After careful review, we believe we can now use the "pull_request_target"
workflow trigger instead of "pull_request" which required a separate
privliged workflow to add labels and comments to PRs when they are submitted
or updated. This allows us to greatly streamline our workflows and remove
unneeded ones.
* The OnPRChanged workflow was...
* Renamed to OnPRCheck
* Changed to trigger on pull_request_target and the "recheckpr" label.
* Changed to simply call reusable workflows in asterisk-ci-actions.
* Changed to use better concurrency groups.
* The OnPRCPCheck and OnPRMergeApproved workflows were also...
* Changed to simply call reusable workflows in asterisk-ci-actions.
* Changed to use better concurrency groups.
* The NightlyTest and CreateDocs were also tweaked
(cherry picked from commit
9822f6fd25d2bc102ed46381d8e89330cf941e7e)
with:
asterisk_repo: ${{ github.repository }}
base_branch: ${{ matrix.branch }}
- secrets:
- TOKEN: ${{ secrets.GITHUB_TOKEN }}
branches: ${{ inputs.branches || vars.NIGHTLYTEST_BRANCHES }}
group_list: ${{ inputs.group_list || vars.NIGHTLYTEST_LIST }}
realtime: false
- secrets:
- TOKEN: ${{ secrets.GITHUB_TOKEN }}
name: PRCPCheck
-run-name: "PR ${{ github.event.number }} ${{ github.workflow }} by ${{ github.actor }}"
+run-name: "PR ${{ github.event.number }} CPCheck by ${{ github.actor }}"
on:
pull_request_target:
types: [ labeled ]
jobs:
PRCPCheck:
- if: ${{ github.event.label.name == vars.CHERRY_PICK_TEST_LABEL }}
-# concurrency:
-# group: cpcheck-${{ github.event.number }}
-# cancel-in-progress: true
name: "run-cpcheck"
- uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRCPCheck.yml@main
- secrets:
- TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ if: ${{ github.event.label.name == vars.CHERRY_PICK_TEST_LABEL }}
+ concurrency:
+ group: cpcheck-${{ github.base_ref }}-${{ github.ref_name }}
+ cancel-in-progress: true
+ uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRCPCheck.yml@main-pr-target
+++ /dev/null
-#
-# Workflows, like this one, that are triggered by PRs submitted
-# from forked repositories are severly limited in what they can do
-# for security reasons. For instance, they can't add or remove
-# labels or comments even on the PR that triggered them. Since
-# we need to both of those things, GitHub recommends creating a
-# separate workflow that does those tasks that's triggered when
-# this PR workflow starts or finishes. Since that workflow isn't
-# being run in the context of a forked repo, it has all the
-# privileges needed to add and remove labels and comments. The
-# accompanying OnPRStateChangedPriv workflow does just that.
-
-name: PRChanged
-# WARNING! The run name MUST start with "PR <pr_number>".
-# The accompanying privleged workflow parses this to find
-# the PR number. It's the only reliable way it can get it.
-run-name: "PR ${{ github.event.number }} Changed by ${{ github.actor }}"
-on:
- pull_request:
- types: [opened, reopened, synchronize]
-
-concurrency:
- group: check-${{ github.event.number }}
- cancel-in-progress: true
-
-jobs:
- PRChanged:
- name: "run-check"
- uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRChanged.yml@main
- secrets:
- TOKEN: ${{ secrets.GITHUB_TOKEN }}
+++ /dev/null
-#
-# Workflows triggered by PRs submitted from forked repositories
-# (all of ours) are severly limited in what they can do.
-# For instance, they can't add or remove labels or comments even
-# on the PR that triggered them. Since we need to both of those,
-# GitHub recommends creating a separate workflow (this one) that
-# does those tasks that's triggered when the PR submit workflow
-# starts or finishes. Since this workflow isn't being run in the
-# context of a forked repo, it has all the privileges needed to
-# add and remove labels and comments. Hence the "Priv" at the end
-# of this workflow name.
-#
-name: PRChangedPriv
-run-name: "PRChangedPriv ${{ github.event.workflow_run.name }} ${{ github.event.action }}(${{ github.event.workflow_run.conclusion }})"
-on:
- workflow_run:
- workflows: [PRChanged]
- types:
- - requested
- - completed
-
-jobs:
- PRChangedPriv:
- name: "run-checkpriv"
- uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRChangedPriv.yml@main
- secrets:
- TOKEN: ${{ secrets.GITHUB_TOKEN }}
--- /dev/null
+name: PRCheck
+run-name: "PR ${{ github.event.number }} Check(${{github.event.action}}) by ${{ github.actor }}"
+on:
+ pull_request_target:
+ types: [ opened, reopened, synchronize, labeled ]
+
+jobs:
+ PRCheck:
+ name: "run-check"
+ if: ${{ (github.event.action != 'labeled') || (github.event.action == 'labeled' && github.event.label.name == vars.RECHECKPR_LABEL) }}
+ concurrency:
+ group: check-${{ github.base_ref }}-${{ github.ref_name }}
+ cancel-in-progress: true
+ uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRCheck.yml@main-pr-target
name: PRMerge
-run-name: "PR ${{ github.event.number }} ${{ github.workflow }} by ${{ github.actor }}"
+run-name: "PR ${{ github.event.number }} Merge by ${{ github.actor }}"
on:
pull_request_target:
- types: [labeled]
+ types: [ labeled ]
jobs:
PRMerge:
- if: contains(fromJSON(vars.MERGE_APPROVED_LABELS), github.event.label.name)
-# concurrency:
-# group: merge-${{ github.event.number }}
-# cancel-in-progress: true
name: "run-merge"
+ if: contains(fromJSON(vars.MERGE_APPROVED_LABELS), github.event.label.name)
+ concurrency:
+ group: merge-${{ github.base_ref }}-${{ github.ref_name }}
+ cancel-in-progress: true
uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRMerge.yml@main
- secrets:
- TOKEN: ${{ secrets.GITHUB_TOKEN }}
+++ /dev/null
-name: PRReCheck
-run-name: "PR ${{ github.event.number }} ${{ github.workflow }} by ${{ github.actor }}"
-on:
- pull_request_target:
- types: [ labeled ]
-
-jobs:
- PRReCheck:
- if: ${{ github.event.label.name == vars.RECHECKPR_LABEL }}
-# concurrency:
-# group: recheck-${{ github.event.number }}
-# cancel-in-progress: true
- name: "run-recheck"
- uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRReCheck.yml@main
- secrets:
- TOKEN: ${{ secrets.GITHUB_TOKEN }}
branches: ${{ inputs.branches || vars.NIGHTLYTEST_BRANCHES }}
group_list: ${{ inputs.group_list || vars.NIGHTLYTEST_LIST }}
realtime: true
- secrets:
- TOKEN: ${{ secrets.GITHUB_TOKEN }}
projects / thirdparty / asterisk.git / commitdiff
