diff --git a/.github/actions/changed-files/action.yml b/.github/actions/changed-files/action.yml deleted file mode 100644 index 9e6a480393..0000000000 --- a/.github/actions/changed-files/action.yml +++ /dev/null @@ -1,50 +0,0 @@ -name: Changed Files -description: Checks changes against target branch - -outputs: - java: - description: Changes to Java files - value: ${{ steps.changes.outputs.java }} - themes: - description: Changes to themes - value: ${{ steps.changes.outputs.themes }} - js-adapter: - description: Changes to JavaScript adapter - value: ${{ steps.changes.outputs.js-adapter }} - -runs: - using: composite - steps: - - id: changes - name: Find changes - shell: bash - # language=bash - run: | - BASE_REF=${{ github.base_ref }} - - changed () { - git diff --name-only origin/${{ github.base_ref }} | grep -E "$1" &>/dev/null && echo true || echo false - } - - if [ "$BASE_REF" != "" ]; then - echo "Checking changes against orgin/$BASE_REF" - git fetch origin - - JAVA=`changed '^.*/.*.java$'` - THEMES=`changed '^themes/src/main/.*$'` - JS_ADAPTER=`changed '^adapters/oidc/js/.*$'` - else - echo "Not a pull request, marking everything as changed" - - JAVA=true - THEMES=true - JS_ADAPTER=true - fi - - echo "Java changed: $JAVA" - echo "Themes changed: $THEMES" - echo "JS adapter changed: $JS_ADAPTER" - - echo "java=$JAVA" >> $GITHUB_OUTPUT - echo "themes=$THEMES" >> $GITHUB_OUTPUT - echo "js-adapter=$JS_ADAPTER" >> $GITHUB_OUTPUT diff --git a/.github/actions/conditional/action.yml b/.github/actions/conditional/action.yml new file mode 100644 index 0000000000..810969ad84 --- /dev/null +++ b/.github/actions/conditional/action.yml @@ -0,0 +1,27 @@ +name: Changed Files +description: Checks changes against target branch + +outputs: + ci: + description: Should "ci.yml" execute + value: ${{ steps.changes.outputs.ci }} + codeql-java: + description: Should "codeql-analysis.yml / java" execute + value: ${{ steps.changes.outputs.codeql-java }} + codeql-themes: + description: Should "codeql-analysis.yml / themes" execute + value: ${{ steps.changes.outputs.codeql-themes }} + codeql-js_adapter: + description: Should "codeql-analysis.yml / js-adapter" execute + value: ${{ steps.changes.outputs.codeql-js_adapter }} + operator: + description: Should "operator-ci.yml" execute + value: ${{ steps.changes.outputs.operator }} + +runs: + using: composite + steps: + - id: changes + name: Find changes + shell: bash + run: .github/actions/conditional/conditional.sh origin ${{ github.base_ref }} diff --git a/.github/actions/conditional/conditional.sh b/.github/actions/conditional/conditional.sh new file mode 100755 index 0000000000..e7032f1f5e --- /dev/null +++ b/.github/actions/conditional/conditional.sh @@ -0,0 +1,49 @@ +#!/bin/bash -e + +REMOTE=$1 +BASE_REF=$2 + +if [ "$BASE_REF" != "" ]; then + if [ "$GITHUB_OUTPUT" != "" ]; then + echo "--------------------------------------------------------------------------------" + echo "Fetching '$BASE_REF' in '`git remote get-url $REMOTE`'" + echo "--------------------------------------------------------------------------------" + git fetch --depth 1 $REMOTE $BASE_REF + fi + + echo "--------------------------------------------------------------------------------" + echo "Changes compared to '$BASE_REF' in '`git remote get-url $REMOTE`'" + echo "--------------------------------------------------------------------------------" + git diff $REMOTE/$BASE_REF --name-only +else + echo "--------------------------------------------------------------------------------" + echo "Not a pull request, marking everything as changed" +fi + +echo "--------------------------------------------------------------------------------" +echo "Run conditions" +echo "--------------------------------------------------------------------------------" + +cat .github/actions/conditional/conditions | grep '=' | grep -v '#' | while read c; do + KEY=`echo $c | cut -d '=' -f 1` + PATTERN=`echo $c | cut -d '=' -f 2` + + if [ "$BASE_REF" != "" ]; then + DIFF=`echo $PATTERN | xargs git diff $REMOTE/$BASE_REF --name-only` + if [ "$DIFF" != "" ]; then + CHANGED=true + else + CHANGED=false + fi + else + CHANGED=true + fi + + echo "$KEY=$CHANGED" + + if [ "$GITHUB_OUTPUT" != "" ]; then + echo "$KEY=$CHANGED" >> $GITHUB_OUTPUT + fi +done + +echo "--------------------------------------------------------------------------------" \ No newline at end of file diff --git a/.github/actions/conditional/conditions b/.github/actions/conditional/conditions new file mode 100644 index 0000000000..f3d3ce783b --- /dev/null +++ b/.github/actions/conditional/conditions @@ -0,0 +1,12 @@ +# File patterns used to decide what workflows/jobs to execute for a given PR +# +# To test a pattern run '.github/actions/conditional/conditional.sh ' +# Alternatively, run 'git diff / ' (from the root directory) + +ci=*/pom.xml */src/main/ */src/test/ + +operator=*/pom.xml */src/main/ */src/test/ + +codeql-java=*.java +codeql-themes=themes/ +codeql-js_adapter=adapters/oidc/js/ \ No newline at end of file diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3a6fe8f084..d47aa1bb4d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,10 +25,24 @@ defaults: shell: bash jobs: - build: - name: Build + + conditional: + name: Check conditional workflows and jobs if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest + outputs: + ci: ${{ steps.conditional.outputs.ci }} + steps: + - uses: actions/checkout@v3 + + - id: conditional + uses: ./.github/actions/conditional + + build: + name: Build + if: needs.conditional.outputs.ci == 'true' + runs-on: ubuntu-latest + needs: conditional steps: - uses: actions/checkout@v3 @@ -501,7 +515,9 @@ jobs: check: name: Status Check - Keycloak CI if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) - needs: [check-set-status] + needs: + - conditional + - check-set-status runs-on: ubuntu-latest steps: @@ -510,4 +526,5 @@ jobs: - name: Check status uses: ./.github/actions/checks-job-pass with: + required: ${{ needs.conditional.outputs.ci }} conclusion: ${{ needs.check-set-status.outputs.conclusion }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 62cdd1c761..b52a8dfedc 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -21,25 +21,25 @@ defaults: jobs: - changes: - name: Check changes + conditional: + name: Check conditional workflows and jobs if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest outputs: - java: ${{ steps.changes.outputs.java }} - themes: ${{ steps.changes.outputs.themes }} - js-adapter: ${{ steps.changes.outputs.js-adapter }} + java: ${{ steps.conditional.outputs.codeql-java }} + themes: ${{ steps.conditional.outputs.codeql-themes }} + js-adapter: ${{ steps.conditional.outputs.codeql-js_adapter }} steps: - uses: actions/checkout@v3 - - id: changes - uses: ./.github/actions/changed-files + - id: conditional + uses: ./.github/actions/conditional java: name: CodeQL Java - needs: changes + needs: conditional runs-on: ubuntu-latest - if: needs.changes.outputs.java == 'true' + if: needs.conditional.outputs.java == 'true' outputs: conclusion: ${{ steps.check.outputs.conclusion }} @@ -66,9 +66,9 @@ jobs: js-adapter: name: CodeQL JavaScript Adapter - needs: changes + needs: conditional runs-on: ubuntu-latest - if: needs.changes.outputs.js-adapter == 'true' + if: needs.conditional.outputs.js-adapter == 'true' outputs: conclusion: ${{ steps.check.outputs.conclusion }} @@ -95,9 +95,9 @@ jobs: themes: name: CodeQL Themes - needs: changes + needs: conditional runs-on: ubuntu-latest - if: needs.changes.outputs.themes == 'true' + if: needs.conditional.outputs.themes == 'true' outputs: conclusion: ${{ steps.check.outputs.conclusion }} @@ -125,7 +125,7 @@ jobs: check: name: Status Check - CodeQL if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) - needs: [changes, java, js-adapter, themes] + needs: [conditional, java, js-adapter, themes] runs-on: ubuntu-latest steps: @@ -134,17 +134,17 @@ jobs: - name: CodeQL Java uses: ./.github/actions/checks-job-pass with: - required: ${{ needs.changes.outputs.java }} + required: ${{ needs.conditional.outputs.java }} conclusion: ${{ needs.java.outputs.conclusion }} - name: CodeQL JavaScript Adapter uses: ./.github/actions/checks-job-pass with: - required: ${{ needs.changes.outputs.js-adapter }} + required: ${{ needs.conditional.outputs.js-adapter }} conclusion: ${{ needs.js-adapter.outputs.conclusion }} - name: CodeQL Themes uses: ./.github/actions/checks-job-pass with: - required: ${{ needs.changes.outputs.themes }} + required: ${{ needs.conditional.outputs.themes }} conclusion: ${{ needs.themes.outputs.conclusion }} diff --git a/.github/workflows/operator-ci.yml b/.github/workflows/operator-ci.yml index aa61ecd1af..01457e96a0 100644 --- a/.github/workflows/operator-ci.yml +++ b/.github/workflows/operator-ci.yml @@ -26,10 +26,24 @@ concurrency: cancel-in-progress: true jobs: - build: - name: Build distribution + + conditional: + name: Check conditional workflows and jobs if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest + outputs: + operator: ${{ steps.conditional.outputs.operator }} + steps: + - uses: actions/checkout@v3 + + - id: conditional + uses: ./.github/actions/conditional + + build: + name: Build distribution + if: needs.conditional.outputs.operator == 'true' + runs-on: ubuntu-latest + needs: conditional steps: - uses: actions/checkout@v3 @@ -213,7 +227,9 @@ jobs: check: name: Status Check - Keycloak Operator CI if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) - needs: [check-set-status] + needs: + - conditional + - check-set-status runs-on: ubuntu-latest steps: @@ -222,4 +238,5 @@ jobs: - name: Check status uses: ./.github/actions/checks-job-pass with: + required: ${{ needs.conditional.outputs.operator }} conclusion: ${{ needs.check-set-status.outputs.conclusion }}