. - # Only do this if we're not experimenting with this action in a PR. - open-issue: - if: "failure() && github.event_name != 'push' && github.event_name != 'pull_request' && needs.check_repo.outputs.should_run_workflow == 'true'" - needs: - # TODO: should mypy be included here? It feels more brittle than the others. - - mypy - - trial - - sytest - - complement - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - update_existing: true - filename: .ci/latest_deps_build_failed_issue_template.md diff --git a/.github/workflows/poetry_lockfile.yaml b/.github/workflows/poetry_lockfile.yaml deleted file mode 100644 index 5c139bf574..0000000000 --- a/.github/workflows/poetry_lockfile.yaml +++ /dev/null @@ -1,24 +0,0 @@ -on: - push: - branches: ["develop", "release-*"] - paths: - - poetry.lock - pull_request: - paths: - - poetry.lock - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - check-sdists: - name: "Check locked dependencies have sdists" - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: '3.x' - - run: pip install tomli - - run: ./scripts-dev/check_locked_deps_have_sdists.py diff --git a/.github/workflows/push_complement_image.yml b/.github/workflows/push_complement_image.yml deleted file mode 100644 index ed82482505..0000000000 --- a/.github/workflows/push_complement_image.yml +++ /dev/null @@ -1,74 +0,0 @@ -# This task does not run complement tests, see tests.yaml instead. -# This task does not build docker images for synapse for use on docker hub, see docker.yaml instead - -name: Store complement-synapse image in ghcr.io -on: - push: - branches: [ "master" ] - schedule: - - cron: '0 5 * * *' - workflow_dispatch: - inputs: - branch: - required: true - default: 'develop' - type: choice - options: - - develop - - master - -# Only run this action once per pull request/branch; restart if a new commit arrives. -# C.f. https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#concurrency -# and https://docs.github.com/en/actions/reference/context-and-expression-syntax-for-github-actions#github-context -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - build: - name: Build and push complement image - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - steps: - - name: Checkout specific branch (debug build) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - if: github.event_name == 'workflow_dispatch' - with: - ref: ${{ inputs.branch }} - - name: Checkout clean copy of develop (scheduled build) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - if: github.event_name == 'schedule' - with: - ref: develop - - name: Checkout clean copy of master (on-push) - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - if: github.event_name == 'push' - with: - ref: master - - name: Login to registry - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Work out labels for complement image - id: meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 - with: - images: ghcr.io/${{ github.repository }}/complement-synapse - tags: | - type=schedule,pattern=nightly,enable=${{ github.event_name == 'schedule'}} - type=raw,value=develop,enable=${{ github.event_name == 'schedule' || inputs.branch == 'develop' }} - type=raw,value=latest,enable=${{ github.event_name == 'push' || inputs.branch == 'master' }} - type=sha,format=long - - name: Run scripts-dev/complement.sh to generate complement-synapse:latest image. - run: scripts-dev/complement.sh --build-only - - name: Tag and push generated image - run: | - for TAG in ${{ join(fromJson(steps.meta.outputs.json).tags, ' ') }}; do - echo "tag and push $TAG" - docker tag complement-synapse $TAG - docker push $TAG - done diff --git a/.github/workflows/release-artifacts.yml b/.github/workflows/release-artifacts.yml deleted file mode 100644 index 531680b989..0000000000 --- a/.github/workflows/release-artifacts.yml +++ /dev/null @@ -1,208 +0,0 @@ -# GitHub actions workflow which builds the release artifacts. - -name: Build release artifacts - -on: - # we build on PRs and develop to (hopefully) get early warning - # of things breaking (but only build one set of debs). PRs skip - # building wheels on macOS & ARM. - pull_request: - push: - branches: ["develop", "release-*"] - - # we do the full build on tags. - tags: ["v*"] - merge_group: - workflow_dispatch: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -permissions: - contents: write - -jobs: - get-distros: - name: "Calculate list of debian distros" - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - id: set-distros - run: | - # if we're running from a tag, get the full list of distros; otherwise just use debian:sid - # NOTE: inside the actual Dockerfile-dhvirtualenv, the image name is expanded into its full image path - dists='["debian:sid"]' - if [[ $GITHUB_REF == refs/tags/* ]]; then - dists=$(scripts-dev/build_debian_packages.py --show-dists-json) - fi - echo "distros=$dists" >> "$GITHUB_OUTPUT" - # map the step outputs to job outputs - outputs: - distros: ${{ steps.set-distros.outputs.distros }} - - # now build the packages with a matrix build. - build-debs: - needs: get-distros - name: "Build .deb packages" - runs-on: ubuntu-latest - strategy: - matrix: - distro: ${{ fromJson(needs.get-distros.outputs.distros) }} - - steps: - - name: Checkout - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - with: - path: src - - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 - with: - install: true - - - name: Set up docker layer caching - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - - name: Set up python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - - name: Build the packages - # see https://github.com/docker/build-push-action/issues/252 - # for the cache magic here - run: | - ./src/scripts-dev/build_debian_packages.py \ - --docker-build-arg=--cache-from=type=local,src=/tmp/.buildx-cache \ - --docker-build-arg=--cache-to=type=local,mode=max,dest=/tmp/.buildx-cache-new \ - --docker-build-arg=--progress=plain \ - --docker-build-arg=--load \ - "${{ matrix.distro }}" - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache - - - name: Artifact name - id: artifact-name - # We can't have colons in the upload name of the artifact, so we convert - # e.g. `debian:sid` to `sid`. - env: - DISTRO: ${{ matrix.distro }} - run: | - echo "ARTIFACT_NAME=${DISTRO#*:}" >> "$GITHUB_OUTPUT" - - - name: Upload debs as artifacts - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - with: - name: debs-${{ steps.artifact-name.outputs.ARTIFACT_NAME }} - path: debs/* - - build-wheels: - name: Build wheels on ${{ matrix.os }} - runs-on: ${{ matrix.os }} - strategy: - matrix: - os: - - ubuntu-24.04 - - ubuntu-24.04-arm - # is_pr is a flag used to exclude certain jobs from the matrix on PRs. - # It is not read by the rest of the workflow. - is_pr: - - ${{ startsWith(github.ref, 'refs/pull/') }} - - exclude: - # Don't build aarch64 wheels on PR CI. - - is_pr: true - os: "ubuntu-24.04-arm" - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - # setup-python@v4 doesn't impose a default python version. Need to use 3.x - # here, because `python` on osx points to Python 2.7. - python-version: "3.x" - - - name: Install cibuildwheel - run: python -m pip install cibuildwheel==3.2.1 - - - name: Only build a single wheel on PR - if: startsWith(github.ref, 'refs/pull/') - run: echo "CIBW_BUILD="cp310-manylinux_*"" >> $GITHUB_ENV - - - name: Build wheels - run: python -m cibuildwheel --output-dir wheelhouse - env: - # The platforms that we build for are determined by the - # `tool.cibuildwheel.skip` option in `pyproject.toml`. - - # We skip testing wheels for the following platforms in CI: - # - # pp3*-* (PyPy wheels) broke in CI (TODO: investigate). - # musl: (TODO: investigate). - CIBW_TEST_SKIP: pp3*-* *musl* - - - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - with: - name: Wheel-${{ matrix.os }} - path: ./wheelhouse/*.whl - - build-sdist: - name: Build sdist - runs-on: ubuntu-latest - if: ${{ !startsWith(github.ref, 'refs/pull/') }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.10" - - - run: pip install build - - - name: Build sdist - run: python -m build --sdist - - - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - with: - name: Sdist - path: dist/*.tar.gz - - # if it's a tag, create a release and attach the artifacts to it - attach-assets: - name: "Attach assets to release" - if: ${{ !failure() && !cancelled() && startsWith(github.ref, 'refs/tags/') }} - needs: - - build-debs - - build-wheels - - build-sdist - runs-on: ubuntu-latest - steps: - - name: Download all workflow run artifacts - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 - - name: Build a tarball for the debs - # We need to merge all the debs uploads into one folder, then compress - # that. - run: | - mkdir debs - mv debs*/* debs/ - tar -cvJf debs.tar.xz debs - - name: Attach to release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - gh release upload "${{ github.ref_name }}" \ - Sdist/* \ - Wheel*/* \ - debs.tar.xz \ - --repo ${{ github.repository }} diff --git a/.github/workflows/schema.yaml b/.github/workflows/schema.yaml deleted file mode 100644 index 0755a5f023..0000000000 --- a/.github/workflows/schema.yaml +++ /dev/null @@ -1,57 +0,0 @@ -name: Schema - -on: - pull_request: - paths: - - schema/** - - docs/usage/configuration/config_documentation.md - push: - branches: ["develop", "release-*"] - workflow_dispatch: - -jobs: - validate-schema: - name: Ensure Synapse config schema is valid - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - name: Install check-jsonschema - run: pip install check-jsonschema==0.33.0 - - - name: Validate meta schema - run: check-jsonschema --check-metaschema schema/v*/meta.schema.json - - name: Validate schema - run: |- - # Please bump on introduction of a new meta schema. - LATEST_META_SCHEMA_VERSION=v1 - check-jsonschema \ - --schemafile="schema/$LATEST_META_SCHEMA_VERSION/meta.schema.json" \ - schema/synapse-config.schema.yaml - - name: Validate default config - # Populates the empty instance with default values and checks against the schema. - run: |- - echo "{}" | check-jsonschema \ - --fill-defaults --schemafile=schema/synapse-config.schema.yaml - - - check-doc-generation: - name: Ensure generated documentation is up-to-date - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - name: Install PyYAML - run: pip install PyYAML==6.0.2 - - - name: Regenerate config documentation - run: | - scripts-dev/gen_config_documentation.py \ - schema/synapse-config.schema.yaml \ - > docs/usage/configuration/config_documentation.md - - name: Error in case of any differences - # Errors if there are now any modified files (untracked files are ignored). - run: 'git diff --exit-code' diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml deleted file mode 100644 index aff2832b94..0000000000 --- a/.github/workflows/tests.yml +++ /dev/null @@ -1,792 +0,0 @@ -name: Tests - -on: - push: - branches: ["develop", "release-*"] - pull_request: - merge_group: - workflow_dispatch: - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -env: - RUST_VERSION: 1.87.0 - -jobs: - # Job to detect what has changed so we don't run e.g. Rust checks on PRs that - # don't modify Rust code. - changes: - runs-on: ubuntu-latest - outputs: - rust: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.rust }} - trial: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.trial }} - integration: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.integration }} - linting: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.linting }} - linting_readme: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.linting_readme }} - steps: - - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 - id: filter - # We only check on PRs - if: startsWith(github.ref, 'refs/pull/') - with: - filters: | - rust: - - 'rust/**' - - 'Cargo.toml' - - 'Cargo.lock' - - '.rustfmt.toml' - - '.github/workflows/tests.yml' - - trial: - - 'synapse/**' - - 'tests/**' - - 'rust/**' - - '.ci/scripts/calculate_jobs.py' - - 'Cargo.toml' - - 'Cargo.lock' - - 'pyproject.toml' - - 'poetry.lock' - - '.github/workflows/tests.yml' - - integration: - - 'synapse/**' - - 'rust/**' - - 'docker/**' - - 'Cargo.toml' - - 'Cargo.lock' - - 'pyproject.toml' - - 'poetry.lock' - - 'docker/**' - - '.ci/**' - - 'scripts-dev/complement.sh' - - '.github/workflows/tests.yml' - - linting: - - 'synapse/**' - - 'docker/**' - - 'tests/**' - - 'scripts-dev/**' - - 'contrib/**' - - 'synmark/**' - - 'stubs/**' - - '.ci/**' - - 'mypy.ini' - - 'pyproject.toml' - - 'poetry.lock' - - '.github/workflows/tests.yml' - - linting_readme: - - 'README.rst' - - check-sampleconfig: - runs-on: ubuntu-latest - needs: changes - if: ${{ needs.changes.outputs.linting == 'true' }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - python-version: "3.x" - poetry-version: "2.1.1" - extras: "all" - - run: poetry run scripts-dev/generate_sample_config.sh --check - - run: poetry run scripts-dev/config-lint.sh - - check-schema-delta: - runs-on: ubuntu-latest - needs: changes - if: ${{ needs.changes.outputs.linting == 'true' }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - run: "pip install 'click==8.1.1' 'GitPython>=3.1.20' 'sqlglot>=28.0.0'" - - run: scripts-dev/check_schema_delta.py --force-colors - - check-lockfile: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - run: .ci/scripts/check_lockfile.py - - lint: - runs-on: ubuntu-latest - needs: changes - if: ${{ needs.changes.outputs.linting == 'true' }} - - steps: - - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Setup Poetry - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - poetry-version: "2.1.1" - install-project: "false" - - - name: Run ruff check - run: poetry run ruff check --output-format=github . - - - name: Run ruff format - run: poetry run ruff format --check . - - lint-mypy: - runs-on: ubuntu-latest - name: Typechecking - needs: changes - if: ${{ needs.changes.outputs.linting == 'true' }} - - steps: - - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - name: Setup Poetry - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - # We want to make use of type hints in optional dependencies too. - extras: all - # We have seen odd mypy failures that were resolved when we started - # installing the project again: - # https://github.com/matrix-org/synapse/pull/15376#issuecomment-1498983775 - # To make CI green, err towards caution and install the project. - install-project: "true" - poetry-version: "2.1.1" - - # Cribbed from - # https://github.com/AustinScola/mypy-cache-github-action/blob/85ea4f2972abed39b33bd02c36e341b28ca59213/src/restore.ts#L10-L17 - - name: Restore/persist mypy's cache - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 - with: - path: | - .mypy_cache - key: mypy-cache-${{ github.context.sha }} - restore-keys: mypy-cache- - - - name: Run mypy - run: poetry run mypy - - lint-crlf: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - name: Check line endings - run: scripts-dev/check_line_terminators.sh - - lint-newsfile: - # Only run on pull_request events, targeting develop/release branches, and skip when the PR author is dependabot[bot]. - if: ${{ github.event_name == 'pull_request' && (github.base_ref == 'develop' || contains(github.base_ref, 'release-')) && github.event.pull_request.user.login != 'dependabot[bot]' }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - run: "pip install 'towncrier>=18.6.0rc1'" - - run: scripts-dev/check-newsfragment.sh - env: - PULL_REQUEST_NUMBER: ${{ github.event.number }} - - lint-clippy: - runs-on: ubuntu-latest - needs: changes - if: ${{ needs.changes.outputs.rust == 'true' }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - components: clippy - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - run: cargo clippy -- -D warnings - - # We also lint against a nightly rustc so that we can lint the benchmark - # suite, which requires a nightly compiler. - lint-clippy-nightly: - runs-on: ubuntu-latest - needs: changes - if: ${{ needs.changes.outputs.rust == 'true' }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: nightly-2025-04-23 - components: clippy - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - run: cargo clippy --all-features -- -D warnings - - lint-rust: - runs-on: ubuntu-latest - needs: changes - if: ${{ needs.changes.outputs.rust == 'true' }} - - steps: - - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - name: Setup Poetry - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - # Install like a normal project from source with all optional dependencies - extras: all - install-project: "true" - poetry-version: "2.1.1" - - - name: Ensure `Cargo.lock` is up to date (no stray changes after install) - # The `::error::` syntax is using GitHub Actions' error annotations, see - # https://docs.github.com/en/actions/reference/workflow-commands-for-github-actions - run: | - if git diff --quiet Cargo.lock; then - echo "Cargo.lock is up to date" - else - echo "::error::Cargo.lock has uncommitted changes after install. Please run 'poetry install --extras all' and commit the Cargo.lock changes." - git diff --exit-code Cargo.lock - exit 1 - fi - - # This job is split from `lint-rust` because it requires a nightly Rust toolchain - # for some of the unstable options we use in `.rustfmt.toml`. - lint-rustfmt: - runs-on: ubuntu-latest - needs: changes - if: ${{ needs.changes.outputs.rust == 'true' }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - # We use nightly so that we can use some unstable options that we use in - # `.rustfmt.toml`. - toolchain: nightly-2025-04-23 - components: rustfmt - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - run: cargo fmt --check - - # This is to detect issues with the rst file, which can otherwise cause issues - # when uploading packages to PyPi. - lint-readme: - runs-on: ubuntu-latest - needs: changes - if: ${{ needs.changes.outputs.linting_readme == 'true' }} - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - run: "pip install rstcheck" - - run: "rstcheck --report-level=WARNING README.rst" - - # Dummy step to gate other tests on without repeating the whole list - linting-done: - if: ${{ !cancelled() }} # Run this even if prior jobs were skipped - needs: - - lint - - lint-mypy - - lint-crlf - - lint-newsfile - - check-sampleconfig - - check-schema-delta - - check-lockfile - - lint-clippy - - lint-clippy-nightly - - lint-rust - - lint-rustfmt - - lint-readme - runs-on: ubuntu-latest - steps: - - uses: matrix-org/done-action@3409aa904e8a2aaf2220f09bc954d3d0b0a2ee67 # v3 - with: - needs: ${{ toJSON(needs) }} - - # Various bits are skipped if there was no applicable changes. - skippable: | - check-sampleconfig - check-schema-delta - lint - lint-mypy - lint-newsfile - lint-clippy - lint-clippy-nightly - lint-rust - lint-rustfmt - lint-readme - - - calculate-test-jobs: - if: ${{ !cancelled() && !failure() }} # Allow previous steps to be skipped, but not fail - needs: linting-done - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: "3.x" - - id: get-matrix - run: .ci/scripts/calculate_jobs.py - outputs: - trial_test_matrix: ${{ steps.get-matrix.outputs.trial_test_matrix }} - sytest_test_matrix: ${{ steps.get-matrix.outputs.sytest_test_matrix }} - - trial: - if: ${{ !cancelled() && !failure() && needs.changes.outputs.trial == 'true' }} # Allow previous steps to be skipped, but not fail - needs: - - calculate-test-jobs - - changes - runs-on: ubuntu-latest - strategy: - matrix: - job: ${{ fromJson(needs.calculate-test-jobs.outputs.trial_test_matrix) }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - run: sudo apt-get -qq install xmlsec1 - - name: Set up PostgreSQL ${{ matrix.job.postgres-version }} - if: ${{ matrix.job.postgres-version }} - # 1. Mount postgres data files onto a tmpfs in-memory filesystem to reduce overhead of docker's overlayfs layer. - # 2. Expose the unix socket for postgres. This removes latency of using docker-proxy for connections. - run: | - docker run -d -p 5432:5432 \ - --tmpfs /var/lib/postgres:rw,size=6144m \ - --mount 'type=bind,src=/var/run/postgresql,dst=/var/run/postgresql' \ - -e POSTGRES_PASSWORD=postgres \ - -e POSTGRES_INITDB_ARGS="--lc-collate C --lc-ctype C --encoding UTF8" \ - postgres:${{ matrix.job.postgres-version }} - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - python-version: ${{ matrix.job.python-version }} - poetry-version: "2.1.1" - extras: ${{ matrix.job.extras }} - - name: Await PostgreSQL - if: ${{ matrix.job.postgres-version }} - timeout-minutes: 2 - run: until pg_isready -h localhost; do sleep 1; done - - run: poetry run trial --jobs=6 tests - env: - SYNAPSE_POSTGRES: ${{ matrix.job.database == 'postgres' || '' }} - SYNAPSE_POSTGRES_HOST: /var/run/postgresql - SYNAPSE_POSTGRES_USER: postgres - SYNAPSE_POSTGRES_PASSWORD: postgres - - name: Dump logs - # Logs are most useful when the command fails, always include them. - if: ${{ always() }} - # Note: Dumps to workflow logs instead of using actions/upload-artifact - # This keeps logs colocated with failing jobs - # It also ignores find's exit code; this is a best effort affair - run: >- - find _trial_temp -name '*.log' - -exec echo "::group::{}" \; - -exec cat {} \; - -exec echo "::endgroup::" \; - || true - - trial-olddeps: - # Note: sqlite only; no postgres - if: ${{ !cancelled() && !failure() && needs.changes.outputs.trial == 'true' }} # Allow previous steps to be skipped, but not fail - needs: - - linting-done - - changes - runs-on: ubuntu-22.04 - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - # There aren't wheels for some of the older deps, so we need to install - # their build dependencies - - run: | - sudo apt-get -qq update - sudo apt-get -qq install build-essential libffi-dev python3-dev \ - libxml2-dev libxslt-dev xmlsec1 zlib1g-dev libjpeg-dev libwebp-dev - - - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - with: - python-version: '3.10' - - - name: Prepare old deps - if: steps.cache-poetry-old-deps.outputs.cache-hit != 'true' - run: .ci/scripts/prepare_old_deps.sh - - # Note: we install using `pip` here, not poetry. `poetry install` ignores the - # build-system section (https://github.com/python-poetry/poetry/issues/6154), but - # we explicitly want to test that you can `pip install` using the oldest version - # of poetry-core and setuptools-rust. - - run: pip install .[all,test] - - # We nuke the local copy, as we've installed synapse into the virtualenv - # (rather than use an editable install, which we no longer support). If we - # don't do this then python can't find the native lib. - - run: rm -rf synapse/ - - # Sanity check we can import/run Synapse - - run: python -m synapse.app.homeserver --help - - - run: python -m twisted.trial -j6 tests - - name: Dump logs - # Logs are most useful when the command fails, always include them. - if: ${{ always() }} - # Note: Dumps to workflow logs instead of using actions/upload-artifact - # This keeps logs colocated with failing jobs - # It also ignores find's exit code; this is a best effort affair - run: >- - find _trial_temp -name '*.log' - -exec echo "::group::{}" \; - -exec cat {} \; - -exec echo "::endgroup::" \; - || true - - trial-pypy: - # Very slow; only run if the branch name includes 'pypy' - # Note: sqlite only; no postgres. Completely untested since poetry move. - if: ${{ contains(github.ref, 'pypy') && !failure() && !cancelled() && needs.changes.outputs.trial == 'true' }} - needs: - - linting-done - - changes - runs-on: ubuntu-latest - strategy: - matrix: - python-version: ["pypy-3.10"] - extras: ["all"] - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - # Install libs necessary for PyPy to build binary wheels for dependencies - - run: sudo apt-get -qq install xmlsec1 libxml2-dev libxslt-dev - - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - python-version: ${{ matrix.python-version }} - poetry-version: "2.1.1" - extras: ${{ matrix.extras }} - - run: poetry run trial --jobs=2 tests - - name: Dump logs - # Logs are most useful when the command fails, always include them. - if: ${{ always() }} - # Note: Dumps to workflow logs instead of using actions/upload-artifact - # This keeps logs colocated with failing jobs - # It also ignores find's exit code; this is a best effort affair - run: >- - find _trial_temp -name '*.log' - -exec echo "::group::{}" \; - -exec cat {} \; - -exec echo "::endgroup::" \; - || true - - sytest: - if: ${{ !failure() && !cancelled() && needs.changes.outputs.integration == 'true' }} - needs: - - calculate-test-jobs - - changes - runs-on: ubuntu-latest - container: - image: matrixdotorg/sytest-synapse:${{ matrix.job.sytest-tag }} - volumes: - - ${{ github.workspace }}:/src - env: - # If this is a pull request to a release branch, use that branch as default branch for sytest, else use develop - # This works because the release script always create a branch on the sytest repo with the same name as the release branch - SYTEST_DEFAULT_BRANCH: ${{ startsWith(github.base_ref, 'release-') && github.base_ref || 'develop' }} - SYTEST_BRANCH: ${{ github.head_ref }} - POSTGRES: ${{ matrix.job.postgres && 1}} - MULTI_POSTGRES: ${{ (matrix.job.postgres == 'multi-postgres') || '' }} - ASYNCIO_REACTOR: ${{ (matrix.job.reactor == 'asyncio') || '' }} - WORKERS: ${{ matrix.job.workers && 1 }} - BLACKLIST: ${{ matrix.job.workers && 'synapse-blacklist-with-workers' }} - TOP: ${{ github.workspace }} - - strategy: - fail-fast: false - matrix: - job: ${{ fromJson(needs.calculate-test-jobs.outputs.sytest_test_matrix) }} - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - name: Prepare test blacklist - run: cat sytest-blacklist .ci/worker-blacklist > synapse-blacklist-with-workers - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - name: Run SyTest - run: /bootstrap.sh synapse - working-directory: /src - - name: Summarise results.tap - if: ${{ always() }} - run: /sytest/scripts/tap_to_gha.pl /logs/results.tap - - name: Upload SyTest logs - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - if: ${{ always() }} - with: - name: Sytest Logs - ${{ job.status }} - (${{ join(matrix.job.*, ', ') }}) - path: | - /logs/results.tap - /logs/**/*.log* - - export-data: - if: ${{ !failure() && !cancelled() && needs.changes.outputs.integration == 'true'}} # Allow previous steps to be skipped, but not fail - needs: [linting-done, portdb, changes] - runs-on: ubuntu-latest - env: - TOP: ${{ github.workspace }} - - services: - postgres: - image: postgres - ports: - - 5432:5432 - env: - POSTGRES_PASSWORD: "postgres" - POSTGRES_INITDB_ARGS: "--lc-collate C --lc-ctype C --encoding UTF8" - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - run: sudo apt-get -qq install xmlsec1 postgresql-client - - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - poetry-version: "2.1.1" - extras: "postgres" - - run: .ci/scripts/test_export_data_command.sh - env: - PGHOST: localhost - PGUSER: postgres - PGPASSWORD: postgres - PGDATABASE: postgres - - - portdb: - if: ${{ !failure() && !cancelled() && needs.changes.outputs.integration == 'true'}} # Allow previous steps to be skipped, but not fail - needs: - - linting-done - - changes - runs-on: ubuntu-latest - strategy: - matrix: - include: - - python-version: "3.10" - postgres-version: "14" - - - python-version: "3.14" - postgres-version: "17" - - services: - postgres: - image: postgres:${{ matrix.postgres-version }} - ports: - - 5432:5432 - env: - POSTGRES_PASSWORD: "postgres" - POSTGRES_INITDB_ARGS: "--lc-collate C --lc-ctype C --encoding UTF8" - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - name: Add PostgreSQL apt repository - # We need a version of pg_dump that can handle the version of - # PostgreSQL being tested against. The Ubuntu package repository lags - # behind new releases, so we have to use the PostreSQL apt repository. - # Steps taken from https://www.postgresql.org/download/linux/ubuntu/ - run: | - sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list' - wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add - - sudo apt-get update - - run: sudo apt-get -qq install xmlsec1 postgresql-client - - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - python-version: ${{ matrix.python-version }} - poetry-version: "2.1.1" - extras: "postgres" - - run: .ci/scripts/test_synapse_port_db.sh - id: run_tester_script - env: - PGHOST: localhost - PGUSER: postgres - PGPASSWORD: postgres - PGDATABASE: postgres - - name: "Upload schema differences" - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - if: ${{ failure() && !cancelled() && steps.run_tester_script.outcome == 'failure' }} - with: - name: Schema dumps - path: | - unported.sql - ported.sql - schema_diff - - complement: - if: "${{ !failure() && !cancelled() && needs.changes.outputs.integration == 'true' }}" - needs: - - linting-done - - changes - runs-on: ubuntu-latest - - strategy: - fail-fast: false - matrix: - include: - - arrangement: monolith - database: SQLite - - - arrangement: monolith - database: Postgres - - - arrangement: workers - database: Postgres - - steps: - - name: Checkout synapse codebase - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - with: - path: synapse - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - name: Prepare Complement's Prerequisites - run: synapse/.ci/scripts/setup_complement_prerequisites.sh - - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 - with: - cache-dependency-path: complement/go.sum - go-version-file: complement/go.mod - - # use p=1 concurrency as GHA boxes are underpowered and don't like running tons of synapses at once. - - run: | - set -o pipefail - COMPLEMENT_DIR=`pwd`/complement synapse/scripts-dev/complement.sh -p 1 -json 2>&1 | synapse/.ci/scripts/gotestfmt - shell: bash - env: - POSTGRES: ${{ (matrix.database == 'Postgres') && 1 || '' }} - WORKERS: ${{ (matrix.arrangement == 'workers') && 1 || '' }} - name: Run Complement Tests - - cargo-test: - if: ${{ needs.changes.outputs.rust == 'true' }} - runs-on: ubuntu-latest - needs: - - linting-done - - changes - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - run: cargo test - - # We want to ensure that the cargo benchmarks still compile, which requires a - # nightly compiler. - cargo-bench: - if: ${{ needs.changes.outputs.rust == 'true' }} - runs-on: ubuntu-latest - needs: - - linting-done - - changes - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: nightly-2022-12-01 - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - run: cargo bench --no-run - - # a job which marks all the other jobs as complete, thus allowing PRs to be merged. - tests-done: - if: ${{ always() }} - needs: - - trial - - trial-olddeps - - sytest - - export-data - - portdb - - complement - - cargo-test - - cargo-bench - - linting-done - runs-on: ubuntu-latest - steps: - - uses: matrix-org/done-action@3409aa904e8a2aaf2220f09bc954d3d0b0a2ee67 # v3 - with: - needs: ${{ toJSON(needs) }} - - # Various bits are skipped if there was no applicable changes. - # The newsfile lint may be skipped on non PR builds. - skippable: | - trial - trial-olddeps - sytest - portdb - export-data - complement - lint-newsfile - cargo-test - cargo-bench diff --git a/.github/workflows/triage-incoming.yml b/.github/workflows/triage-incoming.yml deleted file mode 100644 index 1d291a319b..0000000000 --- a/.github/workflows/triage-incoming.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: Move new issues into the issue triage board - -on: - issues: - types: [ opened ] - -jobs: - triage: - uses: matrix-org/backend-meta/.github/workflows/triage-incoming.yml@18beaf3c8e536108bd04d18e6c3dc40ba3931e28 # v2.0.3 - with: - project_id: 'PVT_kwDOAIB0Bs4AFDdZ' - content_id: ${{ github.event.issue.node_id }} - secrets: - github_access_token: ${{ secrets.ELEMENT_BOT_TOKEN }} diff --git a/.github/workflows/triage_labelled.yml b/.github/workflows/triage_labelled.yml deleted file mode 100644 index 34222b7d1b..0000000000 --- a/.github/workflows/triage_labelled.yml +++ /dev/null @@ -1,31 +0,0 @@ -name: Move labelled issues to correct projects - -on: - issues: - types: [ labeled ] - -jobs: - move_needs_info: - runs-on: ubuntu-latest - if: > - contains(github.event.issue.labels.*.name, 'X-Needs-Info') - permissions: - contents: read - env: - # This token must have the following scopes: ["repo:public_repo", "admin:org->read:org", "user->read:user", "project"] - GITHUB_TOKEN: ${{ secrets.ELEMENT_BOT_TOKEN }} - PROJECT_OWNER: matrix-org - # Backend issue triage board. - # https://github.com/orgs/matrix-org/projects/67/views/1 - PROJECT_NUMBER: 67 - ISSUE_URL: ${{ github.event.issue.html_url }} - # This field is case-sensitive. - TARGET_STATUS: Needs info - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - with: - # Only clone the script file we care about, instead of the whole repo. - sparse-checkout: .ci/scripts/triage_labelled_issue.sh - - - name: Ensure issue exists on the board, then set Status - run: .ci/scripts/triage_labelled_issue.sh diff --git a/.github/workflows/twisted_trunk.yml b/.github/workflows/twisted_trunk.yml deleted file mode 100644 index 325902f131..0000000000 --- a/.github/workflows/twisted_trunk.yml +++ /dev/null @@ -1,226 +0,0 @@ -name: Twisted Trunk - -on: - schedule: - - cron: 0 8 * * * - - workflow_dispatch: - # NB: inputs are only present when this workflow is dispatched manually. - # (The default below is the default field value in the form to trigger - # a manual dispatch). Otherwise the inputs will evaluate to null. - inputs: - twisted_ref: - description: Commit, branch or tag to checkout from upstream Twisted. - required: false - default: 'trunk' - type: string - - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -env: - RUST_VERSION: 1.87.0 - -jobs: - check_repo: - # Prevent this workflow from running on any fork of Synapse other than element-hq/synapse, as it is - # only useful to the Synapse core team. - # All other workflow steps depend on this one, thus if 'should_run_workflow' is not 'true', the rest - # of the workflow will be skipped as well. - if: github.repository == 'element-hq/synapse' - runs-on: ubuntu-latest - outputs: - should_run_workflow: ${{ steps.check_condition.outputs.should_run_workflow }} - steps: - - id: check_condition - run: echo "should_run_workflow=${{ github.repository == 'element-hq/synapse' }}" >> "$GITHUB_OUTPUT" - - mypy: - needs: check_repo - if: needs.check_repo.outputs.should_run_workflow == 'true' - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - python-version: "3.x" - extras: "all" - poetry-version: "2.1.1" - - run: | - poetry remove twisted - poetry add --extras tls git+https://github.com/twisted/twisted.git#${{ inputs.twisted_ref || 'trunk' }} - poetry install --no-interaction --extras "all test" - - name: Remove unhelpful options from mypy config - run: sed -e '/warn_unused_ignores = True/d' -e '/warn_redundant_casts = True/d' -i mypy.ini - - run: poetry run mypy - - trial: - needs: check_repo - if: needs.check_repo.outputs.should_run_workflow == 'true' - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - run: sudo apt-get -qq install xmlsec1 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - uses: matrix-org/setup-python-poetry@5bbf6603c5c930615ec8a29f1b5d7d258d905aa4 # v2.0.0 - with: - python-version: "3.x" - extras: "all test" - poetry-version: "2.1.1" - - run: | - poetry remove twisted - poetry add --extras tls git+https://github.com/twisted/twisted.git#trunk - poetry install --no-interaction --extras "all test" - - run: poetry run trial --jobs 2 tests - - - name: Dump logs - # Logs are most useful when the command fails, always include them. - if: ${{ always() }} - # Note: Dumps to workflow logs instead of using actions/upload-artifact - # This keeps logs colocated with failing jobs - # It also ignores find's exit code; this is a best effort affair - run: >- - find _trial_temp -name '*.log' - -exec echo "::group::{}" \; - -exec cat {} \; - -exec echo "::endgroup::" \; - || true - - sytest: - needs: check_repo - if: needs.check_repo.outputs.should_run_workflow == 'true' - runs-on: ubuntu-latest - container: - # We're using bookworm because that's what Debian oldstable is at the time of writing. - # This job is a canary to warn us about unreleased twisted changes that would cause problems for us if - # they were to be released immediately. For simplicity's sake (and to save CI runners) we use the oldest - # version, assuming that any incompatibilities on newer versions would also be present on the oldest. - image: matrixdotorg/sytest-synapse:bookworm - volumes: - - ${{ github.workspace }}:/src - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - - name: Install Rust - uses: dtolnay/rust-toolchain@e97e2d8cc328f1b50210efc529dca0028893a2d9 # master - with: - toolchain: ${{ env.RUST_VERSION }} - - uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 - - - name: Patch dependencies - # Note: The poetry commands want to create a virtualenv in /src/.venv/, - # but the sytest-synapse container expects it to be in /venv/. - # We symlink it before running poetry so that poetry actually - # ends up installing to `/venv`. - run: | - ln -s -T /venv /src/.venv - poetry remove twisted - poetry add --extras tls git+https://github.com/twisted/twisted.git#trunk - poetry install --no-interaction --extras "all test" - working-directory: /src - - name: Run SyTest - run: /bootstrap.sh synapse - working-directory: /src - env: - # Use offline mode to avoid reinstalling the pinned version of - # twisted. - OFFLINE: 1 - - name: Summarise results.tap - if: ${{ always() }} - run: /sytest/scripts/tap_to_gha.pl /logs/results.tap - - name: Upload SyTest logs - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 - if: ${{ always() }} - with: - name: Sytest Logs - ${{ job.status }} - (${{ join(matrix.*, ', ') }}) - path: | - /logs/results.tap - /logs/**/*.log* - - complement: - needs: check_repo - if: "!failure() && !cancelled() && needs.check_repo.outputs.should_run_workflow == 'true'" - runs-on: ubuntu-latest - - strategy: - fail-fast: false - matrix: - include: - - arrangement: monolith - database: SQLite - - - arrangement: monolith - database: Postgres - - - arrangement: workers - database: Postgres - - steps: - - name: Run actions/checkout@v4 for synapse - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - with: - path: synapse - - - name: Prepare Complement's Prerequisites - run: synapse/.ci/scripts/setup_complement_prerequisites.sh - - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 - with: - cache-dependency-path: complement/go.sum - go-version-file: complement/go.mod - - # This step is specific to the 'Twisted trunk' test run: - - name: Patch dependencies - run: | - set -x - DEBIAN_FRONTEND=noninteractive sudo apt-get install -yqq python3 pipx - pipx install poetry==2.1.1 - - poetry remove -n twisted - poetry add -n --extras tls git+https://github.com/twisted/twisted.git#trunk - poetry lock - working-directory: synapse - - - run: | - set -o pipefail - TEST_ONLY_SKIP_DEP_HASH_VERIFICATION=1 POSTGRES=${{ (matrix.database == 'Postgres') && 1 || '' }} WORKERS=${{ (matrix.arrangement == 'workers') && 1 || '' }} COMPLEMENT_DIR=`pwd`/complement synapse/scripts-dev/complement.sh -json 2>&1 | synapse/.ci/scripts/gotestfmt - shell: bash - name: Run Complement Tests - - # open an issue if the build fails, so we know about it. - open-issue: - if: failure() && needs.check_repo.outputs.should_run_workflow == 'true' - needs: - - mypy - - trial - - sytest - - complement - - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - update_existing: true - filename: .ci/twisted_trunk_build_failed_issue_template.md