From 00f07e7cac84c263301794d983056ef93f13fee3 Mon Sep 17 00:00:00 2001 From: Christos Malliaridis Date: Fri, 29 Nov 2024 00:41:05 +0100 Subject: [PATCH] Export dependabot tasks to separate workflow Since dependabot is creating a commit, it is necessary to wait and retrieve the latest changes before running any other workflow. --- .github/workflows/bin-solr-test.yml | 9 +++ .github/workflows/dependabot-tasks.yml | 66 +++++++++++++++++++ .github/workflows/docker-test.yml | 9 +++ .github/workflows/gradle-precommit.yml | 89 +++++--------------------- .github/workflows/solrj-test.yml | 9 +++ .github/workflows/tests-via-crave.yml | 6 ++ 6 files changed, 114 insertions(+), 74 deletions(-) create mode 100644 .github/workflows/dependabot-tasks.yml diff --git a/.github/workflows/bin-solr-test.yml b/.github/workflows/bin-solr-test.yml index 126e8d62293..eec2519004b 100644 --- a/.github/workflows/bin-solr-test.yml +++ b/.github/workflows/bin-solr-test.yml @@ -11,6 +11,12 @@ on: - 'solr/packaging/**' - 'solr/core/src/java/org/apache/solr/cli/**' - 'solr/prometheus-exporter/**' + # Wait for dependabot tasks to complete, if any + workflow_run: + workflows: + - Dependabot Tasks + types: + - completed jobs: test: @@ -24,6 +30,9 @@ jobs: steps: # Setup - uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + fetch-depth: 0 - name: Set up JDK uses: actions/setup-java@v4 with: diff --git a/.github/workflows/dependabot-tasks.yml b/.github/workflows/dependabot-tasks.yml new file mode 100644 index 00000000000..65f6853e7cb --- /dev/null +++ b/.github/workflows/dependabot-tasks.yml @@ -0,0 +1,66 @@ +name: Dependabot Tasks + +on: + pull_request: + branches: + - 'main' # dependabot will create PRs only against main + +jobs: + # Dependabot job that runs only for dependabot PRs + # This job is writing locks, updates checksums, and commits the changes on the dependabot PRs. + lock-and-verify: + name: Lock and verify + + runs-on: ubuntu-latest + + # Run only on PRs created by dependabot, this prevents users from misusing branch names + # prefixed with dependabot/** + if: github.actor == 'dependabot[bot]' + + # Give the default GITHUB_TOKEN write permission to commit + # and push the changed files back to the repository. + permissions: + contents: write + + steps: + - name: Checkout project + uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + + - name: Set up JDK + uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: 21 + java-package: jdk + + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v4 + + - name: Grant execute permission for gradlew + run: chmod +x gradlew + + - name: Use Gradle cache + uses: actions/cache@v4 + with: + path: | + ~/.gradle/caches + key: ${{ runner.os }}-gradle-precommit-${{ hashFiles('versions.lock') }} + restore-keys: | + ${{ runner.os }}-gradle-precommit- + ${{ runner.os }}-gradle- + + - name: Write locks + run: ./gradlew writeLocks + + - name: Update licenses / checksums + run: ./gradlew updateLicenses + + - name: Commit and push changes + run: | + git config user.name github-actions + git config user.email github-actions@github.com + git add . + git commit -m "Write locks and update checksums" + git push origin ${{ github.head_ref }} diff --git a/.github/workflows/docker-test.yml b/.github/workflows/docker-test.yml index d8593613ca6..63a3756a231 100644 --- a/.github/workflows/docker-test.yml +++ b/.github/workflows/docker-test.yml @@ -11,6 +11,12 @@ on: - 'solr/prometheus-exporter/bin/**' - 'solr/docker/**' - 'solr/packaging/**' + # Wait for dependabot tasks to complete, if any + workflow_run: + workflows: + - Dependabot Tasks + types: + - completed jobs: test: @@ -26,6 +32,9 @@ jobs: steps: # Setup - uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + fetch-depth: 0 - name: Set up JDK 21 uses: actions/setup-java@v4 with: diff --git a/.github/workflows/gradle-precommit.yml b/.github/workflows/gradle-precommit.yml index 976e7f6437d..1fb3987941e 100644 --- a/.github/workflows/gradle-precommit.yml +++ b/.github/workflows/gradle-precommit.yml @@ -5,31 +5,28 @@ on: branches: - 'main' - 'branch_*' + # Wait for dependabot tasks to complete, if any + workflow_run: + workflows: + - Dependabot Tasks + types: + - completed jobs: - # Dependabot job that runs only for dependabot PRs - # This job is writing locks, updates checksums, and commits the changes on the dependabot PRs. - lockAndVerify: - name: Lock and verify + test: + name: gradle check runs-on: ubuntu-latest - # Run only on dependabot PRs (see dependabot-actions.yml) - if: github.actor == 'dependabot[bot]' - env: DEVELOCITY_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} - # Give the default GITHUB_TOKEN write permission to commit - # and push the changed files back to the repository. - permissions: - contents: write - steps: - - name: Checkout project - uses: actions/checkout@v4 + # Setup + - uses: actions/checkout@v4 with: ref: ${{ github.head_ref }} + fetch-depth: 0 - name: Set up JDK uses: actions/setup-java@v4 @@ -44,8 +41,7 @@ jobs: - name: Grant execute permission for gradlew run: chmod +x gradlew - - name: Use Gradle cache - uses: actions/cache@v4 + - uses: actions/cache@v4 with: path: | ~/.gradle/caches @@ -54,62 +50,7 @@ jobs: ${{ runner.os }}-gradle-precommit- ${{ runner.os }}-gradle- - - name: Write locks - run: ./gradlew writeLocks - - - name: Update licenses / checksums - run: ./gradlew updateLicenses - - - name: Commit and push changes - run: | - git config user.name github-actions - git config user.email github-actions@github.com - git add . - git commit -m "Write locks and update checksums" - git push origin ${{ github.head_ref }} - - test: - name: gradle check - - runs-on: ubuntu-latest - - # Run after "dependabot" job, regardless if skipped or successful - needs: lockAndVerify - if: always() - - env: - DEVELOCITY_ACCESS_KEY: ${{ secrets.GE_ACCESS_TOKEN }} - - steps: - # Setup - - uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - fetch-depth: 0 - - - name: Set up JDK - uses: actions/setup-java@v4 - with: - distribution: 'temurin' - java-version: 21 - java-package: jdk - - - name: Setup Gradle - uses: gradle/actions/setup-gradle@v4 - - - name: Grant execute permission for gradlew - run: chmod +x gradlew - - - uses: actions/cache@v4 - with: - path: | - ~/.gradle/caches - key: ${{ runner.os }}-gradle-precommit-${{ hashFiles('versions.lock') }} - restore-keys: | - ${{ runner.os }}-gradle-precommit- - ${{ runner.os }}-gradle- - - - name: Run gradle check (without tests) - run: ./gradlew check -x test -Ptask.times=true + - name: Run gradle check (without tests) + run: ./gradlew check -x test -Ptask.times=true - - uses: gradle/wrapper-validation-action@v3 + - uses: gradle/wrapper-validation-action@v3 diff --git a/.github/workflows/solrj-test.yml b/.github/workflows/solrj-test.yml index 3eb9bb4f5f6..09ed0a5eb31 100644 --- a/.github/workflows/solrj-test.yml +++ b/.github/workflows/solrj-test.yml @@ -8,6 +8,12 @@ on: paths: - '.github/workflows/solrj-test.yml' - 'solr/solrj/**' + # Wait for dependabot tasks to complete, if any + workflow_run: + workflows: + - Dependabot Tasks + types: + - completed jobs: test: @@ -21,6 +27,9 @@ jobs: steps: # Setup - uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} + fetch-depth: 0 - name: Set up JDK 21 uses: actions/setup-java@v4 with: diff --git a/.github/workflows/tests-via-crave.yml b/.github/workflows/tests-via-crave.yml index 91c5c3b4a5e..8bee95e8d42 100644 --- a/.github/workflows/tests-via-crave.yml +++ b/.github/workflows/tests-via-crave.yml @@ -5,6 +5,12 @@ on: branches: - 'main' - 'branch_*' + # Wait for dependabot tasks to complete, if any + workflow_run: + workflows: + - Dependabot Tasks + types: + - completed jobs: test: