5454 outputs :
5555 app-changed : ${{ steps.changes.outputs.app }}
5656 infra-changed : ${{ steps.changes.outputs.infra }}
57+ is-manual : ${{ github.event_name == 'workflow_dispatch' }}
5758 steps :
5859 - name : Checkout
5960 uses : actions/checkout@v5
@@ -83,10 +84,17 @@ jobs:
8384 - '.github/workflows/deploy.yml'
8485 - 'argocd/monitoring.yml'
8586 - '.github/workflows/monitoring.yml'
87+
88+ # CI Tests - runs when app changes or manual dispatch
8689 ci :
8790 name : Run CI Tests
8891 needs : [detect-changes]
89- if : ${{ !inputs.skip-tests && (inputs.force-all || needs.detect-changes.outputs.app-changed == 'true') }}
92+ if : |
93+ !inputs.skip-tests && (
94+ inputs.force-all ||
95+ (github.event_name == 'workflow_dispatch') ||
96+ needs.detect-changes.outputs.app-changed == 'true'
97+ )
9098uses : ./.github/workflows/ci.yml
9199 secrets : inherit
92100 permissions :
@@ -95,10 +103,18 @@ jobs:
95103 id-token : write
96104 actions : read
97105
106+ # Docker Build - runs after CI when app changes or manual dispatch
98107 docker :
99108 name : Build Docker Image
100- if : ${{ !inputs.skip-docker && (success() || inputs.skip-tests) && (inputs.force-all || needs.detect-changes.outputs.app-changed == 'true') }}
101109 needs : [ci, detect-changes]
110+ if : |
111+ !cancelled() &&
112+ !inputs.skip-docker &&
113+ (needs.ci.result == 'success' || needs.ci.result == 'skipped') && (
114+ inputs.force-all ||
115+ (github.event_name == 'workflow_dispatch') ||
116+ needs.detect-changes.outputs.app-changed == 'true'
117+ )
102118permissions :
103119 contents : write
104120 packages : write
@@ -107,11 +123,18 @@ jobs:
107123 uses : ./.github/workflows/docker.yml
108124 secrets : inherit
109125
110- # Terraform changes: Terraform + ArgoCD + Deploy + Monitoring
126+ # Terraform - runs after docker (for linear flow) when infra changes or manual dispatch
111127 terraform :
112128 name : Deploy Infrastructure
113- if : ${{ !inputs.skip-terraform && (inputs.force-all || needs.detect-changes.outputs.infra-changed == 'true') }}
114- needs : [detect-changes]
129+ needs : [docker, detect-changes]
130+ if : |
131+ !cancelled() &&
132+ !inputs.skip-terraform &&
133+ (needs.docker.result == 'success' || needs.docker.result == 'skipped') && (
134+ inputs.force-all ||
135+ (github.event_name == 'workflow_dispatch') ||
136+ needs.detect-changes.outputs.infra-changed == 'true'
137+ )
115138uses : ./.github/workflows/terraform.yml
116139 secrets : inherit
117140 permissions :
@@ -120,11 +143,18 @@ jobs:
120143 id-token : write
121144 actions : read
122145
123- # ArgoCD changes OR when terraform changes
146+ # ArgoCD - runs after terraform when infra changes or manual dispatch
124147 argocd :
125148 name : Deploy ArgoCD Applications
126- if : ${{ !inputs.skip-argocd && (inputs.force-all || needs.detect-changes.outputs.infra-changed == 'true') }}
127- needs : [detect-changes, terraform]
149+ needs : [terraform, detect-changes]
150+ if : |
151+ !cancelled() &&
152+ !inputs.skip-argocd &&
153+ (needs.terraform.result == 'success' || needs.terraform.result == 'skipped') && (
154+ inputs.force-all ||
155+ (github.event_name == 'workflow_dispatch') ||
156+ needs.detect-changes.outputs.infra-changed == 'true'
157+ )
128158uses : ./.github/workflows/argocd.yml
129159 secrets : inherit
130160 permissions :
@@ -133,11 +163,18 @@ jobs:
133163 id-token : write
134164 actions : read
135165
136- # Deploy when: terraform changes OR application.yml changes
166+ # Application Deployment - runs after ArgoCD when infra changes or manual dispatch
137167 deployment :
138168 name : Deploy Application
139- if : ${{ !inputs.skip-deployment && (inputs.force-all || needs.detect-changes.outputs.infra-changed == 'true') }}
140- needs : [detect-changes, argocd]
169+ needs : [argocd, detect-changes]
170+ if : |
171+ !cancelled() &&
172+ !inputs.skip-deployment &&
173+ (needs.argocd.result == 'success' || needs.argocd.result == 'skipped') && (
174+ inputs.force-all ||
175+ (github.event_name == 'workflow_dispatch') ||
176+ needs.detect-changes.outputs.infra-changed == 'true'
177+ )
141178uses : ./.github/workflows/deploy.yml
142179 secrets : inherit
143180 permissions :
@@ -146,11 +183,18 @@ jobs:
146183 id-token : write
147184 actions : read
148185
149- # Monitoring when: terraform changes OR monitoring.yml changes
186+ # Monitoring - runs after deployment when infra changes or manual dispatch
150187 monitoring :
151188 name : Deploy Monitoring Stack
152- if : ${{ !inputs.skip-monitoring && (inputs.force-all || needs.detect-changes.outputs.infra-changed == 'true') }}
153- needs : [detect-changes, argocd]
189+ needs : [deployment, detect-changes]
190+ if : |
191+ !cancelled() &&
192+ !inputs.skip-monitoring &&
193+ (needs.deployment.result == 'success' || needs.deployment.result == 'skipped') && (
194+ inputs.force-all ||
195+ (github.event_name == 'workflow_dispatch') ||
196+ needs.detect-changes.outputs.infra-changed == 'true'
197+ )
154198uses : ./.github/workflows/monitoring.yml
155199 secrets : inherit
156200 permissions :
@@ -159,11 +203,19 @@ jobs:
159203 id-token : write
160204 actions : read
161205
162- # Print service endpoints when any deployment happens
206+ # Show endpoints - runs at the end when any deployment happened
163207 show-endpoints :
164208 name : Show Service Endpoints
165- if : always() && needs.detect-changes.outputs.infra-changed == 'true' && (needs.argocd.result == 'success' || needs.deployment.result == 'success' || needs.monitoring.result == 'success')
166209 needs : [detect-changes, argocd, deployment, monitoring]
210+ if : |
211+ !cancelled() && (
212+ (github.event_name == 'workflow_dispatch') ||
213+ (needs.detect-changes.outputs.infra-changed == 'true' && (
214+ needs.argocd.result == 'success' ||
215+ needs.deployment.result == 'success' ||
216+ needs.monitoring.result == 'success'
217+ ))
218+ )
167219uses : ./.github/workflows/endpoints.yml
168220 secrets : inherit
169221 permissions :
0 commit comments