-
Notifications
You must be signed in to change notification settings - Fork 50
155 lines (134 loc) · 4.7 KB
/
build-pr.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
#
# Workflow: Build&Test PR for Hazelcast organization members
#
# Builds the code and run tests on a 2-dimension matrix of OS and frameworks, but
# only if the user is a member of the Hazelcast organization, as running the tests
# may end up running unsafe user code or expose secrets such as the enterprise key.
#
# Relies on build-and-test.yml workflow to do the actual building and testing of
# each OS and framework. Results are uploaded as artifacts and published as checks.
#
# Creates the 'Build&Test Result' check which is the check that GitHub requires
# (the PR cannot be merged until that check has completed successfully).
#
name: Build&Test PR
on:
# automatic on every pull request
pull_request_target:
# manual (for community PRs that we want to force-run here)
workflow_dispatch:
inputs:
# the PR number eg 712
pr_number:
description: Enter guest PR number to run test & coverage on it.
required: true
# the PR HEAD commit SHA which MUST have been verified
pr_commit:
description: Enter guest PR verified HEAD commit SHA.
required: true
jobs:
# test hazelcast membership
test-membership:
name: Test Hazelcast Membership
runs-on: ubuntu-latest
outputs:
is-hazelcast: ${{ steps.test-membership.outputs.is-member }}
steps:
# checkout the hazelcast/hazelcast-csharp-client repository
# bare minimum - just to use actions
- name: Checkout code
uses: actions/checkout@v3
with:
ref: ${{ inputs.ref }}
token: ${{ secrets.GITHUB_TOKEN }}
submodules: false
- name: Test
id: test-membership
uses: ./.github/actions/test-membership
with:
organization-name: hazelcast
member-name: ${{ github.event.pull_request.head.repo.owner.login }}
token: ${{ secrets.HAZELCAST_GITHUB_TOKEN_DEVOPS }}
# ensure we are an Hazelcast organization member OR manually running
ensure-membership:
name: Ensure Membership
runs-on: ubuntu-latest
needs: test-membership
if: needs.test-membership.outputs.is-hazelcast == 'true' || github.event_name == 'workflow_dispatch'
steps:
- name: Report
shell: bash
run: echo "User ${{ github.event.pull_request.head.repo.owner.login }} is a member of the Hazelcast organization"
# get frameworks
get-fwks:
name: Get Frameworks
uses: ./.github/workflows/get-frameworks.yml
needs: ensure-membership
secrets: inherit
# get
get-refs:
name: Get Refs
runs-on: ubuntu-latest
outputs:
ref: ${{ steps.get-refs.outputs.ref }}
merged-ref: ${{ steps.get-refs.outputs.merged-ref }}
steps:
- name: Get Refs
id: get-refs
shell: bash
run: |
echo "EVENT: ${{ github.event_name }}"
if [ "${{ github.event_name }}" == "workflow_dispatch" ]; then
echo "PR_NUMBER: ${{ inputs.pr_number }}"
echo "PR_COMMIT: ${{ inputs.pr_commit }}"
echo "ref=refs/pull/${{ inputs.pr_number }}/merge" >> $GITHUB_OUTPUT
echo "merged-ref=${{ inputs.pr_commit }}" >> $GITHUB_OUTPUT
else
echo "PR_NUMBER: ${{ github.event.pull_request.number }}"
echo "ref=refs/pull/${{ github.event.pull_request.number }}/merge" >> $GITHUB_OUTPUT
echo "merged-ref=''" >> $GITHUB_OUTPUT
fi
# build & test
build-test:
name: Build&Test / ${{ matrix.os }}
needs: [ get-fwks, get-refs ]
strategy:
fail-fast: false
matrix:
os: [ ubuntu-latest, windows-latest ]
uses: ./.github/workflows/build-and-test.yml
secrets: inherit
with:
os: ${{ matrix.os }}
fwks: ${{ needs.get-fwks.outputs[format('fwks-{0}', matrix.os)] }}
ref: ${{ needs.get-refs.outputs.ref }}
merged-ref: ${{ needs.get-refs.outputs.merged-ref }}
# create the result check
report:
name: Build&Test Result
runs-on: ubuntu-latest
if: always()
needs: build-test
steps:
- name: Report
shell: bash
run: |
if [ "${{ needs.build-test.result }}" == "success" ]; then
echo "All Build&Test checks completed successfully."
else
echo "At least one Build&Test check has failed."
echo "::error::At least one Build&Test check has failed."
exit 1
fi
# create checks
create-checks:
name: Create Checks
if: always()
needs: build-test
uses: ./.github/workflows/create-checks.yml
secrets: inherit
with:
conclusion: ${{ needs.build-test.result }}
#run_id: ${{ github.run_id }} # run id
head_sha: ${{ github.event.pull_request.head.sha }} # sha that triggered the workflow
coverage: true