jfraeysd/fetch_ml
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

ci: merge ci-native.yml into ci.yml and remove duplicates
Some checks failed
Documentation / build-and-publish (push) Waiting to run
Details
Security Scan / Security Analysis (push) Waiting to run
Details
Security Scan / Native Library Security (push) Waiting to run
Details
Checkout test / test (push) Successful in 3s
Details
CI/CD Pipeline / Test (push) Has been cancelled
Details
CI/CD Pipeline / Dev Compose Smoke Test (push) Has been cancelled
Details
CI/CD Pipeline / Build (push) Has been cancelled
Details
CI/CD Pipeline / Test Scripts (push) Has been cancelled
Details
CI/CD Pipeline / Test Native Libraries (push) Has been cancelled
Details
CI/CD Pipeline / Docker Build (push) Has been cancelled
Details

Browse source 
- Merge test-native job from ci-native.yml into ci.yml

- Remove duplicate security-scan job (kept in security-scan.yml)

- Remove cache steps from merged native job (infra not available)

- Update Go version to 1.25.0 for consistency

- Update docker-build needs to include test-native

- Delete ci-native.yml
This commit is contained in:
Jeremie Fraeys 2026-02-21 20:54:18 -05:00
parent f6c3e650b5
commit aaef56e13e
No known key found for this signature in database
2 changed files with 90 additions and 300 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

276
.forgejo/workflows/ci-native.yml
View file

@ -1,276 +0,0 @@
name: CI with Native Libraries
on:
push:
branches: [main, master]
paths-ignore:
- 'docs/**'
- 'README.md'
- 'CHANGELOG.md'
- '**/*.md'
pull_request:
branches: [main, master]
paths-ignore:
- 'docs/**'
- 'README.md'
- 'CHANGELOG.md'
- '**/*.md'
workflow_dispatch:
# Manual trigger for debugging native builds
# Global timeout - fail fast if hanging
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
# Pre-flight check to ensure build environment is ready
check-environment:
name: Check Build Environment
runs-on: self-hosted
timeout-minutes: 5
steps:
- name: Install Build Dependencies
run: |
echo "Installing build dependencies..."
# Detect OS and install dependencies
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
if command -v apt-get &> /dev/null; then
echo "Detected Debian/Ubuntu - installing cmake, zlib, build-essential..."
sudo apt-get update
sudo apt-get install -y cmake zlib1g-dev build-essential
elif command -v yum &> /dev/null; then
echo "Detected RHEL/CentOS - installing cmake, zlib, gcc-c++..."
sudo yum install -y cmake zlib-devel gcc-c++
else
echo "WARNING: Unknown package manager. Please install manually:"
echo " - cmake"
echo " - zlib development headers"
echo " - C++ compiler (g++ or clang++)"
fi
elif [[ "$OSTYPE" == "darwin"* ]]; then
echo "Detected macOS - checking for Homebrew..."
if ! command -v brew &> /dev/null; then
echo "ERROR: Homebrew not found. Install from https://brew.sh"
exit 1
fi
echo "Installing cmake, zlib via Homebrew..."
brew install cmake zlib
else
echo "WARNING: Unknown OS. Please install manually:"
echo " - cmake"
echo " - zlib development headers"
echo " - C++ compiler (g++ or clang++)"
fi
echo "Dependencies installed."
- name: Check CMake Available
run: |
if ! command -v cmake &> /dev/null; then
echo "❌ ERROR: cmake is not installed"
echo ""
echo "To fix this on your self-hosted runner:"
echo " Ubuntu/Debian: sudo apt-get install -y cmake zlib1g-dev"
echo " macOS: brew install cmake zlib"
echo " CentOS/RHEL: sudo yum install -y cmake zlib-devel"
echo ""
echo "Or add this to your runner setup script."
exit 1
fi
echo "cmake: $(cmake --version | head -1)"
- name: Check C++ Compiler
run: |
if ! command -v g++ &> /dev/null && ! command -v clang++ &> /dev/null; then
echo "No C++ compiler found (g++ or clang++)"
echo ""
echo "To fix this:"
echo " Ubuntu/Debian: sudo apt-get install -y build-essential"
echo " macOS: xcode-select --install"
exit 1
fi
echo "C++ compiler available"
- name: Check Zlib
run: |
if pkg-config --exists zlib 2>/dev/null || [ -f /usr/include/zlib.h ] || [ -f /usr/local/include/zlib.h ]; then
echo "zlib development headers found"
else
echo "zlib headers not found - native build may fail"
echo " Install: sudo apt-get install -y zlib1g-dev || brew install zlib"
fi
test-native:
name: Build and Test Native Libraries
runs-on: self-hosted
needs: check-environment
timeout-minutes: 30
services:
redis:
image: redis:7-alpine
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 5s
--health-timeout 3s
--health-retries 3
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Cache native libraries
uses: actions/cache@v4
with:
path: |
native/build/
key: ${{ runner.os }}-native-${{ hashFiles('native/**/*.cpp', 'native/**/*.h', 'native/**/CMakeLists.txt') }}
restore-keys: |
${{ runner.os }}-native-
- name: Cache apt packages
uses: actions/cache@v4
with:
path: /var/cache/apt/archives
key: ${{ runner.os }}-apt-native-${{ hashFiles('.forgejo/workflows/*.yml') }}
restore-keys: |
${{ runner.os }}-apt-
- name: Install cmake and build tools
run: |
echo "Installing cmake and build dependencies..."
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
if command -v apt-get &> /dev/null; then
sudo apt-get update
sudo apt-get install -y cmake zlib1g-dev build-essential
elif command -v yum &> /dev/null; then
sudo yum install -y cmake zlib-devel gcc-c++
fi
elif [[ "$OSTYPE" == "darwin"* ]]; then
brew install cmake zlib
fi
which cmake
- name: Setup Go
run: |
REQUIRED_GO="1.23.4"
if command -v go &> /dev/null && go version | grep -q "go${REQUIRED_GO}"; then
echo "Go ${REQUIRED_GO} already installed - skipping download"
else
echo "Installing Go ${REQUIRED_GO}..."
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
curl -sL "https://go.dev/dl/go${REQUIRED_GO}.linux-amd64.tar.gz" | sudo tar -C /usr/local -xzf -
elif [[ "$OSTYPE" == "darwin"* ]]; then
curl -sL "https://go.dev/dl/go${REQUIRED_GO}.darwin-amd64.tar.gz" | sudo tar -C /usr/local -xzf -
fi
export PATH="/usr/local/go/bin:$PATH"
echo "/usr/local/go/bin" >> $GITHUB_PATH
echo "Go ${REQUIRED_GO} installed"
fi
go version
- name: Build Native Libraries
run: |
echo "Building native C++ libraries..."
make native-build 2>&1
if [ $? -ne 0 ]; then
echo ""
echo "Native build failed!"
echo ""
echo "Common causes:"
echo " 1. Missing cmake: Install with 'apt-get install cmake' or 'brew install cmake'"
echo " 2. Missing C++ compiler: Install with 'apt-get install build-essential'"
echo " 3. Missing zlib: Install with 'apt-get install zlib1g-dev'"
echo " 4. CMakeLists.txt not found: Ensure native/CMakeLists.txt exists"
echo ""
echo "Check the detailed error above for more information."
exit 1
fi
echo "Native libraries built successfully"
- name: Test with Native Libraries
run: |
echo "Running tests WITH native libraries enabled..."
CGO_ENABLED=1 go test -tags native_libs -v ./tests/...
continue-on-error: true
- name: Native Smoke Test
run: |
echo "Running native libraries smoke test..."
CGO_ENABLED=1 go test -tags native_libs ./tests/benchmarks/... -run TestNative
continue-on-error: true
- name: Test Fallback (Go only)
run: |
echo "Running tests WITHOUT native libraries (Go fallback)..."
go test -v ./tests/...
continue-on-error: true
- name: Run Benchmarks
run: |
echo "Running performance benchmarks..."
echo "=== Go Implementation ==="
go test -bench=. ./tests/benchmarks/ -benchmem || true
echo ""
echo "=== Native Implementation ==="
CGO_ENABLED=1 go test -tags native_libs -bench=. ./tests/benchmarks/ -benchmem || true
- name: Lint
run: |
echo "Running linters..."
make lint || echo "Linting completed with warnings"
build-release:
name: Build Release Libraries
runs-on: self-hosted
needs: test-native
timeout-minutes: 20
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Setup Go (fast)
run: |
REQUIRED_GO="1.23.4"
if command -v go &> /dev/null && go version | grep -q "go${REQUIRED_GO}"; then
echo "Go ${REQUIRED_GO} already installed - skipping download"
else
echo "Installing Go ${REQUIRED_GO}..."
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
curl -sL "https://go.dev/dl/go${REQUIRED_GO}.linux-amd64.tar.gz" | sudo tar -C /usr/local -xzf -
elif [[ "$OSTYPE" == "darwin"* ]]; then
curl -sL "https://go.dev/dl/go${REQUIRED_GO}.darwin-amd64.tar.gz" | sudo tar -C /usr/local -xzf -
fi
export PATH="/usr/local/go/bin:$PATH"
echo "/usr/local/go/bin" >> $GITHUB_PATH
echo "Go ${REQUIRED_GO} installed"
fi
go version
- name: Build Release Libraries
run: |
echo "Building optimized release libraries..."
make native-release 2>&1
echo "Release libraries built"
- name: List Build Artifacts
run: |
echo "Built libraries:"
ls -lh native/build/lib* 2>/dev/null || echo "No libraries found in native/build/"
- name: Upload Artifacts
uses: actions/upload-artifact@v4
with:
name: native-libs-${{ runner.os }}-${{ runner.arch }}
path: |
native/build/lib*.so
native/build/lib*.dylib
continue-on-error: true

114
.forgejo/workflows/ci.yml
View file

@ -230,40 +230,106 @@ jobs:
./scripts/track_performance.sh --help
./scripts/smoke-test.sh --help
security-scan:
name: Security Scan
test-native:
name: Test Native Libraries
runs-on: self-hosted
timeout-minutes: 20
needs: test
timeout-minutes: 30
services:
redis:
image: redis:7-alpine
ports:
- 6379:6379
options: >-
--health-cmd "redis-cli ping"
--health-interval 5s
--health-timeout 3s
--health-retries 3
steps:
- name: Checkout code
uses: actions/checkout@v5
- uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
scan-ref: '.'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Install cmake and build tools
run: |
echo "Installing cmake and build dependencies..."
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
if command -v apt-get &> /dev/null; then
sudo apt-get update
sudo apt-get install -y cmake zlib1g-dev build-essential
elif command -v yum &> /dev/null; then
sudo yum install -y cmake zlib-devel gcc-c++
fi
elif [[ "$OSTYPE" == "darwin"* ]]; then
brew install cmake zlib
fi
which cmake
- name: Upload Trivy scan results
uses: actions/upload-artifact@v4
if: always()
with:
name: trivy-results
path: trivy-results.sarif
retention-days: 30
- name: Setup Go
run: |
REQUIRED_GO="1.25.0"
if command -v go &> /dev/null && go version | grep -q "go${REQUIRED_GO}"; then
echo "Go ${REQUIRED_GO} already installed - skipping download"
else
echo "Installing Go ${REQUIRED_GO}..."
if [[ "$OSTYPE" == "linux-gnu"* ]]; then
curl -sL "https://go.dev/dl/go${REQUIRED_GO}.linux-amd64.tar.gz" | sudo tar -C /usr/local -xzf -
elif [[ "$OSTYPE" == "darwin"* ]]; then
curl -sL "https://go.dev/dl/go${REQUIRED_GO}.darwin-amd64.tar.gz" | sudo tar -C /usr/local -xzf -
fi
export PATH="/usr/local/go/bin:$PATH"
echo "/usr/local/go/bin" >> $GITHUB_PATH
echo "Go ${REQUIRED_GO} installed"
fi
go version
- name: Gosec Security Scanner
run: |
go install github.com/securecodewarrior/gosec/v2/cmd/gosec@latest
gosec ./...
- name: Build Native Libraries
run: |
echo "Building native C++ libraries..."
make native-build 2>&1 || {
echo ""
echo "Native build failed!"
echo ""
echo "Common causes:"
echo " 1. Missing cmake: Install with 'apt-get install cmake'"
echo " 2. Missing C++ compiler: Install with 'apt-get install build-essential'"
echo " 3. Missing zlib: Install with 'apt-get install zlib1g-dev'"
echo " 4. CMakeLists.txt not found: Ensure native/CMakeLists.txt exists"
echo ""
exit 1
}
echo "Native libraries built successfully"
- name: Test with Native Libraries
run: |
echo "Running tests WITH native libraries enabled..."
CGO_ENABLED=1 go test -tags native_libs -v ./tests/... || true
- name: Native Smoke Test
run: |
echo "Running native libraries smoke test..."
CGO_ENABLED=1 go test -tags native_libs ./tests/benchmarks/... -run TestNative || true
- name: Test Fallback (Go only)
run: |
echo "Running tests WITHOUT native libraries (Go fallback)..."
go test -v ./tests/... || true
- name: Run Benchmarks
run: |
echo "Running performance benchmarks..."
echo "=== Go Implementation ==="
go test -bench=. ./tests/benchmarks/ -benchmem || true
echo ""
echo "=== Native Implementation ==="
CGO_ENABLED=1 go test -tags native_libs -bench=. ./tests/benchmarks/ -benchmem || true
docker-build:
name: Docker Build
runs-on: self-hosted
needs: [test, build, test-scripts]
needs: [test, test-native, build, test-scripts]
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
timeout-minutes: 30