This updates the following third-party GitHub Actions to their latest versions.
- `actions/cache`
- `actions/checkout`
- `actions/upload-artifact`
- `actions/setup-node`
- `actions/setup-php`
- `actions/github-script`
See #57572.
git-svn-id: https://develop.svn.wordpress.org/trunk@55152 602fd350-edb4-49c9-b593-d223f7449a82
To improve how Composer dependencies are installed and managed within GitHub Actions, the `ramsey/composer-install` third-party action is now used consistently throughout all workflows.
Previously, some workflows manually ran `composer` commands while others already used `ramsey/composer-install`.
The `ramsey/composer-install` action manages caching dependencies across workflow runs internally, which is something that was manually handled before this change.
Props jrf, desrosj.
Fixes#53841.
git-svn-id: https://develop.svn.wordpress.org/trunk@54856 602fd350-edb4-49c9-b593-d223f7449a82
This applies several types of improvements to GitHub Action workflows:
- Updates to inline documentation to ensure accuracy.
- Removal of repetitive or unnecessary debug logging.
- Reorganization of some steps to have configuration steps towards the beginning of jobs.
- Step name updates for consistency across workflows.
Props desrosj, jrf.
See #56793.
git-svn-id: https://develop.svn.wordpress.org/trunk@54851 602fd350-edb4-49c9-b593-d223f7449a82
This updates the `ramsey/composer-install` and `shivammathur/setup-php` actions to their latest versions.
These updates include fixes for the deprecated warnings output when using `set-output` and `save-state` commands.
Props jrf, desrosj.
See #56820, #56882, #56793.
git-svn-id: https://develop.svn.wordpress.org/trunk@54750 602fd350-edb4-49c9-b593-d223f7449a82
When a ruleset error is encountered during a PHPCodeSniffer scan, an XML report is not generated and `cs2pr` will exit with a `0`.
In this situation, a workflow run will be marked as passing (even though a failure has occurred) due to the presence of `continue-on-error`.
This adjusts the logic in the Coding Standards and PHP Compatibility workflows to remove the need for the `continue-on-error` option and ensures all failures are accurately reflected within the GitHub Actions UI.
Follow up to [54371].
Props jrf, TobiasBg.
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54678 602fd350-edb4-49c9-b593-d223f7449a82
This removes the dynamic aspect of the `createWorkflowDispatch()` call that dispatches a Failed Workflow run when another workflow encounters an issue.
By hardcoding `trunk` as the `ref`, the version of the workflow used will always be the latest, most up to date. This ensures older branches receive the bug fixes and improvements made in `trunk` without having to backport them.
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54674 602fd350-edb4-49c9-b593-d223f7449a82
The `save-state` and `set-output` commands have been deprecated in GitHub Actions. This removes all occurrences of the command within workflow steps.
This will not remove all deprecated notices from workflow summaries (some third-party actions still contain instances of these commands and need to be fixed upstream), but it will fix the notices caused by custom workflow code.
See #56820.
git-svn-id: https://develop.svn.wordpress.org/trunk@54649 602fd350-edb4-49c9-b593-d223f7449a82
The latest version of the `actions/github-script` action fixes an issue where passing options to the action would remove any default values not passed (see https://github.com/actions/github-script/pull/293).
This also includes updates to other third-party actions, bringing all third-party versions in Core workflows to their latest versions:
- `actions/cache`
- `actions/setup-node`
- `codecov/codecov-action`
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54373 602fd350-edb4-49c9-b593-d223f7449a82
When running PHPCS scans (both for checking coding standards and PHP version compatibility), the results are currently only returned silently in a format that GitHub can consume for contextually annotating any code being flagged.
This changes workflows using PHPCS to also display the results of each scan in the GitHub Action log, making it easier to find and understand what is causing failures.
Props jrf.
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54371 602fd350-edb4-49c9-b593-d223f7449a82
This was included in the original pull request that aimed to add support for `octokit/plugin-retry.js` in `actions/github-scripts`, but was actually removed before being merged.
Follow up to [54342].
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54343 602fd350-edb4-49c9-b593-d223f7449a82
This version adds support for `octokit/plugin-retry.js`, which retries requests automatically when `4xx` or `5xx` response codes are returned.
To start, the feature is configured to retry all `4xx` and `5xx` response codes, unless the server identifies as a teapot.
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54342 602fd350-edb4-49c9-b593-d223f7449a82
As of version `2.17.0` of the `shivammathur/setup-php` action, the `COMPOSER_NO_INTERACTION` environment variable is configured by default. `—-no-interaction` will always be used.
Props jrf, hellofromTonya, SergeyBiryukov, costdev, desrosj.
Fixes#54695.
git-svn-id: https://develop.svn.wordpress.org/trunk@54313 602fd350-edb4-49c9-b593-d223f7449a82
Previously, it was not possible to use the default `GITHUB_TOKEN` token to create new workflow runs in an effort to prevent accidental recursive workflows.
This has changed, and the `workflow_dispatch` is now one of two exceptions to this rule. Using `GITHUB_TOKEN` is preferred whenever possible to avoid the need for a PAT (personal access token), which expires (when created using the recommended security best practices), and is tied to an individual user.
See https://github.blog/changelog/2022-09-08-github-actions-use-github_token-with-workflow_dispatch-and-repository_dispatch/.
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54108 602fd350-edb4-49c9-b593-d223f7449a82
The correct variable here is `github.run_attempt`, which represents the unique number for each attempt of a particular workflow run in a repository.
The `github.run_number` currently being used represents the unique number for each run of a particular workflow in a repository.
Follow up to [53947].
Fixes#56407.
git-svn-id: https://develop.svn.wordpress.org/trunk@54039 602fd350-edb4-49c9-b593-d223f7449a82
There are several common reoccurring issues that sometimes cause GitHub Action workflows to fail (connection timeouts to WordPress.org or the Docker container registry, `npm install` failures, Chromium issues, etc.). Except when there are service level outages, most of these issues can be resolved by simply rerunning the workflow.
This introduces a new step within each of Core’s GitHub Action workflows that attempts to rerun the failed jobs within the workflow that encountered a failure if they are running for the first time. Since a workflow is not allowed to restart itself, a new `failed-workflow.yml` callable workflow is being introduced.
Other related adjustments in this changeset:
- The `actions/github-script` 3rd-party action is also now updated to the latest version (v6.2.0).
- A new secret, `GHA_WORKFLOW_DISPATCH`, has been introduced. This will replace the current one in use (`GHA_OLD_BRANCH_DISPATCH`) with a less specific name.
Props jorbin, desrosj.
Fixes#56407.
git-svn-id: https://develop.svn.wordpress.org/trunk@53947 602fd350-edb4-49c9-b593-d223f7449a82
This improves the tag pattern matching for GitHub Action workflows to be more specific. The `*` wildcard in the current patterns matches any character except slash (`/`). While this correctly matches a version like `X.Y.Z`, it could also match non-numeric characters.
This changes patterns to use the `+` character, which matches one or more of the preceding characters (`[0-9]` in this case).
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@53736 602fd350-edb4-49c9-b593-d223f7449a82
This correctly updates the `actions/cache` action. [53581] updated the inline comment to the latest version but did not update the actual SHA value correctly.
Follow up to [53581].
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@53582 602fd350-edb4-49c9-b593-d223f7449a82
This updates the following GitHub Actions to the latest versions:
- `actions/checkout`
- `actions/cache`
- `actions/github-script`
- `actions/setup-node`
- `codecov/codecov-action`
- `shivammathur/setup-php`
- `slackapi/slack-github-action`
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@53581 602fd350-edb4-49c9-b593-d223f7449a82
This updates all 3rd party GitHub actions to their latest versions.
- `actions/cache` from `2.1.6` to `3.0.1`.
- `actions/github-script` from `5.0.0` to `6.0.0`.
- `actions/setup-node` from `2.4.1` to `3.1.0`.
- `codecov/codecov-action` from `2.1.0` to `3.0.0`.
- `ramsey/composer-install` from `1.3.0` to `2.1.0`.
- `shivammathur/setup-php` from `2.15.0` to `2.18.0`.
Additionally, this updates all instances of the `actions/setup-node` action to replace the `node-version` option with the new `node-version-file`. This simplifies the process of changing the version of NodeJS used in workflows by only requiring the version to be changed once in the `.nvmrc` file.
See #54725.
git-svn-id: https://develop.svn.wordpress.org/trunk@53112 602fd350-edb4-49c9-b593-d223f7449a82
This ensures that the cache is busted properly when the ruleset is adjusted but the `composer.json` file is not.
See #54425.
git-svn-id: https://develop.svn.wordpress.org/trunk@52220 602fd350-edb4-49c9-b593-d223f7449a82
When the `PHP_CodeSniffer` runs, it produces a cache file. When a cache file is present, only changed files are rescanned, making subsequent scans significantly faster.
This adds the needed steps to the corresponding GitHub Actions workflows to cache these files across runs. The cache keys include the date of the previous Monday to ensure that the cache is flushed at least weekly.
Since GitHub Action caches cannot be updated once created, the scans will take slightly longer as the week progresses and more PHP files are updated. The date within the cache key can be updated to purge twice weekly if the scan time starts to approach the current scan times.
This change also introduces a `.cache` directory for all caching files related to build/test tools.
Props johnbillion, jrf.
Fixes#49783.
git-svn-id: https://develop.svn.wordpress.org/trunk@52179 602fd350-edb4-49c9-b593-d223f7449a82
When using a workflow as a callable workflow, the job status check functions do not take the called workflow into account. This has caused some failures to be incorrectly reported as successful.
This adds an input to the Slack notifications workflow for when the `workflow_call` event is used.
See #53363.
git-svn-id: https://develop.svn.wordpress.org/trunk@52002 602fd350-edb4-49c9-b593-d223f7449a82
When a workflow is triggered through a `workflow_run` event, the context is not the original workflow. The details about the original workflow are passed through the `github.event` context.
This also moves the conditional check controlling whether the Slack workflow is run into the calling workflows to prevent them from running for pull requests.
Follow up to [51921-51922,51924-51925,51934].
See #53363.
git-svn-id: https://develop.svn.wordpress.org/trunk@51937 602fd350-edb4-49c9-b593-d223f7449a82
Secrets are not available within callable workflows by default. They must be defined within the callable workflow, and passed from the calling workflow.
Follow up to [51921-51922].
See #53363.
git-svn-id: https://develop.svn.wordpress.org/trunk@51924 602fd350-edb4-49c9-b593-d223f7449a82
The ability to reuse workflow files within GitHub Action workflows was recently added and allows for less code duplication.
In the context of WordPress Core, this also eliminates the need for an additional “Slack Notifications” workflow to run for every completed workflow.
See #53363.
git-svn-id: https://develop.svn.wordpress.org/trunk@51921 602fd350-edb4-49c9-b593-d223f7449a82
This expands Slack notifications to include success, cancelled, and “fixed” GitHub Action workflow run outcomes in addition to failures.
A “fixed” outcome occurs when the previous run for a workflow failed and the current one succeeds. This matches the behavior that was native to TravisCI by setting `on_success` for notifications to `change`.
The message details and where each outcome is posted is controlled by Slack workflows.
The Slack notification logic has also been pulled into a separate workflow to prevent repeating code in every workflow.
See #52644.
git-svn-id: https://develop.svn.wordpress.org/trunk@51535 602fd350-edb4-49c9-b593-d223f7449a82
This adds an additional step to each GitHub Action workflow file that posts a message to #core in Slack every time a workflow run fails.
A minor test and spacing change is included in this commit in order to that messages are posted correctly and will be reverted after testing.
See #52644.
git-svn-id: https://develop.svn.wordpress.org/trunk@51511 602fd350-edb4-49c9-b593-d223f7449a82
Some tests and some commands that run during the build steps modify files that are under version control. This adds assertions to ensure that these files don't remain in a modified state after the test runs on CI.
This also fixes the `grunt clean` command which erroneously deletes `script-loader-packages.php`. This file is re-populated during the build, but deleting it during the clean is undesirable.
Fixes#53606
git-svn-id: https://develop.svn.wordpress.org/trunk@51355 602fd350-edb4-49c9-b593-d223f7449a82
The new `concurrency` setting can be used to ensure only a single workflow run or job is in progress. When used in combination with the `cancel-in-progress` setting, incomplete workflow runs can be cancelled automatically to prevent running workflows unnecessarily.
The workflows that take longer to run previously had this built into a step and utilized a 3rd-party action. Now that this is natively supported by GitHub Actions, using that is preferred.
This option is currently in beta, but is stable enough to use in our workflows for the time being.
Props ocean90.
Fixes#53080.
git-svn-id: https://develop.svn.wordpress.org/trunk@50930 602fd350-edb4-49c9-b593-d223f7449a82
On TravisCI, old branches still receiving security updates were tested on a regular basis. This ensured tests continued to pass as time passed even if updates were not made to these branches.
On GitHub Actions, there is no interface to configure this (TravisCI had a UI), but there is a `schedule` event that can trigger workflow runs on cron that can be used to accomplish the same thing.
This introduces a workflow file that runs twice a month (on the 1st and 15th) to verify the tests within older branches.
Because the `schedule` event only runs within the primary branch, the appropriate workflows in each old branch will be triggered manually through the `workflow_dispatch` trigger using the GitHub REST API. `workflow_dispatch` will need to be added to all workflows in all old branches in order for the event to dispatch successfully.
Fixes#52653.
git-svn-id: https://develop.svn.wordpress.org/trunk@50590 602fd350-edb4-49c9-b593-d223f7449a82
This also adds inline comments to the end of each action installed using a SHA value to make it easier to determine which version of an action is currently being used.
Follow up to [50474,50476].
Props johnbillion.
See #52625.
git-svn-id: https://develop.svn.wordpress.org/trunk@50486 602fd350-edb4-49c9-b593-d223f7449a82
This change adds a list of paths to check when determining which workflows to run on `pull_request`. This will prevent certain workflows from running unnecessarily when the files updated are not related to the tests and checks being performed.
Props peterwilsoncc, johnbillion.
Fixes#52667.
git-svn-id: https://develop.svn.wordpress.org/trunk@50479 602fd350-edb4-49c9-b593-d223f7449a82
Different branches have support for different types of testing based on the tooling that was in place at the time each version was branched. The workflows currently in place have patterns configured to match the relevant `branches` and `tags` for each workflow, but only for `push` events.
This copies the patterns for matching supported `branches` over to the `pull_request` event to prevent workflows from running for a pull request to a branch that does not support that workflow.
Fixes#52643.
git-svn-id: https://develop.svn.wordpress.org/trunk@50432 602fd350-edb4-49c9-b593-d223f7449a82
This expands the list of events that triggers automated testing to include tags.
It also refines the matched version ranges for several workflows.
See #50401.
git-svn-id: https://develop.svn.wordpress.org/trunk@50298 602fd350-edb4-49c9-b593-d223f7449a82
This simplifies the caching of Composer dependencies in the coding standards and PHP compatibility workflows by using a published action. This combines 3 steps into 1 within these workflows.
Because the Composer implementation within the PHPUnit test workflow is a bit specialized (`composer install` is run within the Docker container), caching has been left as is in that workflow. However, the cache key has been changed to include the version of PHP being tested. This will prevent incorrect versions of dependencies being present when they are required on jobs other than PHP 8.
Props jrf.
See #50401.
git-svn-id: https://develop.svn.wordpress.org/trunk@49938 602fd350-edb4-49c9-b593-d223f7449a82
In the current state, the workflows run regardless of the repository context. This results many needless workflow runs that waste resources.
Workflow runs for private repositories are not free (accounts have a finite allotment of minutes for private repositories). This becomes problematic in private repositories that also mirror the WordPress develop repository, as any workflow runs will draw from a user’s or organization’s allotted action minutes.
Without blanket disabling the workflow manually for all event triggers, or modifying the workflow files in the forked/mirrored repository, there is no way to tune when the workflows run.
This change introduces a conditional statement into all GitHub Action workflows that prevents them from running on forked/mirrored repositories that are not `wordpress-develop`, except when a pull request is being submitted to that repository.
The exception to this is the Welcome workflow that posts a helpful message to first time contributors to `wordpress-develop`. This message is specific to this repository, so should only run when a PR is submitted to that repository.
See #50401.
git-svn-id: https://develop.svn.wordpress.org/trunk@49781 602fd350-edb4-49c9-b593-d223f7449a82
This change introduces 6 different workflows accounting for all of the testing and analysis currently performed in Travis CI & Appveyor:
- Checking PHP & JS coding standards are followed
- Running the end-to-end test suite.
- Running QUnit tests on JavaScript files.
- Scanning for PHP compatibility issues with supported version.
- Running the PHPUnit test suite.
- Verifying NPM related tasks do not cause errors on Windows.
Additionally, a seventh workflow is included that will leave a "welcome" comment when a contributor opens their first pull request to the `wordpress-develop` mirror.
These workflows are currently in an experimental phase. For that reason, Travis CI and Appveyor will continue to run until all of the bugs can be worked out.
Props ayeshrajans, helen, ocean90, desrosj.
See #50401.
git-svn-id: https://develop.svn.wordpress.org/trunk@49162 602fd350-edb4-49c9-b593-d223f7449a82
