kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-31 10:47:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

.github: Refactor to use pull_request_target trigger.

Browse Source 
After careful review, we believe we can now use the "pull_request_target"
workflow trigger instead of "pull_request" which required a separate
privliged workflow to add labels and comments to PRs when they are submitted
or updated.  This allows us to greatly streamline our workflows and remove
unneeded ones.

* The OnPRChanged workflow was...
  * Renamed to OnPRCheck
  * Changed to trigger on pull_request_target and the "recheckpr" label.
  * Changed to simply call reusable workflows in asterisk-ci-actions.
  * Changed to use better concurrency groups.
* The OnPRCPCheck and OnPRMergeApproved workflows were also...
  * Changed to simply call reusable workflows in asterisk-ci-actions.
  * Changed to use better concurrency groups.
* The NightlyTest and CreateDocs were also tweaked
This commit is contained in:
George Joseph
2025-02-13 13:22:31 -07:00
parent 8f0613f010
commit e65bf88bcf
9 changed files with 26 additions and 96 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/CreateDocs.yml vendored
View File

@@ -21,6 +21,4 @@ jobs:
with: with:
asterisk_repo: ${{ github.repository }} asterisk_repo: ${{ github.repository }}
base_branch: ${{ matrix.branch }} base_branch: ${{ matrix.branch }}
secrets:
TOKEN: ${{ secrets.GITHUB_TOKEN }}

2
.github/workflows/NightlyTests.yml vendored
View File

@@ -23,5 +23,3 @@ jobs:
branches: ${{ inputs.branches || vars.NIGHTLYTEST_BRANCHES }} branches: ${{ inputs.branches || vars.NIGHTLYTEST_BRANCHES }}
group_list: ${{ inputs.group_list || vars.NIGHTLYTEST_LIST }} group_list: ${{ inputs.group_list || vars.NIGHTLYTEST_LIST }}
realtime: false realtime: false
secrets:
TOKEN: ${{ secrets.GITHUB_TOKEN }}

14
.github/workflows/OnPRCPCheck.yml vendored
View File

@@ -1,16 +1,14 @@
name: PRCPCheck name: PRCPCheck
run-name: "PR ${{ github.event.number }} ${{ github.workflow }} by ${{ github.actor }}" run-name: "PR ${{ github.event.number }} CPCheck by ${{ github.actor }}"
on: on:
pull_request_target: pull_request_target:
types: [ labeled ] types: [ labeled ]
jobs: jobs:
PRCPCheck: PRCPCheck:
if: ${{ github.event.label.name == vars.CHERRY_PICK_TEST_LABEL }}
# concurrency:
# group: cpcheck-${{ github.event.number }}
# cancel-in-progress: true
name: "run-cpcheck" name: "run-cpcheck"
uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRCPCheck.yml@main if: ${{ github.event.label.name == vars.CHERRY_PICK_TEST_LABEL }}
secrets: concurrency:
TOKEN: ${{ secrets.GITHUB_TOKEN }} group: cpcheck-${{ github.base_ref }}-${{ github.ref_name }}
cancel-in-progress: true
uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRCPCheck.yml@main-pr-target

31
.github/workflows/OnPRChanged.yml vendored
View File

@@ -1,31 +0,0 @@
#
# Workflows, like this one, that are triggered by PRs submitted
# from forked repositories are severly limited in what they can do
# for security reasons. For instance, they can't add or remove
# labels or comments even on the PR that triggered them. Since
# we need to both of those things, GitHub recommends creating a
# separate workflow that does those tasks that's triggered when
# this PR workflow starts or finishes. Since that workflow isn't
# being run in the context of a forked repo, it has all the
# privileges needed to add and remove labels and comments. The
# accompanying OnPRStateChangedPriv workflow does just that.
name: PRChanged
# WARNING! The run name MUST start with "PR <pr_number>".
# The accompanying privleged workflow parses this to find
# the PR number. It's the only reliable way it can get it.
run-name: "PR ${{ github.event.number }} Changed by ${{ github.actor }}"
on:
pull_request:
types: [opened, reopened, synchronize]
concurrency:
group: check-${{ github.event.number }}
cancel-in-progress: true
jobs:
PRChanged:
name: "run-check"
uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRChanged.yml@main
secrets:
TOKEN: ${{ secrets.GITHUB_TOKEN }}

27
.github/workflows/OnPRChangedPriv.yml vendored
View File

@@ -1,27 +0,0 @@
#
# Workflows triggered by PRs submitted from forked repositories
# (all of ours) are severly limited in what they can do.
# For instance, they can't add or remove labels or comments even
# on the PR that triggered them. Since we need to both of those,
# GitHub recommends creating a separate workflow (this one) that
# does those tasks that's triggered when the PR submit workflow
# starts or finishes. Since this workflow isn't being run in the
# context of a forked repo, it has all the privileges needed to
# add and remove labels and comments. Hence the "Priv" at the end
# of this workflow name.
#
name: PRChangedPriv
run-name: "PRChangedPriv ${{ github.event.workflow_run.name }} ${{ github.event.action }}(${{ github.event.workflow_run.conclusion }})"
on:
workflow_run:
workflows: [PRChanged]
types:
- requested
- completed
jobs:
PRChangedPriv:
name: "run-checkpriv"
uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRChangedPriv.yml@main
secrets:
TOKEN: ${{ secrets.GITHUB_TOKEN }}

14
.github/workflows/OnPRCheck.yml vendored Normal file
View File

@@ -0,0 +1,14 @@
name: PRCheck
run-name: "PR ${{ github.event.number }} Check(${{github.event.action}}) by ${{ github.actor }}"
on:
pull_request_target:
types: [ opened, reopened, synchronize, labeled ]
jobs:
PRCheck:
name: "run-check"
if: ${{ (github.event.action != 'labeled') || (github.event.action == 'labeled' && github.event.label.name == vars.RECHECKPR_LABEL) }}
concurrency:
group: check-${{ github.base_ref }}-${{ github.ref_name }}
cancel-in-progress: true
uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRCheck.yml@main-pr-target

14
.github/workflows/OnPRMergeApproved.yml vendored
View File

@@ -1,16 +1,14 @@
name: PRMerge name: PRMerge
run-name: "PR ${{ github.event.number }} ${{ github.workflow }} by ${{ github.actor }}" run-name: "PR ${{ github.event.number }} Merge by ${{ github.actor }}"
on: on:
pull_request_target: pull_request_target:
types: [labeled] types: [ labeled ]
jobs: jobs:
PRMerge: PRMerge:
if: contains(fromJSON(vars.MERGE_APPROVED_LABELS), github.event.label.name)
# concurrency:
# group: merge-${{ github.event.number }}
# cancel-in-progress: true
name: "run-merge" name: "run-merge"
if: contains(fromJSON(vars.MERGE_APPROVED_LABELS), github.event.label.name)
concurrency:
group: merge-${{ github.base_ref }}-${{ github.ref_name }}
cancel-in-progress: true
uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRMerge.yml@main uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRMerge.yml@main
secrets:
TOKEN: ${{ secrets.GITHUB_TOKEN }}

16
.github/workflows/OnPRRecheck.yml vendored
View File

@@ -1,16 +0,0 @@
name: PRReCheck
run-name: "PR ${{ github.event.number }} ${{ github.workflow }} by ${{ github.actor }}"
on:
pull_request_target:
types: [ labeled ]
jobs:
PRReCheck:
if: ${{ github.event.label.name == vars.RECHECKPR_LABEL }}
# concurrency:
# group: recheck-${{ github.event.number }}
# cancel-in-progress: true
name: "run-recheck"
uses: asterisk/asterisk-ci-actions/.github/workflows/AsteriskPRReCheck.yml@main
secrets:
TOKEN: ${{ secrets.GITHUB_TOKEN }}

2
.github/workflows/WeeklyTests.yml vendored
View File

@@ -23,5 +23,3 @@ jobs:
branches: ${{ inputs.branches || vars.NIGHTLYTEST_BRANCHES }} branches: ${{ inputs.branches || vars.NIGHTLYTEST_BRANCHES }}
group_list: ${{ inputs.group_list || vars.NIGHTLYTEST_LIST }} group_list: ${{ inputs.group_list || vars.NIGHTLYTEST_LIST }}
realtime: true realtime: true
secrets:
TOKEN: ${{ secrets.GITHUB_TOKEN }}