aether/gosick
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: harden workflow dedup and badge gating

Browse Source
This commit is contained in:
Micheal Wilkinson
2026-03-21 22:54:07 +00:00
parent 1f93a3d532
commit 28820748f7
2 changed files with 21 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
.gitea/workflows/pr-validation.yml
View File

@@ -153,11 +153,24 @@ jobs:
cache: true cache: true
cache-dependency-path: go.sum cache-dependency-path: go.sum
- name: Check coverage artefacts
id: coverage-files
if: ${{ always() && steps.coverage.outcome == 'success' }}
run: |
set -euo pipefail
if [[ -f coverage.out ]]; then
echo "exists=true" >> "$GITHUB_OUTPUT"
else
echo "exists=false" >> "$GITHUB_OUTPUT"
echo "coverage.out was not produced; skipping coverage badge upload." >> "$GITHUB_STEP_SUMMARY"
fi
- name: Upload coverage badge - name: Upload coverage badge
id: badge id: badge
if: ${{ always() && steps.coverage.outcome == 'success' }} if: ${{ always() && steps.coverage.outcome == 'success' && steps.coverage-files.outputs.exists == 'true' }}
uses: https://git.hrafn.xyz/aether/vociferate/coverage-badge@v1.1.0 uses: https://git.hrafn.xyz/aether/vociferate/coverage-badge@v1.1.0
with: with:
coverage-profile: coverage.out
artefact-bucket-name: ${{ vars.ARTEFACT_BUCKET_NAME }} artefact-bucket-name: ${{ vars.ARTEFACT_BUCKET_NAME }}
artefact-bucket-endpoint: ${{ vars.ARTEFACT_BUCKET_ENDPONT }} artefact-bucket-endpoint: ${{ vars.ARTEFACT_BUCKET_ENDPONT }}
@@ -178,6 +191,7 @@ jobs:
- name: Decorate PR - name: Decorate PR
if: ${{ always() }} if: ${{ always() }}
uses: https://git.hrafn.xyz/aether/vociferate/decorate-pr@v1.1.0 uses: https://git.hrafn.xyz/aether/vociferate/decorate-pr@v1.1.0
continue-on-error: true
with: with:
coverage-percentage: ${{ steps.badge.outputs.total }} coverage-percentage: ${{ steps.badge.outputs.total }}
badge-url: ${{ steps.badge.outputs.badge-url }} badge-url: ${{ steps.badge.outputs.badge-url }}

12
.gitea/workflows/push-validation.yml
View File

@@ -27,18 +27,18 @@ jobs:
SERVER_URL: ${{ github.server_url }} SERVER_URL: ${{ github.server_url }}
TOKEN: ${{ secrets.GITHUB_TOKEN }} TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: | run: |
set -euo pipefail set -eu
api_url="${SERVER_URL}/api/v1/repos/${REPOSITORY}/pulls?state=open&head=${OWNER}:${BRANCH}" api_url="${SERVER_URL}/api/v1/repos/${REPOSITORY}/pulls?state=open&head=${OWNER}:${BRANCH}"
auth_args=() if [ -n "${TOKEN:-}" ]; then
if [[ -n "${TOKEN:-}" ]]; then response="$(curl -fsSL -H "Authorization: token ${TOKEN}" -H "accept: application/json" "$api_url" || echo '[]')"
auth_args=(-H "Authorization: token ${TOKEN}") else
response="$(curl -fsSL -H "accept: application/json" "$api_url" || echo '[]')"
fi fi
response="$(curl -fsSL "${auth_args[@]}" -H 'accept: application/json' "$api_url" || echo '[]')"
open_prs="$(printf '%s' "$response" | grep -o '"number":[0-9]\+' | wc -l | tr -d ' ')" open_prs="$(printf '%s' "$response" | grep -o '"number":[0-9]\+' | wc -l | tr -d ' ')"
if [[ "$open_prs" -gt 0 ]]; then if [ "$open_prs" -gt 0 ]; then
echo "should_run=false" >> "$GITHUB_OUTPUT" echo "should_run=false" >> "$GITHUB_OUTPUT"
echo "Open PR detected for ${OWNER}:${BRANCH}; skipping push validation." >> "$GITHUB_STEP_SUMMARY" echo "Open PR detected for ${OWNER}:${BRANCH}; skipping push validation." >> "$GITHUB_STEP_SUMMARY"
else else