-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Migrate CI/CD from TeamCity to GitHub Actions: release workflows & WARP GPU testing (D3D11) #3115
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
14 commits
Select commit
Hold shift + click to select a range
5b22921
ci: Added permissions and improved security for release (only user in…
xen2 faea043
ci: Enable advanced installer use (download and install it during build)
xen2 a2a7466
ci: added STRIDE_GRAPHICS_SOFTWARE_RENDERING env variable to force WA…
xen2 2b4b1c1
fix: EditText picking/selection were being compared in virtual size i…
xen2 3941ad1
fix: EditText adjust caret during selection to follow last mouse posi…
xen2 7e0a0aa
chore: added launchSettings to easily choose WARP unit testing
xen2 f91607c
fix: Removed image capture from Physics tests (unused)
xen2 e27c83c
ci: regenerated gold images for WARP and RTX 5080
xen2 505c593
ci: added game rendering tests to main CI (using WARP mode)
xen2 a2130fa
ci: disabled unreliable benchmark test
xen2 f174e0e
ci: mark audio test as independent from graphics API
xen2 033cb08
ci: Removed Teamcity specific message/references
xen2 2aa42f1
ci: added separate workflow for VSPackage
xen2 74b1a55
ci: Run CI on every PR (latest commit) and master (every commit)
xen2 File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| # Release workflows require approval from release managers | ||
| .github/workflows/release*.yml @stride3d/stride-release-managers |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,146 @@ | ||
| name: Release Launcher | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| sign: | ||
| description: Code sign packages | ||
| default: true | ||
| type: boolean | ||
| deploy: | ||
| description: Deploy to NuGet.org | ||
| default: false | ||
| type: boolean | ||
|
|
||
| concurrency: | ||
| group: release-launcher-${{ github.ref }} | ||
| cancel-in-progress: false | ||
|
|
||
| jobs: | ||
| # | ||
| # Validate inputs and permissions | ||
| # | ||
| Validate: | ||
| name: Validate | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Check deploy requires signing | ||
| if: ${{ inputs.deploy && !inputs.sign }} | ||
| run: | | ||
| echo "::error::Cannot deploy unsigned packages. Enable 'sign' to deploy." | ||
| exit 1 | ||
|
|
||
| - name: Check release permissions | ||
| if: ${{ inputs.sign || inputs.deploy }} | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GH_PAT }} | ||
| run: | | ||
| ORG=$(echo "${{ github.repository }}" | cut -d/ -f1) | ||
| TEAM="stride-release-managers" | ||
| USER="${{ github.actor }}" | ||
| STATUS=$(gh api "orgs/$ORG/teams/$TEAM/memberships/$USER" --silent 2>&1 && echo "ok" || echo "fail") | ||
| if [ "$STATUS" = "fail" ]; then | ||
| echo "::error::User $USER is not a member of $ORG/$TEAM. Sign/deploy requires stride-release-managers team membership." | ||
| exit 1 | ||
| fi | ||
|
|
||
| # | ||
| # Build, package and optionally deploy the launcher | ||
| # | ||
| Package: | ||
| name: Package Launcher | ||
| needs: Validate | ||
| runs-on: windows-latest | ||
| environment: production | ||
| outputs: | ||
| version: ${{ steps.version.outputs.version }} | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| lfs: true | ||
| fetch-depth: 0 | ||
|
|
||
| - uses: actions/setup-dotnet@v4 | ||
| with: | ||
| dotnet-version: | | ||
| 6.0.x | ||
| 10.0.x | ||
|
|
||
| - uses: microsoft/setup-msbuild@v2 | ||
|
|
||
| - name: Install Advanced Installer | ||
| shell: pwsh | ||
| run: | | ||
| Invoke-WebRequest -Uri "https://www.advancedinstaller.com/downloads/22.0/advinst.msi" -OutFile advinst.msi | ||
| msiexec /i advinst.msi /qn ADDLOCAL=ALL | Out-Null | ||
| if ("${{ secrets.ADVINST_LICENSE_KEY }}" -ne "") { | ||
| & "${env:ProgramFiles(x86)}\Caphyon\Advanced Installer 22.0\bin\x86\AdvancedInstaller.com" /register "${{ secrets.ADVINST_LICENSE_KEY }}" | ||
| } | ||
|
|
||
| - name: Build and package launcher | ||
| shell: pwsh | ||
| run: | | ||
| msbuild build\Stride.build ` | ||
| /t:FullBuildLauncher ` | ||
| /bl /m /nr:false ` | ||
| /p:StrideSign=${{ inputs.sign }} | ||
| env: | ||
| StrideSignTenantId: ${{ secrets.STRIDE_SIGN_TENANT_ID }} | ||
| StrideSignClientId: ${{ secrets.STRIDE_SIGN_CLIENT_ID }} | ||
| StrideSignClientSecret: ${{ secrets.STRIDE_SIGN_CLIENT_SECRET }} | ||
| StrideSignKeyVaultCertificate: ${{ secrets.STRIDE_SIGN_KEYVAULT_CERTIFICATE }} | ||
| StrideSignKeyVaultName: ${{ secrets.STRIDE_SIGN_KEYVAULT_NAME }} | ||
|
|
||
| - name: Get version | ||
| id: version | ||
| shell: pwsh | ||
| run: | | ||
| $nupkg = Get-ChildItem -Path bin/launcher -Filter "*.nupkg" | Select-Object -First 1 | ||
| if ($nupkg -and $nupkg.BaseName -match '\.(\d+\.\d+\.\d+.*)$') { | ||
| echo "version=$($Matches[1])" >> $env:GITHUB_OUTPUT | ||
| } | ||
|
|
||
| - name: Upload launcher artifacts | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: launcher | ||
| path: | | ||
| bin/launcher/*.nupkg | ||
| bin/launcher/*.exe | ||
| retention-days: 30 | ||
|
|
||
| Deploy: | ||
| name: Deploy Launcher | ||
| if: ${{ inputs.deploy && inputs.sign }} | ||
| needs: Package | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/setup-dotnet@v4 | ||
| with: | ||
| dotnet-version: 10.0.x | ||
|
|
||
| - name: Download launcher artifacts | ||
| uses: actions/download-artifact@v4 | ||
| with: | ||
| name: launcher | ||
| path: bin/launcher | ||
|
|
||
| - name: Push to NuGet | ||
| shell: pwsh | ||
| run: | | ||
| Get-ChildItem -Path bin/launcher -Filter "*.nupkg" | ForEach-Object { | ||
| echo "Pushing $($_.Name)..." | ||
| dotnet nuget push $_.FullName --api-key $env:STRIDE_NUGET_API_KEY --source "https://api.nuget.org/v3/index.json" --skip-duplicate | ||
| } | ||
| env: | ||
| STRIDE_NUGET_API_KEY: ${{ secrets.STRIDE_NUGET_API_KEY }} | ||
|
|
||
| - name: Create GitHub Release | ||
| if: ${{ needs.Package.outputs.version != '' }} | ||
| uses: softprops/action-gh-release@v2 | ||
| with: | ||
| tag_name: launcher/${{ needs.Package.outputs.version }} | ||
| name: Stride Launcher ${{ needs.Package.outputs.version }} | ||
| files: bin/launcher/*.exe | ||
| prerelease: ${{ contains(needs.Package.outputs.version, '-') }} | ||
| generate_release_notes: true |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,106 @@ | ||
| name: Unlist Release | ||
|
|
||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| version: | ||
| description: Version to unlist (e.g. 4.3.0.2286-beta01) | ||
| required: true | ||
| type: string | ||
| dry-run: | ||
| description: Dry run (list packages without unlisting) | ||
| default: true | ||
| type: boolean | ||
|
|
||
| jobs: | ||
| Validate: | ||
| name: Validate | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Check release permissions | ||
| env: | ||
| GH_TOKEN: ${{ secrets.GH_PAT }} | ||
| run: | | ||
| ORG=$(echo "${{ github.repository }}" | cut -d/ -f1) | ||
| TEAM="stride-release-managers" | ||
| USER="${{ github.actor }}" | ||
| STATUS=$(gh api "orgs/$ORG/teams/$TEAM/memberships/$USER" --silent 2>&1 && echo "ok" || echo "fail") | ||
| if [ "$STATUS" = "fail" ]; then | ||
| echo "::error::User $USER is not a member of $ORG/$TEAM. Unlisting requires stride-release-managers team membership." | ||
| exit 1 | ||
| fi | ||
|
|
||
| Unlist: | ||
| name: Unlist ${{ inputs.version }} | ||
| needs: Validate | ||
| runs-on: ubuntu-latest | ||
| environment: production | ||
| steps: | ||
| - name: Find and unlist Stride packages | ||
| shell: pwsh | ||
| run: | | ||
| $version = "${{ inputs.version }}" | ||
| $dryRun = $${{ inputs.dry-run }} | ||
|
|
||
| # Query NuGet for all packages owned by Stride | ||
| $searchUrl = "https://api-v2v3search-0.nuget.org/query?q=owner:stride&take=500&prerelease=true" | ||
| $results = Invoke-RestMethod -Uri $searchUrl | ||
| $stridePackages = $results.data | Where-Object { $_.id -like "Stride*" } | Select-Object -ExpandProperty id | ||
|
|
||
| echo "Found $($stridePackages.Count) Stride packages on NuGet.org" | ||
|
|
||
| $found = @() | ||
| $notFound = @() | ||
|
|
||
| foreach ($id in $stridePackages) { | ||
| # Check if this specific version exists | ||
| $versionUrl = "https://api.nuget.org/v3-flatcontainer/$($id.ToLower())/index.json" | ||
| try { | ||
| $versions = Invoke-RestMethod -Uri $versionUrl -ErrorAction Stop | ||
| if ($versions.versions -contains $version.ToLower()) { | ||
| $found += $id | ||
| } | ||
| } catch { | ||
| # Package version listing failed, skip | ||
| } | ||
| } | ||
|
|
||
| echo "" | ||
| echo "## Packages with version $version : $($found.Count)" | ||
| foreach ($id in $found) { | ||
| echo " - $id" | ||
| } | ||
|
|
||
| if ($dryRun) { | ||
| echo "" | ||
| echo "** DRY RUN - no packages were unlisted **" | ||
| echo "Uncheck 'Dry run' to actually unlist these packages." | ||
| } else { | ||
| echo "" | ||
| $failed = @() | ||
| foreach ($id in $found) { | ||
| echo "Unlisting $id $version..." | ||
| dotnet nuget delete $id $version --api-key $env:STRIDE_NUGET_API_KEY --source "https://api.nuget.org/v3/index.json" --non-interactive | ||
| if ($LASTEXITCODE -ne 0) { $failed += $id } | ||
| } | ||
|
|
||
| if ($failed.Count -gt 0) { | ||
| echo "" | ||
| echo "::error::Failed to unlist $($failed.Count) packages: $($failed -join ', ')" | ||
| exit 1 | ||
| } | ||
|
|
||
| echo "" | ||
| echo "Successfully unlisted $($found.Count) packages for version $version" | ||
| } | ||
|
|
||
| # Step summary | ||
| echo "## Unlist Release" >> $env:GITHUB_STEP_SUMMARY | ||
| echo "**Version:** $version" >> $env:GITHUB_STEP_SUMMARY | ||
| echo "**Mode:** $(if ($dryRun) { 'Dry run' } else { 'Live' })" >> $env:GITHUB_STEP_SUMMARY | ||
| echo "**Packages:** $($found.Count)" >> $env:GITHUB_STEP_SUMMARY | ||
| echo '```' >> $env:GITHUB_STEP_SUMMARY | ||
| $found | ForEach-Object { echo $_ >> $env:GITHUB_STEP_SUMMARY } | ||
| echo '```' >> $env:GITHUB_STEP_SUMMARY | ||
| env: | ||
| STRIDE_NUGET_API_KEY: ${{ secrets.STRIDE_NUGET_API_KEY }} |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The initial idea was to not run the full main CI on PR, but instead only individual workflows depending on which files has been touched.
If we decide to run everything all the time, then we should remove the filters on all other workflows. Otherwise, each will be run twice.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point, I was hesitating about that one, but I didn't fully realize about those other workflows.
I understand better how it was intended to work now.
Assuming full CI is fast enough and part of dotnet infra so not a problem to run every PR, do you still think worth to have something smaller for PR?
Here are the pros/cons I can come up with:
When adding it, my rationale was that in practice we would want to run it anyway before final merge and it is a bit annoying to do manually (and easy to forget)
Since I am adding GPU tests again with WARP (quite deterministic), we could easily spot and fix those before PR merge (rather than it polluting PR commit and any further commits/PR with bad chekmark and false positive until fixed).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We could use some labels to trigger specific GitHub Actions or part of it? So for example, the default would be a smaller GitHub Actions and based on the label added (e.g. area-Graphics) it could trigger different GitHub Action or path in GitHub Action.
cons: Probaby the same as above
Also, not sure if some repeated workflows could be re-used so they are maintained only once.
Uh oh!
There was an error while loading. Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right now I am spending some time to get all the image testing unit test running properly again on GH (incl new platforms like D3D12/Vulkan).
It's quite an effort to get everything working properly.
When we used them in the past, they broke so many time and stayed broken for long stretch of time because it wasn't run every commit. And once it gets broken for a while, it gets very hard and time consuming to trace back where it happened (if it even compiled) and fix back.
So I vote to simply enable the full CI matrix on every master commit and every PR before merge for now.
We can do a few "safe" optimization like running only editor tests for changes on editor folders, but I don't want to take any risk the other way around (i.e. a change in Core/Graphics means a full test of everything, incl. graphics unit tests and editor tests, even if breaking them might seem unlikely).
Likewise, I don't a slightly different version of testing workflow as it might not test the exact same thing, and we'll end up having the same problem of having to track down broken commits with the real CI suite.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds good. It's better to be on the safe side.