hopr-api 1.10.0

name: PR
on:
  merge_group:
    types: [checks_requested]
  pull_request:
    types:
      - opened
      - synchronize
      - reopened
      - ready_for_review
permissions:
  contents: read
concurrency:
  group: ${{ github.event.pull_request.head.ref || github.ref_name }}-pr
  cancel-in-progress: true
jobs:
  validate-pr-title:
    name: Validate title
    if: github.event_name == 'pull_request'
    runs-on: depot-ubuntu-24.04
    permissions:
      pull-requests: read
    steps:
      - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v6
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          types: |
            fix
            feat
            build
            chore
            docs
            style
            refactor
            perf
            test
          requireScope: false
          ignoreLabels: |
            bot
            ignore-semantic-pull-request
  label:
    name: Add labels
    if: github.event_name == 'pull_request'
    runs-on: depot-ubuntu-24.04
    permissions:
      contents: read
      issues: write
      pull-requests: write
    steps:
      - name: Harden Runner
        uses: step-security/harden-runner@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 # v2.19.0
        with:
          disable-sudo: true
          egress-policy: audit
      - name: Checkout repository
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false
      - uses: actions/labeler@77a4082b841706ac431479b7e2bb11216ffef250 # main on 20.02.2025
        with:
          sync-labels: true
      - name: Add "external" label for forked PRs
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          BASE_REPO: ${{ github.repository }}
          HEAD_REPO: ${{ github.event.pull_request.head.repo.full_name }}
          PR_NUMBER: ${{ github.event.pull_request.number }}
        run: |
          if [[ "$HEAD_REPO" != "$BASE_REPO" ]]; then
            gh pr edit "$PR_NUMBER" --add-label "external"
          fi
  checks:
    name: Check
    uses: hoprnet/hopr-workflows/.github/workflows/checks.yaml@bbd22e57cf954c15f0a6051d59329857809141dd # workflow-checks-v1
    with:
      source_branch: ${{ github.event.pull_request.head.ref || github.ref }}
      runner_small: depot-ubuntu-24.04
      runner_large: depot-ubuntu-24.04-4
    secrets:
      cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }}
  tests:
    name: Test
    uses: hoprnet/hopr-workflows/.github/workflows/tests.yaml@bbd22e57cf954c15f0a6051d59329857809141dd # workflow-tests-v1
    with:
      source_branch: ${{ github.event.pull_request.head.ref || github.ref }}
      unit_tests: true
      unit_test_command: "nix build -L .#unit-test"
      runner: depot-ubuntu-24.04-4
      test_timeout: 30
    secrets:
      cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }}
  build-library:
    name: Library ${{ matrix.architecture }}
    strategy:
      fail-fast: false
      matrix:
        include:
          - architecture: x86_64-linux
            runner: depot-ubuntu-24.04-4
            required_label: ""
          - architecture: aarch64-linux
            runner: depot-ubuntu-24.04-arm-4
            required_label: "binary:aarch64-linux"
          - architecture: aarch64-darwin
            runner: depot-macos-15
            required_label: binary:aarch64-darwin
    uses: hoprnet/hopr-workflows/.github/workflows/build-library.yaml@build-library-v2
    permissions:
      contents: read
    with:
      source_branch: ${{ github.event.pull_request.head.ref || github.ref }}
      version_type: commit
      architecture: ${{ matrix.architecture }}
      runner: ${{ matrix.runner }}
      timeout_minutes: 120
      package_name: hopr-api
      enabled: ${{ matrix.required_label == '' || contains(github.event.pull_request.labels.*.name, matrix.required_label) }}
    secrets:
      cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }}