-
Notifications
You must be signed in to change notification settings - Fork 14.2k
131 lines (124 loc) · 5.59 KB
/
ci-complete.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: CI Complete
on:
workflow_run:
workflows: [CI]
types:
- completed
run-name: Build Scans for ${{ github.event.workflow_run.display_title}}
# This workflow runs after the completion of the CI workflow triggered on a "pull_request" event.
# The "pull_request" event type is run in an unprivileged context without access to the repository
# secrets. This means that PRs from public forks cannot publish Gradle Build Scans or modify the
# PR contents.
#
# This "workflow_run" triggered workflow is run in a privileged context and so does have access to
# the repository secrets. Here we can download the build scan files produced by a PR and publish
# them to develocity.apache.org.
#
# If we need to do things like comment on, label, or otherwise modify PRs from public forks. This
# workflow is the place to do it. PR number is ${{ github.event.workflow_run.pull_requests[0].number }}
jobs:
upload-build-scan:
# Skip this workflow if the CI run was skipped or cancelled
if: (github.event.workflow_run.conclusion == 'success' || github.event.workflow_run.conclusion == 'failure')
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
# Make sure these match build.yml
java: [ 23, 17 ]
run-flaky: [ true, false ]
run-new: [ true, false ]
exclude:
- run-flaky: true
run-new: true
env:
job-variation: ${{ matrix.java }}-${{ matrix.run-flaky == true && 'flaky' || 'noflaky' }}-${{ matrix.run-new == true && 'new' || 'nonew' }}
status-context: Java ${{ matrix.java }}${{ matrix.run-flaky == true && ' / Flaky' || '' }}${{ matrix.run-new == true && ' / New' || '' }}
steps:
- name: Env
run: printenv
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
- name: Checkout code
uses: actions/checkout@v4
with:
persist-credentials:
false
- name: Setup Gradle
uses: ./.github/actions/setup-gradle
with:
java-version: ${{ matrix.java }}
develocity-access-key: ${{ secrets.DEVELOCITY_ACCESS_KEY }}
- name: Download build scan archive
id: download-build-scan
uses: actions/download-artifact@v4
continue-on-error: true # Don't want this step to fail the overall workflow
with:
github-token: ${{ github.token }}
run-id: ${{ github.event.workflow_run.id }}
name: build-scan-${{ env.job-variation }}
path: ~/.gradle/build-scan-data # This is where Gradle buffers unpublished build scan data when --no-scan is given
- name: Handle missing scan
if: ${{ steps.download-build-scan.outcome == 'failure' }}
uses: ./.github/actions/gh-api-update-status
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.repository }}
commit_sha: ${{ github.event.workflow_run.head_sha }}
url: '${{ github.event.workflow_run.html_url }}'
description: 'Could not find build scan'
context: Gradle Build Scan / ${{ env.status-context }}
state: 'error'
- name: Publish Scan
id: publish-build-scan
if: ${{ steps.download-build-scan.outcome == 'success' }}
run: |
set +e
./gradlew --info buildScanPublishPrevious > gradle.out
exitcode="$?"
if [ $exitcode -ne 0 ]; then
cat gradle.out
echo "Failed to publish build scan" >> $GITHUB_STEP_SUMMARY
exit $exitcode
else
SCAN_URL=$(grep '^https://.*$' gradle.out)
cat gradle.out
echo "Published build scan to $SCAN_URL" >> $GITHUB_STEP_SUMMARY
echo "build-scan-url=$SCAN_URL" >> $GITHUB_OUTPUT
fi
- name: Handle failed publish
if: ${{ failure() && steps.publish-build-scan.outcome == 'failure' }}
uses: ./.github/actions/gh-api-update-status
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.repository }}
commit_sha: ${{ github.event.workflow_run.head_sha }}
url: '${{ github.event.repository.html_url }}/actions/runs/${{ github.run_id }}'
description: 'The build scan failed to be published'
context: Gradle Build Scan / ${{ env.status-context }}
state: 'error'
- name: Update Status Check
if: ${{ steps.publish-build-scan.outcome == 'success' }}
uses: ./.github/actions/gh-api-update-status
with:
gh-token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.repository }}
commit_sha: ${{ github.event.workflow_run.head_sha }}
url: ${{ steps.publish-build-scan.outputs.build-scan-url }}
description: 'The build scan was successfully published'
context: Gradle Build Scan / ${{ env.status-context }}
state: 'success'