diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9473b108..2b8b0c47 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -46,4 +46,4 @@ jobs: - name: Build with Bazel run: | - bazel build --config x86_64-linux //src/... //examples/... + bazel build --lockfile_mode=error --config x86_64-linux //src/... //examples/... diff --git a/.github/workflows/bzlmod-lock.yml b/.github/workflows/bzlmod-lock.yml new file mode 100644 index 00000000..d973742b --- /dev/null +++ b/.github/workflows/bzlmod-lock.yml @@ -0,0 +1,28 @@ +# ******************************************************************************* +# Copyright (c) 2025 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0 +# +# SPDX-License-Identifier: Apache-2.0 +# ******************************************************************************* +name: Bzlmod Lockfile Check +permissions: + contents: read +on: + pull_request: + types: [opened, reopened, synchronize] + merge_group: + types: [checks_requested] + push: + branches: + - main +jobs: + bzlmod-lock: + uses: eclipse-score/cicd-workflows/.github/workflows/bzlmod-lock-check.yml@main + with: + working-directory: . diff --git a/.github/workflows/code_coverage.yml b/.github/workflows/code_coverage.yml index e237dbc7..8d3d60b5 100644 --- a/.github/workflows/code_coverage.yml +++ b/.github/workflows/code_coverage.yml @@ -45,6 +45,7 @@ jobs: - name: Run Bazel Coverage run: | bazel coverage \ + --lockfile_mode=error \ --test_output=errors \ --nocache_test_results \ --config=x86_64-linux \ @@ -84,6 +85,7 @@ jobs: run: | set -euo pipefail bazel test \ + --lockfile_mode=error \ --config=x86_64-linux \ --config=ferrocene-coverage \ --nocache_test_results \ @@ -92,7 +94,7 @@ jobs: - name: Generate Ferrocene coverage reports run: | set -euo pipefail - bazel run //:rust_coverage -- --min-line-coverage 66 + bazel run --lockfile_mode=error //:rust_coverage -- --min-line-coverage 66 - name: Locate coverage artifacts run: | diff --git a/.github/workflows/copyright.yml b/.github/workflows/copyright.yml index 08ef3767..4ee6d734 100644 --- a/.github/workflows/copyright.yml +++ b/.github/workflows/copyright.yml @@ -21,4 +21,4 @@ jobs: copyright-check: uses: eclipse-score/cicd-workflows/.github/workflows/copyright.yml@main with: - bazel-target: "run //:copyright.check" + bazel-target: "run --lockfile_mode=error //:copyright.check" diff --git a/.github/workflows/format.yml b/.github/workflows/format.yml index adb88769..35cbc74e 100644 --- a/.github/workflows/format.yml +++ b/.github/workflows/format.yml @@ -24,4 +24,4 @@ jobs: formatting-check: uses: eclipse-score/cicd-workflows/.github/workflows/format.yml@main with: - bazel-target: "test //:format.check" # optional, this is the default + bazel-target: "test --lockfile_mode=error //:format.check" # optional, this is the default diff --git a/.github/workflows/license_check.yml b/.github/workflows/license_check.yml index aba7f99d..21589ea6 100644 --- a/.github/workflows/license_check.yml +++ b/.github/workflows/license_check.yml @@ -28,5 +28,6 @@ jobs: uses: eclipse-score/cicd-workflows/.github/workflows/license-check.yml@main with: repo-url: "${{ github.server_url }}/${{ github.repository }}" + bazel-target: "run --lockfile_mode=error //:license-check" secrets: dash-api-token: ${{ secrets.ECLIPSE_GITLAB_API_TOKEN }} diff --git a/.github/workflows/test_and_docs.yml b/.github/workflows/test_and_docs.yml index ebc99890..64bcf220 100644 --- a/.github/workflows/test_and_docs.yml +++ b/.github/workflows/test_and_docs.yml @@ -37,14 +37,14 @@ jobs: pull-requests: write contents: read with: - bazel-docs-verify-target: "//:docs_check" + bazel-docs-verify-target: "--lockfile_mode=error //:docs_check" run-tests: uses: eclipse-score/cicd-workflows/.github/workflows/tests.yml@main permissions: contents: read pull-requests: read with: - bazel-target: 'test //src/... //tests/... --config=x86_64-linux' + bazel-target: 'test --lockfile_mode=error //src/... //tests/... --config=x86_64-linux' upload-name: 'bazel-testlogs' packages: 'fakechroot' build-docs: @@ -59,6 +59,6 @@ jobs: with: # the bazel-target depends on your repo specific docs_targets configuration (e.g. "suffix") - bazel-target: "//:docs -- --github_user=${{ github.repository_owner }} --github_repo=${{ github.event.repository.name }}" + bazel-target: "--lockfile_mode=error //:docs -- --github_user=${{ github.repository_owner }} --github_repo=${{ github.event.repository.name }}" retention-days: 3 tests-report-artifact: bazel-testlogs diff --git a/.gitignore b/.gitignore index 9dab2c36..9cbd4655 100644 --- a/.gitignore +++ b/.gitignore @@ -34,7 +34,6 @@ # Bazel bazel-* -MODULE.bazel.lock user.bazelrc # Ruff diff --git a/MODULE.bazel b/MODULE.bazel index 707fdada..568a8a41 100644 --- a/MODULE.bazel +++ b/MODULE.bazel @@ -116,7 +116,6 @@ python.toolchain( is_default = True, python_version = PYTHON_VERSION, ) -use_repo(python) pip = use_extension("@rules_python//python/extensions:pip.bzl", "pip", dev_dependency = True) pip.parse(