In the following workflow, I want to add cache functionality so that, every time it will build from scratch. this is the workflow:
# This workflow will do
# a clean install of node deps
# build the source code
# run test across different versions of node
name: Conflict Check
on:
push:
branches:
- staging
pull_request:
branches:
- staging
jobs:
triage:
runs-on: ubuntu-latest
steps:
- uses: mschilde/auto-label-merge-conflicts#master
with:
CONFLICT_LABEL_NAME: 'has conflicts'
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
How can I achieve this?
You can use actions/cache action for purposes of caching in Github Actions.
jobs:
triage:
runs-on: ubuntu-latest
steps:
- name: Cache build files
uses: actions/cache#v2
with:
path: ${{ PATH_TO_CACHE }}
key:${{ runner.os }}-${{ hashFiles(<glob_pattern_for_files>) }}
- uses: mschilde/auto-label-merge-conflicts#master
with:
CONFLICT_LABEL_NAME: 'has conflicts'
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
The example above assumes you want to cache your files between runs on different refs but your actual key declaration would depend on what you are trying to do.
For example if you are trying to cache between jobs or workflow runs on same ref:
key: ${{ runner.os }}-${{ github.sha }}
Related
I have a project where I have two GitHub actions yml file where the first file is called build.yml and it contains instructions to compile, build and test the project. It is as simple as this:
name: build my-project
on:
push:
paths-ignore:
- 'images/**'
- README.md
branches:
- master
pull_request:
branches:
- master
release:
types: [ created ]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v2
- name: cache ivy2
uses: actions/cache#v1
with:
path: ~/.ivy2/cache
key: ${{ runner.os }}-sbt-ivy-cache-${{ hashFiles('**/*.sbt') }}-${{ hashFiles('project/build.properties') }}
- name: sbt Test
run: sbt clean test
I now have another yml file that contains the instructions to do a release based on annotated tags. It is like this:
name: release my-project
on:
push:
# Sequence of patterns matched against refs/tags
tags:
- 'v[0-9]+.[0-9]+.[0-9]+-[a-zA-Z]*'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
build:
uses: ./.github/workflows/build.yml
publish:
runs-on: ubuntu-latest
needs: test # See build.yml file where the test job is defined
# If there is a tag and if that tag comes from master branch
if: startsWith(github.ref, 'refs/tags/v')
steps:
- name: checkout
uses: actions/checkout#v3
- name: capture changelog
id: changelog
uses: metcalfc/changelog-generator#v4.0.1
with:
myToken: ${{ secrets.GITHUB_TOKEN }}
- name: sbt ci-publish-github
run: sbt publish
- name: ci-release-github
id: create-release
uses: actions/create-release#latest
with:
allowUpdates: true
tag_name: ${{ github.ref }}
release_name: Release ${{ github.ref }}
body: |
## What's Changed
${{ steps.changelog.outputs.changelog }}
draft: false
prerelease: false
I just created an annotated tag which then resulted in an error like this:
Invalid workflow file: .github/workflows/publish.yml#L14
error parsing called workflow "./.github/workflows/build.yml": workflow is not reusable as it is missing a `on.workflow_call` trigger
So basically what I want is, when I push an annotated tag, I want to first run the test job from build.yml and then once that succeeds, I would like to run the publish job. Any suggestions on how to get this straight?
So basically what I want is, when I push an annotated tag, I want to first run the test job from build.yml and then once that succeeds, I would like to run the publish job. Any suggestions on how to get this straight?
You almost got it right with your implementation. You just need a few modifications:
The build job needs to depends on the publish job:
name: release my-project
on:
push:
# Sequence of patterns matched against refs/tags
tags:
- 'v[0-9]+.[0-9]+.[0-9]+-[a-zA-Z]*'
jobs:
publish:
[ ... ]
build:
needs:
- publish
uses: ./.github/workflows/build.yml
The build needs the workflow_call trigger (as stated by the error message - Reference):
on:
workflow_call:
push:
[ ... ]
Note: You could even share the tag value from the previous workflow, sending it as input to the second one by using:
on:
workflow_call:
inputs:
tag:
required: true
type: string
Calling the reusable workflow that way from the main workflow:
build:
needs:
- publish
uses: ./.github/workflows/build.yml
with:
tag: 'MY TAG'
I was able to fix it by adding the following in my publish.yml:
jobs:
tests:
uses: ./.github/workflows/build.yml
publish:
runs-on: ubuntu-latest
needs: [tests] # See build.yml file where the test job is defined
In my build.yml, I had to add the following:
on:
push:
paths-ignore:
- 'images/**'
- README.md
branches:
- master
pull_request:
branches:
- master
release:
types: [ created ]
workflow_call:
Notice that workflow_call: entry that needs to be added explicitly.
Currently I am trying to have 1 job scanning SonarQube and 1 job checking for the quality gate in github actions. In order to get the report from gradle of the quality check in the second job, I have to cache it (or atleast with the limited knowledge I have). But I don't want when I rerun the workflow on the same PR or on different PRs use the same cache, since the report is only valid for a current workflow and not futher ones (those need to always create a new report and give the new report to the second job).
Here is my workflow:
name: SonarQube
on:
push:
branches:
- master # or the name of your main branch
pull_request:
types: [opened, synchronize, reopened]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout#v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 11
uses: actions/setup-java#v3
with:
java-version: 11
distribution: corretto
cache: gradle
- name: Build and analyze
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
run: ./gradlew --info sonar -Dsonar.host.url=$SONAR_HOST_URL -Dsonar.login=$SONAR_TOKEN
- name: Cache report
uses: actions/cache#v3
with:
path: build/sonar/
key: report-task
qualityCheck:
needs: scan
runs-on: ubuntu-latest
steps:
- name: Get cache report
uses: actions/cache#v3
with:
path: build/sonar/
key: report-task
- name: Quality Gate check
id: sonarqube-quality-gate-check
uses: sonarsource/sonarqube-quality-gate-action#master
# Force to fail step after specific time.
timeout-minutes: 5
with:
scanMetadataReportFile: build/sonar/report-task.txt
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
What needs to be changed to achieve this?
I have currently done this:
- name: Cache report
uses: actions/cache#v3
with:
path: build/sonar/
key: commit-${{ github.sha }}-workflow-${{ github.run_id }}-${{ github.run_number }}-report-task-${{ hashFiles('build/sonar/**') }}
This doesn't solve the problem that it keeps the cache after the workflow ends, but it now won't use the report of previous workflows.
I've been trying to follow the example provided by SonarCloud to set it up, but it doesn't work.
name: SonarCloud
on:
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]
jobs:
build:
name: Build and analyze
runs-on: macos-latest
env:
BUILD_WRAPPER_OUT_DIR: build_wrapper_output_directory # Directory where build-wrapper output will be placed
steps:
- uses: actions/checkout#v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Install sonar-scanner and build-wrapper
uses: SonarSource/sonarcloud-github-c-cpp#v1
- name: Run build-wrapper
run: |
build-wrapper-macosx-x86 --out-dir ${{ env.BUILD_WRAPPER_OUT_DIR }}<insert_your_clean_build_command>
- name: Run sonar-scanner
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
sonar-scanner --define sonar.cfamily.build-wrapper-output="${{ env.BUILD_WRAPPER_OUT_DIR }}"
It always goes wrong in the Run build-wrapper-macosx-x86 production process.
Is there enough solution or sample code to guide me?
Similar tho this question How to run Github Actions with the 'deployment_status' kitty and only on the QAS branch?
I want to execute a workflow only on a specific branch but combined with the deployment_status trigger.
So I want to execute my end to end test only if the deployment is done and we are on the develop branch.
The problem here is: On the trigger deployment_status the github.ref variable is not set. It is also written in docs. So I can not do a manual check if I am on the right branch.
name: E2E
on:
deployment_status:
# does not work because it is ignored on deployment_status
branches:
- develop
- stage
- master
- main
jobs:
chrome:
if: github.event.deployment_status.state == 'success'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout#v2
- name: Run Cypress
uses: cypress-io/github-action#v2
with:
browser: chrome
cache-key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
env:
CYPRESS_BASE_URL: ${{ github.event.deployment_status.target_url }}
On the other way: If i use the deployment_status trigger I can not use branches or branches-ignore in combination. This is not working at all.
name: E2E
on:
deployment_status:
jobs:
chrome:
# does not work because github.ref is not defined
if: github.event.deployment_status.state == 'success' && github.ref == 'refs/heads/develop' /
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout#v2
- name: Run Cypress
uses: cypress-io/github-action#v2
with:
browser: chrome
cache-key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
env:
CYPRESS_BASE_URL: ${{ github.event.deployment_status.target_url }}
Any ideas how to solve this?
The workflow in file inrisk.packages.ci.yml generates a tag and a realise of the code when a push is done in the develop branch. The below works as expected.
name: Code Int
on:
push:
paths:
- 'infra/**'
jobs:
ci:
runs-on: ubuntu-latest
steps:
# Checks-out to $GITHUB_WORKSPACE
- uses: actions/checkout#v2
- name: Basic Checks
run: |
whoami
ls -lah
pwd
- uses: actions/setup-node#v1
# Create a new release when on develop which triggers the deployment
- name: Bump version and push tag
if: github.ref == 'refs/heads/develop'
uses: mathieudutour/github-tag-action#v4.5
id: tag_version
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Create Release
if: github.ref == 'refs/heads/develop'
id: create_release
uses: actions/create-release#v1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ steps.tag_version.outputs.new_tag }}
release_name: Release ${{ steps.tag_version.outputs.new_tag }}
draft: false
prerelease: false
The below workflow in file inrisk.packages.cd.yml and is suppose to be triggered when ever a tag/realise is created/published.
name: Code Deploy
on:
push:
tags:
- 'v*'
release:
types:
- published
- created
- released
jobs:
build-and-deploy:
runs-on: ubuntu-latest
steps:
# Checks-out to $GITHUB_WORKSPACE
- uses: actions/checkout#v2
- uses: actions/setup-node#v1
- name: Install Yarn
run: npm install -g yarn
- uses: chrislennon/action-aws-cli#v1.1
- name: Install, Build and Deploy
run: |
whoami
ls -lah
pwd
The second workflow Code Deploy dose not get trigger after Code Int publishes/created a tag/realise
However when I manually create a realise/tag the second workflow Code Deploy get triggered
This seems to be by design as stated here .This is to stop recursive workflow runs.
I used this article to get around the problem