Update tooling dependencies to v7 (#358) #1085
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [main] | |
| pull_request: | |
| branches: [main] | |
| merge_group: | |
| workflow_call: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| jobs: | |
| # ── Link Check ───────────────────────────────────────────────────── | |
| links: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| with: | |
| fetch-depth: 0 # needed for merge-base used in modified-files mode | |
| - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 | |
| - name: Check links for pull requests | |
| if: github.event_name == 'pull_request' | |
| env: | |
| GITHUB_TOKEN: ${{ github.token }} | |
| GITHUB_REPOSITORY: ${{ github.repository }} | |
| GITHUB_BASE_REF: ${{ github.base_ref }} | |
| GITHUB_HEAD_REF: ${{ github.head_ref }} | |
| PR_HEAD_REPO: ${{ github.event.pull_request.head.repo.full_name }} | |
| run: mise run links | |
| - name: Check links for pushes and merge queues | |
| if: github.event_name != 'pull_request' | |
| env: | |
| GITHUB_TOKEN: ${{ github.token }} | |
| run: mise run links | |
| # ── Model Checks ─────────────────────────────────────────────────── | |
| policies: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - name: Load shared version pins | |
| id: versions | |
| uses: ./.github/actions/load-version-pins | |
| - name: Install Weaver | |
| uses: open-telemetry/weaver/.github/actions/setup-weaver@f8e1b42fbd1e09df5263c26b7df6011eaafd454d | |
| with: | |
| version: '${{ steps.versions.outputs.weaver_version }}' | |
| - name: Validate model | |
| run: make check-policies | |
| generated-docs: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - name: Load shared version pins | |
| id: versions | |
| uses: ./.github/actions/load-version-pins | |
| - name: Install Weaver | |
| uses: open-telemetry/weaver/.github/actions/setup-weaver@f8e1b42fbd1e09df5263c26b7df6011eaafd454d | |
| with: | |
| version: '${{ steps.versions.outputs.weaver_version }}' | |
| - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 | |
| - name: Regenerate and check committed outputs are in sync | |
| run: | | |
| make generate-all | |
| if ! git diff --exit-code -- ./docs/registry 'model/gen-ai/gen-ai-*.json'; then | |
| echo "FAIL: committed generated outputs are out of sync!" | |
| echo "Run 'make generate-all' and commit the changes." | |
| exit 1 | |
| fi | |
| untracked=$(git ls-files --others --exclude-standard -- ./docs/registry 'model/gen-ai/gen-ai-*.json') | |
| if [ -n "$untracked" ]; then | |
| echo "FAIL: untracked files under generated outputs:" | |
| echo "$untracked" | |
| exit 1 | |
| fi | |
| echo "OK: committed generated outputs are up to date" | |
| # ── Lint / Format ────────────────────────────────────────────────── | |
| reference-python-lint: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| defaults: | |
| run: | |
| working-directory: reference | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 | |
| with: | |
| enable-cache: true | |
| cache-dependency-glob: "reference/**/uv.lock" | |
| - name: Lint Python | |
| run: uv tool run --from ruff ruff check src scenarios | |
| - name: Check Python formatting | |
| run: uv tool run --from ruff ruff format --check src scenarios | |
| author-self-review: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - name: Author Self-Review Check | |
| run: | | |
| if git grep -Fq "<!-- I'm an AI agent!!! -->" -- '*.md' ':!AGENTS.md' ':!CLAUDE.md' || \ | |
| git grep -Fq "# I'm an AI agent!!!" -- '*.yaml' '*.yml' ':!.github/workflows/ci.yml'; then | |
| echo "The PR author (a human) must review the changes." | |
| exit 1 | |
| fi | |
| # ── Discover scenario matrices ───────────────────────────────────── | |
| reference-scenario-matrix: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| outputs: | |
| matrix: ${{ steps.matrices.outputs.matrix }} | |
| defaults: | |
| run: | |
| working-directory: reference | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - uses: ./.github/actions/setup-reference-tooling | |
| - name: Generate matrices | |
| id: matrices | |
| run: echo "matrix=$(uv run run-scenario --print-ci-matrix)" >> "$GITHUB_OUTPUT" | |
| # ── Scenario Tests ────────────────────────────────────── | |
| reference-scenarios: | |
| runs-on: ubuntu-latest | |
| needs: reference-scenario-matrix | |
| timeout-minutes: 20 | |
| defaults: | |
| run: | |
| working-directory: reference | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJson(needs.reference-scenario-matrix.outputs.matrix) }} | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - uses: ./.github/actions/setup-reference-tooling | |
| - name: Materialize upstream semconv dependency | |
| working-directory: . | |
| run: make filter-upstream | |
| - name: Run implementation scenario | |
| run: uv run run-scenario "${{ matrix.scenario.lib }}" | |
| - name: Check data file is up to date | |
| run: | | |
| git diff --exit-code -- '${{ matrix.scenario.data }}' | |
| untracked=$(git ls-files --others --exclude-standard -- '${{ matrix.scenario.data }}') | |
| if [ -n "$untracked" ]; then echo "Untracked data files: $untracked"; exit 1; fi | |
| # ── Status Report ─────────────────────────────────────────────────── | |
| reference-status-report: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| defaults: | |
| run: | |
| working-directory: reference | |
| steps: | |
| - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 | |
| - uses: ./.github/actions/setup-reference-tooling | |
| - name: Generate status report | |
| run: uv run --locked update-reports | |
| - name: Check status report is up to date | |
| run: git diff --exit-code -- README.md reports/ | |
| # ── Aggregate gate for branch protection ─────────────────────────── | |
| required-status-check: | |
| if: always() | |
| needs: | |
| - links | |
| - policies | |
| - generated-docs | |
| - reference-python-lint | |
| - author-self-review | |
| - reference-scenario-matrix | |
| - reference-scenarios | |
| - reference-status-report | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 5 | |
| steps: | |
| - name: Fail if any dependency did not pass | |
| if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') || contains(needs.*.result, 'skipped') | |
| run: | | |
| exit 1 |