This updates all 3rd-party GitHub actions to their latest versions. The following actions were updated:
- `actions/cache`
- `actions/checkout`
- `actions/setup-node`
- `codecov/codecov-action`
- `shivammathur/setup-php`
- `slackapi/slack-github-action`
In the latest version of `actions/checkout` (`4.0.0`), a new input was introduced to control the output of command progress. This change uses this new `show-progress` input to turn off displaying progress by default. Progress will be shown when a workflow is run with debug mode enabled, just in case it contains helpful information.
Props johnbillion, desrosj.
See #58867.
git-svn-id: https://develop.svn.wordpress.org/trunk@56537 602fd350-edb4-49c9-b593-d223f7449a82
This restores the GitHub Actions job responsible for automatically retrying a failed workflow once within the E2E testing workflow.
[56198] disabled Slack notifications for this workflow because of the increased number of timeout errors occurring after recent changes until they could be further investigated. Even though the signal-to-noise ration was way too high, there’s still benefit in retrying the workflow once to see if the timeout can be resolved without human intervention. The one retry attempt will not result in any Slack notifications.
Follow up to [56198].
See #58779.
git-svn-id: https://develop.svn.wordpress.org/trunk@56308 602fd350-edb4-49c9-b593-d223f7449a82
Remove Slack notifications of E2E test suite failures while the tests are flakey to improve the signal-to-noise ratio.
Fixes#58779.
git-svn-id: https://develop.svn.wordpress.org/trunk@56198 602fd350-edb4-49c9-b593-d223f7449a82
This adds a matrix to the e2e test runs on GitHub Actions so the tests run both with and without `SCRIPT_DEBUG` enabled. This allows us to catch scenarios where the minified and non-minified files may differ.
Props Clorith, joemcgill
Fixes#58661
git-svn-id: https://develop.svn.wordpress.org/trunk@56113 602fd350-edb4-49c9-b593-d223f7449a82
Modify the E2E workflow to store the screenshots and HTML files generated during failing tests as an artifact in the workflow.
No artefact is stored for passing test runs.
Props peterwilsoncc, isabel_brison.
Fixes#58596.
git-svn-id: https://develop.svn.wordpress.org/trunk@55991 602fd350-edb4-49c9-b593-d223f7449a82
The `permissions` key in a job declares the GitHub permissions that are granted to the token that's used by the job. Restricting the permissions reduces the impact that a vulnerability in the CI system can have.
Props desrosj, johnbillion
See #57865
git-svn-id: https://develop.svn.wordpress.org/trunk@55715 602fd350-edb4-49c9-b593-d223f7449a82
This updates the following third-party GitHub Actions to their latest versions.
- `actions/cache`
- `actions/checkout`
- `actions/upload-artifact`
- `actions/setup-node`
- `actions/setup-php`
- `actions/github-script`
See #57572.
git-svn-id: https://develop.svn.wordpress.org/trunk@55152 602fd350-edb4-49c9-b593-d223f7449a82
This applies several types of improvements to GitHub Action workflows:
- Updates to inline documentation to ensure accuracy.
- Removal of repetitive or unnecessary debug logging.
- Reorganization of some steps to have configuration steps towards the beginning of jobs.
- Step name updates for consistency across workflows.
Props desrosj, jrf.
See #56793.
git-svn-id: https://develop.svn.wordpress.org/trunk@54851 602fd350-edb4-49c9-b593-d223f7449a82
This removes the dynamic aspect of the `createWorkflowDispatch()` call that dispatches a Failed Workflow run when another workflow encounters an issue.
By hardcoding `trunk` as the `ref`, the version of the workflow used will always be the latest, most up to date. This ensures older branches receive the bug fixes and improvements made in `trunk` without having to backport them.
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54674 602fd350-edb4-49c9-b593-d223f7449a82
The latest version of the `actions/github-script` action fixes an issue where passing options to the action would remove any default values not passed (see https://github.com/actions/github-script/pull/293).
This also includes updates to other third-party actions, bringing all third-party versions in Core workflows to their latest versions:
- `actions/cache`
- `actions/setup-node`
- `codecov/codecov-action`
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54373 602fd350-edb4-49c9-b593-d223f7449a82
This was included in the original pull request that aimed to add support for `octokit/plugin-retry.js` in `actions/github-scripts`, but was actually removed before being merged.
Follow up to [54342].
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54343 602fd350-edb4-49c9-b593-d223f7449a82
This version adds support for `octokit/plugin-retry.js`, which retries requests automatically when `4xx` or `5xx` response codes are returned.
To start, the feature is configured to retry all `4xx` and `5xx` response codes, unless the server identifies as a teapot.
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54342 602fd350-edb4-49c9-b593-d223f7449a82
Previously, it was not possible to use the default `GITHUB_TOKEN` token to create new workflow runs in an effort to prevent accidental recursive workflows.
This has changed, and the `workflow_dispatch` is now one of two exceptions to this rule. Using `GITHUB_TOKEN` is preferred whenever possible to avoid the need for a PAT (personal access token), which expires (when created using the recommended security best practices), and is tied to an individual user.
See https://github.blog/changelog/2022-09-08-github-actions-use-github_token-with-workflow_dispatch-and-repository_dispatch/.
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@54108 602fd350-edb4-49c9-b593-d223f7449a82
The correct variable here is `github.run_attempt`, which represents the unique number for each attempt of a particular workflow run in a repository.
The `github.run_number` currently being used represents the unique number for each run of a particular workflow in a repository.
Follow up to [53947].
Fixes#56407.
git-svn-id: https://develop.svn.wordpress.org/trunk@54039 602fd350-edb4-49c9-b593-d223f7449a82
There are several common reoccurring issues that sometimes cause GitHub Action workflows to fail (connection timeouts to WordPress.org or the Docker container registry, `npm install` failures, Chromium issues, etc.). Except when there are service level outages, most of these issues can be resolved by simply rerunning the workflow.
This introduces a new step within each of Core’s GitHub Action workflows that attempts to rerun the failed jobs within the workflow that encountered a failure if they are running for the first time. Since a workflow is not allowed to restart itself, a new `failed-workflow.yml` callable workflow is being introduced.
Other related adjustments in this changeset:
- The `actions/github-script` 3rd-party action is also now updated to the latest version (v6.2.0).
- A new secret, `GHA_WORKFLOW_DISPATCH`, has been introduced. This will replace the current one in use (`GHA_OLD_BRANCH_DISPATCH`) with a less specific name.
Props jorbin, desrosj.
Fixes#56407.
git-svn-id: https://develop.svn.wordpress.org/trunk@53947 602fd350-edb4-49c9-b593-d223f7449a82
This improves the tag pattern matching for GitHub Action workflows to be more specific. The `*` wildcard in the current patterns matches any character except slash (`/`). While this correctly matches a version like `X.Y.Z`, it could also match non-numeric characters.
This changes patterns to use the `+` character, which matches one or more of the preceding characters (`[0-9]` in this case).
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@53736 602fd350-edb4-49c9-b593-d223f7449a82
This updates the following GitHub Actions to the latest versions:
- `actions/checkout`
- `actions/cache`
- `actions/github-script`
- `actions/setup-node`
- `codecov/codecov-action`
- `shivammathur/setup-php`
- `slackapi/slack-github-action`
See #55652.
git-svn-id: https://develop.svn.wordpress.org/trunk@53581 602fd350-edb4-49c9-b593-d223f7449a82
This updates all 3rd party GitHub actions to their latest versions.
- `actions/cache` from `2.1.6` to `3.0.1`.
- `actions/github-script` from `5.0.0` to `6.0.0`.
- `actions/setup-node` from `2.4.1` to `3.1.0`.
- `codecov/codecov-action` from `2.1.0` to `3.0.0`.
- `ramsey/composer-install` from `1.3.0` to `2.1.0`.
- `shivammathur/setup-php` from `2.15.0` to `2.18.0`.
Additionally, this updates all instances of the `actions/setup-node` action to replace the `node-version` option with the new `node-version-file`. This simplifies the process of changing the version of NodeJS used in workflows by only requiring the version to be changed once in the `.nvmrc` file.
See #54725.
git-svn-id: https://develop.svn.wordpress.org/trunk@53112 602fd350-edb4-49c9-b593-d223f7449a82
When using a workflow as a callable workflow, the job status check functions do not take the called workflow into account. This has caused some failures to be incorrectly reported as successful.
This adds an input to the Slack notifications workflow for when the `workflow_call` event is used.
See #53363.
git-svn-id: https://develop.svn.wordpress.org/trunk@52002 602fd350-edb4-49c9-b593-d223f7449a82
When a workflow is triggered through a `workflow_run` event, the context is not the original workflow. The details about the original workflow are passed through the `github.event` context.
This also moves the conditional check controlling whether the Slack workflow is run into the calling workflows to prevent them from running for pull requests.
Follow up to [51921-51922,51924-51925,51934].
See #53363.
git-svn-id: https://develop.svn.wordpress.org/trunk@51937 602fd350-edb4-49c9-b593-d223f7449a82
Secrets are not available within callable workflows by default. They must be defined within the callable workflow, and passed from the calling workflow.
Follow up to [51921-51922].
See #53363.
git-svn-id: https://develop.svn.wordpress.org/trunk@51924 602fd350-edb4-49c9-b593-d223f7449a82
The ability to reuse workflow files within GitHub Action workflows was recently added and allows for less code duplication.
In the context of WordPress Core, this also eliminates the need for an additional “Slack Notifications” workflow to run for every completed workflow.
See #53363.
git-svn-id: https://develop.svn.wordpress.org/trunk@51921 602fd350-edb4-49c9-b593-d223f7449a82
This expands Slack notifications to include success, cancelled, and “fixed” GitHub Action workflow run outcomes in addition to failures.
A “fixed” outcome occurs when the previous run for a workflow failed and the current one succeeds. This matches the behavior that was native to TravisCI by setting `on_success` for notifications to `change`.
The message details and where each outcome is posted is controlled by Slack workflows.
The Slack notification logic has also been pulled into a separate workflow to prevent repeating code in every workflow.
See #52644.
git-svn-id: https://develop.svn.wordpress.org/trunk@51535 602fd350-edb4-49c9-b593-d223f7449a82
This adds an additional step to each GitHub Action workflow file that posts a message to #core in Slack every time a workflow run fails.
A minor test and spacing change is included in this commit in order to that messages are posted correctly and will be reverted after testing.
See #52644.
git-svn-id: https://develop.svn.wordpress.org/trunk@51511 602fd350-edb4-49c9-b593-d223f7449a82
Some tests and some commands that run during the build steps modify files that are under version control. This adds assertions to ensure that these files don't remain in a modified state after the test runs on CI.
This also fixes the `grunt clean` command which erroneously deletes `script-loader-packages.php`. This file is re-populated during the build, but deleting it during the clean is undesirable.
Fixes#53606
git-svn-id: https://develop.svn.wordpress.org/trunk@51355 602fd350-edb4-49c9-b593-d223f7449a82
This updates the `actions/setup-node` action to version 2.2.2 and takes advantage of the cache feature now built in. This removes the need for an additional step using `actions/cache` to cache NPM dependencies.
The cache key used will be `${{ runner.os }}-npm-${{ hashFiles('') }}`, which matches the recommendation in the `actions/cache` documentation and the key currently in use in the WordPress workflows.
Props gziolo.
Fixes#53584.
git-svn-id: https://develop.svn.wordpress.org/trunk@51341 602fd350-edb4-49c9-b593-d223f7449a82
The new `concurrency` setting can be used to ensure only a single workflow run or job is in progress. When used in combination with the `cancel-in-progress` setting, incomplete workflow runs can be cancelled automatically to prevent running workflows unnecessarily.
The workflows that take longer to run previously had this built into a step and utilized a 3rd-party action. Now that this is natively supported by GitHub Actions, using that is preferred.
This option is currently in beta, but is stable enough to use in our workflows for the time being.
Props ocean90.
Fixes#53080.
git-svn-id: https://develop.svn.wordpress.org/trunk@50930 602fd350-edb4-49c9-b593-d223f7449a82
On TravisCI, old branches still receiving security updates were tested on a regular basis. This ensured tests continued to pass as time passed even if updates were not made to these branches.
On GitHub Actions, there is no interface to configure this (TravisCI had a UI), but there is a `schedule` event that can trigger workflow runs on cron that can be used to accomplish the same thing.
This introduces a workflow file that runs twice a month (on the 1st and 15th) to verify the tests within older branches.
Because the `schedule` event only runs within the primary branch, the appropriate workflows in each old branch will be triggered manually through the `workflow_dispatch` trigger using the GitHub REST API. `workflow_dispatch` will need to be added to all workflows in all old branches in order for the event to dispatch successfully.
Fixes#52653.
git-svn-id: https://develop.svn.wordpress.org/trunk@50590 602fd350-edb4-49c9-b593-d223f7449a82
This also adds inline comments to the end of each action installed using a SHA value to make it easier to determine which version of an action is currently being used.
Follow up to [50474,50476].
Props johnbillion.
See #52625.
git-svn-id: https://develop.svn.wordpress.org/trunk@50486 602fd350-edb4-49c9-b593-d223f7449a82
Additionally, the `access_token` input now defaults to `github.token`, so specifying it is unnecessary.
Follow up to [50474].
Props johnbillion.
See #52625.
git-svn-id: https://develop.svn.wordpress.org/trunk@50476 602fd350-edb4-49c9-b593-d223f7449a82
Using `npm ci` makes better use of the npm cache that's in use, speeding up the test runs by around 30 seconds.
See #52660
git-svn-id: https://develop.svn.wordpress.org/trunk@50446 602fd350-edb4-49c9-b593-d223f7449a82
The `actions/cache` GitHub action uses a `key` input to find the desired cache in storage. Currently, this is defined as a combination of the operating system being used, the software being cached (NPM or Composer), PHP version (Composer only), and a hash of the relevant lock file.
The `cache` action also supports a `restore-keys` input, which is an ordered list of keys to use for restoring a cache if no cache hit occurred for the specified key.
However, this means that every time a lock file is updated, the cache is being recreated by first restoring a previous one (when available), and then installing new versions of dependencies on top of that. This results in old, unused versions of dependencies never being removed from the cache.
In this change, the `restore-keys` are removed. This will force a new, fresh cache to be generated when the desired `key` is not matched. In testing, this results in a ~40% reduction in cache size when compared to the latest successful workflow runs. Since there is no way to manually flush the cache in GHA, the benefits of this change will not be seen until the `package-lock.json` and `composer.lock` files are updated, or the cache at the desired key is evicted.
Props johbillion.
See #52660.
git-svn-id: https://develop.svn.wordpress.org/trunk@50436 602fd350-edb4-49c9-b593-d223f7449a82
Different branches have support for different types of testing based on the tooling that was in place at the time each version was branched. The workflows currently in place have patterns configured to match the relevant `branches` and `tags` for each workflow, but only for `push` events.
This copies the patterns for matching supported `branches` over to the `pull_request` event to prevent workflows from running for a pull request to a branch that does not support that workflow.
Fixes#52643.
git-svn-id: https://develop.svn.wordpress.org/trunk@50432 602fd350-edb4-49c9-b593-d223f7449a82
This updates two published GitHub actions to their latest versions:
- `actions/setup-node` from `v1` to `v2`.
- `styfle/cancel-workflow-action` from `0.5.0` to `0.8.0`.
See #50401.
git-svn-id: https://develop.svn.wordpress.org/trunk@50387 602fd350-edb4-49c9-b593-d223f7449a82
This expands the list of events that triggers automated testing to include tags.
It also refines the matched version ranges for several workflows.
See #50401.
git-svn-id: https://develop.svn.wordpress.org/trunk@50298 602fd350-edb4-49c9-b593-d223f7449a82
In the current state, the workflows run regardless of the repository context. This results many needless workflow runs that waste resources.
Workflow runs for private repositories are not free (accounts have a finite allotment of minutes for private repositories). This becomes problematic in private repositories that also mirror the WordPress develop repository, as any workflow runs will draw from a user’s or organization’s allotted action minutes.
Without blanket disabling the workflow manually for all event triggers, or modifying the workflow files in the forked/mirrored repository, there is no way to tune when the workflows run.
This change introduces a conditional statement into all GitHub Action workflows that prevents them from running on forked/mirrored repositories that are not `wordpress-develop`, except when a pull request is being submitted to that repository.
The exception to this is the Welcome workflow that posts a helpful message to first time contributors to `wordpress-develop`. This message is specific to this repository, so should only run when a PR is submitted to that repository.
See #50401.
git-svn-id: https://develop.svn.wordpress.org/trunk@49781 602fd350-edb4-49c9-b593-d223f7449a82
