11name : CI
22
33on :
4+ push :
5+ branches :
6+ - ' main'
7+ - ' hotfix**'
48 pull_request :
5- types : [opened, reopened, synchronize, closed ]
9+ types : [opened, reopened, synchronize]
610 paths-ignore : # ignore docs only changes since they use a dedicated workflows: docs.yml
711 - ' docs/**'
812 - ' mithril-explorer/**'
913 - ' .github/workflows/docs.yml'
14+ branches-ignore :
15+ - ' hotfix**' # hotfix are handled by the push trigger
1016
1117concurrency :
1218 group : ci-build-test-${{ github.ref }}
@@ -248,7 +254,7 @@ jobs:
248254 packages : write
249255
250256 env :
251- PUSH_PACKAGES : ${{ github.event.action == 'closed ' && github.event.pull_request.merged == true && (github.base_ref == 'main' || startsWith('hotfix', github.base_ref )) }}
257+ PUSH_PACKAGES : ${{ github.event_name == 'push ' && (github.ref == 'refs/heads/ main' || startsWith('refs/heads/ hotfix', github.ref )) }}
252258 REGISTRY : ghcr.io
253259 IMAGE_NAME : ${{ github.repository_owner }}/${{ matrix.project }}
254260 DOCKER_FILE : ./${{ matrix.project }}/Dockerfile.ci
@@ -272,7 +278,7 @@ jobs:
272278 images : ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
273279 tags : |
274280 unstable
275- type=raw,value=${{ github.base_ref }}-{{sha}}
281+ type=raw,value=${{ github.base_ref || github.ref_name }}-{{sha}}
276282
277283name : Download built artifacts
278284 uses : actions/download-artifact@v3
@@ -289,7 +295,7 @@ jobs:
289295 tags : ${{ steps.meta.outputs.tags }}
290296
291297 unstable-release :
292- if : github.event.action == 'closed ' && github.event.pull_request.merged == true && (github.base_ref == 'main' || startsWith('hotfix', github.base_ref ))
298+ if : github.event_name == 'push ' && (github.ref == 'refs/heads/ main' || startsWith('refs/heads/ hotfix', github.ref ))
293299 runs-on : ubuntu-22.04
294300 needs :
295301 - build
@@ -365,6 +371,8 @@ jobs:
365371 files : package/*
366372
367373 deploy-testing :
374+ # Don't run on pull request from forks since they don't have access to all the needed secrets
375+ if : github.event_name == 'push' || (github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork)
368376 strategy :
369377 fail-fast : false
370378 matrix :
@@ -418,7 +426,7 @@ jobs:
418426 uses : actions/checkout@v3
419427
420428 - name : Get Docker image id
421- run : echo "DOCKER_IMAGE_ID=${{ github.base_ref }}-$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV
429+ run : echo "DOCKER_IMAGE_ID=${{ github.base_ref || github.ref_name }}-$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_ENV
422430
423431 - name : Prepare service account credentials
424432 run : |
@@ -462,7 +470,7 @@ jobs:
462470 GOOGLE_APPLICATION_CREDENTIALS=./google-application-credentials.json terraform plan --var-file=./env.variables.tfvars
463471
464472name : Terraform Apply
465- if : github.event.action == 'closed ' && github.event.pull_request.merged == true && github.base_ref == ' main'
473+ if : github.event_name == 'push ' && github.ref == 'refs/heads/ main'
466474 run : |
467475 GOOGLE_APPLICATION_CREDENTIALS=./google-application-credentials.json terraform apply -auto-approve --var-file=./env.variables.tfvars
468476
0 commit comments