Skip to content

[Email/RetPol] Harden retention policy for Email Inbox setup. #3858

[Email/RetPol] Harden retention policy for Email Inbox setup.

[Email/RetPol] Harden retention policy for Email Inbox setup. #3858

name: 'Pull Request Build'
on:
pull_request:
branches: [ 'main', 'releases/*', 'features/*' ]
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
cancel-in-progress: true
defaults:
run:
shell: powershell
permissions:
actions: read
contents: read
id-token: write
pull-requests: read
env:
workflowDepth: 2
ALGoOrgSettings: ${{ vars.ALGoOrgSettings }}
ALGoRepoSettings: ${{ vars.ALGoRepoSettings }}
jobs:
PregateCheck:
if: (github.event.pull_request.base.repo.full_name != github.event.pull_request.head.repo.full_name) && (github.event_name != 'pull_request')
runs-on: windows-latest
steps:
- uses: microsoft/AL-Go-Actions/[email protected]
Initialization:
needs: [ PregateCheck ]
if: (!failure() && !cancelled())
runs-on: [ windows-latest ]
outputs:
projects: ${{ steps.determineProjectsToBuild.outputs.ProjectsJson }}
projectDependenciesJson: ${{ steps.determineProjectsToBuild.outputs.ProjectDependenciesJson }}
buildOrderJson: ${{ steps.determineProjectsToBuild.outputs.BuildOrderJson }}
baselineWorkflowRunId: ${{ steps.determineProjectsToBuild.outputs.BaselineWorkflowRunId }}
workflowDepth: ${{ steps.DetermineWorkflowDepth.outputs.WorkflowDepth }}
telemetryScopeJson: ${{ steps.init.outputs.telemetryScopeJson }}
steps:
- name: Dump Workflow Information
uses: microsoft/AL-Go-Actions/[email protected]
with:
shell: powershell
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
with:
lfs: true
ref: ${{ github.event_name == 'pull_request' && github.sha || format('refs/pull/{0}/merge', github.event.pull_request.number) }}
- name: Initialize the workflow
id: init
uses: microsoft/AL-Go-Actions/[email protected]
with:
shell: powershell
- name: Read settings
id: ReadSettings
uses: microsoft/AL-Go-Actions/[email protected]
with:
shell: powershell
- name: Determine Workflow Depth
id: DetermineWorkflowDepth
run: |
Add-Content -Encoding UTF8 -Path $env:GITHUB_OUTPUT -Value "WorkflowDepth=$($env:workflowDepth)"
- name: Determine Projects To Build
id: determineProjectsToBuild
uses: microsoft/AL-Go-Actions/[email protected]
with:
shell: powershell
maxBuildDepth: ${{ env.workflowDepth }}
Build1:
needs: [ Initialization ]
if: (!failure()) && (!cancelled()) && fromJson(needs.Initialization.outputs.buildOrderJson)[0].projectsCount > 0
strategy:
matrix:
include: ${{ fromJson(needs.Initialization.outputs.buildOrderJson)[0].buildDimensions }}
fail-fast: false
name: Build ${{ matrix.projectName }} (${{ matrix.buildMode }})
uses: ./.github/workflows/_BuildALGoProject.yaml
secrets: inherit
with:
shell: ${{ matrix.githubRunnerShell }}
runsOn: ${{ matrix.githubRunner }}
checkoutRef: ${{ github.event_name == 'pull_request' && github.sha || format('refs/pull/{0}/merge', github.event.pull_request.number) }}
project: ${{ matrix.project }}
projectName: ${{ matrix.projectName }}
buildMode: ${{ matrix.buildMode }}
projectDependenciesJson: ${{ needs.Initialization.outputs.projectDependenciesJson }}
baselineWorkflowRunId: ${{ needs.Initialization.outputs.baselineWorkflowRunId }}
secrets: 'licenseFileUrl,keyVaultCertificateUrl,*keyVaultCertificatePassword,keyVaultClientId,gitHubPackagesContext,applicationInsightsConnectionString'
publishThisBuildArtifacts: ${{ needs.Initialization.outputs.workflowDepth > 1 }}
artifactsNameSuffix: 'PR${{ github.event.number }}'
Build:
needs: [ Initialization, Build1 ]
if: (!failure()) && (!cancelled()) && (needs.Build1.result == 'success' || needs.Build1.result == 'skipped') && fromJson(needs.Initialization.outputs.buildOrderJson)[1].projectsCount > 0
strategy:
matrix:
include: ${{ fromJson(needs.Initialization.outputs.buildOrderJson)[1].buildDimensions }}
fail-fast: false
name: Build ${{ matrix.projectName }} (${{ matrix.buildMode }})
uses: ./.github/workflows/_BuildALGoProject.yaml
secrets: inherit
with:
shell: ${{ matrix.githubRunnerShell }}
runsOn: ${{ matrix.githubRunner }}
checkoutRef: ${{ github.event_name == 'pull_request' && github.sha || format('refs/pull/{0}/merge', github.event.pull_request.number) }}
project: ${{ matrix.project }}
projectName: ${{ matrix.projectName }}
buildMode: ${{ matrix.buildMode }}
projectDependenciesJson: ${{ needs.Initialization.outputs.projectDependenciesJson }}
baselineWorkflowRunId: ${{ needs.Initialization.outputs.baselineWorkflowRunId }}
secrets: 'licenseFileUrl,keyVaultCertificateUrl,*keyVaultCertificatePassword,keyVaultClientId,gitHubPackagesContext,applicationInsightsConnectionString'
publishThisBuildArtifacts: ${{ needs.Initialization.outputs.workflowDepth > 1 }}
artifactsNameSuffix: 'PR${{ github.event.number }}'
StatusCheck:
needs: [ Initialization, Build ]
if: (!cancelled())
runs-on: [ windows-latest ]
name: Pull Request Status Check
steps:
- name: Pull Request Status Check
id: PullRequestStatusCheck
uses: microsoft/AL-Go-Actions/[email protected]
env:
GITHUB_TOKEN: ${{ github.token }}
with:
shell: powershell
- name: Finalize the workflow
id: PostProcess
uses: microsoft/AL-Go-Actions/[email protected]
if: success() || failure()
env:
GITHUB_TOKEN: ${{ github.token }}
with:
shell: powershell
telemetryScopeJson: ${{ needs.Initialization.outputs.telemetryScopeJson }}
currentJobContext: ${{ toJson(job) }}