ci.yaml

name: Scala 3

on:
  push:
    ## Be careful if you add or remove something here! Quoting from
    ## <https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onpushbranchestagsbranches-ignoretags-ignore>:
    ##
    ## > If you define only tags/tags-ignore or only branches/branches-ignore, the
    ## > workflow won't run for events affecting the undefined Git ref. If you
    ## > define neither tags/tags-ignore or branches/branches-ignore, the workflow
    ## > will run for events affecting either branches or tags.
    ##
    ## We want the CI to run on both branches and tags, so we should either have:
    ## - both (tags or tags-ignore) and (branches or branches-ignore),
    ## - or neither of them.
    ## But it's important to not have only one or the other.
    tags:
      - '*'
    branches-ignore:
      - 'gh-readonly-queue/**'
      - 'release-**'
      - 'lts-**'
  pull_request:
  merge_group:
  workflow_dispatch:

# Cancels any in-progress runs within the same group identified by workflow name and GH reference (branch or tag)
# For example it would:
# - terminate previous PR CI execution after pushing more changes to the same PR branch
# - terminate previous on-push CI run after merging new PR to main
concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

env:
  DOTTY_CI_RUN: true

# In this file, we set `--cpu-shares 4096` on every job. This might seem useless
# since it means that every container has the same weight which should be
# equivalent to doing nothing, but it turns out that OpenJDK computes
# `Runtime.getRuntime.availableProcessors` by dividing the cpu-shares value if
# it exists by 1024 (cf
# http://mail.openjdk.java.net/pipermail/hotspot-dev/2019-January/036087.html),
# so this means that we effectively run every job with 4 cores. This is much
# nicer than setting `--cpus 4` because the latter enforces CPU quotas and ends
# up slowing our jobs more than needed. It's equivalent to running the JVM with
# `-XX:ActiveProcessorCount=4`, but since our tests can spawn new JVM in many
# places, it would be very hard to ensure that this option is always passed to
# `java` (we could use the `_JAVA_OPTIONS` environment variable, but this prints
# text on stderr and so can break tests which check the output of a program).

jobs:
  # Run stdlib tests before publishing a release
  stdlib-tests:
    uses: ./.github/workflows/stdlib.yaml
    if: "github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')"
    secrets: inherit

  test_windows_full:
    runs-on: [self-hosted, Windows]
    if: "github.event_name == 'schedule' && github.repository == 'scala/scala3'
         || github.event_name == 'push'
         || (
           github.event_name == 'pull_request'
           && !contains(github.event.pull_request.body, '[skip ci]')
           && contains(github.event.pull_request.body, '[test_windows_full]')
         )"

    steps:
      - name: Reset existing repo
        shell: cmd
        run: |
          git config --global --add safe.directory $GITHUB_WORKSPACE
          git -c "http.https://github.com/.extraheader=" fetch --recurse-submodules=no "https://github.com/scala/scala3" && git reset --hard FETCH_HEAD || true

      - name: Git Checkout
        uses: actions/checkout@v6

      - name: Test
        run: sbt ";scala3-bootstrapped/compile ;scala3-compiler-bootstrapped/test"
        shell: cmd

  publish_release:
    permissions:
      contents: write  # for GH CLI to create a release
    runs-on: [self-hosted, Linux]
    needs: [stdlib-tests]
    container:
      image: lampepfl/dotty:2024-10-18
      options: --cpu-shares 4096
      volumes:
        - ${{ github.workspace }}/../../cache/sbt:/root/.sbt
        - ${{ github.workspace }}/../../cache/ivy:/root/.ivy2/cache
        - ${{ github.workspace }}/../../cache/general:/root/.cache
    if: "github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/')"

    env:
      RELEASEBUILD: yes
      PGP_PW: ${{ secrets.PGP_PW }}  # PGP passphrase
      PGP_SECRET: ${{ secrets.PGP_SECRET }}  # Export your private and public PGP key to an *.asc file, take the file's contents as a string
      SONATYPE_PW: ${{ secrets.SONATYPE_PW_ORGSCALALANG }}
      SONATYPE_USER: ${{ secrets.SONATYPE_USER_ORGSCALALANG }}

    steps:
      ##############################################################################################
      ## WARNING: DO NOT CHANGE THE JAVA VERSION HERE. SCALA 3.8.0+ IS DISTRIBUTED USING JAVA 17. ##
      ##############################################################################################
      - name: Set JDK 17 as default
        run: echo "/usr/lib/jvm/java-17-openjdk-amd64/bin" >> $GITHUB_PATH
      - name: Reset existing repo
        run: |
          git config --global --add safe.directory $GITHUB_WORKSPACE
          git -c "http.https://github.com/.extraheader=" fetch --recurse-submodules=no "https://github.com/scala/scala3" && git reset --hard FETCH_HEAD || true

      - name: Checkout cleanup script
        uses: actions/checkout@v6

      - name: Cleanup
        run: .github/workflows/cleanup.sh

      - name: Git Checkout
        uses: actions/checkout@v6

      - name: Add SBT proxy repositories
        run: cp -vf .github/workflows/repositories /root/.sbt/ ; true

      # Extract the release tag
      - name: Extract the release tag
        run : echo "RELEASE_TAG='${GITHUB_REF#*refs/tags/}'" >> $GITHUB_ENV

      - name: Check compiler version
        shell: bash
        run : |
          version=$(./project/scripts/sbt "print scala3-compiler-bootstrapped/version" | tail -n1)
          echo "This build version: ${version}"
          if [ "${version}" != "${{ env.RELEASE_TAG }}" ]; then
            echo "Compiler version for this build '${version}', does not match tag: ${{ env.RELEASE_TAG }}"
            exit 1
          fi

      - name: Prepare the SDKs
        shell: bash
        run : |
          prepareSDK() {
            distroSuffix="$1"
            sbtProject="$2"
            distDir="$3"

            # Build binaries
            ./project/scripts/sbt "all ${sbtProject}/Universal/packageBin ${sbtProject}/Universal/packageZipTarball"

            artifactName="scala3-${{ env.RELEASE_TAG }}${distroSuffix}"

            # Caluclate SHA for each of archive files
            for file in "${artifactName}.zip" "${artifactName}.tar.gz"; do
              mv ${distDir}/target/universal/$file $file
              sha256sum "${file}" > "${file}.sha256"
            done
          }
          prepareSDK ""                      "dist"               "./dist/"
          prepareSDK "-aarch64-pc-linux"     "dist-linux-aarch64" "./dist/linux-aarch64/"
          prepareSDK "-x86_64-pc-linux"      "dist-linux-x86_64"  "./dist/linux-x86_64/"
          prepareSDK "-aarch64-apple-darwin" "dist-mac-aarch64"   "./dist/mac-aarch64/"
          prepareSDK "-x86_64-apple-darwin"  "dist-mac-x86_64"    "./dist/mac-x86_64/"
          prepareSDK "-x86_64-pc-win32"      "dist-win-x86_64"    "./dist/win-x86_64/"

      - name: Download MSI package
        uses: actions/download-artifact@v8
        with:
          name: scala.msi
          path: .
      - name: Prepare MSI package
        shell: bash
        run: |
          msiInstaller="scala3-${{ env.RELEASE_TAG }}.msi"
          mv scala.msi "${msiInstaller}"
          sha256sum "${msiInstaller}" > "${msiInstaller}.sha256"

      - name: Install GH CLI
        uses: dev-hanz-ops/install-gh-cli-action@v0.2.1
        with:
          gh-cli-version: 2.59.0

      # Create the GitHub release
      - name: Create GitHub Release
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
        shell: bash
        run: |
          # We need to config safe.directory in every step that might reference git
          # It is not persisted between steps
          git config --global --add safe.directory $GITHUB_WORKSPACE
          gh release create \
          --draft \
          --title "${{ env.RELEASE_TAG }}" \
          --notes-file ./changelogs/${{ env.RELEASE_TAG }}.md \
          --latest=${{ !contains(env.RELEASE_TAG, '-RC') }} \
          --prerelease=${{ contains(env.RELEASE_TAG, '-RC') }} \
          --verify-tag ${{ env.RELEASE_TAG }} \
          scala3-${{ env.RELEASE_TAG }}*.zip \
          scala3-${{ env.RELEASE_TAG }}*.tar.gz \
          scala3-${{ env.RELEASE_TAG }}*.sha256 \
          scala3-${{ env.RELEASE_TAG }}.msi

      # Each namespace needs to be published separately
      - name: Publish Release (org.scala-lang)
        run: |
          rm -rf ./target/sona-staging/
          ./project/scripts/sbtPublish " \
            all \
              scala-library-bootstrapped/publishSigned \
              scala3-compiler-bootstrapped/publishSigned \
              scala3-interfaces/publishSigned \
              scala3-language-server/publishSigned \
              scala3-library-bootstrapped/publishSigned \
              scala3-library-sjs/publishSigned \
              scala3-presentation-compiler/publishSigned \
              scala3-repl/publishSigned \
              scala3-sbt-bridge-bootstrapped/publishSigned \
              scala3-staging/publishSigned \
              scala3-tasty-inspector/publishSigned \
              scaladoc/publishSigned \
              tasty-core-bootstrapped/publishSigned \
            ;sonaUpload"

      - name: Publish Release (org.scala-js)
        run: |
          # Ensure the staging does not contain any stale artifacts
          rm -rf ./target/sona-staging/
          ./project/scripts/sbtPublish "scala-library-sjs/publishSigned ;sonaUpload"

  build-msi-package:
   uses: ./.github/workflows/build-msi.yml
   if  :
     (github.event_name == 'pull_request' && contains(github.event.pull_request.body, '[test_msi]')) ||
     (github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags/'))

  test-msi-package:
   uses: ./.github/workflows/test-msi.yml
   needs: [build-msi-package]
   with:
     version: ${{ needs.build-msi-package.outputs.version }}
     java-version: 17

  build-sdk-package:
   uses: ./.github/workflows/build-sdk.yml
   if:
     (github.event_name == 'pull_request' && !contains(github.event.pull_request.body, '[skip ci]')) ||
     (github.event_name == 'workflow_dispatch' && github.repository == 'scala/scala3') ||
     (github.event_name == 'schedule' && github.repository == 'scala/scala3') ||
     github.event_name == 'push' ||
     github.event_name == 'merge_group'
   with:
     java-version: 17

  build-chocolatey-package:
   uses: ./.github/workflows/build-chocolatey.yml
   needs: [ build-sdk-package ]
   with:
     version: 3.6.0-SNAPSHOT # Fake version, used only for choco tests
     url    : https://api.github.com/repos/scala/scala3/actions/artifacts/${{ needs.build-sdk-package.outputs.win-x86_64-id }}/zip
     digest : ${{ needs.build-sdk-package.outputs.win-x86_64-digest }}

  test-chocolatey-package:
   uses: ./.github/workflows/test-chocolatey.yml
   with:
     version     : 3.6.0-SNAPSHOT # Fake version, used only for choco tests
     java-version: 17
   if: github.event_name == 'pull_request' && contains(github.event.pull_request.body, '[test_chocolatey]')
   needs: [ build-chocolatey-package ]

  scalafmt:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
        with:
          fetch-depth: 0
      - uses: coursier/cache-action@v8
      - uses: VirtusLab/scala-cli-setup@v1.14
      - run: scala-cli format --check