forked from suzuki-shunsuke/tfaction-example
-
Notifications
You must be signed in to change notification settings - Fork 0
82 lines (76 loc) · 2.41 KB
/
test.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
---
name: test
on: pull_request
concurrency:
group: ${{ github.workflow }}--${{ github.ref }}
cancel-in-progress: true
jobs:
path-filter:
# Get changed files to filter jobs
outputs:
merge_commit_sha: ${{steps.pr.outputs.merge_commit_sha}}
update-aqua-checksums: ${{steps.changes.outputs.update-aqua-checksums}}
runs-on: ubuntu-latest
permissions:
pull-requests: read # To get pull requests of the private repository
steps:
- uses: suzuki-shunsuke/get-pr-action@b002e41164d7a39586b41f17f9caca4e98a1efe4 # v0.1.0
id: pr
- uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
id: changes
with:
filters: |
update-aqua-checksums:
- aqua.yaml
- aqua/*.yaml
- aqua-checksums.json
- .github/workflows/test.yaml
- .github/workflows/wc-update-aqua-checksums.yaml
# This job is used for branch protection rule
# Add this job to `Status checks that are required`
status-check:
runs-on: ubuntu-latest
needs:
- test
- hide-comment
- update-aqua-checksums
if: failure()
steps:
- run: exit 1
test:
uses: codimite/tfaction-workflows/.github/workflows/test.yaml@main
needs: path-filter
permissions:
id-token: write
contents: read
pull-requests: write
with:
ref: ${{needs.path-filter.outputs.merge_commit_sha}}
secrets:
gh_app_id: ${{secrets.APP_ID}}
gh_app_private_key: ${{secrets.APP_PRIVATE_KEY}}
secrets: ${{toJSON(secrets)}}
gh_token: ${{github.token}}
tfe_token: ${{secrets.TF_API_TOKEN}}
hide-comment:
uses: codimite/tfaction-workflows/.github/workflows/hide-comment.yaml@main
needs: path-filter
permissions:
contents: read
pull-requests: write
with:
ref: ${{needs.path-filter.outputs.merge_commit_sha}}
secrets:
gh_app_id: ${{secrets.APP_ID}}
gh_app_private_key: ${{secrets.APP_PRIVATE_KEY}}
update-aqua-checksums:
uses: codimite/tfaction-workflows/.github/workflows/update-aqua-checksums.yaml@main
needs: path-filter
if: needs.path-filter.outputs.update-aqua-checksums == 'true'
permissions:
contents: read
with:
ref: ${{needs.path-filter.outputs.merge_commit_sha}}
secrets:
gh_app_id: ${{secrets.APP_ID}}
gh_app_private_key: ${{secrets.APP_PRIVATE_KEY}}