Skip to content
Build and Review PR

Build and Review PR #18 #29

Sign in to view logs

Build and Review PR #18

Build and Review PR #18 #29

Workflow file for this run

.github/workflows/build-and-review-pr.yml at 254ad96
name: Build and Review PR
run-name: 'Build and Review PR #${{ github.event.pull_request.number }}'
on:
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
#
# This workflow uses the pull_request trigger which prevents write permissions on the
# GH_TOKEN and secrets access from public forks. This should remain as a pull_request
# trigger to minimize the access public forks have in the repository. The reduced
# permissions are adequate but do mean that re-compiles and readme changes will have to be
# made manually by the PR author. These auto-updates could be done by this workflow
# for branches but in order to re-trigger a PR build (which is needed for status checks),
# we would make the commits with a different user and their PAT. To minimize exposure
# and complication we will request those changes be manually made by the PR author.
pull_request:
types: [opened, synchronize, reopened]
# paths:
# Do not include specific paths here. We always want this build to run and produce a
# status check which are branch protection rules can use. If this is skipped because of
# path filtering, a status check will not be created and we won't be able to merge the PR
# without disabling that requirement. If we have a status check that is always produced,
# we can also use that to require all branches be up to date before they are merged.
jobs:
build-and-review-pr:
# This reusable workflow will check to see if an action's source code has changed based on
# whether the PR includes files that match the files-with-code arg or are in one of the
# dirs-with-code directories. If there are source code changes, this reusable workflow
# will then run the action's build (if one was provided) and update the README.md with the
# the latest version of the action. If those two steps result in any changes that need to
# be committed, the workflow will fail because the PR needs some updates. Instructions for
# updating the PR will be available in the build log, the workflow summary and as a PR
# comment if the PR came from a branch (not a fork).
# This workflow assumes:
# - The main README.md is at the root of the repo
# - The README contains a contribution guidelines and usage examples section
uses: im-open/.github/.github/workflows/reusable-build-and-review-pr.yml@v1
with:
action-name: ${{ github.repository }}
default-branch: main
readme-name: 'README.md'
# The id of the contribution guidelines section of the README.md
readme-contribution-id: '#contributing'
# The id of the usage examples section of the README.md
readme-examples-id: '#usage-examples'
# The files that contain source code for the action. Only files that affect the action's execution
# should be included like action.yml or package.json. Do not include files like README.md or .gitignore.
# Files do not need to be explicitly provided here if they fall under one of the dirs in dirs-with-code.
# ** This value must match the same files-with-code argument specified in increment-version-on-merge.yml.
files-with-code: 'action.yml,package.json,package-lock.json'
# The directories that contain source code for the action. Only dirs with files that affect the action's
# execution should be included like src or dist. Do not include dirs like .github or node_modules.
# ** This value must match the same dirs-with-code argument specified in increment-version-on-merge.yml.
dirs-with-code: 'src,dist'
# The npm script to run to build the action. This is typically 'npm run build' if the
# action needs to be compiled. For composite-run-steps actions this is typically empty.
build-command: 'npm run build'
create-cache:
runs-on: ubuntu-latest
env:
NUGET_CACHE_KEY: ''
outputs:
NUGET_CACHE_KEY: ${{ env.NUGET_CACHE_KEY }}
steps:
- name: Checkout Repository
uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
- name: Set Cache Keys
run: echo "NUGET_CACHE_KEY=nuget-${{ hashFiles('**/*.csproj') }}" >> $GITHUB_ENV
- name: Check for a nuget cache
id: has-cache
uses: actions/cache@v4
with:
path: '~/.nuget/packages'
key: ${{ env.NUGET_CACHE_KEY }}
lookup-only: true
enableCrossOsArchive: true
# The remaining steps will only be executed if the cache was NOT found, otherwise they will be skipped.
# This action creates a post-job step that will upload the ./.nuget/packages dir to the cache if the job completes successfully
- name: Setup caching for nuget packages if cache does not exist
if: steps.has-cache.outputs.cache-hit != 'true'
uses: actions/cache@v4
with:
key: ${{ env.NUGET_CACHE_KEY }}
path: ~/.nuget/packages
enableCrossOsArchive: true
- name: Setup .NET Core if cache does not exist
if: steps.has-cache.outputs.cache-hit != 'true'
uses: actions/setup-dotnet@v3
with:
dotnet-version: 7.x
env:
DOTNET_INSTALL_DIR: './.dotnet'
- name: dotnet restore if cache does not exist
if: steps.has-cache.outputs.cache-hit != 'true'
working-directory: ./test/minimal-dotnet-proj
run: dotnet restore
test:
runs-on: ubuntu-latest
needs: [create-cache]
env:
NUGET_CACHE_KEY: ${{ needs.create-cache.outputs.NUGET_CACHE_KEY }}
BAD_CACHE_KEY: 'abc123'
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.head_ref }}
#--------------------------------------
# NO CACHE HIT - WITH FAILURE
#--------------------------------------
- name: '-------------------------------------------------------------------------------------------------------'
run: echo ""
- name: When restoring a cache with a bad key and required=true
uses: ./
if: always()
id: required
continue-on-error: true # This is needed because we expect the step to fail. We need it to "pass" in order for the test job to succeed.
with:
key: '${{ env.BAD_CACHE_KEY }}'
required: true
path: ~/.nuget/packages
- name: Then the outcome should be failure
if: always()
run: ./test/assert-values-match.sh --name "step outcome" --expected "failure" --actual "${{ steps.required.outcome }}"
- name: And the cache-hit output should be empty
if: always()
run: ./test/assert-values-match.sh --name "cache-hit" --expected "" --actual "${{ steps.required.outputs.cache-hit }}"
- name: And the primary key output should match the key input
if: always()
run: ./test/assert-values-match.sh --name "cache-hit" --expected "${{ env.BAD_CACHE_KEY }}" --actual "${{ steps.required.outputs.primary-key }}"
#--------------------------------------
# NO CACHE HIT - NO FAILURE
#--------------------------------------
- name: '-------------------------------------------------------------------------------------------------------'
run: echo ""
- name: When restoring a cache with a bad key and required=false
uses: ./
if: always()
id: not-required
with:
key: '${{ env.BAD_CACHE_KEY }}'
required: false
path: ~/.nuget/packages
- name: Then the outcome should be success
if: always()
run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.not-required.outcome }}"
- name: And the cache-hit output should be false
if: always()
run: ./test/assert-values-match.sh --name "cache-hit" --expected "false" --actual "${{ steps.not-required.outputs.cache-hit }}"
- name: And the primary key output should match the key input
if: always()
run: ./test/assert-values-match.sh --name "cache-hit" --expected "${{ env.BAD_CACHE_KEY }}" --actual "${{ steps.not-required.outputs.primary-key }}"
#--------------------------------------
# USING RESTORE KEYS
#--------------------------------------
- name: '-------------------------------------------------------------------------------------------------------'
run: echo ""
- name: When restoring a cache with a bad key and a list of restore keys
uses: ./
if: always()
id: restore-keys
with:
key: '${{ env.BAD_CACHE_KEY }}'
required: false
path: ~/.nuget/packages
restore-keys: |
'bad-key-a'
'bad-key-b'
'bad-key-c'
- name: Then the outcome should be success
if: always()
run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.restore-keys.outcome }}"
- name: And the cache-hit output should be false
if: always()
run: ./test/assert-values-match.sh --name "cache-hit" --expected "false" --actual "${{ steps.restore-keys.outputs.cache-hit }}"
- name: And the primary key output should match the key input
if: always()
run: ./test/assert-values-match.sh --name "cache-hit" --expected "${{ env.BAD_CACHE_KEY }}" --actual "${{ steps.restore-keys.outputs.primary-key }}"
#--------------------------------------
# EXACT MATCH
#--------------------------------------
- name: '-------------------------------------------------------------------------------------------------------'
run: echo ""
- name: When restoring a cache with the cache key
uses: ./
if: always()
id: success
with:
key: '${{ env.NUGET_CACHE_KEY }}'
required: true
path: ~/.nuget/packages
- name: Then the outcome should be success
if: always()
run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.success.outcome }}"
- name: And the cache-hit output should be true
if: always()
run: ./test/assert-values-match.sh --name "cache-hit" --expected "true" --actual "${{ steps.success.outputs.cache-hit }}"
- name: And the primary key output should match the key input
if: always()
run: ./test/assert-values-match.sh --name "cache-hit" --expected "${{ env.NUGET_CACHE_KEY }}" --actual "${{ steps.success.outputs.primary-key }}"
- name: '-------------------------------------------------------------------------------------------------------'
run: echo ""