WIP

.github/filters.yml

@@ -0,0 +1,9 @@
+gemfile:
+  - Gemfile
+  - Appraisals
+  - datadog.gemspec
+  - tasks/appraisal.rake
+  - .github/workflows/lock-dependency.yml
+  - lib/datadog/version.rb
+  - appraisal/**
+  - gemfiles/**

.github/workflows/lock-dependency.yml

@@ -1,26 +1,73 @@
 name: Lock Dependency
 
+# This action cannot be skipped altogether because it is a mandatory status check.
+# Instead we conditionally skip it at job level, instead of workflow level.
 on:
-  workflow_dispatch:
-    inputs:
-      branch:
-        description: 'Branch to be lock dependency'
-        required: true
-  # Testing purpose, to be removed before merge.
+  # Execute on `push` and not `pull_request` because `pull_request`
+  # always compares if the `paths` have changed compared to the PR base.
+  # This is an issue because it means that all commits to the branch
+  # will trigger the gemfile update process, which is unnecessary and expensive.
+  #
+  # By executing on `push`, GitHub compares `paths` with the parent commit,
+  # meaning the gemfile update process will only execute on the exact commit
+  # that changes any of the `paths`.
+  #
+  # Because this process is slow and expensive, and we commit the gemfile changes back
+  # to the branch, we have an additional filter to only execute this action on branches
+  # attached to a PR.
+  #
+  # We could do the inverse: execute this action on `pull_request`, and additionally check
+  # if `paths` was changed compared to the parent commit, but this proved more complicated.
   push:
-    branches:
-      - tonycthsu/automate-update-gemfiles
 
 # Ensure obsolete job is cancelled if another commit is pushed to the same branch.
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
 jobs:
-  # TODO: In order to fully automate this workflow for each PR,
-  # have a reliable way to precheck job to understand whether it need to be updated
+  debug: # Debugging job to check the concurrency environment
+    name: Debug concurrency environment
+    runs-on: ubuntu-latest
+    steps:
+      - run: echo ${{ github.workflow }}
+      - run: echo ${{ github.ref }}
+  pr:
+    name: Check pull request attached
+    runs-on: ubuntu-latest
+    outputs:
+      pr_found: ${{ steps.pr.outputs.pr_found }}
+      pr_base_ref: ${{ steps.pr.outputs.pr.base.ref }}
+    steps:
+      # Only execute if there's a PR attached to this branch.
+      # Because we execute on `push`, we have to double check here if this is part of a PR.
+      - uses: 8BitJonny/[email protected]
+        id: pr
+        with:
+          filterOutClosed: true # Don't trigger on commits with closed PRs, including merges into `master`.
+      - name: "Pull Request ${{ steps.pr.outputs.number }}"
+        if: steps.pr.outputs.pr_found == 'true'
+        run: |
+          echo "from ${{ fromJSON(steps.pr.outputs.pr).head.ref }}"
+          echo "to ${{ fromJSON(steps.pr.outputs.pr).base.ref }}"
+  dependency:
+    name: Check dependency changed
+    needs: pr
+    if: ${{ needs.pr.outputs.pr_found == 'true' }}
+    runs-on: ubuntu-latest
+    outputs:
+      changes: ${{ steps.changes.outputs.gemfile }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: dorny/paths-filter@v3
+        id: changes
+        with:
+          base: ${{ needs.pr.outputs.pr_base_ref }}
+          filters: .github/filters.yml
   lock:
     runs-on: ubuntu-latest
+    needs: dependency
+    if: ${{ needs.dependency.outputs.changes == 'true' }}
     strategy:
       fail-fast: false
       matrix:
@@ -72,6 +119,7 @@ jobs:
           path: gemfiles/${{ matrix.engine.name }}_${{ matrix.engine.version }}*
 
   commit:
+    name: Commit changes
     needs: lock
     runs-on: ubuntu-latest
     permissions:
@@ -85,7 +133,8 @@ jobs:
           pattern: lock-dependency-${{ github.run_id }}-*
           merge-multiple: true
 
-      - run: git diff --color
+      - name: debug
+        run: git diff --color
 
       - uses: stefanzweifel/git-auto-commit-action@v5
         with: