Use direct force pushes by committing first to a temp branch #62
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: | |
| # merge queue is required so all commits on target branches trigger this workflow | |
| # despite lack of the push event trigger here | |
| merge_group: | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.sha }} | |
| cancel-in-progress: true | |
| jobs: | |
| build: | |
| name: Build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - uses: ./.github/actions/ci-setup | |
| - name: Build | |
| run: pnpm build | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| persist-credentials: false | |
| - uses: ./.github/actions/ci-setup | |
| - name: Codegen | |
| run: pnpm codegen:github | |
| - name: Lint | |
| run: pnpm lint | |
| - name: Format | |
| run: pnpm format:check | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| # Integration tests push to the repo, which requires a token with write | |
| # access. Fork PRs only get a read-only GITHUB_TOKEN, so skip them here | |
| # and rely on merge_group to gate the merge. | |
| if: >- | |
| github.event_name != 'pull_request' || | |
| github.event.pull_request.head.repo.full_name == github.repository | |
| permissions: | |
| contents: write # integration tests create and push temporary branches | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | |
| with: | |
| fetch-depth: 2 # integration tests read the two most recent local commits | |
| persist-credentials: false | |
| - uses: ./.github/actions/ci-setup | |
| with: | |
| skip-cache: true # avoid cache poisoning from this only job with write access, just in case | |
| - name: Build | |
| run: pnpm build | |
| - name: Integration tests | |
| run: pnpm test:integration | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ci-ok: | |
| name: CI OK | |
| runs-on: ubuntu-latest | |
| if: always() | |
| needs: [build, lint, test] | |
| steps: | |
| - name: Exit with error if some jobs are not successful | |
| if: ${{ always() && (contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')) }} | |
| run: exit 1 |