Skip to content

fix: Ci/auto workflow execution #4286

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Ma77Ball wants to merge 6 commits into from
Closed

fix: Ci/auto workflow execution #4286

Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
856b5cb
added workflow to automatically execute prs in texera
Ma77Ball Mar 11, 2026
54897e2
Merge branch 'apache:main' into ci/AutomaticWorkflowExecution
Ma77Ball Mar 11, 2026
b1a0cf0
removed comment added back in
Ma77Ball Mar 11, 2026
0111148
Merge branch 'ci/AutomaticWorkflowExecution' of github.com:Ma77Ball/t…
Ma77Ball Mar 11, 2026
a84a97a
separated the check-permissions to have run workflow run button to show
Ma77Ball Mar 12, 2026
883ead3
Add /safe-to-test comment trigger to allow committers to approve PRs…
Ma77Ball Mar 12, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
72 changes: 72 additions & 0 deletions .github/workflows/github-action-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,14 +26,76 @@ on:
- 'ci-enable/**'
- 'main'
pull_request:
types: [opened, edited, synchronize, reopened]
issue_comment:
types: [created]
workflow_dispatch:

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}

jobs:
check-permissions:
if: |
github.event_name == 'push' ||
github.event_name == 'workflow_dispatch' ||
github.event_name == 'pull_request' ||
(
github.event_name == 'issue_comment' &&
github.event.issue.pull_request != null &&
contains(github.event.comment.body, '/safe-to-test')
)
runs-on: ubuntu-latest
outputs:
sha: ${{ steps.resolve.outputs.sha }}
steps:
- name: Resolve SHA
id: resolve
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
if [ "${{ github.event_name }}" == "issue_comment" ]; then
SHA=$(gh api repos/${{ github.repository }}/pulls/${{ github.event.issue.number }} --jq '.head.sha')
echo "sha=$SHA" >> $GITHUB_OUTPUT
else
echo "sha=${{ github.sha }}" >> $GITHUB_OUTPUT
fi

- name: Checkout
uses: actions/checkout@v5
with:
ref: ${{ steps.resolve.outputs.sha }}
fetch-depth: 0

- name: Check committer permission for /safe-to-test
if: github.event_name == 'issue_comment'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
PERMISSION=$(gh api repos/${{ github.repository }}/collaborators/${{ github.actor }}/permission --jq '.permission' 2>/dev/null || echo "none")
if [[ "$PERMISSION" != "admin" && "$PERMISSION" != "maintain" && "$PERMISSION" != "write" ]]; then
echo "::error::Only committers can approve /safe-to-test."
exit 1
fi

- name: Check if build workflow was modified by non-committer
if: github.event_name == 'pull_request'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
CHANGED=$(git diff --name-only origin/${{ github.base_ref }}...HEAD | grep -c "^\.github/workflows/github-action-build\.yml$" || true)
if [ "$CHANGED" -gt "0" ]; then
PERMISSION=$(gh api repos/${{ github.repository }}/collaborators/${{ github.actor }}/permission --jq '.permission' 2>/dev/null || echo "none")
if [[ "$PERMISSION" != "admin" && "$PERMISSION" != "maintain" && "$PERMISSION" != "write" ]]; then
echo "::error::This PR modifies the build workflow. A committer must comment '/safe-to-test' on this PR to approve it."
exit 1
fi
fi

frontend:
needs: check-permissions
if: always() && needs.check-permissions.result == 'success'
runs-on: ${{ matrix.os }}
strategy:
matrix:
Expand All @@ -50,6 +112,8 @@ jobs:
steps:
- name: Checkout Texera
uses: actions/checkout@v5
with:
ref: ${{ needs.check-permissions.outputs.sha }}
- name: Setup node
uses: actions/setup-node@v5
with:
Expand Down Expand Up @@ -81,6 +145,8 @@ jobs:
run: yarn --cwd frontend run build:ci

scala:
needs: check-permissions
if: always() && needs.check-permissions.result == 'success'
strategy:
matrix:
os: [ ubuntu-22.04 ]
Expand All @@ -106,6 +172,8 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v5
with:
ref: ${{ needs.check-permissions.outputs.sha }}
- name: Setup JDK
uses: actions/setup-java@v5
with:
Expand Down Expand Up @@ -145,6 +213,8 @@ jobs:
run: sbt test

python:
needs: check-permissions
if: always() && needs.check-permissions.result == 'success'
strategy:
matrix:
os: [ ubuntu-latest ]
Expand All @@ -153,6 +223,8 @@ jobs:
steps:
- name: Checkout Texera
uses: actions/checkout@v5
with:
ref: ${{ needs.check-permissions.outputs.sha }}
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v6
with:
Expand Down
Loading