Build and Review PR #12 #4

Workflow file for this run

.github/workflows/build-and-review-pr.yml at 4b97fb1

	name: Build and Review PR
	run-name: 'Build and Review PR #${{ github.event.pull_request.number }}'

	on:
	# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
	#
	# This workflow uses the pull_request trigger which prevents write permissions on the
	# GH_TOKEN and secrets access from public forks. This should remain as a pull_request
	# trigger to minimize the access public forks have in the repository. The reduced
	# permissions are adequate but do mean that re-compiles and readme changes will have to be
	# made manually by the PR author. These auto-updates could be done by this workflow
	# for branches but in order to re-trigger a PR build (which is needed for status checks),
	# we would make the commits with a different user and their PAT. To minimize exposure
	# and complication we will request those changes be manually made by the PR author.
	pull_request:
	types: [opened, synchronize, reopened]
	# paths:
	# Do not include specific paths here. We always want this build to run and produce a
	# status check which are branch protection rules can use. If this is skipped because of
	# path filtering, a status check will not be created and we won't be able to merge the PR
	# without disabling that requirement. If we have a status check that is always produced,
	# we can also use that to require all branches be up to date before they are merged.

	jobs:
	build-and-review-pr:
	# This reusable workflow will check to see if an action's source code has changed based on
	# whether the PR includes files that match the files-with-code arg or are in one of the
	# dirs-with-code directories. If there are source code changes, this reusable workflow
	# will then run the action's build (if one was provided) and update the README.md with the
	# the latest version of the action. If those two steps result in any changes that need to
	# be committed, the workflow will fail because the PR needs some updates. Instructions for
	# updating the PR will be available in the build log, the workflow summary and as a PR
	# comment if the PR came from a branch (not a fork).
	# This workflow assumes:
	# - The main README.md is at the root of the repo
	# - The README contains a contribution guidelines and usage examples section
	uses: im-open/.github/.github/workflows/reusable-build-and-review-pr.yml@v1
	with:
	action-name: ${{ github.repository }}
	default-branch: main
	readme-name: 'README.md'

	# The id of the contribution guidelines section of the README.md
	readme-contribution-id: '#contributing'

	# The id of the usage examples section of the README.md
	readme-examples-id: '#usage-examples'

	# The files that contain source code for the action. Only files that affect the action's execution
	# should be included like action.yml or package.json. Do not include files like README.md or .gitignore.
	# Files do not need to be explicitly provided here if they fall under one of the dirs in dirs-with-code.
	# ** This value must match the same files-with-code argument specified in increment-version-on-merge.yml.
	files-with-code: 'action.yml'

	# The directories that contain source code for the action. Only dirs with files that affect the action's
	# execution should be included like src or dist. Do not include dirs like .github or node_modules.
	# ** This value must match the same dirs-with-code argument specified in increment-version-on-merge.yml.
	dirs-with-code: ''

	# The npm script to run to build the action. This is typically 'npm run build' if the
	# action needs to be compiled. For composite-run-steps actions this is typically empty.
	build-command: ''

	test:
	runs-on: ubuntu-latest

	env:
	# NOTE: These three releases have been created in this action's repository to test with.
	# If they are removed or updated, these tests will fail.
	EXISTING_BRANCH: 'main'
	EXISTING_TAG: 'v1.2.1'
	EXISTING_SHA: 'd1646b13d2370437f7ca85233d340cb2e15b74c7'
	NONEXISTENT_REF: 'v304.973.444'

	steps:
	- uses: actions/checkout@v3

	#--------------------------------------
	# EXISTING BRANCH REF
	#--------------------------------------
	- name: '-------------------------------------------------------------------------------------------------------'
	run: echo ""

	- name: When validating an existing branch (${{ env.EXISTING_BRANCH}})
	uses: ./
	if: always()
	id: existing-branch
	with:
	branch-tag-sha: ${{ env.EXISTING_BRANCH }}
	throw-errors: true

	- name: Then the outcome should be success
	if: always()
	run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.existing-branch.outcome }}"

	- name: And the REF_EXISTS output should be true
	if: always()
	run: ./test/assert-values-match.sh --name "REF_EXISTS" --expected "true" --actual "${{ steps.existing-branch.outputs.REF_EXISTS }}"

	- name: And the REF_TYPE output should be branch
	if: always()
	run: ./test/assert-values-match.sh --name "REF_TYPE" --expected "branch" --actual "${{ steps.existing-branch.outputs.REF_TYPE }}"


	#--------------------------------------
	# EXISTING TAG REF
	#--------------------------------------
	- name: '-------------------------------------------------------------------------------------------------------'
	run: echo ""

	- name: When validating an existing tag (${{ env.EXISTING_TAG}})
	uses: ./
	if: always()
	id: existing-tag
	with:
	branch-tag-sha: ${{ env.EXISTING_TAG }}
	throw-errors: true

	- name: Then the outcome should be success
	if: always()
	run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.existing-tag.outcome }}"

	- name: And the REF_EXISTS output should be true
	if: always()
	run: ./test/assert-values-match.sh --name "REF_EXISTS" --expected "true" --actual "${{ steps.existing-tag.outputs.REF_EXISTS }}"

	- name: And the REF_TYPE output should be tag
	if: always()
	run: ./test/assert-values-match.sh --name "REF_TYPE" --expected "tag" --actual "${{ steps.existing-tag.outputs.REF_TYPE }}"

	#--------------------------------------
	# EXISTING SHA REF
	#--------------------------------------
	- name: '-------------------------------------------------------------------------------------------------------'
	run: echo ""

	- name: When validating an existing sha (${{ env.EXISTING_SHA}})
	uses: ./
	if: always()
	id: existing-sha
	with:
	branch-tag-sha: ${{ env.EXISTING_SHA }}
	throw-errors: true

	- name: Then the outcome should be success
	if: always()
	run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.existing-sha.outcome }}"

	- name: And the REF_EXISTS output should be true
	if: always()
	run: ./test/assert-values-match.sh --name "REF_EXISTS" --expected "true" --actual "${{ steps.existing-sha.outputs.REF_EXISTS }}"

	- name: And the REF_TYPE output should be sha
	if: always()
	run: ./test/assert-values-match.sh --name "REF_TYPE" --expected "sha" --actual "${{ steps.existing-sha.outputs.REF_TYPE }}"

	#-------------------------------------------------
	# REF DOES NOT EXIST WITH THROW-ERROR SET TO FALSE
	#-------------------------------------------------
	- name: '-------------------------------------------------------------------------------------------------------'
	run: echo ""

	- name: When validating an non-existent ref (${{ env.NONEXISTENT_REF}}) and throw-errors is false
	uses: ./
	if: always()
	id: nonexistent-ref-no-errors
	with:
	branch-tag-sha: ${{ env.EXISTING_SHA }}
	throw-errors: false

	- name: Then the outcome should be success
	if: always()
	run: ./test/assert-values-match.sh --name "step outcome" --expected "success" --actual "${{ steps.nonexistent-ref-no-errors.outcome }}"

	- name: And the REF_EXISTS output should be false
	if: always()
	run: ./test/assert-values-match.sh --name "REF_EXISTS" --expected "false" --actual "${{ steps.nonexistent-ref-no-errors.outputs.REF_EXISTS }}"

	- name: And the REF_TYPE output should be unknown
	if: always()
	run: ./test/assert-values-match.sh --name "REF_TYPE" --expected "unknown" --actual "${{ steps.nonexistent-ref-no-errors.outputs.REF_TYPE }}"

	#-------------------------------------------------
	# REF DOES NOT EXIST WITH THROW-ERROR SET TO TRUE
	#-------------------------------------------------
	- name: '-------------------------------------------------------------------------------------------------------'
	run: echo ""

	- name: When validating an non-existent ref (${{ env.NONEXISTENT_REF}}) and throw-errors is false
	uses: ./
	if: always()
	id: nonexistent-ref-with-errors
	with:
	branch-tag-sha: ${{ env.EXISTING_SHA }}
	throw-errors: false

	- name: Then the outcome should be failure
	if: always()
	run: ./test/assert-values-match.sh --name "step outcome" --expected "failure" --actual "${{ steps.nonexistent-ref-with-errors.outcome }}"

	- name: And the REF_EXISTS output should be false
	if: always()
	run: ./test/assert-values-match.sh --name "REF_EXISTS" --expected "false" --actual "${{ steps.nonexistent-ref-with-errors.outputs.REF_EXISTS }}"

	- name: And the REF_TYPE output should be unknown
	if: always()
	run: ./test/assert-values-match.sh --name "REF_TYPE" --expected "unknown" --actual "${{ steps.nonexistent-ref-with-errors.outputs.REF_TYPE }}"

	- name: '-------------------------------------------------------------------------------------------------------'
	run: echo ""

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build and Review PR #12 #4

Workflow file

Build and Review PR #12 #4

Jobs

Run details

Workflow file for this run