Scheduled worklow refactor

Moving towards weaning off the workflow templates into a unified CI workflow file. We're refactoring the way sheduled jobs start so they work like nightly builds and can be restarted if they fail.
saltstack · Feb 26, 2025 · fea6778 · fea6778
1 parent 0ad9b3b
commit fea6778
Show file tree

Hide file tree

Showing 8 changed files with 93 additions and 101 deletions.
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
@@ -27,7 +27,6 @@ env:
 permissions:
   contents: read  # for dorny/paths-filter to fetch a list of changed files
   pull-requests: read  # for dorny/paths-filter to read pull requests
-  actions: write  # to trigger branch nightly builds
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.repository }}-${{ github.head_ref || github.run_id }}

diff --git a/.github/workflows/run-nightly.yml b/.github/workflows/run-nightly.yml
@@ -44,7 +44,7 @@ jobs:
             echo "requirements-met=true" >> "${GITHUB_OUTPUT}"
           fi
 
-  trigger-branch-nightly-builds:
+  trigger-builds:
     name: Trigger Branch Workflows
     if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }}
     runs-on: ubuntu-24.04

diff --git a/.github/workflows/run-scheduled.yml b/.github/workflows/run-scheduled.yml
@@ -0,0 +1,70 @@
+name: Run Scheduled Builds
+
+on:
+  workflow_dispatch: {}
+  schedule:
+    # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule
+    - cron: '0 */8 * * *'  # Run every 8 hours
+
+permissions:
+  contents: read  # for dorny/paths-filter to fetch a list of changed files
+  pull-requests: read  # for dorny/paths-filter to read pull requests
+  actions: write  # to trigger branch nightly builds
+
+jobs:
+
+  workflow-requirements:
+    name: Check Workflow Requirements
+    runs-on: ubuntu-22.04
+    outputs:
+      requirements-met: ${{ steps.check-requirements.outputs.requirements-met }}
+    steps:
+      - name: Check Requirements
+        id: check-requirements
+        run: |
+          if [ "${{ vars.RUN_SCHEDULED_BUILDS }}" = "1" ]; then
+            MSG="Running workflow because RUN_SCHEDULED_BUILDS=1"
+            echo "${MSG}"
+            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
+            echo "requirements-met=true" >> "${GITHUB_OUTPUT}"
+          elif [ "${{ github.event.repository.fork }}" = "true" ]; then
+            MSG="Not running workflow because ${{ github.repository }} is a fork"
+            echo "${MSG}"
+            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
+            echo "requirements-met=false" >> "${GITHUB_OUTPUT}"
+          elif [ "${{ github.event.repository.private }}" = "true" ]; then
+            MSG="Not running workflow because ${{ github.repository }} is a private repository"
+            echo "${MSG}"
+            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
+            echo "requirements-met=false" >> "${GITHUB_OUTPUT}"
+          else
+            MSG="Running workflow because ${{ github.repository }} is not a fork"
+            echo "${MSG}"
+            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
+            echo "requirements-met=true" >> "${GITHUB_OUTPUT}"
+          fi
+
+  trigger-builds:
+    name: Trigger Branch Workflows
+    if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }}
+    runs-on: ubuntu-24.04
+    needs:
+      - workflow-requirements
+    environment: workflow-restart
+    strategy:
+      matrix:
+        branch: [3006.x, 3007.x, master]
+    steps:
+
+      - name: Generate a token
+        id: generate-token
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ vars.APP_ID }}
+          private-key: ${{ secrets.APP_PRIVATE_KEY }}
+
+      - name: Trigger ${{ matrix.branch }} branch
+        env:
+          GH_TOKEN: ${{ steps.generate-token.outputs.token }}
+        run: |
+          gh workflow run nightly.yml --repo ${{ github.repository }} --ref ${{ matrix.branch }}
diff --git a/.github/workflows/scheduled.yml b/.github/workflows/scheduled.yml
@@ -6,9 +6,16 @@ name: Scheduled
 run-name: "Scheduled (branch: ${{ github.ref_name }})"
 
 on:
-  schedule:
-    # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule
-    - cron: '0 */8 * * *'  # Run every 8 hours
+  workflow_dispatch:
+    inputs:
+      skip-salt-test-suite:
+        type: boolean
+        default: false
+        description: Skip running the Salt test suite.
+      skip-salt-pkg-test-suite:
+        type: boolean
+        default: false
+        description: Skip running the Salt packages test suite.
 
 env:
   COLUMNS: 190
@@ -20,73 +27,18 @@ env:
 permissions:
   contents: read  # for dorny/paths-filter to fetch a list of changed files
   pull-requests: read  # for dorny/paths-filter to read pull requests
-  actions: write  # to trigger branch scheduled builds
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.head_ref || github.run_id }}
   cancel-in-progress: false
 
 jobs:
 
-  workflow-requirements:
-    name: Check Workflow Requirements
-    runs-on: ubuntu-22.04
-    outputs:
-      requirements-met: ${{ steps.check-requirements.outputs.requirements-met }}
-    steps:
-      - name: Check Requirements
-        id: check-requirements
-        run: |
-          if [ "${{ vars.RUN_SCHEDULED_BUILDS }}" = "1" ]; then
-            MSG="Running workflow because RUN_SCHEDULED_BUILDS=1"
-            echo "${MSG}"
-            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
-            echo "requirements-met=true" >> "${GITHUB_OUTPUT}"
-          elif [ "${{ github.event.repository.fork }}" = "true" ]; then
-            MSG="Not running workflow because ${{ github.repository }} is a fork"
-            echo "${MSG}"
-            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
-            echo "requirements-met=false" >> "${GITHUB_OUTPUT}"
-          elif [ "${{ github.event.repository.private }}" = "true" ]; then
-            MSG="Not running workflow because ${{ github.repository }} is a private repository"
-            echo "${MSG}"
-            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
-            echo "requirements-met=false" >> "${GITHUB_OUTPUT}"
-          else
-            MSG="Running workflow because ${{ github.repository }} is not a fork"
-            echo "${MSG}"
-            echo "${MSG}" >> "${GITHUB_STEP_SUMMARY}"
-            echo "requirements-met=true" >> "${GITHUB_OUTPUT}"
-          fi
-
-  trigger-branch-scheduled-builds:
-    name: Trigger Branch Workflows
-    if: ${{ github.event_name == 'schedule' && fromJSON(needs.workflow-requirements.outputs.requirements-met) }}
-    runs-on: ubuntu-22.04
-    needs:
-      - workflow-requirements
-
-    steps:
-
-      - name: Trigger 3006.x branch
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          gh workflow run scheduled.yml --repo ${{ github.repository }} --ref 3006.x
-
-      - name: Trigger 3007.x branch
-        env:
-          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: |
-          gh workflow run scheduled.yml --repo ${{ github.repository }} --ref 3007.x
-
   prepare-workflow:
     name: Prepare Workflow Run
     runs-on: ubuntu-22.04
     environment: ci
     if: ${{ fromJSON(needs.workflow-requirements.outputs.requirements-met) }}
-    needs:
-      - workflow-requirements
     outputs:
       changed-files: ${{ steps.process-changed-files.outputs.changed-files }}
       salt-version: ${{ steps.setup-salt-version.outputs.salt-version }}
@@ -571,8 +523,6 @@ jobs:
     if: always()
     runs-on: ubuntu-22.04
     needs:
-      - workflow-requirements
-      - trigger-branch-scheduled-builds
       - prepare-workflow
       - pre-commit
       - lint

diff --git a/.github/workflows/templates/nightly.yml.jinja b/.github/workflows/templates/nightly.yml.jinja
@@ -37,9 +37,6 @@ concurrency:
 
 <%- block permissions %>
 <{- super() }>
-<%- if workflow_slug == "nightly" %>
-  actions: write  # to trigger branch nightly builds
-<%- endif %>
 <%- endblock permissions %>
 
 <%- block pre_jobs %>

diff --git a/.github/workflows/templates/scheduled.yml.jinja b/.github/workflows/templates/scheduled.yml.jinja
@@ -14,9 +14,17 @@ run-name: "<{ workflow_name }> (branch: ${{ github.ref_name }})"
 <%- block on %>
 
 on:
-  schedule:
-    # https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onschedule
-    - cron: '0 */8 * * *'  # Run every 8 hours
+  workflow_dispatch:
+    inputs:
+      skip-salt-test-suite:
+        type: boolean
+        default: false
+        description: Skip running the Salt test suite.
+      skip-salt-pkg-test-suite:
+        type: boolean
+        default: false
+        description: Skip running the Salt packages test suite.
+
 
 <%- endblock %>
 
@@ -31,14 +39,9 @@ concurrency:
 
 <%- block permissions %>
 <{- super() }>
-<%- if workflow_slug == "scheduled" %>
-  actions: write  # to trigger branch scheduled builds
-<%- endif %>
 <%- endblock permissions %>
 
 <%- block pre_jobs %>
 
-  <%- include "workflow-requirements-check.yml.jinja" %>
-  <%- include "trigger-branch-workflows.yml.jinja" %>
 
 <%- endblock pre_jobs %>
diff --git a/.github/workflows/workflow-finished.yml b/.github/workflows/workflow-finished.yml
@@ -3,7 +3,7 @@ run-name: Workflow Finished ${{ github.event.workflow_run.display_title }} (${{
 
 on:
   workflow_run:
-    workflows: [Nightly, Scheduled, Stage Release]
+    workflows: [CI, Nightly, Scheduled, Stage Release]
     types:
       - completed
 

diff --git a/.github/workflows/workflow-pr-finished.yml b/.github/workflows/workflow-pr-finished.yml