From eeda944b73654923642d10bf75c915131a7288ec Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Thu, 11 Dec 2025 13:04:44 +0100 Subject: [PATCH] ci: migrate tests to reusable workflows and introduce stable-tag pipeline - convert all test workflows to reusable workflow_call - add central CI workflow for branches and PRs - add mark-stable workflow triggered on main pushes - ensure stable tag updates only after all tests succeed - remove duplicated triggers from test workflows ` https://chatgpt.com/share/693aa4a6-7460-800f-ba47-cfc15b1b2236 --- .github/workflows/ci.yml | 26 ++++++ .github/workflows/mark-stable.yml | 109 ++++++++----------------- .github/workflows/test-container.yml | 8 +- .github/workflows/test-e2e.yml | 8 +- .github/workflows/test-integration.yml | 8 +- .github/workflows/test-unit.yml | 8 +- .github/workflows/test-virgin-root.yml | 8 +- .github/workflows/test-virgin-user.yml | 8 +- 8 files changed, 68 insertions(+), 115 deletions(-) create mode 100644 .github/workflows/ci.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..b35fb5e --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,26 @@ +name: CI + +on: + push: + branches-ignore: + - main + pull_request: + +jobs: + test-unit: + uses: ./.github/workflows/test-unit.yml + + test-integration: + uses: ./.github/workflows/test-integration.yml + + test-container: + uses: ./.github/workflows/test-container.yml + + test-e2e: + uses: ./.github/workflows/test-e2e.yml + + test-virgin-user: + uses: ./.github/workflows/test-virgin-user.yml + + test-virgin-root: + uses: ./.github/workflows/test-virgin-root.yml diff --git a/.github/workflows/mark-stable.yml b/.github/workflows/mark-stable.yml index c837de7..c49253e 100644 --- a/.github/workflows/mark-stable.yml +++ b/.github/workflows/mark-stable.yml @@ -1,27 +1,41 @@ name: Mark stable commit on: - workflow_run: - workflows: - - Test Units - - Test Code Integration - - Test OS Containers - - Test End-To-End - - Test Virgin User - - Test Virgin Root - types: - - completed + push: + branches: + - main jobs: + test-unit: + uses: ./.github/workflows/test-unit.yml + + test-integration: + uses: ./.github/workflows/test-integration.yml + + test-container: + uses: ./.github/workflows/test-container.yml + + test-e2e: + uses: ./.github/workflows/test-e2e.yml + + test-virgin-user: + uses: ./.github/workflows/test-virgin-user.yml + + test-virgin-root: + uses: ./.github/workflows/test-virgin-root.yml + mark-stable: - if: > - github.event.workflow_run.conclusion == 'success' && - github.event.workflow_run.head_branch == 'main' + needs: + - test-unit + - test-integration + - test-container + - test-e2e + - test-virgin-user + - test-virgin-root runs-on: ubuntu-latest permissions: - contents: write - actions: read + contents: write # to move the tag steps: - name: Checkout repository @@ -29,73 +43,22 @@ jobs: with: fetch-depth: 0 - - name: Install jq and gh - run: | - sudo apt-get update -y - sudo apt-get install -y jq gh || true - - - name: Check all required workflow results for this commit - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SHA: ${{ github.event.workflow_run.head_sha }} - REPO: ${{ github.event.workflow_run.repository.full_name }} - run: | - set -euo pipefail - - echo "Commit: $SHA" - echo "Repository: $REPO" - echo "Fetching workflow runs…" - - required_workflows=( - "Test Units" - "Test Code Integration" - "Test OS Containers" - "Test End-To-End" - "Test Virgin User" - "Test Virgin Root" - ) - - # FIX: cannot filter by head_sha — GitHub API bug! - json=$(gh api /repos/"$REPO"/actions/runs -F per_page=100 -F event=workflow_run) - - for wf in "${required_workflows[@]}"; do - conclusion=$(printf '%s\n' "$json" | jq -r --arg name "$wf" --arg sha "$SHA" ' - .workflow_runs[] - | select(.name == $name and .head_sha == $sha) - | .conclusion - ' | head -n1) - - if [[ -z "$conclusion" || "$conclusion" == "null" ]]; then - echo "❌ Workflow '$wf' has no run for this commit yet." - exit 0 - fi - - if [[ "$conclusion" != "success" ]]; then - echo "❌ Workflow '$wf' did not succeed (status: $conclusion)." - exit 0 - fi - - echo "✔ Workflow '$wf' succeeded." - done - - echo "🎉 All tests succeeded — this commit is STABLE." - - - name: Move 'stable' tag - env: - SHA: ${{ github.event.workflow_run.head_sha }} + - name: Move 'stable' tag to this commit run: | set -euo pipefail git config user.name "github-actions[bot]" git config user.email "github-actions[bot]@users.noreply.github.com" - echo "Tagging commit $SHA as stable…" + echo "Tagging commit $GITHUB_SHA as stable…" + # delete local tag if exists git tag -d stable 2>/dev/null || true + # delete remote tag if exists git push origin :refs/tags/stable || true - git tag stable "$SHA" + # create new tag on this commit + git tag stable "$GITHUB_SHA" git push origin stable - echo "✅ Done." + echo "✅ Stable tag updated." diff --git a/.github/workflows/test-container.yml b/.github/workflows/test-container.yml index 1b8aee2..911674f 100644 --- a/.github/workflows/test-container.yml +++ b/.github/workflows/test-container.yml @@ -1,13 +1,7 @@ name: Test OS Containers on: - push: - branches: - - main - - master - - develop - - "*" - pull_request: + workflow_call: jobs: test-container: diff --git a/.github/workflows/test-e2e.yml b/.github/workflows/test-e2e.yml index 33f9d77..d5adc63 100644 --- a/.github/workflows/test-e2e.yml +++ b/.github/workflows/test-e2e.yml @@ -1,13 +1,7 @@ name: Test End-To-End on: - push: - branches: - - main - - master - - develop - - "*" - pull_request: + workflow_call: jobs: test-e2e: diff --git a/.github/workflows/test-integration.yml b/.github/workflows/test-integration.yml index 9a30602..438fa7d 100644 --- a/.github/workflows/test-integration.yml +++ b/.github/workflows/test-integration.yml @@ -1,13 +1,7 @@ name: Test Code Integration on: - push: - branches: - - main - - master - - develop - - "*" - pull_request: + workflow_call: jobs: test-integration: diff --git a/.github/workflows/test-unit.yml b/.github/workflows/test-unit.yml index 014f478..e776bd0 100644 --- a/.github/workflows/test-unit.yml +++ b/.github/workflows/test-unit.yml @@ -1,13 +1,7 @@ name: Test Units on: - push: - branches: - - main - - master - - develop - - "*" - pull_request: + workflow_call: jobs: test-unit: diff --git a/.github/workflows/test-virgin-root.yml b/.github/workflows/test-virgin-root.yml index a81d9e2..cc69763 100644 --- a/.github/workflows/test-virgin-root.yml +++ b/.github/workflows/test-virgin-root.yml @@ -1,13 +1,7 @@ name: Test Virgin Root on: - push: - branches: - - main - - master - - develop - - "*" - pull_request: + workflow_call: jobs: test-virgin-root: diff --git a/.github/workflows/test-virgin-user.yml b/.github/workflows/test-virgin-user.yml index 42ce61e..c1c2912 100644 --- a/.github/workflows/test-virgin-user.yml +++ b/.github/workflows/test-virgin-user.yml @@ -1,13 +1,7 @@ name: Test Virgin User on: - push: - branches: - - main - - master - - develop - - "*" - pull_request: + workflow_call: jobs: test-virgin-user: