From b5f761c86fcbdffb18e38736505abde9584a5258 Mon Sep 17 00:00:00 2001 From: zkamvar <3639446+zkamvar@users.noreply.github.com> Date: Tue, 3 Feb 2026 00:22:56 +0000 Subject: [PATCH] [actions] update sandpaper workflow to version 0.18.5 --- .github/workflows/docker_apply_cache.yaml | 26 ++++++++-------- .github/workflows/docker_build_deploy.yaml | 5 ++- .github/workflows/docker_pr_receive.yaml | 27 +++------------- .github/workflows/pr-comment.yaml | 36 ++++++---------------- .github/workflows/sandpaper-version.txt | 2 +- .github/workflows/update-cache.yaml | 12 +------- 6 files changed, 34 insertions(+), 74 deletions(-) diff --git a/.github/workflows/docker_apply_cache.yaml b/.github/workflows/docker_apply_cache.yaml index 0cb66370..2c3a3bce 100644 --- a/.github/workflows/docker_apply_cache.yaml +++ b/.github/workflows/docker_apply_cache.yaml @@ -208,20 +208,22 @@ jobs: restore-keys: ${{ github.repository }}/${{ steps.wb-vers.outputs.container-version }}_renv- - trigger-build-deploy: - name: "Trigger Build and Deploy Workflow" + record-cache-result: + name: "Record Caching Status" runs-on: ubuntu-latest - needs: update-renv-cache - if: | - needs.update-renv-cache.result == 'success' || - needs.check-renv.outputs.renv-cache-available == 'true' + needs: [check-renv, update-renv-cache] + if: always() + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - - uses: actions/checkout@v4 + - name: "Record cache result" - - name: "Trigger Build and Deploy Workflow" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - gh workflow run docker_build_deploy.yaml --ref main + echo "${{ needs.update-renv-cache.result == 'success' || needs.check-renv.outputs.renv-cache-available == 'true' || 'false' }}" > ${{ github.workspace }}/apply-cache-result shell: bash - continue-on-error: true + + - name: "Upload cache result" + uses: actions/upload-artifact@v4 + with: + name: apply-cache-result + path: ${{ github.workspace }}/apply-cache-result diff --git a/.github/workflows/docker_build_deploy.yaml b/.github/workflows/docker_build_deploy.yaml index 27343955..df3e8d1b 100644 --- a/.github/workflows/docker_build_deploy.yaml +++ b/.github/workflows/docker_build_deploy.yaml @@ -9,6 +9,10 @@ on: - '.github/workbench-docker-version.txt' schedule: - cron: '0 0 * * 2' + workflow_run: + workflows: ["03 Maintain: Apply Package Cache"] + types: + - completed workflow_dispatch: inputs: name: @@ -72,7 +76,6 @@ jobs: runs-on: ubuntu-latest needs: preflight if: | - always() && needs.preflight.outputs.do-build == 'true' && needs.preflight.outputs.workbench-update != 'true' env: diff --git a/.github/workflows/docker_pr_receive.yaml b/.github/workflows/docker_pr_receive.yaml index 12b16bf7..3d01d9dc 100644 --- a/.github/workflows/docker_pr_receive.yaml +++ b/.github/workflows/docker_pr_receive.yaml @@ -19,7 +19,6 @@ permissions: pull-requests: write jobs: - preflight: name: "Preflight: md-outputs exists?" runs-on: ubuntu-latest @@ -49,7 +48,9 @@ jobs: test-pr: name: "Record PR number" - if: ${{ github.event.action != 'closed' }} && ${{ needs.preflight.outputs.branch-exists == 'true' }} + if: | + github.event.action != 'closed' && + needs.preflight.outputs.branch-exists == 'true' runs-on: ubuntu-latest needs: preflight outputs: @@ -135,6 +136,7 @@ jobs: checks: write contents: write pages: write + id-token: write container: image: ghcr.io/carpentries/workbench-docker:${{ vars.WORKBENCH_TAG || 'latest' }} env: @@ -279,24 +281,3 @@ jobs: - name: "Teardown" run: sandpaper::reset_site() shell: Rscript {0} - - pr-checks: - name: "Trigger PR Checks?" - needs: - - test-pr - - build-md-source - runs-on: ubuntu-latest - if: needs.test-pr.outputs.is_valid == 'true' - permissions: - actions: write - checks: write - steps: - - name: "Checkout Lesson" - uses: actions/checkout@v4 - - - name: "Trigger PR Checks" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: | - gh workflow run pr-comment.yaml --ref main --field workflow_id=${{ github.run_id }} - shell: bash diff --git a/.github/workflows/pr-comment.yaml b/.github/workflows/pr-comment.yaml index cbf0e2b2..7614abd0 100644 --- a/.github/workflows/pr-comment.yaml +++ b/.github/workflows/pr-comment.yaml @@ -1,14 +1,10 @@ name: "Bot: Comment on the Pull Request" description: "Comment on the pull request with the results of the markdown generation" on: - workflow_dispatch: - inputs: - workflow_id: - required: true - -concurrency: - group: pr-${{ github.event.workflow_run.pull_requests[0].number }} - cancel-in-progress: true + workflow_run: + workflows: ["Bot: Receive Pull Request"] + types: + - completed jobs: # Pull requests are valid if: @@ -18,16 +14,6 @@ jobs: test-pr: name: "Test if pull request is valid" runs-on: ubuntu-latest - if: > - github.event_name == 'workflow_dispatch' || - ( - github.event_name == 'workflow_run' && - ( - github.event.workflow_run.event == 'pull_request' || - github.event.workflow_run.event == 'workflow_dispatch' - ) && - github.event.workflow_run.conclusion == 'success' - ) outputs: is_valid: ${{ steps.check-pr.outputs.VALID }} payload: ${{ steps.check-pr.outputs.payload }} @@ -38,7 +24,7 @@ jobs: id: dl uses: carpentries/actions/download-workflow-artifact@main with: - run: ${{ github.event.workflow_run.id || inputs.workflow_id }} + run: ${{ github.event.workflow_run.id }} name: 'pr' - name: "Get PR Number" @@ -79,11 +65,9 @@ jobs: - name: "Skip checks for Workbench version file updates" if: steps.changed-files.outputs.only_version_file == 'true' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | - echo "Only workbench-docker-version.txt changed, skipping preflight checks and running cache update" - gh workflow run update-cache.yaml --ref main + echo "# 🔧 Wait for Next Cache Update #" + echo "Only workbench-docker-version.txt changed." exit 0 shell: bash @@ -138,7 +122,7 @@ jobs: id: dl uses: carpentries/actions/download-workflow-artifact@main with: - run: ${{ github.event.workflow_run.id || inputs.workflow_id }} + run: ${{ github.event.workflow_run.id }} name: 'built' - if: steps.dl.outputs.success == 'true' @@ -177,7 +161,7 @@ jobs: id: dl uses: carpentries/actions/download-workflow-artifact@main with: - run: ${{ github.event.workflow_run.id || inputs.workflow_id }} + run: ${{ github.event.workflow_run.id }} name: 'diff' - if: steps.dl.outputs.success == 'true' @@ -210,7 +194,7 @@ jobs: id: dl uses: carpentries/actions/download-workflow-artifact@main with: - run: ${{ github.event.workflow_run.id || inputs.workflow_id }} + run: ${{ github.event.workflow_run.id }} name: 'built' - name: "Alert if spoofed" diff --git a/.github/workflows/sandpaper-version.txt b/.github/workflows/sandpaper-version.txt index 0cc98846..543466e4 100644 --- a/.github/workflows/sandpaper-version.txt +++ b/.github/workflows/sandpaper-version.txt @@ -1 +1 @@ -0.18.4 +0.18.5 diff --git a/.github/workflows/update-cache.yaml b/.github/workflows/update-cache.yaml index 27b6d1cd..ce318f6f 100644 --- a/.github/workflows/update-cache.yaml +++ b/.github/workflows/update-cache.yaml @@ -154,7 +154,7 @@ jobs: steps.update.outputs.n > 0 uses: carpentries/create-pull-request@main with: - token: ${{ steps.set-pat.outputs.pat || secrets.SANDPAPER_WORKFLOW || secrets.GITHUB_TOKEN }} + token: ${{ steps.set-pat.outputs.pat || secrets.SANDPAPER_WORKFLOW }} delete-branch: true branch: "update/packages" commit-message: "[actions] update ${{ steps.update.outputs.n }} packages" @@ -188,13 +188,3 @@ jobs: run: | echo "No updates needed, skipping PR creation" shell: bash - - # thanks @Bisaloo! - https://github.com/carpentries/sandpaper/issues/646#issuecomment-2829578435 - # only trigger checks manually if the validate-token step had no valid AWS or SANDPAPER_WORKFLOW token - - name: "Trigger checks" - if: | - steps.cpr.outputs.pull-request-number != '' && - steps.validate-org-workflow.outputs.is_valid != 'true' - run: | - gh workflow run docker_pr_receive.yaml --field pr_number=${{ steps.cpr.outputs.pull-request-number }} - shell: bash