Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update Workflows to Version 0.16.2 #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions .github/workflows/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

This directory contains workflows to be used for Lessons using the {sandpaper}
lesson infrastructure. Two of these workflows require R (`sandpaper-main.yaml`
and `pr-recieve.yaml`) and the rest are bots to handle pull request management.
and `pr-receive.yaml`) and the rest are bots to handle pull request management.

These workflows will likely change as {sandpaper} evolves, so it is important to
keep them up-to-date. To do this in your lesson you can do the following in your
Expand Down Expand Up @@ -94,9 +94,9 @@ branch called `update/workflows` and a pull request is created. Maintainers are
encouraged to review the changes and accept the pull request if the outputs
are okay.

This update is run ~~weekly or~~ on demand.
This update is run weekly or on demand.

### 03 Maintain: Update Pacakge Cache (update-cache.yaml)
### 03 Maintain: Update Package Cache (update-cache.yaml)

For lessons that have generated content, we use {renv} to ensure that the output
is stable. This is controlled by a single lockfile which documents the packages
Expand Down Expand Up @@ -140,7 +140,7 @@ Once the checks are finished, a comment is issued to the pull request, which
will allow maintainers to determine if it is safe to run the
"Receive Pull Request" workflow from new contributors.

### Recieve Pull Request (pr-recieve.yaml)
### Receive Pull Request (pr-receive.yaml)

**Note of caution:** This workflow runs arbitrary code by anyone who creates a
pull request. GitHub has safeguarded the token used in this workflow to have no
Expand Down Expand Up @@ -171,7 +171,7 @@ The artifacts produced are used by the next workflow.

### Comment on Pull Request (pr-comment.yaml)

This workflow is triggered if the `pr-recieve.yaml` workflow is successful.
This workflow is triggered if the `pr-receive.yaml` workflow is successful.
The steps in this workflow are:

1. Test if the workflow is valid and comment the validity of the workflow to the
Expand Down
7 changes: 3 additions & 4 deletions .github/workflows/pr-close-signal.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,16 +8,15 @@ on:
jobs:
send-close-signal:
name: "Send closing signal"
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
if: ${{ github.event.action == 'closed' }}
steps:
- name: "Create PRtifact"
run: |
mkdir -p ./pr
printf ${{ github.event.number }} > ./pr/NUM
- name: Upload Diff
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: pr
name: pr
path: ./pr

29 changes: 17 additions & 12 deletions .github/workflows/pr-comment.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -20,9 +20,9 @@ jobs:
# - no .github files were committed
test-pr:
name: "Test if pull request is valid"
runs-on: ubuntu-latest
if: >
github.event.workflow_run.event == 'pull_request' &&
runs-on: ubuntu-22.04
if: >
github.event.workflow_run.event == 'pull_request' &&
github.event.workflow_run.conclusion == 'success'
outputs:
is_valid: ${{ steps.check-pr.outputs.VALID }}
Expand Down Expand Up @@ -74,13 +74,15 @@ jobs:
create-branch:
name: "Create Git Branch"
needs: test-pr
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
if: ${{ needs.test-pr.outputs.is_valid == 'true' }}
env:
NR: ${{ needs.test-pr.outputs.number }}
permissions:
contents: write
steps:
- name: 'Checkout md outputs'
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
ref: md-outputs
path: built
Expand All @@ -104,9 +106,9 @@ jobs:
git config --local user.name "GitHub Actions"
CURR_HEAD=$(git rev-parse HEAD)
git checkout --orphan md-outputs-PR-${NR}
git add -A
git add -A
git commit -m "source commit: ${CURR_HEAD}"
ls -A | grep -v '^.git$' | xargs rm -r
ls -A | grep -v '^.git$' | xargs -I _ rm -r '_'
cd ..
unzip -o -d built built.zip
cd built
Expand All @@ -118,18 +120,20 @@ jobs:
comment-pr:
name: "Comment on Pull Request"
needs: [test-pr, create-branch]
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
if: ${{ needs.test-pr.outputs.is_valid == 'true' }}
env:
NR: ${{ needs.test-pr.outputs.number }}
permissions:
pull-requests: write
steps:
- name: 'Download comment artifact'
id: dl
uses: carpentries/actions/download-workflow-artifact@main
with:
run: ${{ github.event.workflow_run.id }}
name: 'diff'

- if: ${{ steps.dl.outputs.success == 'true' }}
run: unzip ${{ github.workspace }}/diff.zip

Expand All @@ -138,19 +142,21 @@ jobs:
if: ${{ steps.dl.outputs.success == 'true' }}
uses: carpentries/actions/comment-diff@main
with:
pr: ${{ env.NR }}
pr: ${{ env.NR }}
path: ${{ github.workspace }}/diff.md

# Comment if the PR is open and matches the SHA, but the workflow files have
# changed
comment-changed-workflow:
name: "Comment if workflow files have changed"
needs: test-pr
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
if: ${{ always() && needs.test-pr.outputs.is_valid == 'false' }}
env:
NR: ${{ github.event.workflow_run.pull_requests[0].number }}
body: ${{ needs.test-pr.outputs.msg }}
permissions:
pull-requests: write
steps:
- name: 'Check for spoofing'
id: dl
Expand All @@ -176,4 +182,3 @@ jobs:
with:
pr: ${{ env.NR }}
body: ${{ env.body }}

4 changes: 3 additions & 1 deletion .github/workflows/pr-post-remove-branch.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,12 @@ on:
jobs:
delete:
name: "Delete branch from Pull Request"
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
if: >
github.event.workflow_run.event == 'pull_request' &&
github.event.workflow_run.conclusion == 'success'
permissions:
contents: write
steps:
- name: 'Download artifact'
uses: carpentries/actions/download-workflow-artifact@main
Expand Down
4 changes: 3 additions & 1 deletion .github/workflows/pr-preflight.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,11 @@ jobs:
test-pr:
name: "Test if pull request is valid"
if: ${{ github.event.action != 'closed' }}
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
outputs:
is_valid: ${{ steps.check-pr.outputs.VALID }}
permissions:
pull-requests: write
steps:
- name: "Get Invalid Hashes File"
id: hash
Expand Down
19 changes: 10 additions & 9 deletions .github/workflows/pr-receive.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ jobs:
test-pr:
name: "Record PR number"
if: ${{ github.event.action != 'closed' }}
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
outputs:
is_valid: ${{ steps.check-pr.outputs.VALID }}
steps:
Expand All @@ -25,7 +25,7 @@ jobs:
- name: "Upload PR number"
id: upload
if: ${{ always() }}
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: pr
path: ${{ github.workspace }}/NR
Expand All @@ -48,7 +48,7 @@ jobs:
build-md-source:
name: "Build markdown source files if valid"
needs: test-pr
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
if: ${{ needs.test-pr.outputs.is_valid == 'true' }}
env:
GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -58,10 +58,10 @@ jobs:
MD: ${{ github.workspace }}/site/built
steps:
- name: "Check Out Main Branch"
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: "Check Out Staging Branch"
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
ref: md-outputs
path: ${{ env.MD }}
Expand Down Expand Up @@ -107,20 +107,21 @@ jobs:
shell: Rscript {0}

- name: "Upload PR"
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: pr
path: ${{ env.PR }}
overwrite: true

- name: "Upload Diff"
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: diff
path: ${{ env.CHIVE }}
retention-days: 1

- name: "Upload Build"
uses: actions/upload-artifact@v2
uses: actions/upload-artifact@v4
with:
name: built
path: ${{ env.MD }}
Expand Down
7 changes: 5 additions & 2 deletions .github/workflows/sandpaper-main.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,10 @@ on:
jobs:
full-build:
name: "Build Full Site"
runs-on: ubuntu-latest

# 2024-10-01: ubuntu-latest is now 24.04 and R is not installed by default in the runner image
# pin to 22.04 for now
runs-on: ubuntu-22.04
permissions:
checks: write
contents: write
Expand All @@ -32,7 +35,7 @@ jobs:
steps:

- name: "Checkout Lesson"
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: "Set up R"
uses: r-lib/actions/setup-r@v2
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sandpaper-version.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
0.11.3
0.16.10
18 changes: 9 additions & 9 deletions .github/workflows/update-cache.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ on:
jobs:
preflight:
name: "Preflight Check"
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
outputs:
ok: ${{ steps.check.outputs.ok }}
steps:
Expand All @@ -36,14 +36,14 @@ jobs:

check_renv:
name: "Check if We Need {renv}"
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
needs: preflight
if: ${{ needs.preflight.outputs.ok == 'true'}}
outputs:
needed: ${{ steps.renv.outputs.exists }}
steps:
- name: "Checkout Lesson"
uses: actions/checkout@v3
uses: actions/checkout@v4
- id: renv
run: |
if [[ -d renv ]]; then
Expand All @@ -52,7 +52,7 @@ jobs:

check_token:
name: "Check SANDPAPER_WORKFLOW token"
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
needs: check_renv
if: ${{ needs.check_renv.outputs.needed == 'true' }}
outputs:
Expand All @@ -69,14 +69,14 @@ jobs:
name: "Update Package Cache"
needs: check_token
if: ${{ needs.check_token.outputs.repo== 'true' }}
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
env:
GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }}
RENV_PATHS_ROOT: ~/.local/share/renv/
steps:

- name: "Checkout Lesson"
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: "Set up R"
uses: r-lib/actions/setup-r@v2
Expand All @@ -93,7 +93,7 @@ jobs:
- name: Create Pull Request
id: cpr
if: ${{ steps.update.outputs.n > 0 }}
uses: peter-evans/create-pull-request@v4.2.0
uses: carpentries/create-pull-request@main
with:
token: ${{ secrets.SANDPAPER_WORKFLOW }}
delete-branch: true
Expand All @@ -119,7 +119,7 @@ jobs:
```

- Auto-generated by [create-pull-request][1] on ${{ steps.update.outputs.date }}
[1]: https://github.com/peter-evans/create-pull-request

[1]: https://github.com/carpentries/create-pull-request/tree/main
labels: "type: package cache"
draft: false
14 changes: 7 additions & 7 deletions .github/workflows/update-workflows.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ on:
jobs:
check_token:
name: "Check SANDPAPER_WORKFLOW token"
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
outputs:
workflow: ${{ steps.validate.outputs.wf }}
repo: ${{ steps.validate.outputs.repo }}
Expand All @@ -31,23 +31,23 @@ jobs:

update_workflow:
name: "Update Workflow"
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
needs: check_token
if: ${{ needs.check_token.outputs.workflow == 'true' }}
steps:
- name: "Checkout Repository"
uses: actions/checkout@v3
uses: actions/checkout@v4

- name: Update Workflows
id: update
uses: carpentries/actions/update-workflows@main
with:
clean: ${{ github.event.inputs.clean }}

- name: Create Pull Request
id: cpr
if: "${{ steps.update.outputs.new }}"
uses: peter-evans/create-pull-request@v4.2.0
uses: carpentries/create-pull-request@main
with:
token: ${{ secrets.SANDPAPER_WORKFLOW }}
delete-branch: true
Expand All @@ -60,7 +60,7 @@ jobs:
Update Workflows from sandpaper version ${{ steps.update.outputs.old }} -> ${{ steps.update.outputs.new }}

- Auto-generated by [create-pull-request][1] on ${{ steps.update.outputs.date }}
[1]: https://github.com/peter-evans/create-pull-request

[1]: https://github.com/carpentries/create-pull-request/tree/main
labels: "type: template and tools"
draft: false