pulumi/.github/workflows/on-merge.yml

90 lines
2.0 KiB
YAML

name: Merge
permissions:
# To create a draft release.
contents: write
# To sign artifacts.
id-token: write
on:
merge_group:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
info:
name: info
uses: ./.github/workflows/ci-info.yml
permissions:
contents: read
with:
ref: ${{ github.ref }}
is-snapshot: false
secrets: inherit
ci:
name: CI
needs: [info]
uses: ./.github/workflows/ci.yml
permissions:
contents: read
# To sign artifacts.
id-token: write
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
enable-coverage: true
secrets: inherit
prepare-release:
name: prepare
needs: [info, ci]
uses: ./.github/workflows/ci-prepare-release.yml
permissions:
contents: write
# To sign artifacts.
id-token: write
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
release-notes: ${{ needs.info.outputs.release-notes }}
project: ${{ github.repository }}
secrets: inherit
dev-release:
name: dev-release
needs: [info, ci, prepare-release]
uses: ./.github/workflows/ci-dev-release.yml
permissions:
contents: write
# To sign artifacts.
id-token: write
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
secrets: inherit
ci-ok:
name: ci-ok
needs: [ci, prepare-release, dev-release]
if: always() # always report a status
runs-on: ubuntu-latest
steps:
- name: CI failed
if: ${{ needs.ci.result != 'success' }}
run: exit 1
- name: Release failed
if: ${{ needs.prepare-release.result != 'success' }}
run: exit 1
- name: Dev release failed
if: ${{ needs.dev-release.result != 'success' }}
run: exit 1
- name: CI succeeded
run: exit 0