diff --git a/.github/workflows/eval.yml b/.github/workflows/eval.yml index c17b1304deca..2db06fd9937c 100644 --- a/.github/workflows/eval.yml +++ b/.github/workflows/eval.yml @@ -2,6 +2,15 @@ name: Eval on: workflow_call: + inputs: + mergedSha: + required: true + type: string + targetSha: + type: string + systems: + required: true + type: string secrets: OWNER_APP_PRIVATE_KEY: required: false @@ -13,34 +22,12 @@ defaults: shell: bash jobs: - prepare: - runs-on: ubuntu-24.04-arm - outputs: - mergedSha: ${{ steps.get-merge-commit.outputs.mergedSha }} - targetSha: ${{ steps.get-merge-commit.outputs.targetSha }} - systems: ${{ steps.systems.outputs.systems }} - steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - sparse-checkout: | - .github/actions - ci/supportedSystems.json - - name: Check if the PR can be merged and get the test merge commit - uses: ./.github/actions/get-merge-commit - id: get-merge-commit - - - name: Load supported systems - id: systems - run: | - echo "systems=$(jq -c > "$GITHUB_OUTPUT" - eval: runs-on: ubuntu-24.04-arm - needs: [prepare] strategy: fail-fast: false matrix: - system: ${{ fromJSON(needs.prepare.outputs.systems) }} + system: ${{ fromJSON(inputs.systems) }} name: ${{ matrix.system }} steps: - name: Enable swap @@ -53,7 +40,7 @@ jobs: - name: Check out the PR at the test merge commit uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: - ref: ${{ needs.prepare.outputs.mergedSha }} + ref: ${{ inputs.mergedSha }} path: untrusted - name: Install Nix @@ -78,12 +65,12 @@ jobs: path: merged/* - name: Get target run id - if: needs.prepare.outputs.targetSha + if: inputs.targetSha id: targetRunId uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 env: MATRIX_SYSTEM: ${{ matrix.system }} - TARGET_SHA: ${{ needs.prepare.outputs.targetSha }} + TARGET_SHA: ${{ inputs.targetSha }} with: script: | const system = process.env.MATRIX_SYSTEM @@ -145,8 +132,8 @@ jobs: compare: runs-on: ubuntu-24.04-arm - needs: [prepare, eval] - if: needs.prepare.outputs.targetSha + needs: [eval] + if: inputs.targetSha permissions: issues: write # needed to create *new* labels pull-requests: write @@ -162,7 +149,7 @@ jobs: - name: Check out the PR at the target commit uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: - ref: ${{ needs.prepare.outputs.targetSha }} + ref: ${{ inputs.targetSha }} path: trusted - name: Install Nix @@ -180,8 +167,8 @@ jobs: env: AUTHOR_ID: ${{ github.event.pull_request.user.id }} run: | - git -C trusted fetch --depth 1 origin ${{ needs.prepare.outputs.mergedSha }} - git -C trusted diff --name-only ${{ needs.prepare.outputs.mergedSha }} \ + git -C trusted fetch --depth 1 origin ${{ inputs.mergedSha }} + git -C trusted diff --name-only ${{ inputs.mergedSha }} \ | jq --raw-input --slurp 'split("\n")[:-1]' > touched-files.json # Use the target branch to get accurate maintainer info @@ -243,8 +230,8 @@ jobs: # No dependency on "compare", so that it can start at the same time. # We only wait for the "comparison" artifact to be available, which makes the start-to-finish time # for the eval workflow considerably faster. - needs: [prepare, eval] - if: needs.prepare.outputs.targetSha + needs: [eval] + if: inputs.targetSha uses: ./.github/workflows/reviewers.yml secrets: OWNER_APP_PRIVATE_KEY: ${{ secrets.OWNER_APP_PRIVATE_KEY }} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 924a60d3752d..df2573b39414 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -18,6 +18,27 @@ concurrency: permissions: {} jobs: + prepare: + runs-on: ubuntu-24.04-arm + outputs: + mergedSha: ${{ steps.get-merge-commit.outputs.mergedSha }} + targetSha: ${{ steps.get-merge-commit.outputs.targetSha }} + systems: ${{ steps.systems.outputs.systems }} + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + sparse-checkout: | + .github/actions + ci/supportedSystems.json + - name: Check if the PR can be merged and get the test merge commit + uses: ./.github/actions/get-merge-commit + id: get-merge-commit + + - name: Load supported systems + id: systems + run: | + echo "systems=$(jq -c > "$GITHUB_OUTPUT" + check: name: Check uses: ./.github/workflows/check.yml @@ -31,6 +52,7 @@ jobs: eval: name: Eval + needs: [prepare] uses: ./.github/workflows/eval.yml permissions: # compare @@ -39,6 +61,10 @@ jobs: statuses: write secrets: OWNER_APP_PRIVATE_KEY: ${{ secrets.OWNER_APP_PRIVATE_KEY }} + with: + mergedSha: ${{ needs.prepare.outputs.mergedSha }} + targetSha: ${{ needs.prepare.outputs.targetSha }} + systems: ${{ needs.prepare.outputs.systems }} build: name: Build diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index a6836b186e06..407b77194f35 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -18,8 +18,24 @@ on: permissions: {} jobs: + prepare: + runs-on: ubuntu-24.04-arm + outputs: + systems: ${{ steps.systems.outputs.systems }} + steps: + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + sparse-checkout: | + ci/supportedSystems.json + + - name: Load supported systems + id: systems + run: | + echo "systems=$(jq -c > "$GITHUB_OUTPUT" + eval: name: Eval + needs: [prepare] uses: ./.github/workflows/eval.yml # Those are not actually used on push, but will throw an error if not set. permissions: @@ -27,3 +43,6 @@ jobs: issues: write pull-requests: write statuses: write + with: + mergedSha: ${{ github.sha }} + systems: ${{ needs.prepare.outputs.systems }}