From aab23d1217620522e89ab4dd2bbaa66a36e2557e Mon Sep 17 00:00:00 2001 From: zkamvar <3639446+zkamvar@users.noreply.github.com> Date: Tue, 3 Feb 2026 00:34:11 +0000 Subject: [PATCH] [actions] update sandpaper workflow to version 0.18.5 --- .github/workflows/docker_apply_cache.yaml | 26 ++-- .github/workflows/docker_build_deploy.yaml | 8 +- .github/workflows/docker_pr_receive.yaml | 27 +--- .github/workflows/pr-close-signal.yaml | 0 .github/workflows/pr-comment.yaml | 36 ++--- .github/workflows/pr-post-remove-branch.yaml | 0 .github/workflows/pr-preflight.yaml | 0 .github/workflows/pr-receive.yaml | 132 ------------------- .github/workflows/sandpaper-main.yaml | 64 --------- .github/workflows/sandpaper-version.txt | 2 +- .github/workflows/update-cache.yaml | 12 +- .github/workflows/update-workflows.yaml | 0 12 files changed, 36 insertions(+), 271 deletions(-) mode change 100755 => 100644 .github/workflows/pr-close-signal.yaml mode change 100755 => 100644 .github/workflows/pr-comment.yaml mode change 100755 => 100644 .github/workflows/pr-post-remove-branch.yaml mode change 100755 => 100644 .github/workflows/pr-preflight.yaml delete mode 100755 .github/workflows/pr-receive.yaml delete mode 100755 .github/workflows/sandpaper-main.yaml mode change 100755 => 100644 .github/workflows/update-cache.yaml mode change 100755 => 100644 .github/workflows/update-workflows.yaml diff --git a/.github/workflows/docker_apply_cache.yaml b/.github/workflows/docker_apply_cache.yaml index 0cb66370..2c3a3bce 100644 --- a/.github/workflows/docker_apply_cache.yaml +++ b/.github/workflows/docker_apply_cache.yaml @@ -208,20 +208,22 @@ jobs: restore-keys: ${{ github.repository }}/${{ steps.wb-vers.outputs.container-version }}_renv- - trigger-build-deploy: - name: "Trigger Build and Deploy Workflow" + record-cache-result: + name: "Record Caching Status" runs-on: ubuntu-latest - needs: update-renv-cache - if: | - needs.update-renv-cache.result == 'success' || - needs.check-renv.outputs.renv-cache-available == 'true' + needs: [check-renv, update-renv-cache] + if: always() + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v4 + - name: "Record cache result" - - name: "Trigger Build and Deploy Workflow" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - gh workflow run docker_build_deploy.yaml --ref main + echo "${{ needs.update-renv-cache.result == 'success' || needs.check-renv.outputs.renv-cache-available == 'true' || 'false' }}" > ${{ github.workspace }}/apply-cache-result shell: bash - continue-on-error: true + + - name: "Upload cache result" + uses: actions/upload-artifact@v4 + with: + name: apply-cache-result + path: ${{ github.workspace }}/apply-cache-result diff --git a/.github/workflows/docker_build_deploy.yaml b/.github/workflows/docker_build_deploy.yaml index c14f776c..df3e8d1b 100644 --- a/.github/workflows/docker_build_deploy.yaml +++ b/.github/workflows/docker_build_deploy.yaml @@ -9,6 +9,10 @@ on: - '.github/workbench-docker-version.txt' schedule: - cron: '0 0 * * 2' + workflow_run: + workflows: ["03 Maintain: Apply Package Cache"] + types: + - completed workflow_dispatch: inputs: name: @@ -72,7 +76,6 @@ jobs: runs-on: ubuntu-latest needs: preflight if: | - always() && needs.preflight.outputs.do-build == 'true' && needs.preflight.outputs.workbench-update != 'true' env: @@ -127,7 +130,7 @@ jobs: id: build-and-deploy uses: carpentries/actions/build-and-deploy@main with: - reset: ${{ github.event.inputs.reset || 'false' }} + reset: ${{ vars.BUILD_RESET || github.event.inputs.reset || 'false' }} skip-manage-deps: ${{ github.event.inputs.force-skip-manage-deps == 'true' || steps.build-container-deps.outputs.renv-cache-available || steps.build-container-deps.outputs.backup-cache-used || 'false' }} update-container-version: @@ -150,6 +153,7 @@ jobs: uses: carpentries/actions/record-container-version@main with: CONTAINER_VER: ${{ needs.preflight.outputs.wb-vers }} + AUTO_MERGE: ${{ vars.AUTO_MERGE_CONTAINER_VERSION_UPDATE || 'true' }} token: ${{ secrets.GITHUB_TOKEN }} role-to-assume: ${{ secrets.AWS_GH_OIDC_ARN }} aws-region: ${{ secrets.AWS_GH_OIDC_REGION }} diff --git a/.github/workflows/docker_pr_receive.yaml b/.github/workflows/docker_pr_receive.yaml index 12b16bf7..3d01d9dc 100644 --- a/.github/workflows/docker_pr_receive.yaml +++ b/.github/workflows/docker_pr_receive.yaml @@ -19,7 +19,6 @@ permissions: pull-requests: write jobs: - preflight: name: "Preflight: md-outputs exists?" runs-on: ubuntu-latest @@ -49,7 +48,9 @@ jobs: test-pr: name: "Record PR number" - if: ${{ github.event.action != 'closed' }} && ${{ needs.preflight.outputs.branch-exists == 'true' }} + if: | + github.event.action != 'closed' && + needs.preflight.outputs.branch-exists == 'true' runs-on: ubuntu-latest needs: preflight outputs: @@ -135,6 +136,7 @@ jobs: checks: write contents: write pages: write + id-token: write container: image: ghcr.io/carpentries/workbench-docker:${{ vars.WORKBENCH_TAG || 'latest' }} env: @@ -279,24 +281,3 @@ jobs: - name: "Teardown" run: sandpaper::reset_site() shell: Rscript {0} - - pr-checks: - name: "Trigger PR Checks?" - needs: - - test-pr - - build-md-source - runs-on: ubuntu-latest - if: needs.test-pr.outputs.is_valid == 'true' - permissions: - actions: write - checks: write - steps: - - name: "Checkout Lesson" - uses: actions/checkout@v4 - - - name: "Trigger PR Checks" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - gh workflow run pr-comment.yaml --ref main --field workflow_id=${{ github.run_id }} - shell: bash diff --git a/.github/workflows/pr-close-signal.yaml b/.github/workflows/pr-close-signal.yaml old mode 100755 new mode 100644 diff --git a/.github/workflows/pr-comment.yaml b/.github/workflows/pr-comment.yaml old mode 100755 new mode 100644 index cbf0e2b2..7614abd0 --- a/.github/workflows/pr-comment.yaml +++ b/.github/workflows/pr-comment.yaml @@ -1,14 +1,10 @@ name: "Bot: Comment on the Pull Request" description: "Comment on the pull request with the results of the markdown generation" on: - workflow_dispatch: - inputs: - workflow_id: - required: true - -concurrency: - group: pr-${{ github.event.workflow_run.pull_requests[0].number }} - cancel-in-progress: true + workflow_run: + workflows: ["Bot: Receive Pull Request"] + types: + - completed jobs: # Pull requests are valid if: @@ -18,16 +14,6 @@ jobs: test-pr: name: "Test if pull request is valid" runs-on: ubuntu-latest - if: > - github.event_name == 'workflow_dispatch' || - ( - github.event_name == 'workflow_run' && - ( - github.event.workflow_run.event == 'pull_request' || - github.event.workflow_run.event == 'workflow_dispatch' - ) && - github.event.workflow_run.conclusion == 'success' - ) outputs: is_valid: ${{ steps.check-pr.outputs.VALID }} payload: ${{ steps.check-pr.outputs.payload }} @@ -38,7 +24,7 @@ jobs: id: dl uses: carpentries/actions/download-workflow-artifact@main with: - run: ${{ github.event.workflow_run.id || inputs.workflow_id }} + run: ${{ github.event.workflow_run.id }} name: 'pr' - name: "Get PR Number" @@ -79,11 +65,9 @@ jobs: - name: "Skip checks for Workbench version file updates" if: steps.changed-files.outputs.only_version_file == 'true' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - echo "Only workbench-docker-version.txt changed, skipping preflight checks and running cache update" - gh workflow run update-cache.yaml --ref main + echo "# 🔧 Wait for Next Cache Update #" + echo "Only workbench-docker-version.txt changed." exit 0 shell: bash @@ -138,7 +122,7 @@ jobs: id: dl uses: carpentries/actions/download-workflow-artifact@main with: - run: ${{ github.event.workflow_run.id || inputs.workflow_id }} + run: ${{ github.event.workflow_run.id }} name: 'built' - if: steps.dl.outputs.success == 'true' @@ -177,7 +161,7 @@ jobs: id: dl uses: carpentries/actions/download-workflow-artifact@main with: - run: ${{ github.event.workflow_run.id || inputs.workflow_id }} + run: ${{ github.event.workflow_run.id }} name: 'diff' - if: steps.dl.outputs.success == 'true' @@ -210,7 +194,7 @@ jobs: id: dl uses: carpentries/actions/download-workflow-artifact@main with: - run: ${{ github.event.workflow_run.id || inputs.workflow_id }} + run: ${{ github.event.workflow_run.id }} name: 'built' - name: "Alert if spoofed" diff --git a/.github/workflows/pr-post-remove-branch.yaml b/.github/workflows/pr-post-remove-branch.yaml old mode 100755 new mode 100644 diff --git a/.github/workflows/pr-preflight.yaml b/.github/workflows/pr-preflight.yaml old mode 100755 new mode 100644 diff --git a/.github/workflows/pr-receive.yaml b/.github/workflows/pr-receive.yaml deleted file mode 100755 index 7fbff6cd..00000000 --- a/.github/workflows/pr-receive.yaml +++ /dev/null @@ -1,132 +0,0 @@ -name: "Receive Pull Request" - -on: - pull_request: - types: - [opened, synchronize, reopened] - -concurrency: - group: ${{ github.ref }} - cancel-in-progress: true - -jobs: - test-pr: - name: "Record PR number" - if: ${{ github.event.action != 'closed' }} - runs-on: ubuntu-22.04 - outputs: - is_valid: ${{ steps.check-pr.outputs.VALID }} - steps: - - name: "Record PR number" - id: record - if: ${{ always() }} - run: | - echo ${{ github.event.number }} > ${{ github.workspace }}/NR # 2022-03-02: artifact name fixed to be NR - - name: "Upload PR number" - id: upload - if: ${{ always() }} - uses: actions/upload-artifact@v4 - with: - name: pr - path: ${{ github.workspace }}/NR - - name: "Get Invalid Hashes File" - id: hash - run: | - echo "json<> $GITHUB_OUTPUT - - name: "echo output" - run: | - echo "${{ steps.hash.outputs.json }}" - - name: "Check PR" - id: check-pr - uses: carpentries/actions/check-valid-pr@main - with: - pr: ${{ github.event.number }} - invalid: ${{ fromJSON(steps.hash.outputs.json)[github.repository] }} - - build-md-source: - name: "Build markdown source files if valid" - needs: test-pr - runs-on: ubuntu-22.04 - if: ${{ needs.test-pr.outputs.is_valid == 'true' }} - env: - GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} - RENV_PATHS_ROOT: ~/.local/share/renv/ - CHIVE: ${{ github.workspace }}/site/chive - PR: ${{ github.workspace }}/site/pr - MD: ${{ github.workspace }}/site/built - steps: - - name: "Check Out Main Branch" - uses: actions/checkout@v4 - - - name: "Check Out Staging Branch" - uses: actions/checkout@v4 - with: - ref: md-outputs - path: ${{ env.MD }} - - - name: "Set up R" - uses: r-lib/actions/setup-r@v2 - with: - use-public-rspm: true - install-r: false - - - name: "Set up Pandoc" - uses: r-lib/actions/setup-pandoc@v2 - - - name: "Setup Lesson Engine" - uses: carpentries/actions/setup-sandpaper@main - with: - cache-version: ${{ secrets.CACHE_VERSION }} - - - name: "Setup Package Cache" - uses: carpentries/actions/setup-lesson-deps@main - with: - cache-version: ${{ secrets.CACHE_VERSION }} - - - name: "Validate and Build Markdown" - id: build-site - run: | - sandpaper::package_cache_trigger(TRUE) - sandpaper::validate_lesson(path = '${{ github.workspace }}') - sandpaper:::build_markdown(path = '${{ github.workspace }}', quiet = FALSE) - shell: Rscript {0} - - - name: "Generate Artifacts" - id: generate-artifacts - run: | - sandpaper:::ci_bundle_pr_artifacts( - repo = '${{ github.repository }}', - pr_number = '${{ github.event.number }}', - path_md = '${{ env.MD }}', - path_pr = '${{ env.PR }}', - path_archive = '${{ env.CHIVE }}', - branch = 'md-outputs' - ) - shell: Rscript {0} - - - name: "Upload PR" - uses: actions/upload-artifact@v4 - with: - name: pr - path: ${{ env.PR }} - overwrite: true - - - name: "Upload Diff" - uses: actions/upload-artifact@v4 - with: - name: diff - path: ${{ env.CHIVE }} - retention-days: 1 - - - name: "Upload Build" - uses: actions/upload-artifact@v4 - with: - name: built - path: ${{ env.MD }} - retention-days: 1 - - - name: "Teardown" - run: sandpaper::reset_site() - shell: Rscript {0} diff --git a/.github/workflows/sandpaper-main.yaml b/.github/workflows/sandpaper-main.yaml deleted file mode 100755 index b3d1de8c..00000000 --- a/.github/workflows/sandpaper-main.yaml +++ /dev/null @@ -1,64 +0,0 @@ -name: "01 Build and Deploy Site" - -on: - push: - branches: - - main - - master - schedule: - - cron: '0 0 * * 2' - workflow_dispatch: - inputs: - name: - description: 'Who triggered this build?' - required: true - default: 'Maintainer (via GitHub)' - reset: - description: 'Reset cached markdown files' - required: false - default: false - type: boolean -jobs: - full-build: - name: "Build Full Site" - - # 2024-10-01: ubuntu-latest is now 24.04 and R is not installed by default in the runner image - # pin to 22.04 for now - runs-on: ubuntu-22.04 - permissions: - checks: write - contents: write - pages: write - env: - GITHUB_PAT: ${{ secrets.GITHUB_TOKEN }} - RENV_PATHS_ROOT: ~/.local/share/renv/ - steps: - - - name: "Checkout Lesson" - uses: actions/checkout@v4 - - - name: "Set up R" - uses: r-lib/actions/setup-r@v2 - with: - use-public-rspm: true - install-r: false - - - name: "Set up Pandoc" - uses: r-lib/actions/setup-pandoc@v2 - - - name: "Setup Lesson Engine" - uses: carpentries/actions/setup-sandpaper@main - with: - cache-version: ${{ secrets.CACHE_VERSION }} - - - name: "Setup Package Cache" - uses: carpentries/actions/setup-lesson-deps@main - with: - cache-version: ${{ secrets.CACHE_VERSION }} - - - name: "Deploy Site" - run: | - reset <- "${{ github.event.inputs.reset }}" == "true" - sandpaper::package_cache_trigger(TRUE) - sandpaper:::ci_deploy(reset = reset) - shell: Rscript {0} diff --git a/.github/workflows/sandpaper-version.txt b/.github/workflows/sandpaper-version.txt index 267d7e01..543466e4 100644 --- a/.github/workflows/sandpaper-version.txt +++ b/.github/workflows/sandpaper-version.txt @@ -1 +1 @@ -0.18.3 +0.18.5 diff --git a/.github/workflows/update-cache.yaml b/.github/workflows/update-cache.yaml old mode 100755 new mode 100644 index 27b6d1cd..ce318f6f --- a/.github/workflows/update-cache.yaml +++ b/.github/workflows/update-cache.yaml @@ -154,7 +154,7 @@ jobs: steps.update.outputs.n > 0 uses: carpentries/create-pull-request@main with: - token: ${{ steps.set-pat.outputs.pat || secrets.SANDPAPER_WORKFLOW || secrets.GITHUB_TOKEN }} + token: ${{ steps.set-pat.outputs.pat || secrets.SANDPAPER_WORKFLOW }} delete-branch: true branch: "update/packages" commit-message: "[actions] update ${{ steps.update.outputs.n }} packages" @@ -188,13 +188,3 @@ jobs: run: | echo "No updates needed, skipping PR creation" shell: bash - - # thanks @Bisaloo! - https://github.com/carpentries/sandpaper/issues/646#issuecomment-2829578435 - # only trigger checks manually if the validate-token step had no valid AWS or SANDPAPER_WORKFLOW token - - name: "Trigger checks" - if: | - steps.cpr.outputs.pull-request-number != '' && - steps.validate-org-workflow.outputs.is_valid != 'true' - run: | - gh workflow run docker_pr_receive.yaml --field pr_number=${{ steps.cpr.outputs.pull-request-number }} - shell: bash diff --git a/.github/workflows/update-workflows.yaml b/.github/workflows/update-workflows.yaml old mode 100755 new mode 100644