pulumi/.github/workflows/on-merge.yml

118 lines
2.8 KiB
YAML

name: Merge
permissions:
# To create a draft release.
contents: write
# To sign artifacts.
id-token: write
on:
merge_group:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
defaults:
run:
shell: bash
jobs:
info:
name: info
uses: ./.github/workflows/ci-info.yml
permissions:
contents: read
with:
ref: ${{ github.ref }}
is-snapshot: false
secrets: inherit
ci:
name: CI
needs: [info]
uses: ./.github/workflows/ci.yml
permissions:
contents: read
# To sign artifacts.
id-token: write
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
enable-coverage: true
secrets: inherit
prepare-release:
name: prepare
needs: [info, ci]
uses: ./.github/workflows/ci-prepare-release.yml
permissions:
contents: write
# To sign artifacts.
id-token: write
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
release-notes: ${{ needs.info.outputs.release-notes }}
project: ${{ github.repository }}
secrets: inherit
dev-release:
name: dev-release
needs: [info, ci, prepare-release]
uses: ./.github/workflows/ci-dev-release.yml
permissions:
contents: write
# To sign artifacts.
id-token: write
with:
ref: ${{ github.ref }}
version: ${{ needs.info.outputs.version }}
secrets: inherit
update-dev-version:
name: update-dev-version
needs: [dev-release]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
ref: ${{ github.ref }}
- name: Install Pulumictl
uses: jaxxstorm/action-install-gh-release@v1.7.1
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
with:
repo: pulumi/pulumictl
tag: v0.0.46
cache: enable
- name: Git describe
id: ghd
uses: proudust/gh-describe@v1
- name: Dispatch event to docs repo
env:
GITHUB_TOKEN: ${{ secrets.PULUMI_BOT_TOKEN }}
run: |
pulumictl dispatch -c pulumi-cli-dev-version -r pulumi/docs dev_version=${{ steps.ghd.outputs.describe }}
ci-ok:
name: ci-ok
needs: [ci, prepare-release, dev-release, update-dev-version]
if: always() # always report a status
runs-on: ubuntu-latest
steps:
- name: CI failed
if: ${{ needs.ci.result != 'success' }}
run: exit 1
- name: Release failed
if: ${{ needs.prepare-release.result != 'success' }}
run: exit 1
- name: Dev release failed
if: ${{ needs.dev-release.result != 'success' }}
run: exit 1
- name: Update dev version failed
if: ${{ needs.update-dev-version.result != 'success' }}
run: exit 1
- name: CI succeeded
run: exit 0