diff --git a/.github/workflows/check-extended.yaml b/.github/workflows/check-extended.yaml new file mode 100644 index 000000000..a58ba7b7a --- /dev/null +++ b/.github/workflows/check-extended.yaml @@ -0,0 +1,245 @@ +name: check-extended +on: + issue_comment: + types: + - created +jobs: + prepare-env: + runs-on: + group: infra1-runners-arc + labels: runners-small + permissions: read-all + outputs: + branch: ${{ steps.branch.outputs.branch }} + ref: refs/pull/${{ github.event.issue.number }}/merge + commit: ${{ steps.commit.outputs.commit }} + pr_number: ${{ github.event.issue.number }} + project: ${{ github.repository }} + changed_files: ${{ steps.changed-files.outputs.all_changed_files }} + steps: + - name: Branch name + id: branch + run: |- + branch=$(echo "${{ github.ref }}" | sed 's/^refs\/heads\///') + echo "branch=$branch" >> "$GITHUB_OUTPUT" + + - name: Commit + id: commit + run: |- + pr_head_sha=$(curl -s -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + "https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.issue.number }}" | \ + jq --raw-output .head.sha) + echo "commit=$pr_head_sha" >> "$GITHUB_OUTPUT" + + - uses: actions/checkout@v4 + with: + ref: refs/pull/${{ github.event.issue.number }}/merge + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v40 + if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, 'extended test') }} + gooddata-ruby-integration-tests-zuul: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, 'extended test') }} + steps: + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_ADDRESS }} + folder: lcm + job-name: gooddata-ruby-integration-tests-zuul + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check-extended" + } + comment-pr: 'true' + gooddata-lcm-ruby-integration-e2e-zuul: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, 'extended test') }} + steps: + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_ADDRESS }} + folder: lcm + job-name: gooddata-lcm-ruby-integration-e2e-zuul + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check-extended" + } + comment-pr: 'true' + gooddata-lcm-ruby-integration-release-zuul: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, 'extended test') }} + steps: + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_ADDRESS }} + folder: lcm + job-name: gooddata-lcm-ruby-integration-release-zuul + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check-extended" + } + comment-pr: 'true' + gooddata-lcm-ruby-integration-others-zuul: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, 'extended test') }} + steps: + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_ADDRESS }} + folder: lcm + job-name: gooddata-lcm-ruby-integration-others-zuul + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check-extended" + } + comment-pr: 'true' + gooddata-lcm-ruby-integration-slow-zuul: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, 'extended test') }} + steps: + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_ADDRESS }} + folder: lcm + job-name: gooddata-lcm-ruby-integration-slow-zuul + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check-extended" + } + comment-pr: 'true' + gooddata-lcm-ruby-integration-userprov-zuul: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + if: ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, 'extended test') }} + steps: + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_ADDRESS }} + folder: lcm + job-name: gooddata-lcm-ruby-integration-userprov-zuul + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check-extended" + } + comment-pr: 'true' + ready-to-merge: + runs-on: + group: infra1-runners-arc + labels: runners-small + if: always() && ${{ github.event.issue.pull_request && startsWith(github.event.comment.body, 'extended test') }} + needs: + - prepare-env + - gooddata-ruby-integration-tests-zuul + - gooddata-lcm-ruby-integration-e2e-zuul + - gooddata-lcm-ruby-integration-release-zuul + - gooddata-lcm-ruby-integration-others-zuul + - gooddata-lcm-ruby-integration-slow-zuul + - gooddata-lcm-ruby-integration-userprov-zuul + steps: + - name: Check if needed jobs succeeded + uses: re-actors/alls-green@release/v1 + with: + allowed-skips: ${{ toJSON(needs) }} + jobs: ${{ toJSON(needs) }} diff --git a/.github/workflows/check.yaml b/.github/workflows/check.yaml new file mode 100644 index 000000000..4c7b949c0 --- /dev/null +++ b/.github/workflows/check.yaml @@ -0,0 +1,192 @@ +name: check +on: pull_request +jobs: + prepare-env: + runs-on: + group: infra1-runners-arc + labels: runners-small + outputs: + branch: ${{ github.base_ref }} + ref: ${{ github.ref }} + commit: ${{ github.event.pull_request.head.sha }} + pr_number: ${{ github.event.pull_request.number }} + project: ${{ github.repository }} + changed_files: ${{ steps.changed-files.outputs.all_changed_files }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 1 + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v40 + gooddata-ruby-lcm-build-pipeline: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + steps: + - name: Check if all changed files match patterns + id: all-match + run: |- + any_didnt_match=false + patterns=('^k8s/.*$' '^.gdc-ii-config-chart.yaml$' '^Jenkinsfile-chart$') + for file in ${{ needs.prepare-env.outputs.changed_files }}; do + matched=false + for pattern in "${patterns[@]}"; do + if [[ $file =~ $pattern ]]; then + matched=true + fi + done + if [[ $matched == false ]]; then + any_didnt_match=true + fi + done + echo "any_didnt_match=$any_didnt_match" >> "$GITHUB_OUTPUT" + + - name: Check if branch matches + id: branch-matches + run: |- + branch=${{ needs.prepare-env.outputs.branch }} + branch_matches=$([[ $branch =~ ^master$ ]] && echo true || echo false) + echo "branch_matches=$branch_matches" >> "$GITHUB_OUTPUT" + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_II_ADDRESS }} + folder: gooddata-ruby + job-name: gooddata-ruby-lcm-build-pipeline + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check" + } + comment-pr: 'true' + if: steps.all-match.outputs.any_didnt_match == 'true' && steps.branch-matches.outputs.branch_matches == 'true' + gooddata-ruby-check-pipeline: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + steps: + - name: Check if any matching file changed + id: changed-files + run: | + any_changed=false + patterns=('^k8s/.*$' '^.gdc-ii-config-chart.yaml$' '^Jenkinsfile-chart$') + for file in ${{ needs.prepare-env.outputs.changed_files }}; do + for pattern in "${patterns[@]}"; do + if [[ $file =~ $pattern ]]; then + any_changed=true + fi + done + done + echo "any_changed=$any_changed" >> "$GITHUB_OUTPUT" + - name: Check if branch matches + id: branch-matches + run: |- + branch=${{ needs.prepare-env.outputs.branch }} + branch_matches=$([[ $branch =~ ^master$ ]] && echo true || echo false) + echo "branch_matches=$branch_matches" >> "$GITHUB_OUTPUT" + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_II_ADDRESS }} + folder: gooddata-ruby + job-name: gooddata-ruby-check-pipeline + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check" + } + comment-pr: 'true' + if: steps.changed-files.outputs.any_changed == 'true' && steps.branch-matches.outputs.branch_matches == 'true' + gooddata-ruby-fossa-licenses-validate-LR-ticket-zuul: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + steps: + - name: Check if any matching file changed + id: changed-files + run: | + any_changed=false + patterns=('^NOTICE(S)?(.TXT)?$' '^LICENSE(S)?(.TXT)?$') + for file in ${{ needs.prepare-env.outputs.changed_files }}; do + for pattern in "${patterns[@]}"; do + if [[ $file =~ $pattern ]]; then + any_changed=true + fi + done + done + echo "any_changed=$any_changed" >> "$GITHUB_OUTPUT" + - name: Check if branch matches + id: branch-matches + run: |- + branch=${{ needs.prepare-env.outputs.branch }} + branch_matches=$([[ $branch =~ ^master$ ]] && echo true || echo false) + echo "branch_matches=$branch_matches" >> "$GITHUB_OUTPUT" + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_ADDRESS }} + folder: compliance + job-name: gooddata-ruby-fossa-licenses-validate-LR-ticket-zuul + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "check" + } + comment-pr: 'true' + if: steps.changed-files.outputs.any_changed == 'true' && steps.branch-matches.outputs.branch_matches == 'true' + ready-to-merge: + runs-on: + group: infra1-runners-arc + labels: runners-small + if: always() + needs: + - prepare-env + - gooddata-ruby-lcm-build-pipeline + - gooddata-ruby-check-pipeline + - gooddata-ruby-fossa-licenses-validate-LR-ticket-zuul + steps: + - name: Check if needed jobs succeeded + uses: re-actors/alls-green@release/v1 + with: + allowed-skips: ${{ toJSON(needs) }} + jobs: ${{ toJSON(needs) }} diff --git a/.github/workflows/gate.yaml b/.github/workflows/gate.yaml new file mode 100644 index 000000000..753d026b3 --- /dev/null +++ b/.github/workflows/gate.yaml @@ -0,0 +1,202 @@ +name: gate +on: + merge_group: + types: + - checks_requested +jobs: + prepare-env: + runs-on: + group: infra1-runners-arc + labels: runners-small + outputs: + branch: ${{ steps.branch.outputs.branch }} + ref: ${{ github.event.merge_group.head_ref }} + commit: ${{ github.event.merge_group.head_sha }} + pr_number: ${{ steps.pr-number.outputs.pr_number }} + project: ${{ github.repository }} + changed_files: ${{ steps.changed-files.outputs.all_changed_files }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@v40 + - name: Branch name + id: branch + run: |- + branch=$(echo "${{ github.event.merge_group.base_ref }}" | sed 's/^refs\/heads\///') + echo "branch=$branch" >> "$GITHUB_OUTPUT" + + - name: PR number + id: pr-number + run: |- + pr_num=$(echo "${{ github.ref }}" | sed -n 's/.*pr-\([0-9]*\).*/\1/p') + echo "pr_number=$pr_num" >> "$GITHUB_OUTPUT" + + gooddata-ruby-fossa-licenses-validate-LR-ticket-zuul: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - prepare-env + permissions: + contents: read + id-token: write + steps: + - name: Check if any matching file changed + id: changed-files + run: | + any_changed=false + patterns=('^NOTICE(S)?(.TXT)?$' '^LICENSE(S)?(.TXT)?$') + for file in ${{ needs.prepare-env.outputs.changed_files }}; do + for pattern in "${patterns[@]}"; do + if [[ $file =~ $pattern ]]; then + any_changed=true + fi + done + done + echo "any_changed=$any_changed" >> "$GITHUB_OUTPUT" + - name: Check if branch matches + id: branch-matches + run: |- + branch=${{ needs.prepare-env.outputs.branch }} + branch_matches=$([[ $branch =~ ^master$ ]] && echo true || echo false) + echo "branch_matches=$branch_matches" >> "$GITHUB_OUTPUT" + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_ADDRESS }} + folder: compliance + job-name: gooddata-ruby-fossa-licenses-validate-LR-ticket-zuul + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "gate" + } + comment-pr: 'true' + if: steps.changed-files.outputs.any_changed == 'true' && steps.branch-matches.outputs.branch_matches == 'true' + gooddata-ruby-lcm-promote-pipeline: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - gooddata-ruby-fossa-licenses-validate-LR-ticket-zuul + - prepare-env + permissions: + contents: read + id-token: write + steps: + - name: Check if any matching file changed + id: changed-files + run: | + any_changed=false + patterns=('^VERSION$') + for file in ${{ needs.prepare-env.outputs.changed_files }}; do + for pattern in "${patterns[@]}"; do + if [[ $file =~ $pattern ]]; then + any_changed=true + fi + done + done + echo "any_changed=$any_changed" >> "$GITHUB_OUTPUT" + - name: Check if all changed files match patterns + id: all-match + run: |- + any_didnt_match=false + patterns=('^k8s/.*$' '^.gdc-ii-config-chart.yaml$' '^Jenkinsfile-chart$') + for file in ${{ needs.prepare-env.outputs.changed_files }}; do + matched=false + for pattern in "${patterns[@]}"; do + if [[ $file =~ $pattern ]]; then + matched=true + fi + done + if [[ $matched == false ]]; then + any_didnt_match=true + fi + done + echo "any_didnt_match=$any_didnt_match" >> "$GITHUB_OUTPUT" + + - name: Check if branch matches + id: branch-matches + run: |- + branch=${{ needs.prepare-env.outputs.branch }} + branch_matches=$([[ $branch =~ ^master$ ]] && echo true || echo false) + echo "branch_matches=$branch_matches" >> "$GITHUB_OUTPUT" + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_II_ADDRESS }} + folder: gooddata-ruby + job-name: gooddata-ruby-lcm-promote-pipeline + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "gate" + } + comment-pr: 'true' + if: steps.changed-files.outputs.any_changed == 'true' && steps.all-match.outputs.any_didnt_match == 'true' && steps.branch-matches.outputs.branch_matches == 'true' + gooddata-ruby-gitops-deploy-pipeline: + runs-on: + group: infra1-runners-arc + labels: runners-small + needs: + - gooddata-ruby-lcm-promote-pipeline + - prepare-env + permissions: + contents: read + id-token: write + steps: + - name: Call Jenkins trigger + id: call-jenkins + uses: gooddata/github-actions-public/jenkins/trigger@master + with: + server: ${{ secrets.JENKINS_II_ADDRESS }} + folder: gooddata-ruby + job-name: gooddata-ruby-gitops-deploy-pipeline + vault-url: ${{ secrets.VAULT_ADDRESS }} + params: |- + { + "GH_BRANCH": "${{ needs.prepare-env.outputs.branch }}", + "GH_REF": "${{ needs.prepare-env.outputs.ref }}", + "GH_COMMIT": "${{ needs.prepare-env.outputs.commit }}", + "GH_URL": "git@github.com:", + "GH_CHANGE": "${{ needs.prepare-env.outputs.pr_number }}", + "GH_PROJECT": "${{ needs.prepare-env.outputs.project }}", + "BUILD_BY_GITHUB": "true", + "GH_PIPELINE": "gate" + } + comment-pr: 'true' + ready-to-merge: + runs-on: + group: infra1-runners-arc + labels: runners-small + if: always() + needs: + - prepare-env + - gooddata-ruby-fossa-licenses-validate-LR-ticket-zuul + - gooddata-ruby-lcm-promote-pipeline + - gooddata-ruby-gitops-deploy-pipeline + steps: + - name: Check if needed jobs succeeded + uses: re-actors/alls-green@release/v1 + with: + allowed-skips: ${{ toJSON(needs) }} + jobs: ${{ toJSON(needs) }}