diff --git a/.github/workflows/check-certificates.yml b/.github/workflows/check-certificates.yml index f5f9bd9a..ea216018 100644 --- a/.github/workflows/check-certificates.yml +++ b/.github/workflows/check-certificates.yml @@ -3,6 +3,7 @@ name: Check Certificates # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: paths: - ".github/workflows/check-certificates.ya?ml" @@ -20,12 +21,50 @@ env: EXPIRATION_WARNING_PERIOD: 30 jobs: + run-determination: + runs-on: ubuntu-latest + outputs: + result: ${{ steps.determination.outputs.result }} + permissions: {} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + REPO_SLUG="arduino/arduino-lint" + if [[ + ( + # Only run on branch creation when it is a release branch. + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ) && + ( + # Only run when the workflow will have access to the certificate secrets. + # This could be done via a GitHub Actions workflow conditional, but makes more sense to do it here as well. + ( + "${{ github.event_name }}" != "pull_request" && + "${{ github.repository }}" == "$REPO_SLUG" + ) || + ( + "${{ github.event_name }}" == "pull_request" && + "${{ github.event.pull_request.head.repo.full_name }}" == "$REPO_SLUG" + ) + ) + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + check-certificates: name: ${{ matrix.certificate.identifier }} - # Only run when the workflow will have access to the certificate secrets. - if: > - (github.event_name != 'pull_request' && github.repository == 'arduino/arduino-lint') || - (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == 'arduino/arduino-lint') + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: {} strategy: diff --git a/.github/workflows/check-general-formatting-task.yml b/.github/workflows/check-general-formatting-task.yml index d3370df3..fa31c68e 100644 --- a/.github/workflows/check-general-formatting-task.yml +++ b/.github/workflows/check-general-formatting-task.yml @@ -3,6 +3,7 @@ name: Check General Formatting # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: pull_request: schedule: @@ -12,7 +13,33 @@ on: repository_dispatch: jobs: + run-determination: + runs-on: ubuntu-latest + permissions: {} + outputs: + result: ${{ steps.determination.outputs.result }} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + if [[ + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + check: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/check-license.yml b/.github/workflows/check-license.yml index 94ec9b59..ea206825 100644 --- a/.github/workflows/check-license.yml +++ b/.github/workflows/check-license.yml @@ -8,6 +8,7 @@ env: # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: paths: - ".github/workflows/check-license.ya?ml" @@ -29,7 +30,33 @@ on: repository_dispatch: jobs: + run-determination: + runs-on: ubuntu-latest + permissions: {} + outputs: + result: ${{ steps.determination.outputs.result }} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + if [[ + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + check-license: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/check-markdown-task.yml b/.github/workflows/check-markdown-task.yml index 5d6a7863..a42fc1aa 100644 --- a/.github/workflows/check-markdown-task.yml +++ b/.github/workflows/check-markdown-task.yml @@ -7,6 +7,7 @@ env: # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: paths: - ".github/workflows/check-markdown-task.ya?ml" @@ -34,7 +35,33 @@ on: repository_dispatch: jobs: + run-determination: + runs-on: ubuntu-latest + permissions: {} + outputs: + result: ${{ steps.determination.outputs.result }} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + if [[ + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + lint: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read @@ -56,6 +83,8 @@ jobs: run: task markdown:lint links: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/check-mkdocs-task.yml b/.github/workflows/check-mkdocs-task.yml index bb141c58..6be610bd 100644 --- a/.github/workflows/check-mkdocs-task.yml +++ b/.github/workflows/check-mkdocs-task.yml @@ -9,6 +9,7 @@ env: # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: paths: - ".github/workflows/check-mkdocs-task.ya?ml" @@ -35,7 +36,33 @@ on: repository_dispatch: jobs: + run-determination: + runs-on: ubuntu-latest + permissions: {} + outputs: + result: ${{ steps.determination.outputs.result }} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + if [[ + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + check: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/check-prettier-formatting-task.yml b/.github/workflows/check-prettier-formatting-task.yml index f6925e74..933ef9b5 100644 --- a/.github/workflows/check-prettier-formatting-task.yml +++ b/.github/workflows/check-prettier-formatting-task.yml @@ -3,6 +3,7 @@ name: Check Prettier Formatting # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: paths: - ".github/workflows/check-prettier-formatting-task.ya?ml" @@ -199,7 +200,33 @@ on: repository_dispatch: jobs: + run-determination: + runs-on: ubuntu-latest + permissions: {} + outputs: + result: ${{ steps.determination.outputs.result }} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + if [[ + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + check: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/check-python-task.yml b/.github/workflows/check-python-task.yml index d2bfd3d1..47ae0de4 100644 --- a/.github/workflows/check-python-task.yml +++ b/.github/workflows/check-python-task.yml @@ -7,6 +7,7 @@ env: # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: paths: - ".github/workflows/check-python-task.ya?ml" @@ -31,7 +32,33 @@ on: repository_dispatch: jobs: + run-determination: + runs-on: ubuntu-latest + permissions: {} + outputs: + result: ${{ steps.determination.outputs.result }} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + if [[ + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + lint: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read @@ -61,6 +88,8 @@ jobs: run: task python:lint formatting: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/check-shell-task.yml b/.github/workflows/check-shell-task.yml index 1ad6cf88..8df29ca9 100644 --- a/.github/workflows/check-shell-task.yml +++ b/.github/workflows/check-shell-task.yml @@ -3,6 +3,7 @@ name: Check Shell Scripts # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: paths: - ".github/workflows/check-shell-task.ya?ml" @@ -24,8 +25,34 @@ on: repository_dispatch: jobs: + run-determination: + runs-on: ubuntu-latest + permissions: {} + outputs: + result: ${{ steps.determination.outputs.result }} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + if [[ + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + lint: name: ${{ matrix.configuration.name }} + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read @@ -90,6 +117,8 @@ jobs: run: task --silent shell:check SHELLCHECK_FORMAT=${{ matrix.configuration.format }} formatting: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read @@ -135,6 +164,8 @@ jobs: run: git diff --color --exit-code executable: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read diff --git a/.github/workflows/spell-check-task.yml b/.github/workflows/spell-check-task.yml index 81103b33..e00c3088 100644 --- a/.github/workflows/spell-check-task.yml +++ b/.github/workflows/spell-check-task.yml @@ -7,6 +7,7 @@ env: # See: https://docs.github.com/actions/writing-workflows/choosing-when-your-workflow-runs/events-that-trigger-workflows on: + create: push: pull_request: schedule: @@ -16,7 +17,33 @@ on: repository_dispatch: jobs: + run-determination: + runs-on: ubuntu-latest + permissions: {} + outputs: + result: ${{ steps.determination.outputs.result }} + steps: + - name: Determine if the rest of the workflow should run + id: determination + run: | + RELEASE_BRANCH_REGEX="refs/heads/[0-9]+.[0-9]+.x" + # The `create` event trigger doesn't support `branches` filters, so it's necessary to use Bash instead. + if [[ + "${{ github.event_name }}" != "create" || + "${{ github.ref }}" =~ $RELEASE_BRANCH_REGEX + ]]; then + # Run the other jobs. + RESULT="true" + else + # There is no need to run the other jobs. + RESULT="false" + fi + + echo "result=$RESULT" >> $GITHUB_OUTPUT + spellcheck: + needs: run-determination + if: needs.run-determination.outputs.result == 'true' runs-on: ubuntu-latest permissions: contents: read