geti-instant-learn/.github/workflows/main.yml at dafa694979065ffd183ac98fd0e2bd258179148b · rajeshgangireddy/geti-instant-learn · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: main
on:
  workflow_dispatch:
  pull_request:
    branches:
      - main
      - 'release/app-[0-9]+\.[0-9]+'
      - 'release/lib-[0-9]+\.[0-9]+'
  push:
    branches:
      - main
      - 'release/app-[0-9]+\.[0-9]+'
      - 'release/lib-[0-9]+\.[0-9]+'

permissions: {} # No permissions by default

concurrency:
  group: ${{ github.head_ref || github.ref_name }}
  cancel-in-progress: ${{ github.event_name == 'pull_request' }}

jobs:
  build-parameters:
    name: Prepare build parameters
    runs-on: ubuntu-latest
    permissions:
      contents: read
    timeout-minutes: 10
    outputs:
      app_version: "${{ steps.app-version.outputs.version }}"
      lib_version: "${{ steps.lib-version.outputs.version }}"
      components-list: ${{ steps.change-detection.outputs.paths_list }}

    steps:
      - name: Checkout code
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          fetch-depth: 0
          persist-credentials: false

      - name: change-detection
        id: change-detection
        uses: ./.github/actions/change-detection

      - name: app-version
        id: app-version
        uses: ./.github/actions/build-version
        with:
          version-file-path: 'application/VERSION'

      - name: lib-version
        id: lib-version
        uses: ./.github/actions/build-version
        with:
          version-file-path: 'library/VERSION'

  library:
    name: Library build
    needs: build-parameters
    permissions:
      contents: read
    if: needs.build-parameters.outputs.components-list && contains(fromJson(needs.build-parameters.outputs.components-list), 'library')
    uses: ./.github/workflows/library.yml
    with:
      build_version: ${{ needs.build-parameters.outputs.lib_version }}

  backend:
    name: Backend build
    needs: build-parameters
    permissions:
      contents: read
    if: needs.build-parameters.outputs.components-list && contains(fromJson(needs.build-parameters.outputs.components-list), 'backend')
    uses: ./.github/workflows/backend.yml
    with:
      build_version: ${{ needs.build-parameters.outputs.app_version }}

  ui:
    name: UI build
    needs: build-parameters
    permissions:
      contents: read
      pull-requests: write
    if: needs.build-parameters.outputs.components-list && contains(fromJson(needs.build-parameters.outputs.components-list), 'ui')
    uses: ./.github/workflows/ui.yml

  distrib:
    name: Distrib build
    needs: [build-parameters]
    permissions:
      contents: read
      packages: write # Permission to push packages to GHCR
      id-token: write # Permission to request OIDC token for signing images
    if: github.event_name != 'push' && needs.build-parameters.outputs.components-list && contains(fromJson(needs.build-parameters.outputs.components-list), 'distrib')
    uses: ./.github/workflows/distrib.yml
    with:
      build_version: ${{ needs.build-parameters.outputs.app_version }}

  markdown:
    name: Markdown build
    needs: build-parameters
    permissions:
      contents: read
    if: needs.build-parameters.outputs.components-list && contains(fromJson(needs.build-parameters.outputs.components-list), 'markdown')
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
        with:
          persist-credentials: false

      - uses: DavidAnson/markdownlint-cli2-action@07035fd053f7be764496c0f8d8f9f41f98305101 #v22.0.0
        with:
          config: '.github/.markdownlint-cli2.jsonc'

  documentation:
    name: Documentation markdown checks
    needs: build-parameters
    permissions:
      contents: read
    if: needs.build-parameters.outputs.components-list && contains(fromJson(needs.build-parameters.outputs.components-list), 'documentation')
    uses: ./.github/workflows/documentation.yml

  success:
    name: Status checks
    needs: [ build-parameters, library, backend, ui, distrib, markdown, documentation ]
    runs-on: ubuntu-latest
    if: ${{ always() && !cancelled() }}
    env:
      CHECKS: ${{ join(needs.*.result, ' ') }}
    steps:
      - name: Check
        run: |
          for check in ${CHECKS}; do
            echo "::notice::check=${check}"
            if [[ "$check" != "success" && "$check" != "skipped" ]]; then
              echo "::error ::Required status checks failed. They must succeed before this pull request can be merged."
              exit 1
            fi
          done