`
- lint_gh_actions:
- name: Lint GitHub Actions yaml files
- runs-on: ubuntu-latest
- needs: changed_files
- if: needs.changed_files.outputs.ghactionsfiles == 'true' || needs.changed_files.outputs.misc == 'true'
- timeout-minutes: 5 # 2021-03-24: Pnpm stuff takes about a minute.
- steps:
- - uses: actions/checkout@v3
-
- - name: Setup tools
- uses: ./.github/actions/tool-setup
- with:
- php: false
-
- - run: pnpm install
- - name: Run lint
- run: ./tools/js-tools/lint-gh-actions.js -v '.github/workflows/*.{yml,yaml}' '.github/actions/*/action.{yml,yaml}' 'projects/github-actions/*/action.{yml,yaml}'
-
- ### Checks that copied files (e.g. readme, license) are in sync
- # Local equivalent: `./tools/check-copied-files.sh`
- copied_files:
- name: Copied files are in sync
- runs-on: ubuntu-latest
- timeout-minutes: 1 # 2021-01-18: Successful runs seem to take a few seconds.
-
- steps:
- - uses: actions/checkout@v3
- - run: ./tools/check-copied-files.sh
-
- ### Runs tools/cleanup-excludelists.sh and checks for any changes
- # Local equivalent: `tools/cleanup-excludelists.sh`
- check_excludelists:
- name: Check linter exclude lists
- runs-on: ubuntu-latest
- needs: changed_files
- if: needs.changed_files.outputs.excludelist == 'true'
- timeout-minutes: 10 # 2022-05-11: The check itself takes 4 minutes.
- steps:
- - uses: actions/checkout@v3
-
- - name: Setup tools
- uses: ./.github/actions/tool-setup
-
- - run: composer install
- - name: Monorepo pnpm install
- run: pnpm install
-
- - name: Cleanup excludelists
- run: tools/cleanup-excludelists.sh
- - name: Check for changes to exclude lists
- run: tools/js-tools/check-excludelist-diff.js
-
- ### Checks that changelogger change files are being created.
- # Local equivalent: Probably `tools/check-changelogger-use.php origin/trunk HEAD`
- changelogger_used:
- name: Changelogger use
- runs-on: ubuntu-latest
- timeout-minutes: 5 # 2021-03-24: Takes about a minute.
- steps:
- # We don't need full git history, but tools/check-changelogger-use.php does need everything up to the merge-base.
- - uses: actions/checkout@v3
- with:
- ref: ${{ github.event.pull_request.head.sha }}
- fetch-depth: 10
- - uses: ./.github/actions/deepen-to-merge-base
-
- - name: Setup tools
- uses: ./.github/actions/tool-setup
- with:
- node: false
-
- - name: Check change files are touched for touched projects
- env:
- BASE: ${{ github.event.pull_request.base.sha }}
- HEAD: ${{ github.event.pull_request.head.sha }}
- run: tools/check-changelogger-use.php --debug "$BASE" "$HEAD"
-
- ### Checks that changelogger change files are valid.
- # Local equivalent: `./tools/changelogger-validate-all.sh`
- changelogger_valid:
- name: Changelogger validity
- runs-on: ubuntu-latest
- timeout-minutes: 5 # 2021-03-24: Takes about a minute
- steps:
- - uses: actions/checkout@v3
-
- - name: Setup tools
- uses: ./.github/actions/tool-setup
- with:
- node: false
-
- - name: Check change file validity
- run: tools/changelogger-validate-all.sh -vv
-
- ### Checks that lock files are up to date.
- # Local equivalent: .github/files/check-lock-files.sh
- # Note that may modify lock files in your working tree!
- lock_files:
- name: "Lock files are up to date"
- runs-on: ubuntu-latest
- needs: changed_files
- if: needs.changed_files.outputs.lockfiles == 'true' || needs.changed_files.outputs.misc == 'true'
- timeout-minutes: 7 # 2021-03-17: Successful runs seem to take 3+ minutes, thanks to pnpm building stuff.
- steps:
- - uses: actions/checkout@v3
-
- - name: Setup tools
- uses: ./.github/actions/tool-setup
-
- - run: .github/files/check-lock-files.sh
-
- ### Check that monorepo packages are correctly referenced.
- # Local equivalent: tools/check-intra-monorepo-deps.sh -v && .github/files/check-monorepo-package-repos.sh
- monorepo_package_refs:
- name: Monorepo package version refs
- runs-on: ubuntu-latest
- needs: changed_files
- if: needs.changed_files.outputs.lockfiles == 'true' || needs.changed_files.outputs.misc == 'true'
- timeout-minutes: 5 # 2022-03-25: The pnpm install will probably take a minute or so.
- steps:
- - uses: actions/checkout@v3
- - name: Setup tools
- uses: ./.github/actions/tool-setup
- - run: pnpm install
- - run: tools/check-intra-monorepo-deps.sh -v
- - run: .github/files/check-monorepo-package-repos.sh
-
- ### Checks against project structure, e.g. that composer.json exists.
- # Local equivalent: `./.github/files/lint-project-structure.sh`
- project_structure:
- name: Project structure
- runs-on: ubuntu-latest
- timeout-minutes: 5 # 2021-03-24: Pnpm stuff takes about a minute.
- steps:
- - uses: actions/checkout@v3
-
- - name: Setup tools
- uses: ./.github/actions/tool-setup
-
- - run: pnpm install
- - run: .github/files/lint-project-structure.sh
diff --git a/.github/workflows/phpcompatibility-dev.yml b/.github/workflows/phpcompatibility-dev.yml
deleted file mode 100644
index 9185c6a65c866..0000000000000
--- a/.github/workflows/phpcompatibility-dev.yml
+++ /dev/null
@@ -1,82 +0,0 @@
-# This Github Action is temporary, to run the development version of PHPCompatibility to test for PHP 8 issues.
-#
-# Once we're getting that by default (likely due to an upgrade of automattic/jetpack-codesniffer to pull a version of phpcompatibility/phpcompatibility-wp that pulls phpcompatibility/php-compatibility 10.0+),
-# this action and .github/files/phpcompatibility-dev-phpcs.xml should be deleted.
-
-name: PHP Compatibility
-
-on: pull_request
-concurrency:
- group: phpcompatibility-dev-${{ github.event_name }}-${{ github.ref }}
- cancel-in-progress: true
-
-env:
- COMPOSER_ROOT_VERSION: "dev-trunk"
-
-jobs:
- changed_files:
- name: detect changed files
- runs-on: ubuntu-latest
- timeout-minutes: 1 # 2021-01-18: Successful runs seem to take a few seconds.
- outputs:
- php: ${{ steps.filter.outputs.php }}
- misc: ${{ steps.filter.outputs.misc }}
-
- steps:
- - uses: dorny/paths-filter@v2
- id: filter
- with:
- filters: |
- php:
- # If any PHP file changed, they need checking.
- - '**.php'
- misc:
- # If composer or phpcs config changed, there may be a new standard.
- - 'composer.json'
- - 'composer.lock'
- - '.phpcs.config.xml'
- - '.phpcs.xml.dist'
- - '.phpcsignore'
- - '**/.phpcs.dir.xml'
- - '**/.phpcsignore'
- # If other files used by this workflow changed, run it to test those changes.
- - '.github/files/phpcompatibility-dev-phpcs.xml'
- - '.github/matchers/phpcs-problem-matcher.json'
- - '.github/workflows/phpcompatibility-dev.yml'
-
- phpcompatibility:
- name: dev branch for PHP 8.0
- runs-on: ubuntu-latest
- needs: changed_files
- if: needs.changed_files.outputs.php == 'true' || needs.changed_files.outputs.misc == 'true'
- timeout-minutes: 5 # 2021-01-18: Successful runs seem to take ~1 minute.
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Setup tools
- uses: ./.github/actions/tool-setup
- with:
- node: false
-
- - name: Install dependencies
- run: composer install
-
- - name: Upgrade PHPCompatibility
- run: |
- if [[ -e vendor/phpcompatibility/php-compatibility/PHPCompatibility/Sniffs/ControlStructures/NewNonCapturingCatchSniff.php ]]; then
- echo "::error file=.github/workflows/phpcompatibility-dev.yml,line=4,col=1::It looks like PHPCompatibility is already at version 10.0, making this Github Action obsolete. Please remove it."
- exit 1
- fi
- composer remove --dev --no-update automattic/jetpack-codesniffer
- composer require --dev --no-update phpcompatibility/php-compatibility=dev-develop
- # Update any other packages needing update now too.
- composer update
- # Even though we uninstalled our codesniffer package, we need the compat rulesets to be found.
- vendor/bin/phpcs --config-set installed_paths "$(vendor/bin/phpcs --config-show | sed -n 's/^installed_paths: //p'),../../../projects/packages/codesniffer"
-
- - name: Run phpcs for PHPCompatibility
- run: |
- echo "::add-matcher::.github/matchers/phpcs-problem-matcher.json"
- vendor/bin/phpcs -p -s --report=emacs --standard=.github/files/phpcompatibility-dev-phpcs.xml
- echo "::remove-matcher owner=phpcs"
diff --git a/.github/workflows/post-build.yml b/.github/workflows/post-build.yml
deleted file mode 100644
index 45105ca51e09b..0000000000000
--- a/.github/workflows/post-build.yml
+++ /dev/null
@@ -1,290 +0,0 @@
-name: Post-Build
-run-name: Post-Build on ${{ github.event.workflow_run.head_branch }}
-on:
- workflow_run:
- types: [ 'completed' ]
- workflows:
- - Build
-concurrency:
- # Cancel concurrent jobs on pull_request but not push, by including the run_id in the concurrency group for the latter.
- group: post-build-${{ github.event.workflow_run.event == 'push' && github.run_id || 'pr' }}-${{ github.event.workflow_run.head_branch }}
- cancel-in-progress: true
-
-env:
- COMPOSER_ROOT_VERSION: "dev-trunk"
- SUMMARY: Post-Build run [#${{ github.run_id }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for Build run [#${{ github.event.workflow_run.id }}](${{ github.event.workflow_run.html_url }})
-
-permissions:
- actions: read
- contents: read
- pull-requests: read
-
-# Note the job logic here is a bit unusual. That's because this workflow is triggered by `workflow_run`, and so is not shown on the PR by default.
-# Instead we have to manually report back, including where we could normally just skip or let a failure be handled.
-# - If the "Build" job failed, we need to set our status as failed too (build_failed).
-# - If the find_artifact job fails for some reason, we need a step to explicitly report that back.
-# - If no plugins are found, we need to explicitly report back a "skipped" status.
-# - And the upgrade_test job both explicitly sets "in progress" at its start and updates at its end.
-#
-# If you're wanting to add a new check, you'd want to do the following:
-# - Add a step in the `setup` workflow to create your check, and a corresponding output for later steps to have the ID.
-# - Add a step in the `build_failed` workflow to set your run to cancelled.
-# - Add a job to run whatever tests you need to run, with steps similar to the `upgrade_test` workflow's "Get token", "Notify check in progress", and "Notify final status".
-# - Add a step in the `no_plugins` workflow to set your run to skipped if your job only runs when there are plugins built.
-
-jobs:
- setup:
- name: Setup
- runs-on: ubuntu-latest
- timeout-minutes: 2 # 2022-12-20: Seems like it should be fast.
- outputs:
- upgrade_check: ${{ steps.upgrade_check.outputs.id }}
- steps:
- - uses: actions/checkout@v3
-
- - name: Get token
- id: get_token
- uses: ./.github/actions/gh-app-token
- with:
- app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }}
- private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }}
-
- - name: 'Create "Test plugin upgrades" check'
- id: upgrade_check
- uses: ./.github/actions/check-run
- with:
- name: Test plugin upgrades
- sha: ${{ github.event.workflow_run.head_sha }}
- status: queued
- title: Test queued...
- summary: |
- ${{ env.SUMMARY }}
- token: ${{ steps.get_token.outputs.token }}
-
- build_failed:
- name: Handle build failure
- runs-on: ubuntu-latest
- needs: setup
- if: github.event.workflow_run.conclusion != 'success'
- timeout-minutes: 2 # 2022-08-26: Seems like it should be fast.
- steps:
- - uses: actions/checkout@v3
-
- - name: Get token
- id: get_token
- uses: ./.github/actions/gh-app-token
- with:
- app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }}
- private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }}
-
- - name: 'Mark "Test plugin upgrades" cancelled'
- uses: ./.github/actions/check-run
- with:
- id: ${{ needs.setup.outputs.upgrade_check }}
- conclusion: cancelled
- title: Build failed
- summary: |
- ${{ env.SUMMARY }}
-
- Post-build run aborted because the build did not succeed.
- token: ${{ steps.get_token.outputs.token }}
-
- find_artifact:
- name: Find artifact
- runs-on: ubuntu-latest
- needs: setup
- if: github.event.workflow_run.conclusion == 'success'
- timeout-minutes: 2 # 2022-08-26: Seems like it should be fast.
- outputs:
- zip_url: ${{ steps.run.outputs.zip_url }}
- any_plugins: ${{ steps.run.outputs.any_plugins }}
- steps:
- - uses: actions/checkout@v3
-
- - name: Find artifact
- id: run
- env:
- TOKEN: ${{ github.token }}
- URL: ${{ github.event.workflow_run.artifacts_url }}
- run: |
- for (( i=1; i<=5; i++ )); do
- [[ $i -gt 1 ]] && sleep 10
- echo "::group::Fetch list of artifacts (attempt $i/5)"
- JSON="$(curl -v -L --get \
- --header "Authorization: token $TOKEN" \
- --url "$URL"
- )"
- echo "$JSON"
- echo "::endgroup::"
- ZIPURL="$(jq -r '.artifacts[] | select( .name == "jetpack-build" ) | .archive_download_url' <<<"$JSON")"
- PLUGINS="$(jq -r '.artifacts[] | select( .name == "plugins.tsv" )' <<<"$JSON")"
- if [[ -n "$ZIPURL" ]]; then
- break
- fi
- done
- [[ -z "$ZIPURL" ]] && { echo "::error::Failed to find artifact."; exit 1; }
- echo "Zip URL: $ZIPURL"
- echo "zip_url=${ZIPURL}" >> "$GITHUB_OUTPUT"
- if [[ -z "$PLUGINS" ]]; then
- echo "Any plugins? No"
- echo "any_plugins=false" >> "$GITHUB_OUTPUT"
- else
- echo "Any plugins? Yes"
- echo "any_plugins=true" >> "$GITHUB_OUTPUT"
- fi
-
- - name: Get token
- id: get_token
- if: ${{ ! success() }}
- uses: ./.github/actions/gh-app-token
- with:
- app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }}
- private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }}
- - name: 'Mark "Test plugin upgrades" failed'
- if: ${{ ! success() }}
- uses: ./.github/actions/check-run
- with:
- id: ${{ needs.setup.outputs.upgrade_check }}
- conclusion: failure
- title: Failed to find build artifact
- summary: |
- ${{ env.SUMMARY }}
-
- Post-build run aborted because the "Find artifact" step failed.
- token: ${{ steps.get_token.outputs.token }}
-
- no_plugins:
- name: Handle no-plugins
- runs-on: ubuntu-latest
- needs: [ setup, find_artifact ]
- if: needs.find_artifact.outputs.any_plugins == 'false'
- timeout-minutes: 2 # 2022-08-26: Seems like it should be fast.
- steps:
- - uses: actions/checkout@v3
-
- - name: Get token
- id: get_token
- uses: ./.github/actions/gh-app-token
- with:
- app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }}
- private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }}
-
- - name: 'Mark "Test plugin upgrades" skipped'
- uses: ./.github/actions/check-run
- with:
- id: ${{ needs.setup.outputs.upgrade_check }}
- conclusion: skipped
- title: No plugins were built
- summary: |
- ${{ env.SUMMARY }}
-
- Post-build run skipped because no plugins were built.
- token: ${{ steps.get_token.outputs.token }}
-
- upgrade_test:
- name: Test plugin upgrades
- runs-on: ubuntu-latest
- needs: [ setup, find_artifact ]
- if: needs.find_artifact.outputs.any_plugins == 'true'
- timeout-minutes: 15 # 2022-08-26: Successful runs seem to take about 6 minutes, but give some extra time for the downloads.
- services:
- db:
- image: mariadb:lts
- env:
- MARIADB_ROOT_PASSWORD: wordpress
- ports:
- - 3306:3306
- options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=5
- container:
- image: ghcr.io/automattic/jetpack-wordpress-dev:latest
- env:
- WP_DOMAIN: localhost
- WP_ADMIN_USER: wordpress
- WP_ADMIN_EMAIL: wordpress@example.com
- WP_ADMIN_PASSWORD: wordpress
- WP_TITLE: Hello World
- MYSQL_HOST: db:3306
- MYSQL_DATABASE: wordpress
- MYSQL_USER: root
- MYSQL_PASSWORD: wordpress
- HOST_PORT: 80
- ports:
- - 80:80
- steps:
- - uses: actions/checkout@v3
- with:
- path: trunk
- - uses: actions/checkout@v3
- with:
- ref: ${{ github.event.workflow_run.head_commit.id }}
- path: commit
-
- - name: Get token
- id: get_token
- uses: ./trunk/.github/actions/gh-app-token
- env:
- # Work around a weird node 16/openssl 3 issue in the docker env
- OPENSSL_CONF: '/dev/null'
- with:
- app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }}
- private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }}
-
- - name: Notify check in progress
- uses: ./trunk/.github/actions/check-run
- with:
- id: ${{ needs.setup.outputs.upgrade_check }}
- status: in_progress
- title: Test started...
- summary: |
- ${{ env.SUMMARY }}
-
- See run [#${{ github.run_id }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details.
- token: ${{ steps.get_token.outputs.token }}
-
- - name: Download build artifact
- env:
- TOKEN: ${{ github.token }}
- ZIPURL: ${{ needs.find_artifact.outputs.zip_url }}
- shell: bash
- run: |
- for (( i=1; i<=2; i++ )); do
- [[ $i -gt 1 ]] && sleep 10
- echo "::group::Downloading artifact (attempt $i/2)"
- curl -v -L --get \
- --header "Authorization: token $TOKEN" \
- --url "$ZIPURL" \
- --output "artifact.zip"
- echo "::endgroup::"
- if [[ -e "artifact.zip" ]] && zipinfo artifact.zip &>/dev/null; then
- break
- fi
- done
- [[ ! -e "artifact.zip" ]] && { echo "::error::Failed to download artifact."; exit 1; }
- unzip artifact.zip
- tar --xz -xvvf build.tar.xz build
-
- - name: Setup WordPress
- run: trunk/.github/files/test-plugin-update/setup.sh
-
- - name: Prepare plugin zips
- id: zips
- run: trunk/.github/files/test-plugin-update/prepare-zips.sh
-
- - name: Test upgrades
- id: tests
- run: trunk/.github/files/test-plugin-update/test.sh
-
- - name: Notify final status
- if: always()
- uses: ./trunk/.github/actions/check-run
- with:
- id: ${{ needs.setup.outputs.upgrade_check }}
- conclusion: ${{ job.status }}
- title: ${{ job.status == 'success' && 'Tests passed' || job.status == 'cancelled' && 'Cancelled' || 'Tests failed' }}
- summary: |
- ${{ env.SUMMARY }}
-
- ${{ steps.zips.outputs.info }}${{ steps.tests.outputs.info }}
-
- See run [#${{ github.run_id }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details.
- token: ${{ steps.get_token.outputs.token }}
diff --git a/.github/workflows/pr-is-up-to-date.yml b/.github/workflows/pr-is-up-to-date.yml
deleted file mode 100644
index 95cc296603b76..0000000000000
--- a/.github/workflows/pr-is-up-to-date.yml
+++ /dev/null
@@ -1,87 +0,0 @@
-name: PR is up-to-date
-on:
- pull_request_target:
- branches: [ trunk ]
- push:
- branches: [ trunk ]
- tags:
- - pr-update-to
- - pr-update-to-projects/**
-
-jobs:
- check:
- name: Check
- runs-on: ubuntu-latest
- timeout-minutes: 5 # 2021-03-23: The run on push to the tag might take a minute or two.
- steps:
-
- # We basically have two workflows in one here, one for pushes to trunk and one for PRs and pushes to tags.
- # The reason we don't separate them into two is because GitHub's UI would then always be showing a skipped job
- # in the PR check list, which is kind of annoying.
-
- # First, the "PR or tag" job.
-
- - name: Checkout trunk for tag push or PR
- uses: actions/checkout@v3
- if: github.event_name != 'push' || github.ref != 'refs/heads/trunk'
- with:
- ref: trunk
- token: ${{ secrets.API_TOKEN_GITHUB }}
-
- # On a PR, we need to fetch (but not check out) the actual PR too.
- - name: Deepen to merge base
- if: github.event_name != 'push'
- uses: ./.github/actions/deepen-to-merge-base
- with:
- checkout: false
-
- - name: Determine tags for PR or tag and paths for tag push
- id: determine
- if: github.event_name != 'push' || github.ref != 'refs/heads/trunk'
- env:
- REF: ${{ github.event.pull_request.head.sha }}
- run: |
- TAGS=()
- TAG=
- PATHS=
- if [[ "$GITHUB_EVENT_NAME" == "push" ]]; then
- TAG="${GITHUB_REF#refs/tags/}"
- if [[ "$TAG" == pr-update-to-* ]]; then
- PATHS="${TAG#pr-update-to-}"
- fi
- else
- TMP="$(git -c core.quotepath=off diff --name-only "origin/trunk...${REF}" projects/*/*/ | sed -nE 's!^(projects/[^/]+/[^/]+)/.*!pr-update-to-\1!p' | sort -u)"
- mapfile -t TAGS <<<"$TMP"
- TAGS+=( pr-update-to )
- fi
- echo "pr-tags=${TAGS[*]}" >> "$GITHUB_OUTPUT"
- echo "push-tag=$TAG" >> "$GITHUB_OUTPUT"
- echo "push-paths=$PATHS" >> "$GITHUB_OUTPUT"
-
- - name: Check PR or tag push
- if: github.event_name != 'push' || github.ref != 'refs/heads/trunk'
- uses: ./projects/github-actions/pr-is-up-to-date
- with:
- tags: ${{ steps.determine.outputs.pr-tags }}
- tag: ${{ steps.determine.outputs.push-tag }}
- paths: ${{ steps.determine.outputs.push-paths }}
- token: ${{ secrets.API_TOKEN_GITHUB }}
- status: PR is up to date
-
- # Second, the "push to trunk" job.
-
- - name: Checkout push to trunk
- uses: actions/checkout@v3
- if: github.event_name == 'push' && github.ref == 'refs/heads/trunk'
- with:
- # The "Check whether the tag needs updating for trunk commit" needs the previous commit for diffing.
- fetch-depth: 2
- token: ${{ secrets.API_TOKEN_GITHUB }}
-
- - name: Wait for prior instances of the workflow to finish
- if: github.event_name == 'push' && github.ref == 'refs/heads/trunk'
- uses: ./.github/actions/turnstile
-
- - name: Check whether the tag needs updating for trunk commit
- if: github.event_name == 'push' && github.ref == 'refs/heads/trunk'
- run: .github/files/pr-update-to.sh
diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml
index 8147506ab3dde..08cb7306c0e22 100644
--- a/.github/workflows/renovate.yml
+++ b/.github/workflows/renovate.yml
@@ -18,8 +18,6 @@ on:
- full
- lookup
- extract
- schedule:
- - cron: '0 0/2 * * *'
concurrency:
group: renovate-${{ github.ref }}
diff --git a/.github/workflows/slack-branch-existence-notification.yml b/.github/workflows/slack-branch-existence-notification.yml
deleted file mode 100644
index db94094d30f2c..0000000000000
--- a/.github/workflows/slack-branch-existence-notification.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-name: Slack branch existence notification
-on:
- create:
- delete:
-
-jobs:
- notify:
- name: Notify
- runs-on: ubuntu-latest
- timeout-minutes: 5 # 2022-11-22: Shouldn't take long.
- if: github.event.ref == 'prerelease'
-
- steps:
- - uses: actions/checkout@v3
- with:
- ref: trunk
- - name: Generate message
- id: message
- run: |
- source .github/files/gh-funcs.sh
-
- if [[ "$GITHUB_EVENT_NAME" == 'create' ]]; then
- gh_set_output message "$(
- jq -nc --slurpfile event "$GITHUB_EVENT_PATH" '$event[0] as $e | {
- icon_emoji: ":lock:",
- text: "Incoming release! Prerelease branch was created by \( $e.sender.login ).",
- blocks: [
- {
- type: "section",
- text: {
- type: "mrkdwn",
- text: ":holdontoyourbutts: Incoming release! Prerelease branch was created by \( $e.sender.login ).",
- },
- }
- ],
- }'
- )"
- elif [[ "$GITHUB_EVENT_NAME" == 'delete' ]]; then
- gh_set_output message "$(
- jq -nc --slurpfile event "$GITHUB_EVENT_PATH" '$event[0] as $e | {
- icon_emoji: ":unlock:",
- text: "Prerelease branch was deleted by \( $e.sender.login ).",
- blocks: [
- {
- type: "section",
- text: {
- type: "mrkdwn",
- text: "Prerelease branch was deleted by \( $e.sender.login ).",
- },
- }
- ],
- }'
- )"
- else
- echo "::error::Unknown event \"$GITHUB_EVENT_NAME\""
- exit 1
- fi
-
- - name: Send message to releases channel
- uses: slackapi/slack-github-action@v1.24.0
- with:
- channel-id: ${{ secrets.SLACK_RELEASES_CHANNEL }}
- payload: ${{ steps.message.outputs.message }}
- env:
- SLACK_BOT_TOKEN: ${{ secrets.SLACK_TOKEN }}
diff --git a/.github/workflows/slack-workflow-failed.yml b/.github/workflows/slack-workflow-failed.yml
deleted file mode 100644
index e6c2e77f5b9c8..0000000000000
--- a/.github/workflows/slack-workflow-failed.yml
+++ /dev/null
@@ -1,161 +0,0 @@
-name: CI Results
-run-name: ${{ github.event.workflow.name }} on ${{ github.event.workflow_run.head_branch }}
-on:
- workflow_run:
- types: [ 'completed' ]
- workflows:
- - Build
- - Build Docker
- - Tests
- - Gardening
- - Post-Build
- - PR is up-to-date
- - Update Jetpack Staging Test Sites
- - k6 Tests for Jetpack Staging Test Sites
- branches: [ 'trunk', 'prerelease', '*/branch-*' ]
-
-jobs:
- notify:
- name: Notify failure
- runs-on: ubuntu-latest
- if: ${{ github.event.workflow_run.conclusion == 'failure' && github.event.workflow_run.event != 'issues' && github.event.workflow_run.event != 'issue_comment' }}
-
- steps:
- - uses: actions/checkout@v3
- - name: Generate message
- id: message
- run: |
- source .github/files/gh-funcs.sh
-
- # If this is triggered off of another "workflow_run" workflow, it'll always see the head_branch as "trunk".
- # In that case, we assume it's setting display_title to be like "NAME on BRANCH" and extract the branch from there.
- if jq -e '.workflow_run.event == "workflow_run"' "$GITHUB_EVENT_PATH" &>/dev/null; then
- TITLE=$(jq -r '.workflow_run.display_title' "$GITHUB_EVENT_PATH")
- BRANCH=${TITLE##* on }
- echo "branch=$BRANCH" >> "$GITHUB_OUTPUT"
-
- gh_set_output message "$(
- jq -nc --slurpfile event "$GITHUB_EVENT_PATH" --arg branch "$BRANCH" '$event[0] as $e | $e.workflow_run as $run | {
- icon_emoji: ":github-rejected:",
- text: "*\( $e.workflow.name ) failed on \( $branch )*\n<\( $run.html_url )|Run #\( $run.id )>",
- blocks: [
- {
- type: "section",
- text: {
- type: "mrkdwn",
- text: "*\( $e.workflow.name ) failed on \( $branch )*"
- }
- },
- {
- type: "context",
- elements: [
- {
- type: "plain_text",
- text: "Duration: \( ( $run.updated_at | fromdateiso8601 ) - ( $run.run_started_at | fromdateiso8601 ) | strftime( "%H:%M:%S" ) )"
- }
- ]
- },
- {
- type: "actions",
- elements: [
- {
- type: "button",
- text: {
- type: "plain_text",
- text: "Run #\( $run.id )"
- },
- url: $run.html_url
- }
- ]
- }
- ]
- }'
- )"
- else
- BRANCH=$(jq -r '.workflow_run.head_branch' "$GITHUB_EVENT_PATH")
- echo "branch=$BRANCH" >> "$GITHUB_OUTPUT"
-
- gh_set_output message "$(
- jq -nc --slurpfile event "$GITHUB_EVENT_PATH" '$event[0] as $e | $e.workflow_run as $run | {
- icon_emoji: ":github-rejected:",
- text: "*\( $e.workflow.name ) failed on \( $run.head_branch )*\n<\( $run.html_url )|Run #\( $run.id )>",
- blocks: [
- {
- type: "section",
- text: {
- type: "mrkdwn",
- text: "*\( $e.workflow.name ) failed on \( $run.head_branch )*"
- }
- },
- {
- type: "context",
- elements: [
- {
- type: "plain_text",
- text: "Commit: \( $run.head_commit.id[0:8] ) \( $run.head_commit.message | sub( "\n.*"; ""; "m" ) )",
- emoji: false
- },
- {
- type: "plain_text",
- text: "Author: \( $run.head_commit.author.name )",
- emoji: false
- },
- {
- type: "plain_text",
- text: "Duration: \( ( $run.updated_at | fromdateiso8601 ) - ( $run.run_started_at | fromdateiso8601 ) | strftime( "%H:%M:%S" ) )"
- }
- ]
- },
- {
- type: "actions",
- elements: [
- {
- type: "button",
- text: {
- type: "plain_text",
- text: "Run #\( $run.id )"
- },
- url: $run.html_url
- },
- {
- type: "button",
- text: {
- type: "plain_text",
- text: "Commit"
- },
- url: "\( $run.head_repository.html_url )/commit/\( $run.head_commit.id )"
- },
- (
- $run.head_commit.message | sub( "\n.*"; ""; "m" ) | match( " \\(#([0-9]+)\\)$" ).captures[0].string | {
- type: "button",
- text: {
- type: "plain_text",
- text: "PR #\(.)"
- },
- url: "\( $run.head_repository.html_url )/pull/\(.)"
- }
- )
- ]
- }
- ]
- }'
- )"
- fi
-
- - name: Send message to alerts channel
- uses: slackapi/slack-github-action@v1.24.0
- if: steps.message.outputs.branch == 'trunk'
- with:
- channel-id: ${{ secrets.SLACK_JP_ALERTS_CHANNEL }}
- payload: ${{ steps.message.outputs.message }}
- env:
- SLACK_BOT_TOKEN: ${{ secrets.SLACK_TOKEN }}
-
- - name: Send message to releases channel
- uses: slackapi/slack-github-action@v1.24.0
- if: contains( steps.message.outputs.branch, '/branch-' ) || steps.message.outputs.branch == 'prerelease'
- with:
- channel-id: ${{ secrets.SLACK_RELEASES_CHANNEL }}
- payload: ${{ steps.message.outputs.message }}
- env:
- SLACK_BOT_TOKEN: ${{ secrets.SLACK_TOKEN }}
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
deleted file mode 100644
index 5b0c9045e594e..0000000000000
--- a/.github/workflows/stale.yml
+++ /dev/null
@@ -1,65 +0,0 @@
-
-name: 'Mark stale issues'
-on:
- schedule:
- - cron: '30 0 * * *'
-
-jobs:
- stale:
- runs-on: ubuntu-latest
- timeout-minutes: 1 # 2021-01-18: Successful runs seem to take a few seconds
- steps:
- - uses: actions/stale@v8
- with:
- repo-token: ${{ secrets.GITHUB_TOKEN }}
- # Get issues in descending (newest first) order.
- ascending: false
- # Operations (roughly API calls) per run. Adjust to avoid using up the rate limit (1000/hr shared across all jobs in the repo for the token used here).
- operations-per-run: 50
- # After 6 months, mark issue as stale.
- days-before-issue-stale: 180
- # Do not auto-close issues marked as stale.
- days-before-issue-close: -1
- # After 3 months, mark PR as stale.
- days-before-pr-stale: 90
- # Auto-close PRs marked as stale a month later.
- days-before-pr-close: 31
- # Delete the branch when closing PRs. GitHub's "restore branch" function works indefinitely, so no reason not to.
- delete-branch: true
- # Issues and PRs with these labels will never be considered stale.
- exempt-issue-labels: '[Pri] High,[Pri] BLOCKER,[Type] Feature Request,[Type] Enhancement,Good For Community,[Type] Good First Bug,FixTheFlows'
- exempt-pr-labels: '[Pri] High,[Pri] BLOCKER,FixTheFlows'
- # Label to use when marking an issue / PR as stale
- stale-pr-label: '[Status] Stale'
- stale-issue-label: '[Status] Stale'
- # Messages to display.
- stale-issue-message: |
- This issue has been marked as stale. This happened because:
-
-
- - It has been inactive for the past 6 months.
- - It hasn’t been labeled `[Pri] BLOCKER`, `[Pri] High`, `[Type] Feature Request`, `[Type] Enhancement`, `Good For Community`, `[Type] Good First Bug`, etc.
-
-
- No further action is needed. But it's worth checking if this ticket has clear
- reproduction steps and it is still reproducible. Feel free to close this issue
- if you think it's not valid anymore — if you do, please add a brief
- explanation.
- stale-pr-message: |
- This PR has been marked as stale. This happened because:
-
-
- - It has been inactive for the past 3 months.
- - It hasn’t been labeled `[Pri] BLOCKER`, `[Pri] High`, etc.
-
-
- If this PR is still useful, please do a [trunk merge or rebase](https://github.com/Automattic/jetpack/blob/trunk/docs/git-workflow.md#keeping-your-branch-up-to-date)
- and otherwise make sure it's up to date and has clear testing instructions.
- You may also want to ping possible reviewers in case they've forgotten about it.
- Please close this PR if you think it's not valid anymore — if you
- do, please add a brief explanation.
-
- If the PR is not updated (or at least commented on) in another month, it will be automatically closed.
- close-pr-message: |
- This PR has been automatically closed as it has not been updated in some time.
- If you want to resume work on the PR, feel free to restore the branch and reopen the PR.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
deleted file mode 100644
index 33b842140a4bd..0000000000000
--- a/.github/workflows/tests.yml
+++ /dev/null
@@ -1,240 +0,0 @@
-name: Tests
-
-on:
- pull_request:
- push:
- branches: [ 'trunk', '*/branch-*' ]
-concurrency:
- group: tests-${{ github.event_name }}-${{ github.ref }}
- cancel-in-progress: true
-
-env:
- COMPOSER_ROOT_VERSION: "dev-trunk"
-
-jobs:
- create-matrix:
- name: "Determine tests matrix"
- runs-on: ubuntu-latest
- timeout-minutes: 1 # 2021-02-03: Should only take a second.
- outputs:
- matrix: ${{ steps.create-matrix.outputs.matrix }}
- steps:
- - uses: actions/checkout@v3
- - id: create-matrix
- run: |
- MATRIX="$(.github/files/generate-ci-matrix.php)"
- echo "matrix=$MATRIX" >> "$GITHUB_OUTPUT"
-
- run-tests:
- name: ${{ matrix.name }}
- runs-on: ubuntu-latest
- needs: create-matrix
- services:
- database:
- image: mysql:5.6
- env:
- MYSQL_ROOT_PASSWORD: root
- ports:
- - 3306:3306
- options: --health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=5
- continue-on-error: ${{ matrix.experimental }}
- timeout-minutes: ${{ matrix.timeout }}
- env:
- TEST_SCRIPT: ${{ matrix.script }}
- WP_BRANCH: ${{ matrix.wp }}
- PHP_VERSION: ${{ matrix.php }}
- NODE_VERSION: ${{ matrix.node }}
- MONOREPO_BASE: ${{ github.workspace }}
- strategy:
- fail-fast: false
- matrix:
- include: ${{ fromJson( needs.create-matrix.outputs.matrix ) }}
-
- steps:
- - uses: actions/checkout@v3
- with:
- # codecov.io requires a fetch depth > 1.
- fetch-depth: 2
-
- # For pull requests, list-changed-projects.sh needs the merge base.
- # But it doesn't have to be checked out.
- - name: Deepen to merge base
- if: github.event_name == 'pull_request'
- uses: ./.github/actions/deepen-to-merge-base
- with:
- checkout: false
-
- - name: Setup tools
- uses: ./.github/actions/tool-setup
- with:
- php: ${{ matrix.php }}
- node: ${{ matrix.node }}
-
- - name: Monorepo install
- run: |
- echo "::group::Pnpm"
- pnpm install
- echo "::endgroup::"
-
- - name: Detect changed projects
- id: changed
- run: |
- CHANGED="$(EXTRA=test .github/files/list-changed-projects.sh)"
- ANY_PLUGINS="$(jq --argjson changed "$CHANGED" -n '$changed | with_entries( select( .key | startswith( "plugins/" ) ) ) | any')"
- echo "projects=${CHANGED}" >> "$GITHUB_OUTPUT"
- echo "any-plugins=${ANY_PLUGINS}" >> "$GITHUB_OUTPUT"
-
- - name: Setup WordPress environment for plugin tests
- if: steps.changed.outputs.any-plugins == 'true' && matrix.wp != 'none'
- run: .github/files/setup-wordpress-env.sh
-
- - name: Run project tests
- env:
- FORCE_PACKAGE_TESTS: ${{ matrix.force-package-tests && 'true' || 'false' }}
- CHANGED: ${{ steps.changed.outputs.projects }}
- run: |
- # If we're going to be making WorDBless use WP "nightlies", remove the relevant package from Composer's cache to get the latest version.
- if [[ "$WP_BRANCH" == 'trunk' && ( "$TEST_SCRIPT" == "test-php" ) ]]; then
- DIR=$(composer config cache-files-dir)
- rm -rf "$DIR/roots/wordpress"
- fi
-
- EXIT=0
- mkdir artifacts
- for P in composer.json projects/*/*/composer.json; do
- if [[ "$P" == "composer.json" ]]; then
- DIR="."
- SLUG="monorepo"
- else
- DIR="${P%/composer.json}"
- SLUG="${DIR#projects/}"
- fi
-
- if [[ "${SLUG%%/*}" == "plugins" ]]; then
- # Plugins run from the WordPress checkout, not the monorepo checkout.
- if [[ -d "/tmp/wordpress-$WP_BRANCH/src/wp-content/$SLUG" ]]; then
- DIR="/tmp/wordpress-$WP_BRANCH/src/wp-content/$SLUG"
- fi
- elif [[ "$WP_BRANCH" != 'latest' && "$WP_BRANCH" != 'none' && "$FORCE_PACKAGE_TESTS" != "true" ]]; then
- echo "Skipping $SLUG, only plugins run for WP_BRANCH = $WP_BRANCH"
- continue
- fi
-
- if ! jq --argjson changed "$CHANGED" --arg p "$SLUG" -ne '$changed[$p] // false' > /dev/null; then
- echo "Skipping $SLUG, no changes in it or its dependencies"
- elif ! jq --arg script "$TEST_SCRIPT" -e '.scripts[$script] // false' "$P" > /dev/null; then
- echo "Skipping $SLUG, no test script is defined in composer.json"
- else
- if jq --arg script "skip-$TEST_SCRIPT" -e '.scripts[$script] // false' "$P" > /dev/null; then
- { composer --working-dir="$DIR" run "skip-$TEST_SCRIPT"; CODE=$?; } || true
- if [[ $CODE -eq 3 ]]; then
- echo "Skipping tests for $SLUG due to skip-$TEST_SCRIPT script"
- continue
- elif [[ $CODE -ne 0 ]]; then
- echo "::error::Script skip-$TEST_SCRIPT failed to run $CODE!"
- EXIT=1
- continue
- fi
- fi
-
- echo "::group::Running tests for $SLUG"
-
- # Composer install, if appropriate. Note setup-wordpress-env.sh did it already for plugins.
- if [[ "${SLUG%%/*}" != "plugins" && "$TEST_SCRIPT" == "test-php" ]]; then
- if [[ ! -f "$DIR/composer.lock" ]]; then
- echo 'No composer.lock, running `composer update`'
- composer --working-dir="$DIR" update
- elif composer --working-dir="$DIR" check-platform-reqs --lock; then
- echo 'Platform reqs pass, running `composer install`'
- composer --working-dir="$DIR" install
- else
- echo 'Platform reqs failed, running `composer update`'
- composer --working-dir="$DIR" update
- fi
- fi
-
- if [[ "$WP_BRANCH" == 'trunk' && "$TEST_SCRIPT" == "test-php" ]]; then
- VER=$(composer --format=json --working-dir="$DIR" show | jq -r '.installed[] | select( .name == "roots/wordpress" ) | .version')
- if [[ -n "$VER" ]]; then
- echo 'Supposed to run tests against WordPress trunk, so upgrading roots/wordpress and roots/wordpress-no-content to dev-main'
- # Composer seems to sometimes have issues with deleting the wordpress dir on its own, so do it manually first.
- rm -rf "$DIR/wordpress"
- composer --working-dir="$DIR" require --dev roots/wordpress="dev-main as $VER" roots/wordpress-no-content="dev-main as $VER"
- fi
- fi
-
- mkdir -p "artifacts/$SLUG"
- export ARTIFACTS_DIR="$GITHUB_WORKSPACE/artifacts/$SLUG"
- FAIL=false
- if ! composer run --timeout=0 --working-dir="$DIR" "$TEST_SCRIPT"; then
- FAIL=true
- EXIT=1
- fi
-
- # Actions seems to slow down if there are a lot of files, so clean up Composer stuff after each test.
- # We don't do it for JS stuff, as that might break things with how JS does package deps.
- rm -rf "$DIR/vendor" "$DIR/jetpack_vendor" "$DIR/wordpress"
-
- echo "::endgroup::"
- $FAIL && echo "::error::Tests for $SLUG failed!"
- fi
- done
- exit $EXIT
-
- - name: Check for artifacts
- id: check-artifacts
- # Default for `if` is `success()`, we want this to run always.
- if: always()
- run: |
- [[ -d artifacts ]] && find artifacts -type d -empty -delete
- if [[ -d artifacts ]]; then
- echo "any=true" >> "$GITHUB_OUTPUT"
- else
- echo "any=false" >> "$GITHUB_OUTPUT"
- fi
- - name: Upload artifacts
- if: always() && steps.check-artifacts.outputs.any == 'true'
- uses: actions/upload-artifact@v3
- with:
- name: ${{ matrix.artifact }}
- path: artifacts
- retention-days: 7
-
- # Probably this should be a linting test, but we don't run linting on trunk or release branches.
- plugin-deps:
- name: Check plugin monorepo dep versions
- runs-on: ubuntu-latest
- timeout-minutes: 2 # 2022-09-08: Should only take a few seconds.
- steps:
- - uses: actions/checkout@v3
- - name: Setup tools
- uses: ./.github/actions/tool-setup
- with:
- node: false
- - name: Run check
- run: |
- if [[ "$GITHUB_EVENT_NAME" == 'push' ]]; then
- REF="${GITHUB_REF#refs/heads/}"
- elif [[ "$GITHUB_EVENT_NAME" == 'pull_request' || "$GITHUB_EVENT_NAME" == 'pull_request_target' ]]; then
- REF="$GITHUB_BASE_REF"
- else
- echo "::error::Unsupported github event \"$GITHUB_EVENT_NAME\""
- exit 1
- fi
- echo "Detected target ref \"$REF\""
-
- if [[ "$REF" == trunk ]]; then
- ARGS=( --dev )
- elif [[ "$REF" == */branch-* ]]; then
- ARGS=( --release )
- TMP="$(jq -r --arg P "${REF%%/branch-*}" '.extra["release-branch-prefix"] | if type == "array" then . else [ . ] end | if index( $P ) then input_filename | match( "^projects/plugins/([^/]+)/composer.json$" ).captures[0].string else empty end' projects/plugins/*/composer.json)"
- while IFS= read -r LINE; do
- ARGS+=( "$LINE" )
- done <<<"$TMP"
- else
- echo "Unsupported ref \"$REF\", ignoring"
- exit 0
- fi
-
- echo "Running tools/check-plugin-monorepo-deps.sh ${ARGS[@]}"
- tools/check-plugin-monorepo-deps.sh "${ARGS[@]}"
diff --git a/.github/workflows/update-jetpack-staging-sites.yml b/.github/workflows/update-jetpack-staging-sites.yml
deleted file mode 100644
index ff066fa430b6e..0000000000000
--- a/.github/workflows/update-jetpack-staging-sites.yml
+++ /dev/null
@@ -1,64 +0,0 @@
-name: Update Jetpack Staging Test Sites
-# Ran as part of the `UpdateJetpackStaging` TeamCity build.
-# After updating the sites, runs k6 tests against the same sites.
-
-on:
- workflow_dispatch:
-
-jobs:
- run_shell_script:
- runs-on: ubuntu-latest
- steps:
- - name: Checkout repo
- uses: actions/checkout@v3
-
- - name: Env config
- env:
- SSH_KEY: ${{ secrets.UPDATEJETPACKSTAGING_SSH_KEY }}
- SSH_KNOWN_HOSTS: ${{ secrets.UPDATEJETPACKSTAGING_SSH_KNOWN_HOSTS }}
- run: |
- mkdir -p ~/.ssh/
- echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
- echo "$SSH_KEY" > ~/.ssh/id_rsa
- chmod 0600 ~/.ssh/id_rsa
-
- - name: Execute shell script
- shell: bash
- run: .github/files/jetpack-staging-sites/update-jetpack-staging-sites.sh
-
- run_k6_tests:
- needs: run_shell_script
- runs-on: ubuntu-latest
- steps:
- - name: Checkout repo
- uses: actions/checkout@v3
-
- - name: Run k6 frontend tests
- uses: grafana/k6-action@v0.3.0
- with:
- filename: .github/files/jetpack-staging-sites/k6-frontend.js
- env:
- JETPACKSTAGING_K6_USERNAME: ${{ secrets.JETPACKSTAGING_K6_USERNAME }}
- JETPACKSTAGING_K6_PASSWORD: ${{ secrets.JETPACKSTAGING_K6_PASSWORD }}
-
- - name: Run k6 backend tests
- uses: grafana/k6-action@v0.3.0
- with:
- filename: .github/files/jetpack-staging-sites/k6-backend.js
- env:
- JETPACKSTAGING_K6_USERNAME: ${{ secrets.JETPACKSTAGING_K6_USERNAME }}
- JETPACKSTAGING_K6_PASSWORD: ${{ secrets.JETPACKSTAGING_K6_PASSWORD }}
-
- trigger_e2e_tests:
- needs: run_shell_script
- runs-on: ubuntu-latest
- steps:
- - name: Checkout repo
- uses: actions/checkout@v3
-
- - name: Execute shell script
- shell: bash
- run: .github/files/jetpack-staging-sites/run-atomic-deploy-e2e-tests.sh
- env:
- SIGNATURE_KEY: ${{ secrets.ATOMIC_DEPLOY_E2E_TESTS_KEY }}
- TRIGGER_URL: ${{ secrets.ATOMIC_DEPLOY_E2E_TESTS_URL }}