-
Notifications
You must be signed in to change notification settings - Fork 0
119 lines (111 loc) · 4.09 KB
/
test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
---
name: test
on: pull_request
permissions: {}
jobs:
path-filter:
# Get changed files to filter jobs
outputs:
update-aqua-checksums: ${{steps.changes.outputs.update-aqua-checksums}}
renovate-config-validator: ${{steps.changes.outputs.renovate-config-validator}}
ghalint: ${{steps.changes.outputs.ghalint}}
runs-on: ubuntu-latest
permissions: {}
steps:
- uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
id: changes
with:
filters: |
update-aqua-checksums:
- aqua.yaml
- aqua/*.yaml
- aqua-checksums.json
- .github/workflows/test.yaml
renovate-config-validator:
- renovate.json5
ghalint:
- .github/workflows/*.yaml
- aqua/ghalint.yaml
ghalint:
# Validate GitHub Actions Workflows by ghalint.
needs: path-filter
if: needs.path-filter.outputs.ghalint == 'true'
runs-on: ubuntu-latest
permissions: {}
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: aquaproj/aqua-installer@6ce1f8848ec8e61f14d57bd5d7597057a6dd187c # v3.0.1
with:
aqua_version: v2.28.0
env:
AQUA_GITHUB_TOKEN: ${{github.token}}
- run: ghalint run
env:
GHALINT_LOG_COLOR: always
update-aqua-checksums:
# Update aqua-checksums.json and push a commit
needs: path-filter
permissions:
contents: read # The reusable workflow requires contents:read
if: |
needs.path-filter.outputs.update-aqua-checksums == 'true'
uses: aquaproj/update-checksum-workflow/.github/workflows/update-checksum.yaml@75c72cdc372a43dd1b1ad0458748f5d6bfeac7b9 # v1.0.1
with:
aqua_version: v2.28.0
prune: true
secrets:
gh_app_id: ${{secrets.APP_ID}}
gh_app_private_key: ${{secrets.APP_PRIVATE_KEY}}
renovate-config-validator:
# Validate Renovate Configuration by renovate-config-validator.
uses: suzuki-shunsuke/renovate-config-validator-workflow/.github/workflows/validate.yaml@4a378742d05b4e67aae34039d7c779ac913cd79d # v0.2.3
needs: path-filter
if: needs.path-filter.outputs.renovate-config-validator == 'true'
permissions:
contents: read
enable-automerge:
# Enable automerge to merge pull requests from Renovate automatically.
runs-on: ubuntu-latest
needs:
- status-check
permissions:
contents: write # For enable automerge
pull-requests: write # For enable automerge
# "! failure() && ! cancelled()" is required. success() returns false if dependent jobs are skipped. https://github.com/community/community/discussions/45058
# By default success() is used so we have to override success() by "! failure() && ! cancelled()"
if: |
! failure() && ! cancelled() && github.event.pull_request.user.login == 'renovate[bot]' && contains(github.event.pull_request.body, ' **Automerge**: Enabled.')
steps:
- uses: suzuki-shunsuke/enable-auto-merge-action@ec074392e76cd1062925255cd82a86ea1c44b6fd # v0.1.0
with:
pr_number: ${{github.event.pull_request.number}}
merge_method: squash
github_app_id: ${{secrets.APP_ID}}
github_app_private_key: ${{secrets.APP_PRIVATE_KEY}}
status-check:
# This job is used for main branch's branch protection rule's status check.
# If all dependent jobs succeed or are skipped this job succeeds.
runs-on: ubuntu-latest
needs:
- update-aqua-checksums
- test
- ghalint
- renovate-config-validator
permissions: {}
if: failure()
steps:
- run: exit 1
test:
uses: suzuki-shunsuke/go-test-workflow/.github/workflows/test.yaml@3191fc67e2aa6426e4bccd25be69b9d80b47a007 # v1.0.1
with:
aqua_version: v2.28.0
go-version: 1.22.3
permissions:
pull-requests: write
contents: read
prettier:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- run: npm i -g prettier
- run: prettier -c .