From 5d4d5df88a6c4c9c4d73fa0ed7069fc2199bc267 Mon Sep 17 00:00:00 2001 From: Emily Bourke Date: Mon, 17 Jul 2023 14:38:23 +0100 Subject: [PATCH] CI: Use same workflow for dependabot and pulls MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit These had diverged a bit, and I think it’d be good for most things to be shared (everything that dependabot _can_ run), by using if conditions on the individual steps rather than the whole job. --- .github/workflows/ci.yml | 29 +++++++----- .github/workflows/dependabot.yml | 77 -------------------------------- 2 files changed, 19 insertions(+), 87 deletions(-) delete mode 100644 .github/workflows/dependabot.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 63b6768..dd84f5f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -10,10 +10,7 @@ on: jobs: CI: - if: >- - github.actor != 'dependabot[bot]' - && github.event.pull_request.user.login != 'dependabot[bot]' - && github.repository_owner == 'guardian' + if: github.repository_owner == 'guardian' # Required by actions-assume-aws-role permissions: id-token: write @@ -36,15 +33,15 @@ jobs: - name: Env run: env + - name: Dump GitHub context + id: github_context_step + run: echo $JSON + env: + JSON: ${{ toJSON(github) }} + - name: Checkout uses: actions/checkout@v3 - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - aws-region: eu-west-1 - role-to-assume: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }} - - name: Setup Node uses: actions/setup-node@v3 with: @@ -64,8 +61,20 @@ jobs: - name: Generate CFN templates from GuCDK run: ./script/cfn.sh + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v2 + if: >- + github.actor != 'dependabot[bot]' + && github.event.pull_request.user.login != 'dependabot[bot]' + with: + aws-region: eu-west-1 + role-to-assume: ${{ secrets.GU_RIFF_RAFF_ROLE_ARN }} + - name: Upload to Riff-Raff uses: guardian/actions-riff-raff@v2 + if: >- + github.actor != 'dependabot[bot]' + && github.event.pull_request.user.login != 'dependabot[bot]' with: app: support-reminders configPath: ./riff-raff.yaml diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml deleted file mode 100644 index 0f1078e..0000000 --- a/.github/workflows/dependabot.yml +++ /dev/null @@ -1,77 +0,0 @@ -name: Test Dependabot PRs - -on: - pull_request: - -env: - GU_SUPPORT_WORKERS_LOAD_S3_CONFIG: false - -jobs: - run_node_tests: - if: (github.actor == 'dependabot[bot]' || github.event.pull_request.user.login == 'dependabot[bot]') - name: test dependabot - runs-on: ubuntu-latest - services: - postgres: - image: postgres - env: - POSTGRES_PASSWORD: postgres - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - ports: - - 5432:5432 - steps: - # ---- Logging ---- # - - name: Env - run: env - - - name: Dump GitHub context - id: github_context_step - run: echo $JSON - env: - JSON: ${{ toJSON(github) }} - - # ---- Setup ---- # - - name: Checkout repo - uses: actions/checkout@v3 - - - name: Setup Node - uses: guardian/actions-setup-node@v2.4.1 - with: - cache: 'yarn' - cache-dependency-path: yarn.lock - - - name: Install - support-reminders - run: yarn - - - name: Install - CDK - run: yarn - working-directory: cdk - - # ---- Build ---- # - - name: Build - support-reminders - run: yarn run build - - - - name: Build - CDK - run: yarn run build - working-directory: cdk - - # ---- Test ---- # - - name: Test - support-reminders - run: yarn run test - env: - TEST_DB_URL: postgresql://localhost/postgres - TEST_DB_USER: postgres - TEST_DB_PASSWORD: postgres - - - name: Test - CDK - run: yarn run test - working-directory: cdk - - - -