# Do not edit these workflows directly as the changes made will be overwritten. # Instead, edit the template '.github/workflows/templates/scheduled.yml.jinja' --- name: Scheduled run-name: "Scheduled (branch: ${{ github.ref_name }})" on: schedule: # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule - cron: '0 */8 * * *' # Run every 8 hours env: COLUMNS: 190 CACHE_SEED: SEED-1 # Bump the number to invalidate all caches RELENV_DATA: "${{ github.workspace }}/.relenv" PIP_DISABLE_PIP_VERSION_CHECK: "1" RAISE_DEPRECATIONS_RUNTIME_ERRORS: "1" permissions: contents: read # for dorny/paths-filter to fetch a list of changed files pull-requests: read # for dorny/paths-filter to read pull requests actions: write # to trigger branch scheduled builds concurrency: group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }} cancel-in-progress: false jobs: workflow-requirements: name: Check Workflow Requirements runs-on: ubuntu-22.04 outputs: requirements-met: ${{ steps.check-requirements.outputs.requirements-met }} steps: - name: Check Requirements id: check-requirements run: | if [ "${{ vars.RUN_SCHEDULED_BUILDS }}" = "1" ]; then MSG="Running workflow because RUN_SCHEDULED_BUILDS=1" echo "${MSG}" echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" echo "requirements-met=true" >> "${GITHUB_OUTPUT}" elif [ "${{ github.event.repository.fork }}" = "true" ]; then MSG="Not running workflow because ${{ github.repository }} is a fork" echo "${MSG}" echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" echo "requirements-met=false" >> "${GITHUB_OUTPUT}" elif [ "${{ github.event.repository.private }}" = "true" ]; then MSG="Not running workflow because ${{ github.repository }} is a private repository" echo "${MSG}" echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" echo "requirements-met=false" >> "${GITHUB_OUTPUT}" else MSG="Running workflow because ${{ github.repository }} is not a fork" echo "${MSG}" echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}" echo "requirements-met=true" >> "${GITHUB_OUTPUT}" fi trigger-branch-scheduled-builds: name: Trigger Branch Workflows if: ${{ github.event_name == 'schedule' && fromJSON(needs.workflow-requirements.outputs.requirements-met) }} runs-on: ubuntu-22.04 needs: - workflow-requirements steps: - name: Trigger 3006.x branch env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh workflow run scheduled.yml --repo ${{ github.repository }} --ref 3006.x - name: Trigger 3007.x branch env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | gh workflow run scheduled.yml --repo ${{ github.repository }} --ref 3007.x prepare-workflow: name: Prepare Workflow Run runs-on: ubuntu-22.04 environment: ci if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }} needs: - workflow-requirements outputs: changed-files: ${{ steps.process-changed-files.outputs.changed-files }} salt-version: ${{ steps.setup-salt-version.outputs.salt-version }} cache-seed: ${{ steps.set-cache-seed.outputs.cache-seed }} latest-release: ${{ steps.get-salt-releases.outputs.latest-release }} releases: ${{ steps.get-salt-releases.outputs.releases }} release-changelog-target: ${{ steps.get-release-changelog-target.outputs.release-changelog-target }} testing-releases: ${{ steps.get-testing-releases.outputs.testing-releases }} nox-archive-hash: ${{ steps.nox-archive-hash.outputs.nox-archive-hash }} config: ${{ steps.workflow-config.outputs.config }} env: LINUX_ARM_RUNNER: ${{ vars.LINUX_ARM_RUNNER }} FULL_TESTRUN_SLUGS: ${{ vars.FULL_TESTRUN_SLUGS }} PR_TESTRUN_SLUGS: ${{ vars.PR_TESTRUN_SLUGS }} steps: - uses: actions/checkout@v4 with: fetch-depth: 0 # Full clone to also get the tags to get the right salt version - name: Get Changed Files if: ${{ github.event_name == 'pull_request'}} id: changed-files uses: dorny/paths-filter@v3 with: token: ${{ github.token }} list-files: json filters: | repo: - added|modified: - '**' doc-requirements: - added|modified: &doc_requirements - requirements/static/ci/py3.*/docs.txt lint-requirements: - added|modified: &lint_requirements - requirements/static/ci/py3.*/lint.txt pkg_requirements: - added|modified: &pkg_requirements - requirements/static/pkg/py3.*/darwin.txt - requirements/static/pkg/py3.*/linux.txt - requirements/static/pkg/py3.*/freebsd.txt - requirements/static/pkg/py3.*/windows.txt test_requirements: - added|modified: &test_requirements - requirements/static/ci/py3.*/darwin.txt - requirements/static/ci/py3.*/linux.txt - requirements/static/ci/py3.*/freebsd.txt - requirements/static/ci/py3.*/windows.txt - requirements/static/ci/py3.*/darwin-crypto.txt - requirements/static/ci/py3.*/linux-crypto.txt - requirements/static/ci/py3.*/freebsd-crypto.txt - requirements/static/ci/py3.*/windows-crypto.txt deleted: - deleted: - '**' docs: - added|modified: - doc/** - .github/workflows/build-docs.yml - *doc_requirements workflows: - added|modified: - cicd/shared-gh-workflows-context.yml - .github/actions/**/action.yml - .github/workflows/*.yml - .github/workflows/templates/*.yml.jinja2 - tools/precommit/workflows.py salt: - added|modified: &salt_added_modified - setup.py - noxfile.py - salt/**/*.py - tasks/**/*.py - tools/**/*.py tests: - added|modified: &tests_added_modified - tests/**/*.py lint: - added|modified: - .pylintrc - *lint_requirements golden_images: - added|modified: - cicd/golden-images.json pkg_tests: - added|modified: &pkg_tests_added_modified - pkg/** - *pkg_requirements - *salt_added_modified nsis_tests: - added|modified: &nsis_tests - pkg/windows/nsis/** testrun: - added|modified: - *pkg_requirements - *test_requirements - *salt_added_modified - *tests_added_modified - *pkg_tests_added_modified - name: Set up Python 3.10 uses: actions/setup-python@v5 with: python-version: "3.10" - name: Setup Python Tools Scripts uses: ./.github/actions/setup-python-tools-scripts with: cache-prefix: ${{ env.CACHE_SEED }} - name: Pretty Print The GH Actions Event run: tools ci print-gh-event - name: Set Cache Seed Output id: set-cache-seed run: | tools ci define-cache-seed ${{ env.CACHE_SEED }} - name: Setup Salt Version id: setup-salt-version uses: ./.github/actions/setup-salt-version with: salt-version: "" validate-version: true - name: Get Hash For Nox Tarball Cache id: nox-archive-hash run: | echo "nox-archive-hash=${{ hashFiles('requirements/**/*.txt', 'cicd/golden-images.json', 'noxfile.py', 'pkg/common/env-cleanup-rules.yml', '.github/workflows/build-deps-ci-action.yml') }}" | tee -a "$GITHUB_OUTPUT" - name: Write Changed Files To A Local File run: echo '${{ toJSON(steps.changed-files.outputs) }}' > changed-files.json - name: Check Local Changed Files Contents if: ${{ github.event_name == 'pull_request' }} run: cat changed-files.json - name: Process Changed Files id: process-changed-files run: | tools ci process-changed-files ${{ github.event_name }} changed-files.json - name: Check Collected Changed Files if: ${{ github.event_name == 'pull_request' }} run: | echo '${{ steps.process-changed-files.outputs.changed-files }}' | jq -C '.' - name: Get Salt Releases id: get-salt-releases env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | tools ci get-releases - name: Get Latest Salt Releases for Testing id: get-testing-releases env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | tools ci get-testing-releases ${{ join(fromJSON(steps.get-salt-releases.outputs.releases), ' ') }} --salt-version ${{ steps.setup-salt-version.outputs.salt-version }} - name: Define workflow config id: workflow-config run: | tools ci workflow-config ${{ steps.setup-salt-version.outputs.salt-version }} ${{ github.event_name }} changed-files.json - name: Check Contents of generated testrun-changed-files.txt if: ${{ fromJSON(steps.workflow-config.outputs.config)['testrun']['type'] != 'full' }} run: | cat testrun-changed-files.txt || true - name: Upload testrun-changed-files.txt if: ${{ fromJSON(steps.workflow-config.outputs.config)['testrun']['type'] != 'full' }} uses: actions/upload-artifact@v4 with: name: testrun-changed-files.txt path: testrun-changed-files.txt - name: Get Release Changelog Target id: get-release-changelog-target run: | tools ci get-release-changelog-target ${{ github.event_name }} pre-commit: name: Pre-Commit uses: ./.github/workflows/pre-commit-action.yml needs: - prepare-workflow with: cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} pre-commit-version: "3.0.4" lint: name: Lint if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['lint'] }} uses: ./.github/workflows/lint-action.yml needs: - prepare-workflow with: changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} nsis-tests: name: NSIS Tests uses: ./.github/workflows/nsis-tests.yml needs: - prepare-workflow with: changed-files: ${{ needs.prepare-workflow.outputs.changed-files }} prepare-release: name: "Prepare Release: ${{ needs.prepare-workflow.outputs.salt-version }}" runs-on: - ubuntu-22.04 if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['prepare-release'] }} needs: - prepare-workflow steps: - uses: actions/checkout@v4 - name: Set up Python 3.10 uses: actions/setup-python@v5 with: python-version: "3.10" - name: Setup Python Tools Scripts uses: ./.github/actions/setup-python-tools-scripts with: cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-changelog - name: Setup Salt Version id: setup-salt-version uses: ./.github/actions/setup-salt-version with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" - name: Update Debian changelog shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} run: | tools changelog update-deb --draft tools changelog update-deb - name: Update RPM changelog shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} run: | tools changelog update-rpm --draft tools changelog update-rpm - name: Create Release Notes Template shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} run: | if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then tools changelog update-release-notes --next-release --template-only else tools changelog update-release-notes --template-only fi - name: Update Release Notes shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} run: | if [ "${{ needs.prepare-workflow.outputs.release-changelog-target }}" == "next-major-release" ]; then tools changelog update-release-notes --draft --next-release tools changelog update-release-notes --next-release else tools changelog update-release-notes --draft tools changelog update-release-notes fi - name: Generate MAN Pages shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} env: LATEST_RELEASE: "${{ needs.prepare-workflow.outputs.salt-version }}" SALT_ON_SALTSTACK: "1" run: | tools docs man - name: Update Changelog shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} run: | tools changelog update-changelog-md --draft tools changelog update-changelog-md - name: Show Changes Diff shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} run: | git diff --color - name: Configure Git shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} run: | git config --global user.name "Salt Project Packaging" git config --global user.email saltproject-packaging@vmware.com - name: Setup Pre-Commit if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} uses: ./.github/actions/setup-pre-commit with: version: "3.0.4" cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} - name: Commit Changes shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} env: SKIP: lint-salt,lint-tests PRE_COMMIT_COLOR: always run: | # Run it twice so that pre-commit can fix anything that can be automatically fixed. git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" || \ git commit -am "Release v${{ needs.prepare-workflow.outputs.salt-version }}" - name: Create release changes patch shell: bash if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} run: | git format-patch --keep-subject --binary --stdout HEAD^ > salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch - name: Upload Changes Diff Artifact uses: actions/upload-artifact@v4 if: ${{ startsWith(github.event.ref, 'refs/tags') == false }} with: name: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch path: salt-${{ needs.prepare-workflow.outputs.salt-version }}.patch retention-days: 7 if-no-files-found: error build-docs: name: Documentation if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['build-docs'] }} needs: - prepare-workflow - build-source-tarball uses: ./.github/workflows/build-docs.yml with: cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" build-source-tarball: name: Build Source Tarball if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['build-source-tarball'] }} needs: - prepare-workflow - prepare-release runs-on: ubuntu-22.04 steps: - uses: actions/checkout@v4 - name: Set up Python 3.10 uses: actions/setup-python@v5 with: python-version: "3.10" - name: Setup Python Tools Scripts uses: ./.github/actions/setup-python-tools-scripts with: cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}-build - name: Setup Salt Version id: setup-salt-version uses: ./.github/actions/setup-salt-version with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" - name: Build Source Tarball uses: ./.github/actions/build-source-tarball with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" build-deps-onedir: name: Build Onedir Dependencies if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['build-deps-onedir'] }} needs: - prepare-workflow uses: ./.github/workflows/build-deps-onedir.yml with: cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" relenv-version: "0.18.0" python-version: "3.10.15" matrix: ${{ toJSON(fromJSON(needs.prepare-workflow.outputs.config)['build-matrix']) }} linux_arm_runner: ${{ fromJSON(needs.prepare-workflow.outputs.config)['linux_arm_runner'] }} build-salt-onedir: name: Build Salt Onedir if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['build-salt-onedir'] }} needs: - prepare-workflow - build-deps-onedir - build-source-tarball uses: ./.github/workflows/build-salt-onedir.yml with: cache-seed: ${{ needs.prepare-workflow.outputs.cache-seed }} salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" relenv-version: "0.18.0" python-version: "3.10.15" matrix: ${{ toJSON(fromJSON(needs.prepare-workflow.outputs.config)['build-matrix']) }} linux_arm_runner: ${{ fromJSON(needs.prepare-workflow.outputs.config)['linux_arm_runner'] }} build-pkgs-onedir: name: Build Packages if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['build-pkgs'] }} needs: - prepare-workflow - build-salt-onedir uses: ./.github/workflows/build-packages.yml with: salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }} relenv-version: "0.18.0" python-version: "3.10.15" source: "onedir" matrix: ${{ toJSON(fromJSON(needs.prepare-workflow.outputs.config)['build-matrix']) }} linux_arm_runner: ${{ fromJSON(needs.prepare-workflow.outputs.config)['linux_arm_runner'] }} build-ci-deps: name: CI Deps if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['build-deps-ci'] }} needs: - prepare-workflow - build-salt-onedir uses: ./.github/workflows/build-deps-ci-action.yml with: nox-session: ci-test-onedir nox-version: 2022.8.7 python-version: "3.10" salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.15 nox-archive-hash: "${{ needs.prepare-workflow.outputs.nox-archive-hash }}" matrix: ${{ toJSON(fromJSON(needs.prepare-workflow.outputs.config)['build-matrix']) }} linux_arm_runner: ${{ fromJSON(needs.prepare-workflow.outputs.config)['linux_arm_runner'] }} test-packages: name: Test Package if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['test-pkg'] }} needs: - prepare-workflow - build-pkgs-onedir - build-ci-deps uses: ./.github/workflows/test-packages-action.yml with: nox-session: ci-test-onedir salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" nox-version: 2022.8.7 python-version: "3.10" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.15 skip-code-coverage: true testing-releases: ${{ needs.prepare-workflow.outputs.testing-releases }} matrix: ${{ toJSON(fromJSON(needs.prepare-workflow.outputs.config)['pkg-test-matrix']) }} linux_arm_runner: ${{ fromJSON(needs.prepare-workflow.outputs.config)['linux_arm_runner'] }} test: name: Test Salt if: ${{ fromJSON(needs.prepare-workflow.outputs.config)['jobs']['test'] }} needs: - prepare-workflow - build-ci-deps uses: ./.github/workflows/test-action.yml with: nox-session: ci-test-onedir nox-version: 2022.8.7 python-version: "3.10" testrun: ${{ toJSON(fromJSON(needs.prepare-workflow.outputs.config)['testrun']) }} salt-version: "${{ needs.prepare-workflow.outputs.salt-version }}" cache-prefix: ${{ needs.prepare-workflow.outputs.cache-seed }}|3.10.15 skip-code-coverage: true workflow-slug: scheduled default-timeout: 360 matrix: ${{ toJSON(fromJSON(needs.prepare-workflow.outputs.config)['test-matrix']) }} linux_arm_runner: ${{ fromJSON(needs.prepare-workflow.outputs.config)['linux_arm_runner'] }} set-pipeline-exit-status: # This step is just so we can make github require this step, to pass checks # on a pull request instead of requiring all name: Set the ${{ github.workflow }} Pipeline Exit Status if: always() runs-on: ubuntu-22.04 needs: - workflow-requirements - trigger-branch-scheduled-builds - prepare-workflow - pre-commit - lint - nsis-tests - build-docs - build-deps-onedir - build-salt-onedir - build-ci-deps - test-packages - test steps: - name: Get workflow information id: get-workflow-info uses: im-open/workflow-conclusion@v2 - name: Set Pipeline Exit Status shell: bash run: | if [ "${{ steps.get-workflow-info.outputs.workflow_conclusion }}" != "success" ]; then exit 1 else exit 0 fi