CI: fix checks when packages not modified

The "app-lint" check has been replaced with "pr-check", which also includes checking site generation when appropriate.
webosbrew · Mar 28, 2024 · 8cc58ed · 8cc58ed
1 parent e7d9152
commit 8cc58ed
Show file tree

Hide file tree

Showing 5 changed files with 108 additions and 52 deletions.
diff --git a/.github/workflows/package-lint.yml b/.github/workflows/package-lint.yml
@@ -1,53 +1,50 @@
 name: 'Package: Lint'
 
 on:
-  pull_request:
-    branches:
-      - main
-    paths:
-      - 'packages/**'
+  workflow_call:
+    inputs:
+      packages:
+        type: string
+        required: true
+
+# Disable all permissions
+permissions: {}
 
 jobs:
-  app-lint:
+  package-lint:
     runs-on: ubuntu-latest
     permissions:
-      pull-requests: write
+      actions: read
+      pull-requests: read
+      contents: read # Only needed for private repository
+      issues: read # Only needed for private repository
     steps:
       - name: Check out repo
         uses: actions/checkout@v4
 
       - name: Set up Python
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: '3.11'
+          cache: 'pip'
 
       - name: Download Homebrew Toolbox
         uses: robinraju/[email protected]
         with:
-          repository: "webosbrew/dev-toolbox-cli"
+          repository: 'webosbrew/dev-toolbox-cli'
           latest: true
-          fileName: "webosbrew-toolbox-*.deb"
-          out-file-path: "temp"
+          fileName: 'webosbrew-toolbox-*.deb'
+          out-file-path: 'temp'
 
       - name: Install dependencies
         run: |
           python3 -m pip install -r ./requirements.txt
           sudo apt-get install ./temp/webosbrew-toolbox-*.deb
 
-      - name: Check changed packages
-        id: changed_files
-        uses: dorny/paths-filter@v3
-        with:
-          list-files: shell
-          filters: |
-            packages:
-              - added|modified: 'packages/**'
-
       - name: Lint package information
-        if: ${{ steps.changed_files.outputs.packages == 'true' }}
         run: |
           export lint_retcode=0
-          for changed_file in ${{ steps.changed_files.outputs.packages_files }}; do
+          for changed_file in ${{ inputs.packages }}; do
             echo "## Check Results for $(basename "${changed_file}"):" >> /tmp/lint-report.md
             echo >> /tmp/lint-report.md
 
@@ -76,7 +73,7 @@ jobs:
         if: ${{ !env.ACT && (success() || failure()) }}
         uses: actions/upload-artifact@v4
         with:
-          name: lint-results
+          name: package-lint-results
           path: |
             /tmp/lint-report.md
             /tmp/issue-number.txt

diff --git a/.github/workflows/package-report.yml b/.github/workflows/package-report.yml
@@ -1,17 +1,18 @@
 # This is a separate workflow due to permission issues.
 
-name: 'Package: Report results'
+name: 'PR: Report results'
 
 on:
   workflow_run:
-    workflows: ['Package: Lint']
+    # can apparently only refer to top-level workflow
+    workflows: ['PR Check']
     types: [completed]
 
 # Disable all permissions
 permissions: {}
 
 jobs:
-  report_results:
+  package-report:
     name: Check results
     runs-on: ubuntu-latest
     permissions:
@@ -23,41 +24,50 @@ jobs:
     if: github.event.workflow_run.conclusion != 'skipped'
 
     steps:
-      - id: extract_lint_results
+      - id: extract_package_lint_results
         name: Download and extract artifacts
         env:
           GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
         run: |
-           mkdir -p artifacts && cd artifacts
+          mkdir -p artifacts && cd artifacts
 
-           artifacts_url=${{ github.event.workflow_run.artifacts_url }}
+          artifacts_url=${{ github.event.workflow_run.artifacts_url }}
 
-           gh api "$artifacts_url" -q '.artifacts[] | [.name, .archive_download_url] | @tsv' | while read artifact
-           do
-             IFS=$'\t' read name url <<< "$artifact"
-             gh api "$url" > "$name.zip"
-             unzip -d "$name" "$name.zip"
-           done
+          gh api "$artifacts_url" -q '.artifacts[] | [.name, .archive_download_url] | @tsv' | while read artifact
+          do
+            IFS=$'\t' read name url <<< "$artifact"
+            gh api "$url" > "$name.zip"
+            unzip -d "$name" "$name.zip"
+          done
 
-           echo "issue-number=$(cat 'lint-results/issue-number.txt')" >> $GITHUB_OUTPUT
+          if [ -d 'package-lint-results' ]; then
+            echo 'found=true' >> "${GITHUB_OUTPUT}"
+          else
+            echo 'found=false' >> "${GITHUB_OUTPUT}"
+            exit
+          fi
 
-           delimiter="$(openssl rand -hex 16)"
-           echo "content<<${delimiter}" >> "${GITHUB_OUTPUT}"
-           cat 'lint-results/lint-report.md' >> "${GITHUB_OUTPUT}"
-           echo "${delimiter}" >> "${GITHUB_OUTPUT}"
+          echo "issue-number=$(cat 'package-lint-results/issue-number.txt')" >> "${GITHUB_OUTPUT}"
+
+          delimiter="$(openssl rand -hex 16)"
+          echo "content<<${delimiter}" >> "${GITHUB_OUTPUT}"
+          cat 'package-lint-results/lint-report.md' >> "${GITHUB_OUTPUT}"
+          echo "${delimiter}" >> "${GITHUB_OUTPUT}"
 
       - id: find_comment
-        name: Find lint results comment
+        name: Find package lint results comment
+        if: ${{ steps.extract_package_lint_results.outputs.found == 'true' }}
         uses: peter-evans/find-comment@v3
         with:
-          issue-number: ${{ steps.extract_lint_results.outputs.issue-number }}
+          issue-number: ${{ steps.extract_package_lint_results.outputs.issue-number }}
           comment-author: 'github-actions[bot]'
           body-includes: 'Check Result'
 
-      - name: Report lint results
+      - name: Report package lint results
         uses: peter-evans/create-or-update-comment@v4
+        if: ${{ steps.extract_package_lint_results.outputs.found == 'true' }}
         with:
           comment-id: ${{ steps.find_comment.outputs.comment-id }}
-          issue-number: ${{ steps.extract_lint_results.outputs.issue-number }}
-          body: ${{ steps.extract_lint_results.outputs.content }}
+          issue-number: ${{ steps.extract_package_lint_results.outputs.issue-number }}
+          body: ${{ steps.extract_package_lint_results.outputs.content }}
           edit-mode: replace
diff --git a/.github/workflows/pr-check.yml b/.github/workflows/pr-check.yml
@@ -0,0 +1,53 @@
+name: 'PR Check'
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  filter-paths:
+    permissions:
+      pull-requests: read
+    runs-on: ubuntu-latest
+    outputs:
+      need-package: ${{ steps.changed_files.outputs.packages }}
+      packages-files: ${{ steps.changed_files.outputs.packages_files }}
+      need-site: ${{ steps.changed_files.outputs.site }}
+    steps:
+      - name: Check changed files
+        id: changed_files
+        uses: dorny/paths-filter@v3
+        with:
+          list-files: 'escape'
+          # the 'site' filters won't work with default 'some'
+          predicate-quantifier: 'every'
+          filters: |
+            packages:
+              - added|modified: 'packages/**'
+            site:
+              - '**'
+              - '!packages/**'
+              - '!README.md'
+
+  package-check:
+    needs: filter-paths
+    if: ${{ needs.filter-paths.outputs.need-package == 'true' }}
+    uses: ./.github/workflows/package-lint.yml
+    with:
+      packages: ${{ needs.filter-paths.outputs.packages-files }}
+
+  site-check:
+    needs: filter-paths
+    if: ${{ needs.filter-paths.outputs.need-site == 'true' }}
+    uses: ./.github/workflows/site-generate.yml
+
+  pr-check:
+    needs: [package-check, site-check]
+    runs-on: ubuntu-latest
+    # can't do anything too fancy due to https://github.com/actions/runner/issues/491
+    if: always() && !(needs.package-check.result == 'skipped' && needs.site-check.result == 'skipped')
+    steps:
+      - name: Status
+        # check result manually
+        run: exit "${{ ((needs.package-check.result == 'success' || needs.package-check.result == 'skipped') && (needs.site-check.result == 'success' || needs.site-check.result == 'skipped')) && '0' || '1' }}"
diff --git a/.github/workflows/site-generate.yml b/.github/workflows/site-generate.yml
@@ -7,7 +7,7 @@ on:
   workflow_call:
 
 jobs:
-  generate:
+  site-generate:
     runs-on: ubuntu-latest
 
     steps:

diff --git a/.github/workflows/site-lint.yml b/.github/workflows/site-lint.yml
@@ -1,13 +1,9 @@
 name: 'Site: Lint'
 
 on:
-  pull_request:
-    branches:
-      - main
-    paths-ignore:
-      - 'packages/**'
+  workflow_call:
   workflow_dispatch:
 
 jobs:
-  generate:
+  site-lint:
     uses: ./.github/workflows/site-generate.yml