From 68c01e31fa12fa68938f7e75ca0c6ccaacf00990 Mon Sep 17 00:00:00 2001 From: Ivan Kuchin Date: Thu, 21 Mar 2024 20:11:07 +0100 Subject: [PATCH] remove other workflows for now --- .github/workflows/brakeman-scan-core.yml | 49 ------ .github/workflows/codeql-scan-core.yml | 44 ----- .github/workflows/continuous-delivery.yml | 27 --- .github/workflows/crowdin.yml | 88 ---------- .github/workflows/danger.yml | 26 --- .github/workflows/docker.yml | 197 ---------------------- .github/workflows/docs.yaml | 23 --- .github/workflows/eslint-core.yml | 29 ---- .github/workflows/openapi.yaml | 28 --- .github/workflows/pullpreview.yml | 55 ------ .github/workflows/rubocop-core.yml | 25 --- .github/workflows/test-core.yml | 100 ----------- 12 files changed, 691 deletions(-) delete mode 100644 .github/workflows/brakeman-scan-core.yml delete mode 100644 .github/workflows/codeql-scan-core.yml delete mode 100644 .github/workflows/continuous-delivery.yml delete mode 100644 .github/workflows/crowdin.yml delete mode 100644 .github/workflows/danger.yml delete mode 100644 .github/workflows/docker.yml delete mode 100644 .github/workflows/docs.yaml delete mode 100644 .github/workflows/eslint-core.yml delete mode 100644 .github/workflows/openapi.yaml delete mode 100644 .github/workflows/pullpreview.yml delete mode 100644 .github/workflows/rubocop-core.yml delete mode 100644 .github/workflows/test-core.yml diff --git a/.github/workflows/brakeman-scan-core.yml b/.github/workflows/brakeman-scan-core.yml deleted file mode 100644 index 3160d431daf2..000000000000 --- a/.github/workflows/brakeman-scan-core.yml +++ /dev/null @@ -1,49 +0,0 @@ -name: brakeman - -on: - pull_request: - branches: - - dev - - release/* - paths: - - '**.rb' - schedule: - - cron: '10 6 * * 1' - -permissions: - contents: read - -jobs: - brakeman-scan: - permissions: - contents: read # for actions/checkout to fetch code - security-events: write # for github/codeql-action/upload-sarif to upload SARIF results - if: github.repository == 'opf/openproject' - name: Brakeman Scan - runs-on: ubuntu-latest - env: - RUBY_GC_HEAP_INIT_SLOTS: 100000 - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Ruby - uses: ruby/setup-ruby@v1 - - - name: Setup Brakeman - run: | - gem install brakeman - - - name: Scan - run: | - brakeman \ - --ignore-config config/brakeman.ignore \ - --no-exit-on-warn \ - --no-exit-on-error \ - --format sarif \ - --output output.sarif.json - - - name: Upload SARIF - uses: github/codeql-action/upload-sarif@v2 - with: - sarif_file: output.sarif.json diff --git a/.github/workflows/codeql-scan-core.yml b/.github/workflows/codeql-scan-core.yml deleted file mode 100644 index 2e1a855121f5..000000000000 --- a/.github/workflows/codeql-scan-core.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: codeql - -on: - push: - branches: [ "dev", "release/*", "stable/*" ] - pull_request: - branches: [ "dev", "release/*", "stable/*" ] - schedule: - - cron: '32 1 * * 2' - -jobs: - analyze: - name: Analyze - runs-on: 'ubuntu-latest' - timeout-minutes: 120 - permissions: - # required for all workflows - security-events: write - - # only required for workflows in private repositories - actions: read - contents: read - - strategy: - fail-fast: false - matrix: - language: [ 'javascript-typescript', 'ruby' ] - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - config-file: ./.github/codeql/config.yml - languages: ${{ matrix.language }} - # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - queries: security-extended,security-and-quality - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml deleted file mode 100644 index 8edb554946b7..000000000000 --- a/.github/workflows/continuous-delivery.yml +++ /dev/null @@ -1,27 +0,0 @@ -name: continuous-delivery -on: - push: - branches: - - dev - - release/* - - stable/* -permissions: - contents: read - -jobs: - trigger_downstream_workflow: - permissions: - contents: none - if: github.repository == 'opf/openproject' - runs-on: ubuntu-latest - steps: - - name: Trigger Flavours workflow - env: - TOKEN: ${{ secrets.OPENPROJECT_CI_TOKEN }} - REPOSITORY: opf/openproject-flavours - WORKFLOW_ID: ci.yml - run: | - curl -i --fail-with-body -H"authorization: Bearer $TOKEN" \ - -XPOST -H"Accept: application/vnd.github.v3+json" \ - https://api.github.com/repos/$REPOSITORY/actions/workflows/$WORKFLOW_ID/dispatches \ - -d '{"ref": "dev", "inputs": { "ref" : "${{ github.ref_name }}" }}' diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml deleted file mode 100644 index c486fe790e96..000000000000 --- a/.github/workflows/crowdin.yml +++ /dev/null @@ -1,88 +0,0 @@ -name: crowdin -on: - workflow_dispatch: - schedule: - - cron: '0 3 * * *' # Daily at 03:00 - -permissions: {} -jobs: - setup: - runs-on: ubuntu-latest - outputs: - latest_release_branch: ${{ steps.find_latest_release.outputs.branch }} - steps: - - id: find_latest_release - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GITHUB_REPOSITORY: ${{ github.repository }} - run: | - BRANCH=$(curl -H "Authorization: token $GITHUB_TOKEN" \ - https://api.github.com/repos/$GITHUB_REPOSITORY/branches?protected=true | \ - jq -r '.[].name' | grep '^release/' | sort --version-sort | tail -1 - ) - if [ "$BRANCH" = "" ]; then - echo "Invalid release branch found: $BRANCH" - exit 1 - fi - - echo "branch=${BRANCH}" >> $GITHUB_OUTPUT - - crowdin: - permissions: - contents: write # for git push - - runs-on: ubuntu-latest - needs: setup - timeout-minutes: 60 - strategy: - max-parallel: 1 - matrix: - branch: - - dev - - "${{ needs.setup.outputs.latest_release_branch }}" - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ matrix.branch }} - fetch-depth: 1 - - uses: ruby/setup-ruby@v1 - with: - bundler-cache: true - - name: "Set crowdin branch name" - id: vars - env: - BRANCH: ${{ matrix.branch }} - run: | - echo "Setting crowdin branch from $BRANCH" - if [ "$BRANCH" = "dev" ]; then - echo "crowdin_branch=dev" >> $GITHUB_OUTPUT - else - echo "crowdin_branch=release" >> $GITHUB_OUTPUT - fi - - name: "Generate seeders i18n source file" - run: | - if [ -f script/i18n/generate_seeders_i18n_source_file ]; then - bundle exec script/i18n/generate_seeders_i18n_source_file - fi - - name: "Crowdin: upload sources and download translations" - uses: crowdin/github-action@v1 - with: - # Upload current source files - upload_sources: true - # Download updated translations - download_translations: true - # Which version branch to push to - crowdin_branch_name: ${{ steps.vars.outputs.crowdin_branch }} - # Dont create a PR for the updated translations - push_translations: false - env: - OPENPROJECT_CROWDIN_PROJECT: ${{ secrets.OPENPROJECT_CROWDINV2_PROJECT }} - OPENPROJECT_CROWDIN_API_KEY: ${{ secrets.OPENPROJECT_CROWDINV2_API_KEY }} - - name: "Commit translations" - run: | - git config user.name "OpenProject Actions CI" - git config user.email "operations+ci@openproject.com" - echo "Updating combined translations" - git ls-files -m -o | grep 'crowdin\/.*\.yml$' | xargs git add - git diff --staged --name-only - git diff --staged --exit-code --quiet || ( git commit -m "update locales from crowdin [ci skip]" && git pull --rebase && git push origin $BRANCH ) diff --git a/.github/workflows/danger.yml b/.github/workflows/danger.yml deleted file mode 100644 index 8b30f3873e49..000000000000 --- a/.github/workflows/danger.yml +++ /dev/null @@ -1,26 +0,0 @@ -name: migration-warning-on-release-branches - -on: - pull_request: - branches: - - release/* - paths: - - 'db/migrate/**.rb' - - 'modules/**/db/migrate/*.rb' - -jobs: - danger: - if: github.repository == 'opf/openproject' - runs-on: [ubuntu-latest] - timeout-minutes: 10 - steps: - - uses: actions/checkout@v4 - - uses: ruby/setup-ruby@v1 - with: - ruby-version: '3.2.3' - - uses: MeilCli/danger-action@v5 - with: - danger_file: 'Dangerfile' - danger_id: 'danger-pr' - env: - DANGER_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index 7a014e6b9d54..000000000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,197 +0,0 @@ -name: Docker - -on: - # build dev daily - schedule: - - cron: '20 2 * * *' # Daily at 02:20 - - push: - tags: - - v* - workflow_dispatch: - inputs: - tag: - description: "The tag to release. Note that this happens by default on the tag push. Only run this action when something went wrong!" - required: false - -permissions: - contents: read # to fetch code (actions/checkout) - -env: - REGISTRY_IMAGE: openproject/community - -jobs: - build: - if: github.repository == 'opf/openproject' - runs-on: runs-on,runner=8cpu-linux,family=m7i+m7a,run-id=${{ github.run_id }} - strategy: - matrix: - include: - - platform: linux/amd64 - target: slim - - platform: linux/arm64/v8 - target: slim - - platform: linux/amd64 - target: all-in-one - - platform: linux/ppc64le - bim_support: false - target: all-in-one - - platform: linux/arm64/v8 - bim_support: false - target: all-in-one - steps: - - name: Extract version - id: extract_version - run: | - if [[ ${{ github.event_name }} == 'push' ]]; then - TAG_REF=${GITHUB_REF#refs/tags/} - CHECKOUT_REF=$GITHUB_REF - elif [[ ${{ github.event_name }} == 'schedule' ]]; then - TAG_REF=dev - CHECKOUT_REF=refs/heads/dev - elif [[ ${{ github.event_name }} == 'workflow_dispatch' ]]; then - TAG_REF=${{ inputs.tag }} - CHECKOUT_REF=${{ inputs.tag }} - else - echo "Unsupported event" - exit 1 - fi - - if [ -z "$TAG_REF" ] || [ -z "$CHECKOUT_REF" ]; then - echo "No TAG_REF or CHECKOUT_REF set. Aborting" - exit 1 - fi - - VERSION=${TAG_REF#v} - echo "Version: $VERSION" - echo "::set-output name=version::$VERSION" - echo "::set-output name=checkout_ref::$CHECKOUT_REF" - - name: Checkout - with: - ref: ${{ steps.extract_version.outputs.checkout_ref }} - uses: actions/checkout@v4 - - name: Prepare docker files - run: | - cp ./docker/prod/Dockerfile ./Dockerfile - - name: Set up QEMU - uses: docker/setup-qemu-action@v2 - - name: Set up Docker Buildx - id: buildx - uses: docker/setup-buildx-action@v2 - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - tags: | - type=semver,pattern={{version}},value=${{ steps.extract_version.outputs.version }} - images: | - ${{ env.REGISTRY_IMAGE }} - - name: Build image - id: build - uses: docker/build-push-action@v4 - with: - context: . - platforms: ${{ matrix.platform }} - target: ${{ matrix.target }} - build-args: | - BIM_SUPPORT=${{ matrix.bim_support }} - pull: true - load: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - name: Test - # We only test the native container. If that fails the builds for the others - # will be cancelled as well. - if: matrix.platform == 'linux/amd64' && matrix.target == 'all-in-one' - run: | - docker run \ - --name openproject \ - -d -p 8080:80 --platform ${{ matrix.platform }} \ - -e SUPERVISORD_LOG_LEVEL=debug \ - -e OPENPROJECT_LOGIN__REQUIRED=false \ - -e OPENPROJECT_HTTPS=false \ - ${{ steps.build.outputs.imageid }} - - sleep 60 - - docker logs openproject --tail 100 - wget -O- --retry-on-http-error=503,502 --retry-connrefused http://localhost:8080/api/v3 - - name: Push image - id: push - uses: docker/build-push-action@v4 - with: - context: . - platforms: ${{ matrix.platform }} - target: ${{ matrix.target }} - build-args: | - BIM_SUPPORT=${{ matrix.bim_support }} - labels: ${{ steps.meta.outputs.labels }} - outputs: type=image,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true - - name: Export digest - run: | - mkdir -p /tmp/digests - digest="${{ steps.push.outputs.digest }}" - touch "/tmp/digests/${digest#sha256:}" - - name: Upload digest - uses: actions/upload-artifact@v3 - with: - name: digests-${{ matrix.target }} - path: /tmp/digests/* - if-no-files-found: error - retention-days: 1 - merge: - runs-on: ubuntu-latest - strategy: - matrix: - target: [slim, all-in-one] - needs: - - build - steps: - - name: Download digests - uses: actions/download-artifact@v3 - with: - name: digests-${{ matrix.target }} - path: /tmp/digests - - name: Set suffix - id: set_suffix - run: | - suffix="-${{ matrix.target }}" - if [ "$suffix" = "-all-in-one" ]; then suffix="" ; fi - echo "suffix=$suffix" >> "$GITHUB_OUTPUT" - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 - - name: Docker meta - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{ env.REGISTRY_IMAGE }} - labels: | - io.artifacthub.package.readme-url="https://www.openproject.org/docs/installation-and-operations/installation/docker/" - org.opencontainers.image.documentation="https://www.openproject.org/docs/" - org.opencontainers.image.vendor="OpenProject GmbH" - flavor: | - latest=false - suffix=${{ steps.set_suffix.outputs.suffix }} - tags: | - type=semver,pattern={{version}},value=${{ steps.extract_version.outputs.version }} - type=semver,pattern={{major}}.{{minor}},value=${{ steps.extract_version.outputs.version }} - type=semver,pattern={{major}},value=${{ steps.extract_version.outputs.version }} - type=raw,value=dev,priority=200,enable={{is_default_branch}} - - name: Login to Docker Hub - uses: docker/login-action@v2 - with: - username: ${{ secrets.DOCKER_USERNAME }} - password: ${{ secrets.DOCKER_PASSWORD }} - - name: Create manifest list and push - working-directory: /tmp/digests - run: | - docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ - $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *) - - name: Inspect image - run: | - docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:${{ steps.meta.outputs.version }} diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml deleted file mode 100644 index 85171d8123a8..000000000000 --- a/.github/workflows/docs.yaml +++ /dev/null @@ -1,23 +0,0 @@ -name: "Docs" - -on: - pull_request: - branches: - - dev - - release/* - paths: - - 'docs/**' - -permissions: - contents: read - -jobs: - docs-check: - name: Check internal links in documentation - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v4 - - uses: ruby/setup-ruby@v1 - with: - bundler-cache: true - - run: bundle exec ./script/docs/check_links diff --git a/.github/workflows/eslint-core.yml b/.github/workflows/eslint-core.yml deleted file mode 100644 index 4e4ede7f0a2f..000000000000 --- a/.github/workflows/eslint-core.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: eslint -on: - pull_request: - branches: - - dev - - release/* - paths: - - '**.html' - - '**.js' - - '**.ts' - -jobs: - eslint: - name: eslint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: actions/setup-node@v3 - with: - node-version: '18.13' - cache: npm - cache-dependency-path: frontend/package-lock.json - - uses: reviewdog/action-eslint@v1 - with: - reporter: github-pr-check - workdir: 'frontend/' - eslint_flags: 'src/' diff --git a/.github/workflows/openapi.yaml b/.github/workflows/openapi.yaml deleted file mode 100644 index 8ff68ce878c5..000000000000 --- a/.github/workflows/openapi.yaml +++ /dev/null @@ -1,28 +0,0 @@ -name: "OpenAPI" -# https://securitylab.github.com/research/github-actions-preventing-pwn-requests -on: - push: - branches: - - dev - - release/* - paths: - - 'docs/api/apiv3/**' - pull_request: - types: [opened, reopened, synchronize] - paths: - - 'docs/api/apiv3/**' - -jobs: - api-spec: - name: APIv3 specification (OpenAPI 3.0) - if: github.repository == 'opf/openproject' - runs-on: [ubuntu-latest] - steps: - - uses: actions/checkout@v2 - - uses: ruby/setup-ruby@v1 - with: - bundler-cache: true - - uses: actions/setup-node@v2 - with: - node-version: '20' - - run: ./script/api/validate_spec diff --git a/.github/workflows/pullpreview.yml b/.github/workflows/pullpreview.yml deleted file mode 100644 index b60c278a68eb..000000000000 --- a/.github/workflows/pullpreview.yml +++ /dev/null @@ -1,55 +0,0 @@ -name: pullpreview - -concurrency: ${{ github.ref }} - -on: - schedule: - # this is used to make sure no dangling resources are left - - cron: "30 2 * * *" - pull_request: - types: [labeled, unlabeled, synchronize, closed, reopened] - -permissions: - contents: read # to fetch code (actions/checkout) - -jobs: - deploy: - permissions: - contents: read # to fetch code (actions/checkout) - deployments: write # to delete deployments - pull-requests: write # to remove labels - statuses: write # to create commit status - - if: github.repository == 'opf/openproject' && ( github.event_name == 'schedule' || github.event_name == 'push' || github.event.label.name == 'pullpreview' || contains(github.event.pull_request.labels.*.name, 'pullpreview') ) - runs-on: ubuntu-latest - timeout-minutes: 60 - steps: - - uses: actions/checkout@v3 - - name: Generate .env.pullpreview file - run: | - echo "OPENPROJECT_SEED_ADMIN_USER_PASSWORD_RESET=false" >> .env.pullpreview - echo "OPENPROJECT_SHOW__SETTING__MISMATCH__WARNING=false" >> .env.pullpreview - echo "OPENPROJECT_FEATURE__STORAGES__MODULE__ACTIVE=true" >> .env.pullpreview - echo "OPENPROJECT_FEATURE__SHOW__CHANGES__ACTIVE=true" >> .env.pullpreview - echo "OPENPROJECT_LOOKBOOK__ENABLED=true" >> .env.pullpreview - echo "OPENPROJECT_HSTS=false" >> .env.pullpreview - - name: Boot as BIM edition - if: contains(github.ref, 'bim/') || contains(github.head_ref, 'bim/') - run: | - echo "OPENPROJECT_EDITION=bim" >> .env.pullpreview - - name: Prepare docker-compose files - run: | - cp ./docker/pullpreview/docker-compose.yml ./docker-compose.pullpreview.yml - cp ./docker/prod/Dockerfile ./Dockerfile - - uses: pullpreview/action@v5 - with: - admins: crohr,HDinger,machisuji,oliverguenther,ulferts,wielinde,cbliard - compose_files: docker-compose.pullpreview.yml - instance_type: large - ports: 80,443,8080 - default_port: 443 - ttl: 10d - env: - AWS_ACCESS_KEY_ID: "${{ secrets.AWS_ACCESS_KEY_ID }}" - AWS_SECRET_ACCESS_KEY: "${{ secrets.AWS_SECRET_ACCESS_KEY }}" - AWS_REGION: eu-central-1 diff --git a/.github/workflows/rubocop-core.yml b/.github/workflows/rubocop-core.yml deleted file mode 100644 index 2f8c1e6ff4a7..000000000000 --- a/.github/workflows/rubocop-core.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: rubocop - -on: - pull_request: - branches: - - dev - - release/* - paths: - - '**.rb' - -jobs: - rubocop: - name: rubocop - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v3 - with: - fetch-depth: 0 - - uses: ruby/setup-ruby@v1 - - uses: opf/action-rubocop@v2 - with: - github_token: ${{ secrets.github_token }} - rubocop_version: gemfile - rubocop_extensions: rubocop-rails:gemfile rubocop-rspec:gemfile - reporter: github-pr-check diff --git a/.github/workflows/test-core.yml b/.github/workflows/test-core.yml deleted file mode 100644 index d26c01c7fbd9..000000000000 --- a/.github/workflows/test-core.yml +++ /dev/null @@ -1,100 +0,0 @@ -name: "Test suite" -# https://securitylab.github.com/research/github-actions-preventing-pwn-requests -on: - push: - branches: - - dev - - release/* - paths-ignore: - - 'docs/**' - - 'help/**' - pull_request: - types: [opened, reopened, synchronize] - paths-ignore: - - 'docs/**' - - 'help/**' - - 'packaging/**' - - '.pkgr.yml' - -permissions: - contents: read - -jobs: - all: - name: Units + Features - if: github.repository == 'opf/openproject' - runs-on: runs-on,runner=32cpu-linux,family=m7i+m7a,run-id=${{ github.run_id }} - timeout-minutes: 40 - env: - DOCKER_BUILDKIT: 1 - CI_RETRY_COUNT: 3 - steps: - - uses: actions/checkout@v4 - - name: Cache DOCKER - id: cache_docker - uses: runs-on/cache@v4 - with: - path: cache/docker - # Note: no restore keys since whenever the files below change, we want to rebuild the full image from scratch - key: ${{ runner.os }}-docker-ci-${{ hashFiles('docker-compose.ci.yml', 'docker/ci/*', '.ruby-version', 'bin/ci') }} - - name: Restore CI image from cache - if: steps.cache_docker.outputs.cache-hit == 'true' - run: docker load -i cache/docker/image.tar - - name: Cache GEM - uses: runs-on/cache@v4 - with: - path: cache/bundle - key: gem-${{ hashFiles('Gemfile.lock') }} - restore-keys: | - gem- - - name: Cache NPM - uses: runs-on/cache@v4 - with: - path: cache/node - key: node-${{ hashFiles('package.json', 'frontend/package-lock.json') }} - restore-keys: | - node- - - name: Cache ANGULAR - uses: runs-on/cache@v4 - with: - path: cache/angular - key: angular-${{ hashFiles('package.json', 'frontend/package-lock.json') }} - restore-keys: | - angular- - - name: Cache TEST RUNTIME - uses: runs-on/cache@v4 - with: - path: cache/runtime-logs - key: runtime-logs-${{ github.head_ref || github.ref }}-${{ github.sha }} - restore-keys: | - runtime-logs-${{ github.head_ref || github.ref }}- - runtime-logs- - - name: Build - run: bin/ci setup-tests - - name: APIv3 specification (OpenAPI 3.0) - run: bin/ci ./script/api/validate_spec - - name: Unit tests - run: bin/ci run-units - - name: Feature tests - env: - CAPYBARA_DOWNLOADED_FILE_DIR: /tmp/ci/downloads - CAPYBARA_AWS_ACCESS_KEY_ID: "${{ secrets.CAPYBARA_AWS_ACCESS_KEY_ID }}" - CAPYBARA_AWS_SECRET_ACCESS_KEY: "${{ secrets.CAPYBARA_AWS_SECRET_ACCESS_KEY }}" - run: bin/ci run-features - - name: Save CI image to cache - if: steps.cache_docker.outputs.cache-hit != 'true' - run: mkdir -p cache/docker && docker save openproject/ci:v1 -o cache/docker/image.tar - - name: Cleanup - if: ${{ always() }} - run: | - ls -al cache/runtime-logs || true - ls -al cache/ || true - du -sh cache/* || true - -# github.head_ref is only availabe in PR context and if it is absent then github.run_id -# is used . And github.run_id is unique for each workflow run. So, this option makes -# sure that there is only one build running for a pull request and the build is attached -# to the last commit of the PR. -concurrency: - group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} - cancel-in-progress: true