pulumi/.github/workflows/on-merge.yml

96 lines
2.1 KiB
YAML

name: Merge
permissions:
# To create a draft release.
contents: write
# To sign artifacts.
id-token: write
on:
merge_group:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
info:
name: info
uses: ./.github/workflows/ci-info.yml
permissions:
contents: read
with:
ref: ${{ github.ref }}
is-snapshot: false
secrets: inherit
ci:
name: CI
needs: [info]
uses: ./.github/workflows/ci.yml
strategy:
fail-fast: true
permissions:
contents: read
# To sign artifacts.
id-token: write
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
enable-coverage: true
fail-fast: true
test-retries: 2
acceptance-test-platforms: 'macos-latest'
secrets: inherit
performance-gate:
name: Performance Gate
needs: [info]
uses: ./.github/workflows/ci-performance-gate.yml
strategy:
fail-fast: true
permissions:
contents: read
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
test-version-sets: 'minimum current'
fail-fast: true
test-retries: 2
performance-test-platforms: ubuntu-latest
secrets: inherit
prepare-release:
name: prepare
needs: [info, ci]
uses: ./.github/workflows/ci-prepare-release.yml
permissions:
contents: write
# To sign artifacts.
id-token: write
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
release-notes: ${{ needs.info.outputs.release-notes }}
project: ${{ github.repository }}
secrets: inherit
ci-ok:
name: ci-ok
needs: [ci, performance-gate, prepare-release]
if: always() # always report a status
runs-on: ubuntu-latest
steps:
- name: CI failed
if: ${{ needs.ci.result != 'success' }}
run: exit 1
- name: Release failed
if: ${{ needs.prepare-release.result != 'success' }}
run: exit 1
- name: CI succeeded
run: exit 0