From cb8ca56c131ae992af338fb42996d64e276198d5 Mon Sep 17 00:00:00 2001 From: Allison Thackston Date: Fri, 3 Jan 2025 15:19:50 -0800 Subject: [PATCH] Update workflows for all pull request tests in test.yml Since forked PRs can't use secrets, this change moves just a build test for the dockerfiles that are changed to a read-only test flow and the build + push docker action is then updated to be used only when merging to main or on a schedule. --- .github/workflows/docker.yml | 49 ++-------------------- .github/workflows/test.yml | 78 ++++++++++++++++++++++++++++++++++-- 2 files changed, 79 insertions(+), 48 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index e0602059..20065477 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,44 +1,21 @@ name: Dockerfiles -# Test and push dockerfiles when they change. -# Test for pull request, push dockerfiles when merged into main. +# Test and push dockerfiles when merged into main and on schedule. on: - schedule: - # * is a special character in YAML so you have to quote this string - - cron: "0 0 1 * *" push: branches: - main - paths: - - '**.Dockerfile' - - .github/workflows/docker.yml - pull_request_target: + schedule: + # * is a special character in YAML so you have to quote this string + - cron: "0 0 1 * *" workflow_dispatch: # Cancel in-progress funs of the same workflow - concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true jobs: - generate: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: 3.x - cache: pip - - name: Verify dockerfiles - run: | - python -m pip install --upgrade pip - if [ -f requirements.txt ]; then pip install -r requirements.txt; fi - ./generate.py - git diff --exit-code - docker: - needs: generate runs-on: ubuntu-latest strategy: fail-fast: false @@ -230,13 +207,6 @@ jobs: platforms: "linux/amd64" steps: - uses: actions/checkout@v4 - - name: Filter build - uses: dorny/paths-filter@v3 - id: filter - with: - filters: | - docker: - - ${{ matrix.label }}/${{ matrix.tag }}.Dockerfile - name: Set current date id: date run: | @@ -261,9 +231,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push uses: docker/build-push-action@v6 - if: ${{ steps.filter.outputs.docker == 'true' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }} with: - push: ${{ github.ref == 'refs/heads/main' }} file: ${{ matrix.label }}/${{ matrix.tag }}.Dockerfile target: ${{ matrix.target }} platforms: ${{ matrix.platforms }} @@ -277,12 +245,3 @@ jobs: cache-to: | type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ matrix.label }}:${{ matrix.tag }}-buildcache,mode=max type=gha,mode=max - - complete: - needs: - - generate - - docker - runs-on: ubuntu-latest - steps: - - name: Check - run: echo "Completed successfully!" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 19b687ed..e5ed3996 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,9 +1,6 @@ name: Test on: - push: - branches: - - main pull_request: workflow_dispatch: @@ -28,6 +25,23 @@ jobs: run: | pip install pydocstyle pydocstyle . + + generate: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Set up Python + uses: actions/setup-python@v5 + with: + python-version: 3.x + cache: pip + - name: Verify dockerfiles + run: | + python -m pip install --upgrade pip + if [ -f requirements.txt ]; then pip install -r requirements.txt; fi + ./generate.py + git diff --exit-code + env-check: runs-on: ubuntu-latest permissions: @@ -59,3 +73,61 @@ jobs: - name: Run environment comparison run: | .github/scripts/env-compare.py app:local rolling + + changes: + runs-on: ubuntu-latest + permissions: + contents: read # Required to analyze file changes + outputs: + dockerfiles: ${{ steps.filter.outputs.dockerfiles }} + steps: + - name: Checkout Repository + uses: actions/checkout@v4 + - name: Find Changed Dockerfiles + id: filter + run: | + git fetch origin ${{ github.base_ref }} --depth=1 + # Find changed .Dockerfile files between the PR branch and the base branch + changed_files=$(git diff --name-only origin/${{ github.base_ref }}...HEAD -- '*.Dockerfile') + echo "Changed Dockerfiles: $changed_files" + + # Output the results as JSON + if [ -z "$changed_files" ]; then + echo '["none"]' > changed_dockerfiles.json + else + echo "$changed_files" | jq -R -s -c 'split("\n")[:-1]' > changed_dockerfiles.json + fi + echo "dockerfiles=$(cat changed_dockerfiles.json)" >> $GITHUB_OUTPUT + + docker-build: + needs: changes + strategy: + fail-fast: false + matrix: + dockerfile: ${{ fromJSON(needs.changes.outputs.dockerfiles) }} + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Test dockerfile build + if: ${{ matrix.dockerfile != 'none' }} + uses: docker/build-push-action@v6 + with: + push: false + file: ${{ matrix.dockerfile }} + cache-from: | + type=registry,ref=ghcr.io/${{ github.repository_owner }}/${{ matrix.label }}:${{ matrix.tag }}-buildcache + type=gha + cache-to: + type=gha,mode=max + + complete: + needs: + - lint + - generate + - env-check + - docker-build + runs-on: ubuntu-latest + steps: + - name: Check + run: echo "Completed successfully!"