using this_internal_libs for plugins #185
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Sanitize | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: sanitize-${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| on: | |
| push: | |
| branches: [ main ] | |
| tags: [ 'v*' ] | |
| pull_request: | |
| jobs: | |
| discover: | |
| name: Create job matrix | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix_sanitize: ${{ steps.scan.outputs.matrix_sanitize }} | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - id: scan | |
| name: Build matrix | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| ./ci/sanitizers_tags.sh | |
| - name: Fail if matrix is empty | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| if [[ -z "${{ steps.scan.outputs.matrix_sanitize }}" ]]; then | |
| echo "matrix_sanitize output is empty. Check ci/sanitizers_tags.sh writing to GITHUB_OUTPUT." | |
| exit 1 | |
| fi | |
| - name: Show matrix (debug) | |
| shell: bash | |
| run: | | |
| echo '${{ steps.scan.outputs.matrix_sanitize }}' | |
| build-with-sanitizer: | |
| name: ${{ matrix.baseos }} ${{ matrix.arch }} - ${{ matrix.sanitizer }} | |
| needs: [ discover ] | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJSON(needs.discover.outputs.matrix_sanitize) }} | |
| runs-on: ${{ matrix.runner }} | |
| container: ${{ matrix.container }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Sanitizer - ${{ matrix.sanitizer }} | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| echo "Starting manual build for sanitizer: ${{ matrix.sanitizer }}" | |
| export DOCKER_ENTRYPOINT_SOURCE_ONLY=1 | |
| . /usr/local/bin/docker-entrypoint.sh | |
| module load geant4/"${{ matrix.g4v }}" | |
| ./ci/build.sh "${{ matrix.sanitizer }}" | |
| echo "Manual build for sanitizer: ${{ matrix.sanitizer }} completed" | |
| - name: Package sanitizer logs | |
| if: ${{ always() }} # run regardless of earlier step outcomes | |
| shell: bash | |
| run: | | |
| set -euo pipefail | |
| src="/root/src/logs" | |
| outdir="$GITHUB_WORKSPACE/_artifacts" | |
| mkdir -p "$outdir" | |
| if [[ -d "$src" ]]; then | |
| tar -C "/root/src" -czf "$outdir/logs-${{ matrix.baseos }}-${{ matrix.arch }}-${{ matrix.sanitizer }}.tgz" "logs" | |
| echo "Packaged logs from $src" | |
| else | |
| echo "No logs directory at $src" | |
| fi | |
| - name: Upload sanitizer logs (artifact) | |
| if: ${{ always() }} # run regardless of earlier step outcomes | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: logs-${{ matrix.baseos }}-${{ matrix.arch }}-${{ matrix.sanitizer }} | |
| path: ${{ github.workspace }}/_artifacts/logs-${{ matrix.baseos }}-${{ matrix.arch }}-${{ matrix.sanitizer }}.tgz | |
| if-no-files-found: warn | |
| retention-days: 14 | |
| build-with-sanitizer-final: | |
| name: Sanitize - summary | |
| if: ${{ always() }} # run regardless of earlier step outcomes | |
| needs: [ build-with-sanitizer ] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Fail if any matrix entry failed | |
| if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} | |
| run: | | |
| echo "### Some sanitizer jobs failed or were cancelled." >> $GITHUB_STEP_SUMMARY | |
| exit 1 | |
| - name: Pass | |
| run: | | |
| echo "### All sanitizer jobs passed." >> $GITHUB_STEP_SUMMARY |