Sync GitHub Actions workflows from templates #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
For the sake of efficiency, the "Compile Examples" GitHub Actions workflow is configured to only run when relevant files are modified. Changes to the `library.properties` metadata file can affect the compilation of the library, so the workflow must be triggered any time that file is modified. That was not done with the previous paths filter configuration.
The `jobs.<job_id>.name` key sets the human identifier for the workflow job shown in the workflow run logs. By default, the name of matrix jobs is based on the job ID combined with the `jobs.<job_id>.strategy.matrix` object, which can result in an unnecessarily long and cryptic job name. The job ID + the FQBN of the job's target board is sufficient. The use of this job name format will improve the readability of the workflow run logs.
Use of the major version ref will cause the workflow to benefit from ongoing development to the actions up until such time as a new major release of an action is made, at which time we would need to evaluate whether any changes to the workflow are required by the breaking change that triggered the major release before updating the major ref (e.g., `uses: arduino/compile-sketches@v2`).
The `arduino/compile-sketches` action is configured to produce a file containing information about the compilations. This file is uploaded to a workflow artifact via the `actions/upload-artifact` action and later consumed by the `arduino/report-size-deltas` action. By default the `actions/upload-artifact` action step will pass even if the file specified for upload is not found. In this case where the file will always be present if the workflow is functioning correctly, that behavior could mask a serious problem with the workflow. It is better to configure the `actions/upload-artifact` action to fail the workflow run if the file is not found.
This provides a "smoke test" to validate proposed changes to the workflow.
GitHub Actions provides the capability for workflow authors to use the capabilities of the GitHub Actions ToolKit package directly in the `run` keys of workflows via "workflow commands". One such command is `set-output`, which allows data to be passed out of a workflow step as an output. It has been determined that this command has potential to be a security risk in some applications. For this reason, GitHub has deprecated the command and a warning of this is shown in the workflow run summary page of any workflow using it: The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/ The identical capability is now provided in a safer form via the GitHub Actions "environment files" system. Migrating the use of the deprecated workflow commands to use the `GITHUB_OUTPUT` environment file instead fixes any potential vulnerabilities in the workflows, resolves the warnings, and avoids the eventual complete breakage of the workflows that would result from GitHub's planned removal of the `set-output` workflow command 2023-05-31.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This project uses GitHub Actions workflows based on canonical "templates" maintained in centralized repositories. Some advancements have been made in the upstream workflows since the time of the versions in place in this repository.
Those advancements are pulled in here. See the individual commit messages for details.