mirror of
https://github.com/kata-containers/kata-containers.git
synced 2026-02-21 14:22:24 +00:00
We hit a case that gatekeeper was failing due to thinking the WIP check had failed, but since it ran the PR had been edited to remove that from the title. We should listen to edits and unlabels of the PR to ensure that gatekeeper doesn't get outdated in situations like this. Signed-off-by: stevenhorsman <steven@uk.ibm.com>
56 lines
1.7 KiB
YAML
56 lines
1.7 KiB
YAML
name: Gatekeeper
|
|
|
|
# Gatekeeper uses the "skips.py" to determine which job names/regexps are
|
|
# required for given PR and waits for them to either complete or fail
|
|
# reporting the status.
|
|
|
|
on:
|
|
pull_request_target: # zizmor: ignore[dangerous-triggers] See #11332.
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
- reopened
|
|
- edited
|
|
- labeled
|
|
- unlabeled
|
|
|
|
permissions: {}
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
gatekeeper:
|
|
name: gatekeeper
|
|
runs-on: ubuntu-22.04
|
|
permissions:
|
|
actions: read
|
|
contents: read
|
|
issues: read
|
|
pull-requests: read
|
|
steps:
|
|
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
|
with:
|
|
ref: ${{ github.event.pull_request.head.sha }}
|
|
fetch-depth: 0
|
|
persist-credentials: false
|
|
- id: gatekeeper
|
|
env:
|
|
TARGET_BRANCH: ${{ github.event.pull_request.base.ref }}
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
COMMIT_HASH: ${{ github.event.pull_request.head.sha }}
|
|
GH_PR_NUMBER: ${{ github.event.pull_request.number }}
|
|
run: |
|
|
#!/usr/bin/env bash -x
|
|
mapfile -t lines < <(python3 tools/testing/gatekeeper/skips.py -t)
|
|
export REQUIRED_JOBS="${lines[0]}"
|
|
export REQUIRED_REGEXPS="${lines[1]}"
|
|
export REQUIRED_LABELS="${lines[2]}"
|
|
echo "REQUIRED_JOBS: $REQUIRED_JOBS"
|
|
echo "REQUIRED_REGEXPS: $REQUIRED_REGEXPS"
|
|
echo "REQUIRED_LABELS: $REQUIRED_LABELS"
|
|
python3 tools/testing/gatekeeper/jobs.py
|
|
exit $?
|
|
shell: /usr/bin/bash -x {0}
|