diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index efaf72ff8..9599833a8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "build" on: # yamllint disable-line rule:truthy @@ -7,7 +9,7 @@ on: # yamllint disable-line rule:truthy concurrency: group: ${{ github.ref_name }} - cancel-in-progress: true + cancel-in-progress: false defaults: run: @@ -17,9 +19,79 @@ permissions: contents: read jobs: + check-docker-files: + name: Check for updated docker files + runs-on: ubuntu-latest + outputs: + changed: ${{ steps.changed-files.outputs.any_changed }} + + steps: + - name: Checkout + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + with: + persist-credentials: false + + - name: Get changed docker files + id: changed-files + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 + with: + files: docker/** + + docker: + name: Build the container + runs-on: ubuntu-latest + needs: check-docker-files + if: ${{ needs.check-docker-files.outputs.changed == 'true' }} + + env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + + permissions: + packages: write # Required to push image to ghcr.io + + steps: + - name: Checkout + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + with: + persist-credentials: false + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4.2.0 + + - name: Log into registry ${{ env.REGISTRY }} + uses: docker/login-action@af1e73f918a031802d376d3c8bbc3fe56130a9b0 # v4.4.0 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@dc802804100637a589fabce1cb79ff13a1411302 # v6.2.0 + with: + flavor: latest=true + tags: | + type=ref,event=branch + type=sha + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@53b7df96c91f9c12dcc8a07bcb9ccacbed38856a # v7.3.0 + with: + platforms: linux/amd64 + context: docker + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + cache-from: type=gha + cache-to: type=gha,mode=max + collect: name: Collect DEVFAMILY and OS combinations runs-on: ubuntu-latest + needs: docker + if: ${{ !failure() && !cancelled() }} container: image: ghcr.io/texasinstruments/processor-sdk-doc:latest options: --entrypoint /bin/bash @@ -27,7 +99,7 @@ jobs: build-matrix: "${{ steps.matrix.outputs.matrix }}" steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -43,13 +115,14 @@ jobs: image: ghcr.io/texasinstruments/processor-sdk-doc:latest options: --entrypoint /bin/bash needs: collect + if: ${{ !failure() && !cancelled() }} strategy: matrix: include: "${{ fromJSON(needs.collect.outputs.build-matrix) }}" steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -65,7 +138,7 @@ jobs: make VERSION=${GITHUB_REF_NAME} - name: Upload artifact - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: ${{ matrix.device }}-${{ matrix.os }} path: build/ diff --git a/.github/workflows/check-files.yml b/.github/workflows/check-files.yml index 06559767a..155416181 100644 --- a/.github/workflows/check-files.yml +++ b/.github/workflows/check-files.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "check-files" on: # yamllint disable-line rule:truthy @@ -28,7 +30,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -70,8 +72,8 @@ jobs: [ "$WARNING_COUNT" -eq "0" ] - name: Save results - uses: actions/upload-artifact@v7 - if: always() + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 + if: ${{ !cancelled() }} with: name: results path: results/ diff --git a/.github/workflows/check_toc_txt.yml b/.github/workflows/check_toc_txt.yml index d61340578..1bbed949b 100644 --- a/.github/workflows/check_toc_txt.yml +++ b/.github/workflows/check_toc_txt.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "check_toc_txt" on: # yamllint disable-line rule:truthy @@ -29,7 +31,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -71,8 +73,8 @@ jobs: [ "$WARNING_COUNT" -eq "0" ] - name: Save results - uses: actions/upload-artifact@v7 - if: always() + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 + if: ${{ !cancelled() }} with: name: results path: results/ diff --git a/.github/workflows/comment.yml b/.github/workflows/comment.yml index d5d95d085..6415c51bd 100644 --- a/.github/workflows/comment.yml +++ b/.github/workflows/comment.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "comment" on: # yamllint disable-line rule:truthy @@ -21,7 +23,7 @@ jobs: steps: - name: Download artifact - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: results run-id: ${{ github.event.workflow_run.id }} @@ -29,7 +31,7 @@ jobs: path: results - name: Update pr with info from other runners - uses: actions/github-script@v9 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/commit-check.yml b/.github/workflows/commit-check.yml index 6867be2aa..ca2fa7342 100644 --- a/.github/workflows/commit-check.yml +++ b/.github/workflows/commit-check.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "commit-check" on: [pull_request] # yamllint disable-line rule:truthy @@ -17,13 +19,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ github.event.pull_request.head.sha }} persist-credentials: false - name: Check commit - uses: commit-check/commit-check-action@v2 + uses: commit-check/commit-check-action@bbb6580f01838e475563514f115ec7ef41c9ddc7 # v2.11.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/component-owners.yml b/.github/workflows/component-owners.yml index e93aecdfe..4088484f5 100644 --- a/.github/workflows/component-owners.yml +++ b/.github/workflows/component-owners.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "component-owners" # It's insecure to use pull_request_target if you intend to check out code @@ -24,7 +26,7 @@ jobs: steps: - name: Assign component owners - uses: dyladan/component-owners@main + uses: dyladan/component-owners@7ff2b343629407c4dbe1c28ae66f55f723543d2b # v0.2.0 with: config-file: .github/component-owners.yml repo-token: ${{ github.token }} diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 066612ecc..ae15b0d71 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "deploy" on: # yamllint disable-line rule:truthy @@ -26,7 +28,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -35,7 +37,7 @@ jobs: git config --global --add safe.directory "$PWD" - name: Download all artifacts - uses: actions/download-artifact@v8 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} path: build @@ -49,7 +51,7 @@ jobs: run: ./bin/dedupe.py - name: Upload static files as single artifact - uses: actions/upload-pages-artifact@v5 + uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5.0.0 with: path: build @@ -63,4 +65,4 @@ jobs: steps: - name: Update github page deployment - uses: actions/deploy-pages@v5 + uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5.0.0 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml deleted file mode 100644 index 0c0467d1d..000000000 --- a/.github/workflows/docker.yml +++ /dev/null @@ -1,65 +0,0 @@ ---- -name: "docker" - -on: # yamllint disable-line rule:truthy - push: - branches: [master] - paths: - - 'docker/**' - - requirements.txt - -concurrency: - group: docker - cancel-in-progress: false - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - -permissions: - contents: read - -jobs: - build: - name: Build - runs-on: ubuntu-latest - - permissions: - packages: write # Required to push image to ghcr.io - - steps: - - name: Checkout - uses: actions/checkout@v7 - with: - persist-credentials: false - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v4 - - - name: Log into registry ${{ env.REGISTRY }} - uses: docker/login-action@v4 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v6 - with: - flavor: latest=true - tags: | - type=ref,event=branch - type=sha - images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - - - name: Build and push Docker image - uses: docker/build-push-action@v7 - with: - platforms: linux/amd64 - context: docker - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max diff --git a/.github/workflows/rstcheck.yml b/.github/workflows/rstcheck.yml index 14b1b265f..9e6231da0 100644 --- a/.github/workflows/rstcheck.yml +++ b/.github/workflows/rstcheck.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "rstcheck" on: # yamllint disable-line rule:truthy @@ -28,7 +30,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -70,8 +72,8 @@ jobs: [ "$WARNING_COUNT" -eq "0" ] - name: Save results - uses: actions/upload-artifact@v7 - if: always() + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 + if: ${{ !cancelled() }} with: name: results path: results/ diff --git a/.github/workflows/vale.yml b/.github/workflows/vale.yml index 801dfb077..13d3349c0 100644 --- a/.github/workflows/vale.yml +++ b/.github/workflows/vale.yml @@ -1,7 +1,13 @@ --- +# yamllint disable rule:line-length + name: "vale" -on: [pull_request] # yamllint disable-line rule:truthy +on: # yamllint disable-line rule:truthy + pull_request: + paths: + - '**.rst' + - '**.md' concurrency: group: ${{ github.workflow }}-${{ github.event.number }} @@ -28,13 +34,13 @@ jobs: mkdir -p /github/home/ - name: Checkout repository - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Get changed files id: changed-files - uses: tj-actions/changed-files@v47 + uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6 with: json: true escape_json: false @@ -43,7 +49,7 @@ jobs: **.md - name: Run vale checks on modified files - uses: vale-cli/vale-action@v2 + uses: vale-cli/vale-action@85f9f7f2c5f449ac0ae5b66662961bae3f77ca6a # v2.1.2 if: steps.changed-files.outputs.any_changed == 'true' with: fail_on_error: false # to be changed when upstream addresses 84 diff --git a/.github/workflows/yamllint.yml b/.github/workflows/yamllint.yml index f660b2944..3a52ee7bb 100644 --- a/.github/workflows/yamllint.yml +++ b/.github/workflows/yamllint.yml @@ -1,4 +1,6 @@ --- +# yamllint disable rule:line-length + name: "yamllint" on: # yamllint disable-line rule:truthy @@ -21,12 +23,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: yamllint - uses: reviewdog/action-yamllint@v1 + uses: reviewdog/action-yamllint@b5f7217d8c815ae374d1d55840d5e569d82f01f0 # v1.22.0 with: fail_level: any filter_mode: nofilter