ic/.github/workflows/ci-kickoff-manual.yml at master · dfinity/ic · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
name: CI Kickoff Manual

on:
  workflow_dispatch:
    inputs:
      commit-sha:
        description: 'The commit SHA to run the workflow on'
        required: true
        default: ''
      pr-number:
        description: 'The PR number' # this is used for posting comments with the CI link
        required: true
        default: ''
      confirm:
        description: 'Check this box to confirm you have reviewed the PR at the specified commit'
        required: true
        type: boolean

jobs:
  get-pr-refs:
    name: Get PR Refs
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: read
    outputs:
      base-ref: ${{ steps.fetch.outputs.base_ref }}
      head-ref: ${{ steps.fetch.outputs.head_ref }}
    steps:
      - name: Fetch PR Base Ref
        id: fetch
        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        with:
          script: |
            const prNumber = parseInt('${{ inputs.pr-number }}', 10);
            if (isNaN(prNumber)) {
              core.setFailed('Invalid pr-number input');
              return;
            }
            const { data: pr } = await github.rest.pulls.get({
              owner: context.repo.owner,
              repo: context.repo.repo,
              pull_number: prNumber
            });
            core.info(`PR #${prNumber} base ref: ${pr.base.ref}, head ref: ${pr.head.ref}`);
            core.setOutput('base_ref', pr.base.ref);
            core.setOutput('head_ref', pr.head.ref);

  ci-main:
    name: CI Main
    uses: ./.github/workflows/ci-main.yml
    secrets: inherit
    with:
      commit-sha: ${{ inputs.commit-sha }}
    permissions:
      contents: read
      id-token: write
      pull-requests: read

  ci-pr-only:
    name: CI PR Only
    needs: [get-pr-refs]
    uses: ./.github/workflows/ci-pr-only.yml
    secrets: inherit
    with:
      commit-sha: ${{ inputs.commit-sha }}
      base-ref: ${{ needs.get-pr-refs.outputs.base-ref }}
      head-ref: ${{ needs.get-pr-refs.outputs.head-ref }}
      pr-number: ${{ inputs.pr-number }}
    permissions:
      contents: read
      pull-requests: write

  post-required-check-status-ci-main:
    name: CI Main Required Check Status
    runs-on: ubuntu-latest
    needs: [ci-main]
    if: success() || failure()
    permissions:
      contents: read
      pull-requests: write
      statuses: write
    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.commit-sha }}
      - uses: ./.github/actions/post-commit-status
        with:
          commit-sha: ${{ inputs.commit-sha }}
          run-result: ${{ needs.ci-main.result }}
          name: ci-main-status

  post-required-check-status-ci-pr-only:
    name: CI PR Only Post Required Check Status
    runs-on: ubuntu-latest
    needs: [ci-pr-only]
    if: success() || failure()
    permissions:
      contents: read
      pull-requests: write
      statuses: write
    steps:
      - uses: actions/checkout@v4
        with:
          ref: ${{ inputs.commit-sha }}
      - uses: ./.github/actions/post-commit-status
        with:
          commit-sha: ${{ inputs.commit-sha }}
          run-result: ${{ needs.ci-pr-only.result }}
          name: ci-pr-only-status

  post-comment-with-ci-link:
    name: Post Comment with CI Link
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write
    steps:
      - name: Add PR Comment
        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
        with:
          script: |
            let message = 'Run on ${{ inputs.commit-sha }} URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n\n'

            github.rest.issues.createComment({
              issue_number: ${{ inputs.pr-number }},
              owner: context.repo.owner,
              repo: context.repo.repo,
              body: message
            })

  notify-slack-new-workflow-run:
    name: Notify Slack for new External Contributor Workflow Run
    runs-on: ubuntu-latest
    steps:
      - name: Post to a Slack channel
        id: slack
        uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
        with:
          channel-id: ${{ secrets.EXT_WORKFLOW_RUN_CHANNEL }} # for security reasons, keep this masked
          slack-message: "External Contribution Workflow Run Started: <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}>"
        env:
          SLACK_BOT_TOKEN: ${{ secrets.SLACK_API_TOKEN }}