Limit when workflows run on forks #32114
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Size Change: 0 B Total Size: 1.86 MB ℹ️ View Unchanged
|
youknowriad
approved these changes
Jun 2, 2021
desrosj
added a commit
that referenced
this pull request
Jun 7, 2021
Previously in #32114, adjustments were made to GHA workflow files to limit when workflows ran on forked repositories. But this missed the second job in the workflow that builds the release artifact. Because it was set to always run even though the previous job is required, it has continued to run on forks.
7 tasks
desrosj
added a commit
that referenced
this pull request
Jun 7, 2021
* Limit when release artifacts are built on forks. Previously in #32114, adjustments were made to GHA workflow files to limit when workflows ran on forked repositories. But this missed the second job in the workflow that builds the release artifact. Because it was set to always run even though the previous job is required, it has continued to run on forks. * Ensure the artifact is built always, even when the preceding job does not run.
|
The downside of this is that it makes it much harder to test (changes to) workflows on a fork 😕 E.g. to test #32560 on my own GB fork, I now need to comment out those checks (or modify them otherwise) and commit them; and later, I need to remember to revert those changes (or manually undo, if I had to apply other, conflicting changes) afterwards. Can we maybe remove these checks at least from the manually triggered/release related jobs? |
ockham
added a commit
that referenced
this pull request
Jun 18, 2021
Most of these job are only run manually anyway, so we shouldn't need to prohibit them from running on forks. Furthermore, these checks make it much harder to test changes to this workflow on a fork. See #32114 (comment)
ockham
added a commit
that referenced
this pull request
Jun 23, 2021
Most of these job are only run manually anyway, so we shouldn't need to prohibit them from running on forks. Furthermore, these checks make it much harder to test changes to this workflow on a fork. See #32114 (comment)
desrosj
added a commit
that referenced
this pull request
Jul 2, 2021
(cherry picked from commit 435dde4)
desrosj
added a commit
that referenced
this pull request
Jul 2, 2021
* Limit when release artifacts are built on forks. Previously in #32114, adjustments were made to GHA workflow files to limit when workflows ran on forked repositories. But this missed the second job in the workflow that builds the release artifact. Because it was set to always run even though the previous job is required, it has continued to run on forks. * Ensure the artifact is built always, even when the preceding job does not run. (cherry picked from commit 8fbc4d6)
desrosj
added a commit
that referenced
this pull request
Jul 2, 2021
(cherry picked from commit 435dde4)
desrosj
added a commit
that referenced
this pull request
Jul 2, 2021
* Limit when release artifacts are built on forks. Previously in #32114, adjustments were made to GHA workflow files to limit when workflows ran on forked repositories. But this missed the second job in the workflow that builds the release artifact. Because it was set to always run even though the previous job is required, it has continued to run on forks. * Ensure the artifact is built always, even when the preceding job does not run. (cherry picked from commit 8fbc4d6)
desrosj
added a commit
that referenced
this pull request
Jul 2, 2021
(cherry picked from commit 435dde4)
gziolo
pushed a commit
that referenced
this pull request
Jul 5, 2021
…33174) * Only calculate the compressed size when necessary. (#32161) This updates the compressed size workflow to run only when the files changes would have an impact on the package size. (cherry picked from commit 23d84b3) * Limit when workflows run on forks (#32114) (cherry picked from commit 435dde4) * Improvements to NPM package caching across workflows (#32458) * Use a consistent cache key for NPM packages across all workflows. Also, include the NodeJS version in the cache key in case different package versions are required. * Update the `actions/cache` action to the latest version. * Remove the strategy matrix from jobs with a single NodeJS version. For some reason, GitHub Actions will attach matrix values to job names in parenthesis. Because required checks are configured by job name, these need to stay consistent. (cherry picked from commit 7e54162) * Limit when release artifacts are built on forks: pt. 2 (#32494) * Limit when release artifacts are built on forks. Previously in #32114, adjustments were made to GHA workflow files to limit when workflows ran on forked repositories. But this missed the second job in the workflow that builds the release artifact. Because it was set to always run even though the previous job is required, it has continued to run on forks. * Ensure the artifact is built always, even when the preceding job does not run. (cherry picked from commit 8fbc4d6) * Use a different cache key for the PR automation workflow (#32588) * Use a different cache key for the PR automation workflow. * Update the `chalk` dependency to the latest version. (cherry picked from commit 05ed04a) * Fix flaky widgets-related E2E tests (#33066) * Remove empty keys from the compared object * Revert dev artifacts * Disable the gutenberg-test-marquee-widget plugin * Wrap marquee tests in their own describe statement * Lint * Update snapshots * Replace hello with howdy * Move plugin activation to beforeEach * Move deleteAllWidgets to beforeEach * Update tests * use data-testid rather than name attribute selectors * Remove any existing marquees before running the tests, use the "save" form button * Remove dev artifact Co-authored-by: Kai Hao <[email protected]> (cherry picked from commit 5cafe02) * Navigation: skip flakey tests (#33074) (cherry picked from commit 4d0959e) Co-authored-by: Adam Zielinski <[email protected]> Co-authored-by: Kerry Liu <[email protected]>
youknowriad
pushed a commit
that referenced
this pull request
Jul 5, 2021
…33174) * Only calculate the compressed size when necessary. (#32161) This updates the compressed size workflow to run only when the files changes would have an impact on the package size. (cherry picked from commit 23d84b3) * Limit when workflows run on forks (#32114) (cherry picked from commit 435dde4) * Improvements to NPM package caching across workflows (#32458) * Use a consistent cache key for NPM packages across all workflows. Also, include the NodeJS version in the cache key in case different package versions are required. * Update the `actions/cache` action to the latest version. * Remove the strategy matrix from jobs with a single NodeJS version. For some reason, GitHub Actions will attach matrix values to job names in parenthesis. Because required checks are configured by job name, these need to stay consistent. (cherry picked from commit 7e54162) * Limit when release artifacts are built on forks: pt. 2 (#32494) * Limit when release artifacts are built on forks. Previously in #32114, adjustments were made to GHA workflow files to limit when workflows ran on forked repositories. But this missed the second job in the workflow that builds the release artifact. Because it was set to always run even though the previous job is required, it has continued to run on forks. * Ensure the artifact is built always, even when the preceding job does not run. (cherry picked from commit 8fbc4d6) * Use a different cache key for the PR automation workflow (#32588) * Use a different cache key for the PR automation workflow. * Update the `chalk` dependency to the latest version. (cherry picked from commit 05ed04a) * Fix flaky widgets-related E2E tests (#33066) * Remove empty keys from the compared object * Revert dev artifacts * Disable the gutenberg-test-marquee-widget plugin * Wrap marquee tests in their own describe statement * Lint * Update snapshots * Replace hello with howdy * Move plugin activation to beforeEach * Move deleteAllWidgets to beforeEach * Update tests * use data-testid rather than name attribute selectors * Remove any existing marquees before running the tests, use the "save" form button * Remove dev artifact Co-authored-by: Kai Hao <[email protected]> (cherry picked from commit 5cafe02) * Navigation: skip flakey tests (#33074) (cherry picked from commit 4d0959e) Co-authored-by: Adam Zielinski <[email protected]> Co-authored-by: Kerry Liu <[email protected]>
youknowriad
pushed a commit
that referenced
this pull request
Jul 6, 2021
…33174) * Only calculate the compressed size when necessary. (#32161) This updates the compressed size workflow to run only when the files changes would have an impact on the package size. (cherry picked from commit 23d84b3) * Limit when workflows run on forks (#32114) (cherry picked from commit 435dde4) * Improvements to NPM package caching across workflows (#32458) * Use a consistent cache key for NPM packages across all workflows. Also, include the NodeJS version in the cache key in case different package versions are required. * Update the `actions/cache` action to the latest version. * Remove the strategy matrix from jobs with a single NodeJS version. For some reason, GitHub Actions will attach matrix values to job names in parenthesis. Because required checks are configured by job name, these need to stay consistent. (cherry picked from commit 7e54162) * Limit when release artifacts are built on forks: pt. 2 (#32494) * Limit when release artifacts are built on forks. Previously in #32114, adjustments were made to GHA workflow files to limit when workflows ran on forked repositories. But this missed the second job in the workflow that builds the release artifact. Because it was set to always run even though the previous job is required, it has continued to run on forks. * Ensure the artifact is built always, even when the preceding job does not run. (cherry picked from commit 8fbc4d6) * Use a different cache key for the PR automation workflow (#32588) * Use a different cache key for the PR automation workflow. * Update the `chalk` dependency to the latest version. (cherry picked from commit 05ed04a) * Fix flaky widgets-related E2E tests (#33066) * Remove empty keys from the compared object * Revert dev artifacts * Disable the gutenberg-test-marquee-widget plugin * Wrap marquee tests in their own describe statement * Lint * Update snapshots * Replace hello with howdy * Move plugin activation to beforeEach * Move deleteAllWidgets to beforeEach * Update tests * use data-testid rather than name attribute selectors * Remove any existing marquees before running the tests, use the "save" form button * Remove dev artifact Co-authored-by: Kai Hao <[email protected]> (cherry picked from commit 5cafe02) * Navigation: skip flakey tests (#33074) (cherry picked from commit 4d0959e) Co-authored-by: Adam Zielinski <[email protected]> Co-authored-by: Kerry Liu <[email protected]>
vcanales
pushed a commit
that referenced
this pull request
Jul 7, 2021
ockham
added a commit
that referenced
this pull request
Jul 7, 2021
* Remove repository checks Most of these job are only run manually anyway, so we shouldn't need to prohibit them from running on forks. Furthermore, these checks make it much harder to test changes to this workflow on a fork. See #32114 (comment) * Run build job only on manual trigger, or on gutenberg repo * Only run compute-stable-branches branch if triggered manually
desrosj
added a commit
that referenced
this pull request
Jul 13, 2021
* Remove repository checks Most of these job are only run manually anyway, so we shouldn't need to prohibit them from running on forks. Furthermore, these checks make it much harder to test changes to this workflow on a fork. See #32114 (comment) * Run build job only on manual trigger, or on gutenberg repo * Only run compute-stable-branches branch if triggered manually (cherry picked from 2f09068)
sarayourfriend
pushed a commit
that referenced
this pull request
Jul 15, 2021
* Remove repository checks Most of these job are only run manually anyway, so we shouldn't need to prohibit them from running on forks. Furthermore, these checks make it much harder to test changes to this workflow on a fork. See #32114 (comment) * Run build job only on manual trigger, or on gutenberg repo * Only run compute-stable-branches branch if triggered manually
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This adds conditional checks to GitHub Actions workflows to prevent workflows from running unnecessarily on forks.
This mimics the logic used in WordPress Core introduced in [49781] to only run workflows on forks when a contributor has opened a pull request to their fork. Push events should not trigger any workflows on forks.
Additionally, some workflows should never run on forks. For example, marking issues as stale, needs info, etc.
By preventing workflows from running on forks unless an intentional action is taken (opening a PR), we can be better community members, and potentially prevent thousands of unnecessary workflow runs.
How has this been tested?
Checklist:
*.native.jsfiles for terms that need renaming or removal).