From 35eeb9904c80a753d764b5f7afcab48afe49a58f Mon Sep 17 00:00:00 2001 From: Jamil Date: Fri, 7 Jul 2023 15:04:42 -0700 Subject: [PATCH] Pass all required checks that weren't triggered in the PR (#1748) Fixes #1747 Fixes #1746 --- .github/workflows/elixir.yml | 24 +++--- .github/workflows/integration-tests.yml | 3 +- .github/workflows/kotlin.yml | 8 +- .../workflows/pass-nontriggered-checks.yml | 86 +++++++++++++++++++ .github/workflows/pr_labeler.yml | 19 ---- .github/workflows/publish_connlib.yml | 46 ---------- .github/workflows/rust.yml | 16 ++-- .../{codespell.yml => static-analysis.yml} | 8 +- .github/workflows/swift.yml | 7 +- .github/workflows/terraform.yml | 3 +- 10 files changed, 122 insertions(+), 98 deletions(-) create mode 100644 .github/workflows/pass-nontriggered-checks.yml delete mode 100644 .github/workflows/pr_labeler.yml delete mode 100644 .github/workflows/publish_connlib.yml rename .github/workflows/{codespell.yml => static-analysis.yml} (86%) diff --git a/.github/workflows/elixir.yml b/.github/workflows/elixir.yml index 30d85c0a3..f140629ad 100644 --- a/.github/workflows/elixir.yml +++ b/.github/workflows/elixir.yml @@ -14,7 +14,7 @@ concurrency: cancel-in-progress: true jobs: - unit-test: + elixir_unit-test: runs-on: ubuntu-latest defaults: run: @@ -78,7 +78,7 @@ jobs: name: Elixir Unit Test Report path: elixir/_build/test/lib/*/test-junit-report.xml reporter: java-junit - type-check: + elixir_type-check: runs-on: ubuntu-latest defaults: run: @@ -130,7 +130,7 @@ jobs: run: mix dialyzer --plt - name: Run Dialyzer run: mix dialyzer --format dialyxir - static-analysis: + elixir_static-analysis: runs-on: ubuntu-latest defaults: run: @@ -175,7 +175,7 @@ jobs: run: mix format --check-formatted - name: Run Credo run: mix credo --strict - migrations-and-seed-test: + elixir_migrations-and-seed-test: runs-on: ubuntu-latest defaults: run: @@ -269,7 +269,7 @@ jobs: path: elixir/apps/domain/priv/repo/structure.sql - name: Run Seed run: mix ecto.seed - acceptance-test: + elixir_acceptance-test: runs-on: ubuntu-latest defaults: run: @@ -394,7 +394,7 @@ jobs: name: Elixir Acceptance Test Report path: elixir/_build/test/lib/*/test-junit-report.xml reporter: java-junit - # draft-release: + # elixir/draft-release: # runs-on: ubuntu-latest # outputs: # tag_name: ${{ steps.release_drafter.outputs.tag_name }} @@ -403,7 +403,7 @@ jobs: # id: release_drafter # env: # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - web-container-build: + elixir_web-container-build: runs-on: ubuntu-latest defaults: run: @@ -412,8 +412,8 @@ jobs: contents: read id-token: "write" needs: - - unit-test - - acceptance-test + - elixir_unit-test + - elixir_acceptance-test env: APPLICATION_NAME: web REGISTRY: us-east1-docker.pkg.dev @@ -463,7 +463,7 @@ jobs: file: elixir/Dockerfile push: true tags: ${{ env.REGISTRY }}/${{ env.GCLOUD_PROJECT }}/firezone/${{ env.APPLICATION_NAME }}:${{ env.TAG }} , ${{ env.REGISTRY }}/${{ env.GCLOUD_PROJECT }}/firezone/${{ env.APPLICATION_NAME }}:${{ github.sha }} - api-container-build: + elixir_api-container-build: runs-on: ubuntu-latest defaults: run: @@ -472,8 +472,8 @@ jobs: contents: read id-token: "write" needs: - - unit-test - - acceptance-test + - elixir_unit-test + - elixir_acceptance-test env: APPLICATION_NAME: api REGISTRY: us-east1-docker.pkg.dev diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 8f2f66c2d..442bec88e 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -3,9 +3,10 @@ on: merge_group: types: [checks_requested] pull_request: + workflow_dispatch: jobs: - test-basic-flow: + integration-test_basic-flow: runs-on: ubuntu-latest steps: - name: Checkout diff --git a/.github/workflows/kotlin.yml b/.github/workflows/kotlin.yml index a93e5a478..4cfc25356 100644 --- a/.github/workflows/kotlin.yml +++ b/.github/workflows/kotlin.yml @@ -3,10 +3,12 @@ on: pull_request: paths: - "kotlin/**" + - "rust/connlib/**" - ".github/workflows/kotlin.yml" merge_group: types: [checks_requested] workflow_call: + workflow_dispatch: # Cancel old workflow runs if new code is pushed concurrency: @@ -14,7 +16,7 @@ concurrency: cancel-in-progress: true jobs: - draft-release: + kotlin_draft-release: runs-on: ubuntu-latest outputs: tag_name: ${{ steps.release_drafter.outputs.tag_name }} @@ -28,13 +30,13 @@ jobs: # TODO: Add a basic CI for the Android client # See rust.yml how we build, package and release connlib as an example - build: + kotlin_build: runs-on: ubuntu-latest defaults: run: working-directory: ./kotlin needs: - - draft-release + - kotlin_draft-release steps: - uses: actions/checkout@v3 - uses: actions/setup-java@v3 diff --git a/.github/workflows/pass-nontriggered-checks.yml b/.github/workflows/pass-nontriggered-checks.yml new file mode 100644 index 000000000..3a6ddd6b7 --- /dev/null +++ b/.github/workflows/pass-nontriggered-checks.yml @@ -0,0 +1,86 @@ +# This workflow is a workaround to the problem described here: +# https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/troubleshooting-required-status-checks#example +# +# Using Path filtering to trigger workflows leads to unmergable PRs if a "required status check" is +# not triggered in the workflow run. Here we overload all job names selected by "required status checks" +# and simply return true so the PR can be merged. +name: Pass Non-triggered Checks +on: + pull_request: + paths-ignore: + - "elixir/**" + - "kotlin/**" + - "rust/**" + - "swift/**" + - "terraform/**" + workflow_dispatch: + +jobs: + elixir_acceptance-test: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + elixir_api-container-build: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + elixir_migrations-and-seed-test: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + elixir_static-analysis: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + elixir_web-container-build: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + elixir_type-check: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + elixir_unit-test: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + kotlin_draft-release: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + kotlin_build: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + swift_draft-release: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + swift_build: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + rust_cross-compile-relay: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + rust_build-android: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + rust_build-apple: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + rust_draft-release: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + rust_test: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' + terraform_plan-deploy: + runs-on: ubuntu-latest + steps: + - run: 'echo "No build required"' diff --git a/.github/workflows/pr_labeler.yml b/.github/workflows/pr_labeler.yml deleted file mode 100644 index e9db34530..000000000 --- a/.github/workflows/pr_labeler.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: PR Labeler -on: - pull_request: - types: [opened] - -permissions: - contents: read - -jobs: - pr-labeler: - permissions: - contents: read # for TimonVS/pr-labeler-action to read config file - pull-requests: write # for TimonVS/pr-labeler-action to add labels in PR - runs-on: ubuntu-latest - steps: - - uses: TimonVS/pr-labeler-action@v4 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - configuration-path: .github/pr-labeler.yml # optional, .github/pr-labeler.yml is the default value diff --git a/.github/workflows/publish_connlib.yml b/.github/workflows/publish_connlib.yml deleted file mode 100644 index 7f876f958..000000000 --- a/.github/workflows/publish_connlib.yml +++ /dev/null @@ -1,46 +0,0 @@ -name: Publish packages to GitHub Packages -on: - release: - types: [published] -jobs: - # Noop: XCFramework is attached to release already in build workflow - # publish-apple: - publish-android: - runs-on: ubuntu-latest - defaults: - run: - working-directory: ./rust - permissions: - contents: read - packages: write - - steps: - - uses: actions/checkout@v3 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'adopt' - - uses: Swatinem/rust-cache@v2 - with: - workspaces: ./rust - - name: Setup toolchain - run: rustup show - - name: Validate Gradle wrapper - uses: gradle/wrapper-validation-action@v1 - - name: Sanity check tag equals AAR version - run: | - pkg_version=$(awk -F ' = ' '$1 ~ /version/ { gsub(/[\"]/, "", $2); printf("%s",$2); exit; }' connlib/android/lib/build.gradle.kts) - if [[ "${{ github.ref_name }}" = "$pkg_version" ]]; then - echo "Github ref name ${{ github.ref_name }} equals parsed package version $pkg_version. Continuing..." - else - echo "Github ref name ${{ github.ref_name }} differs from parsed package version $pkg_version! Aborting..." - exit 1 - fi - - name: Publish package - uses: gradle/gradle-build-action@v2 - with: - build-root-directory: android - arguments: publish - env: - GITHUB_ACTOR: ${{ secrets.GITHUB_ACTOR }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 0165fed4d..27cbb6b17 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -7,6 +7,7 @@ on: - "rust/**" - ".github/workflows/rust.yml" workflow_call: + workflow_dispatch: # Cancel old workflow runs if new code is pushed concurrency: @@ -18,7 +19,7 @@ defaults: working-directory: ./rust jobs: - draft-release: + rust_draft-release: runs-on: ubuntu-latest outputs: tag_name: ${{ steps.release_drafter.outputs.tag_name }} @@ -30,7 +31,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - test: + rust_test: strategy: fail-fast: false matrix: @@ -81,9 +82,9 @@ jobs: - run: cargo clippy --all-targets --all-features -- -D warnings - run: cargo test --all-features - build-android: + rust_build-android: needs: - - draft-release + - rust_draft-release runs-on: ubuntu-latest permissions: contents: read @@ -115,9 +116,9 @@ jobs: path: | ./rust/connlib-${{ needs.draft-release.outputs.tag_name }}.aar - build-apple: + rust_build-apple: needs: - - draft-release + - rust_draft-release runs-on: macos-latest permissions: contents: read @@ -156,8 +157,7 @@ jobs: ./Connlib-${{ needs.draft-release.outputs.tag_name }}.xcframework.zip ./Connlib-${{ needs.draft-release.outputs.tag_name }}.xcframework.zip.checksum.txt - cross-relay: # cross is separate from test because cross-compiling yields different artifacts and we cannot reuse the cache. - name: Cross compile relay + rust_cross-compile-relay: # cross is separate from test because cross-compiling yields different artifacts and we cannot reuse the cache. runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 diff --git a/.github/workflows/codespell.yml b/.github/workflows/static-analysis.yml similarity index 86% rename from .github/workflows/codespell.yml rename to .github/workflows/static-analysis.yml index ca6f938db..7924b534d 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/static-analysis.yml @@ -1,15 +1,13 @@ -name: Codespell +name: Static Analysis on: merge_group: types: [checks_requested] pull_request: + workflow_dispatch: jobs: - static-analysis: + static-analysis_linter: runs-on: ubuntu-latest - env: - MIX_ENV: dev - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - uses: actions/checkout@v3 - uses: actions/setup-python@v2 diff --git a/.github/workflows/swift.yml b/.github/workflows/swift.yml index 701d1e8e6..9fd25c138 100644 --- a/.github/workflows/swift.yml +++ b/.github/workflows/swift.yml @@ -8,6 +8,7 @@ on: merge_group: types: [checks_requested] workflow_call: + workflow_dispatch: # Cancel old workflow runs if new code is pushed concurrency: @@ -15,7 +16,7 @@ concurrency: cancel-in-progress: true jobs: - draft-release: + swift_draft-release: runs-on: ubuntu-latest outputs: tag_name: ${{ steps.release_drafter.outputs.tag_name }} @@ -27,7 +28,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - build: + swift_build: runs-on: macos-latest permissions: contents: read @@ -35,7 +36,7 @@ jobs: run: working-directory: ./swift needs: - - draft-release + - swift_draft-release steps: - uses: actions/checkout@v3 - run: rustup show diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 4c1693ebf..6a66db2a8 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -7,6 +7,7 @@ on: - "terraform/**" - ".github/workflows/terraform.yml" workflow_call: + workflow_dispatch: # Cancel old workflow runs if new code is pushed concurrency: @@ -14,7 +15,7 @@ concurrency: cancel-in-progress: true jobs: - plan_deploy: + terraform_plan-deploy: runs-on: ubuntu-latest permissions: contents: read