Merge pull request #452 from guardian/update/non_aws #379
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Trigger Private Janus build | |
| on: | |
| # When a PR is merged | |
| push: | |
| branches: ["main"] | |
| # When a PR is raised (for example, dependency updates from Dependabot or Scala Steward) | |
| pull_request: | |
| # When a workflow is manually triggered | |
| workflow_dispatch: | |
| jobs: | |
| # Compile and run tests | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| checks: write # Required by dorny/test-reporter | |
| steps: | |
| - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 | |
| - uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 | |
| with: | |
| distribution: 'corretto' | |
| java-version: '11' | |
| cache: 'sbt' | |
| - run: sbt clean compile scalafmtCheckAll scalafmtSbtCheck test | |
| - name: Test Report for Janus-App | |
| uses: dorny/test-reporter@31a54ee7ebcacc03a09ea97a7e5465a47b84aea5 # v1.9.1 | |
| if: (success() || failure()) && !github.event.pull_request.head.repo.fork # run this step even if previous step failed | |
| with: | |
| name: Janus-App Tests | |
| path: logs/test-reports/TEST-*.xml | |
| reporter: java-junit | |
| only-summary: 'false' | |
| fail-on-error: 'true' | |
| # Trigger a workflow in the guardian/janus repository, if and only if: | |
| # - The Scala build is successful | |
| # - We're on the 'main' branch | |
| trigger-workflow: | |
| needs: build | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| runs-on: ubuntu-latest | |
| outputs: | |
| workflow_run_id: ${{ steps.fetch.outputs.result }} | |
| steps: | |
| - name: record start time | |
| run: echo START_TIME=$(date "+%Y-%m-%dT%H:%M:%S") >> $GITHUB_ENV | |
| - name: Exchange GitHub App for GitHub Token | |
| uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1 | |
| id: app-token | |
| with: | |
| # These values are for the GitHub App guardian-janus-ci | |
| # See https://github.com/organizations/guardian/settings/apps/guardian-janus-ci (only accessible by GitHub owners) | |
| app-id: ${{ secrets.GH_APP_ID }} | |
| private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} | |
| owner: guardian | |
| repositories: janus | |
| - name: Trigger workflow | |
| uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
| with: | |
| github-token: ${{ steps.app-token.outputs.token }} # A GitHub app token generated by a previous step | |
| script: | | |
| await github.rest.actions.createWorkflowDispatch({ | |
| owner: 'guardian', | |
| repo: 'janus', | |
| workflow_id: 'build.yml', | |
| ref: 'main' | |
| }) | |
| - run: sleep 5 # wait for event to register within github system | |
| - name: fetch workflow id | |
| id: fetch | |
| uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
| with: | |
| github-token: ${{ steps.app-token.outputs.token }} # A GitHub app token generated by a previous step | |
| result-encoding: string | |
| script: | | |
| const result = await github.rest.actions.listWorkflowRuns({ | |
| owner: 'guardian', | |
| repo: 'janus', | |
| workflow_id: 'build.yml', | |
| event: 'workflow_dispatch', | |
| created: '>=${{ env.START_TIME }}' | |
| }); | |
| console.log(result); | |
| return result["data"]["workflow_runs"][0].id | |
| # wait 6 minutes for job to run | |
| # This is the observed upper limit for builds that invalidate the sbt cache | |
| - run: sleep 360 | |
| # Reflect the build status from the workflow in the guardian/janus repository here | |
| check-status: | |
| runs-on: ubuntu-latest | |
| needs: trigger-workflow | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| steps: | |
| - name: Exchange GitHub App for GitHub Token | |
| uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1 | |
| id: app-token | |
| with: | |
| # These values are for the GitHub App guardian-janus-ci | |
| # See https://github.com/organizations/guardian/settings/apps/guardian-janus-ci (only accessible by GitHub owners) | |
| app-id: ${{ secrets.GH_APP_ID }} | |
| private-key: ${{ secrets.GH_APP_PRIVATE_KEY }} | |
| owner: guardian | |
| repositories: janus | |
| - name: fetch status | |
| id: status | |
| uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
| with: | |
| github-token: ${{ steps.app-token.outputs.token }} # A GitHub app token generated by a previous step | |
| result-encoding: string | |
| script: | | |
| const result = await github.rest.actions.getWorkflowRun({ | |
| owner: 'guardian', | |
| repo: 'janus', | |
| run_id: '${{ needs.trigger-workflow.outputs.workflow_run_id }}' | |
| }); | |
| console.log(result); | |
| return result["data"]["conclusion"]; | |
| - name: Verify job completed successfully | |
| if: ${{ steps.status.outputs.result != 'success' }} | |
| uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 | |
| with: | |
| script: core.setFailed('Task started by trigger-workflow did not conclude successfully') |