diff --git a/.github/files/test-plugin-update/prepare-zips.sh b/.github/files/test-plugin-update/prepare-zips.sh index 381baebe7eed..dc33105a8679 100755 --- a/.github/files/test-plugin-update/prepare-zips.sh +++ b/.github/files/test-plugin-update/prepare-zips.sh @@ -7,68 +7,65 @@ jq -e '.' <<<"$BETAJSON" &>/dev/null mkdir work mkdir zips -while IFS=$'\t' read -r SRC MIRROR SLUG; do - if [[ "$SLUG" == wpcomsh ]]; then - echo "Skipping $SLUG, doesn't work on self-hosted sites." - continue - fi - echo "::group::Creating $SLUG-dev.zip" - mv "build/$MIRROR" "work/$SLUG" - touch "work/$SLUG/ci-flag.txt" - (cd work && zip -r "../zips/${SLUG}-dev.zip" "$SLUG") - rm -rf "work/$SLUG" - echo "::endgroup::" +if [[ "$PLUGIN_SLUG" == wpcomsh ]]; then + echo "Skipping $PLUGIN_SLUG, doesn't work on self-hosted sites." + exit 0 +fi + +echo "::group::Creating $PLUGIN_SLUG-dev.zip" +mv "build/$PLUGIN_MIRROR" "work/$PLUGIN_SLUG" +touch "work/$PLUGIN_SLUG/ci-flag.txt" +(cd work && zip -r "../zips/${PLUGIN_SLUG}-dev.zip" "$PLUGIN_SLUG") +rm -rf "work/$PLUGIN_SLUG" +echo "::endgroup::" - echo "::group::Fetching $SLUG-trunk.zip..." - BETASLUG="$(jq -r '.extra["beta-plugin-slug"] // .extra["wp-plugin-slug"] // ""' "commit/$SRC/composer.json")" - if [[ -z "$BETASLUG" ]]; then - echo "No beta-plugin-slug or wp-plugin-slug in composer.json, skipping" +echo "::group::Fetching $PLUGIN_SLUG-trunk.zip..." +BETASLUG="$(jq -r '.extra["beta-plugin-slug"] // .extra["wp-plugin-slug"] // ""' "commit/$PLUGIN_SRC/composer.json")" +if [[ -z "$BETASLUG" ]]; then + echo "No beta-plugin-slug or wp-plugin-slug in composer.json, skipping" +else + URL="$(jq -r --arg slug "$BETASLUG" '.[$slug].manifest_url // ""' <<<"$BETAJSON")" + if [[ -z "$URL" ]]; then + echo "Beta slug $BETASLUG is not in plugins.json, skipping" else - URL="$(jq -r --arg slug "$BETASLUG" '.[$slug].manifest_url // ""' <<<"$BETAJSON")" - if [[ -z "$URL" ]]; then - echo "Beta slug $BETASLUG is not in plugins.json, skipping" - else - JSON="$(curl -L --fail --url "$URL")" - if jq -e '.' <<<"$JSON" &>/dev/null; then - URL="$(jq -r '.trunk.download_url // .master.download_url // ""' <<<"$JSON")" - if [[ -z "$URL" ]]; then - echo "Plugin has no trunk build." - else - curl -L --fail --url "$URL" --output "work/tmp.zip" 2>&1 - (cd work && unzip -q tmp.zip) - mv "work/$BETASLUG-dev" "work/$SLUG" - (cd work && zip -qr "../zips/${SLUG}-trunk.zip" "$SLUG") - rm -rf "work/$SLUG" "work/tmp.zip" - fi + JSON="$(curl -L --fail --url "$URL")" + if jq -e '.' <<<"$JSON" &>/dev/null; then + URL="$(jq -r '.trunk.download_url // .master.download_url // ""' <<<"$JSON")" + if [[ -z "$URL" ]]; then + echo "Plugin has no trunk build." else - echo "::error::Unexpected response from betadownload.jetpack.me for $SLUG" - echo "$JSON" - echo "info=❌ Unexpected response from betadownload.jetpack.me for $SLUG" >> "$GITHUB_OUTPUT" - exit 1 + curl -L --fail --url "$URL" --output "work/tmp.zip" 2>&1 + (cd work && unzip -q tmp.zip) + mv "work/$BETASLUG-dev" "work/$PLUGIN_SLUG" + (cd work && zip -qr "../zips/${PLUGIN_SLUG}-trunk.zip" "$PLUGIN_SLUG") + rm -rf "work/$PLUGIN_SLUG" "work/tmp.zip" fi + else + echo "::error::Unexpected response from betadownload.jetpack.me for $PLUGIN_SLUG" + echo "$JSON" + echo "❌ Unexpected response from betadownload.jetpack.me for $PLUGIN_SLUG" >> "$GITHUB_STEP_SUMMARY" + exit 1 fi fi - echo "::endgroup::" +fi +echo "::endgroup::" - echo "::group::Fetching $SLUG-stable.zip..." - JSON="$(curl "https://api.wordpress.org/plugins/info/1.0/$SLUG.json")" - if jq -e --arg slug "$SLUG" '.slug == $slug' <<<"$JSON" &>/dev/null; then - URL="$(jq -r '.download_link // ""' <<<"$JSON")" - if [[ -z "$URL" ]]; then - echo "Plugin has no stable release." - else - curl -L --fail --url "$URL" --output "zips/$SLUG-stable.zip" 2>&1 - fi - elif jq -e '.error == "Plugin not found."' <<<"$JSON" &>/dev/null; then - echo "Plugin is not published." +echo "::group::Fetching $PLUGIN_SLUG-stable.zip..." +JSON="$(curl "https://api.wordpress.org/plugins/info/1.0/$PLUGIN_SLUG.json")" +if jq -e --arg slug "$PLUGIN_SLUG" '.slug == $slug' <<<"$JSON" &>/dev/null; then + URL="$(jq -r '.download_link // ""' <<<"$JSON")" + if [[ -z "$URL" ]]; then + echo "Plugin has no stable release." else - echo "::error::Unexpected response from WordPress.org API for $SLUG" - echo "$JSON" - echo "info=❌ Unexpected response from WordPress.org API for $SLUG" >> "$GITHUB_OUTPUT" - exit 1 + curl -L --fail --url "$URL" --output "zips/$PLUGIN_SLUG-stable.zip" 2>&1 fi - echo "::endgroup::" -done < build/plugins.tsv - -echo 'info=' >> "$GITHUB_OUTPUT" +elif jq -e '.error == "Plugin not found."' <<<"$JSON" &>/dev/null; then + echo "Plugin is not published." +else + echo "::error::Unexpected response from WordPress.org API for $PLUGIN_SLUG" + echo "$JSON" + echo "❌ Unexpected response from WordPress.org API for $PLUGIN_SLUG" >> "$GITHUB_STEP_SUMMARY" + exit 1 +fi +echo "::endgroup::" diff --git a/.github/files/test-plugin-update/test.sh b/.github/files/test-plugin-update/test.sh index c3c374928d1f..df5762052d06 100755 --- a/.github/files/test-plugin-update/test.sh +++ b/.github/files/test-plugin-update/test.sh @@ -14,19 +14,17 @@ for ZIP in *-dev.zip; do done FINISHED=false -OUTPUT=() function onexit { if ! "$FINISHED"; then - OUTPUT+=( "💣 The testing script exited unexpectedly." ) + echo "💣 The testing script exited unexpectedly." >> "$GITHUB_STEP_SUMMARY" fi - gh_set_output info "$( printf "%s\n" "${OUTPUT[@]}" )" } trap "onexit" EXIT function failed { ERRMSG="$1" - OUTPUT+=( "❌ $ERRMSG" ) + echo "❌ $ERRMSG" >> "$GITHUB_STEP_SUMMARY" FAILED=1 EXIT=1 } @@ -143,7 +141,7 @@ for SLUG in "${SLUGS[@]}"; do wp --allow-root --quiet option delete fake_plugin_update_url if [[ -z "$FAILED" ]]; then - OUTPUT+=( "✅ Upgrade of $SLUG from $FROM via $HOW succeeded!" ) + echo "✅ Upgrade of $SLUG from $FROM via $HOW succeeded!" >> "$GITHUB_STEP_SUMMARY" fi done done diff --git a/.github/files/test-wpcom-filename-restrictions.sh b/.github/files/test-wpcom-filename-restrictions.sh index 2129d19f0b89..c8447382fa49 100755 --- a/.github/files/test-wpcom-filename-restrictions.sh +++ b/.github/files/test-wpcom-filename-restrictions.sh @@ -94,7 +94,7 @@ echo "Considering ${#REFS[@]} monorepo commits for Upstream-Ref matching." UPSTREAM_REGEXES=() NL=$'\n' for (( i=0; i<"${#REFS[@]}"; i+=3180 )); do - UPSTREAM_REGEXES+=( "${NL}Upstream-Ref: $GITHUB_REPOSITORY@($( IFS="|"; echo "${REFS[*]:$i:3180}" ))($|${NL})" ) + UPSTREAM_REGEXES+=( "${NL}Upstream-Ref: Automattic/jetpack@($( IFS="|"; echo "${REFS[*]:$i:3180}" ))($|${NL})" ) done cd "$GITHUB_WORKSPACE" echo "::endgroup::" diff --git a/.github/renovate-config.js b/.github/renovate-config.js index 559c63939dbb..784772176b99 100644 --- a/.github/renovate-config.js +++ b/.github/renovate-config.js @@ -36,7 +36,7 @@ module.exports = { ignoreScripts: false, gitAuthor: 'Renovate Bot (self-hosted) ', platform: 'github', - repositories: [ 'Automattic/jetpack' ], + repositories: [ 'anomiex/jetpack' ], // Extra code to run before creating a commit. allowedPostUpgradeCommands: [ monorepoBase + '.github/files/renovate-post-upgrade-run.sh' ], diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 56cd26116713..9c7e89ac0e93 100644 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -161,5 +161,5 @@ }, dependencyDashboardTitle: 'Renovate Dependency Updates', dependencyDashboardLabels: [ 'Primary Issue', '[Type] Janitorial' ], - dependencyDashboardFooter: 'The bot runs every two hours, and may be monitored or triggered ahead of schedule [here](https://github.com/Automattic/jetpack/actions/workflows/renovate.yml).', + dependencyDashboardFooter: 'The bot runs every two hours, and may be monitored or triggered ahead of schedule [here](https://github.com/anomiex/jetpack/actions/workflows/renovate.yml).', } diff --git a/.github/workflows/autotagger.yml b/.github/workflows/autotagger.yml deleted file mode 100644 index 97995be3939e..000000000000 --- a/.github/workflows/autotagger.yml +++ /dev/null @@ -1,129 +0,0 @@ -name: Monorepo Auto-tagger - -on: - push: - branches: - - trunk - - prerelease - - '*/branch-*' - -jobs: - tag: - name: Tag - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Fetch tags, shallowly and blobless - run: | - git fetch --depth=1 --filter=blob:none origin 'refs/tags/*:refs/tags/*' - - - name: Determine needed tags - id: get-tags - run: | - REF=${GITHUB_REF#refs/heads/} - if [[ "$REF" == */branch-* ]]; then - PROJECTS="$(jq -r --arg P "${REF%%/branch-*}" '.extra["release-branch-prefix"] | if type == "array" then . else [ . ] end | if index( $P ) then input_filename | match( "^projects/([^/]+/[^/]+)/composer.json$" ).captures[0].string else empty end' projects/*/*/composer.json)" - if [[ -n "$PROJECTS" ]]; then - echo "Branch $REF seems to be a release branch, checking matching projects." - else - echo "::notice::Branch $REF seems to be a release branch, but nothing uses that prefix so not checking any projects." - echo "any=false" >> "$GITHUB_OUTPUT" - exit 0 - fi - else - PROJECTS="$(jq -r 'if .extra["release-branch-prefix"] then empty else input_filename | match( "^projects/([^/]+/[^/]+)/composer.json$" ).captures[0].string end' projects/*/*/composer.json)" - if [[ -n "$PROJECTS" ]]; then - echo "Branch $REF is not a release branch, checking only projects without a release-branch-prefix." - else - echo "::notice::Branch $REF is not a release branch, but somehow no projects lack a release-branch-prefix?" - echo "any=false" >> "$GITHUB_OUTPUT" - exit 0 - fi - fi - - TAGS=() - while IFS= read -r SLUG; do - echo "Checking $SLUG..." - cd "$GITHUB_WORKSPACE/projects/$SLUG" - - CHANGES_DIR=$(jq -r '.extra.changelogger["changes-dir"] // "changelog"' composer.json) - if [[ ! -d "$CHANGES_DIR" || -n "$(ls -- "$CHANGES_DIR")" ]]; then - echo " Project $SLUG has changes in projects/$SLUG/$CHANGES_DIR/, not tagging." - continue - fi - - VER=$(sed -nEe 's/^## \[?([^]]*)\]? - .*/\1/;T;p;q' CHANGELOG.md || true) - echo " Version from changelog is ${VER:-}" - if [[ "$VER" =~ ^[0-9]+(\.[0-9]+)+$ ]]; then - if [[ -n "$( git tag -l "$SLUG@$VER" )" ]]; then - echo " Version $VER is already tagged" - else - echo " Version $VER ok to tag" - TAGS+=( "$SLUG@$VER" ) - fi - else - echo " Not tagging version $VER" - fi - done <<<"$PROJECTS" - - if [[ ${#TAGS[@]} -eq 0 ]]; then - echo "::notice::Nothing to tag." - echo "any=false" >> "$GITHUB_OUTPUT" - exit 0 - fi - - printf "%s\n" "${TAGS[@]}" > "$GITHUB_WORKSPACE/to-tag.txt" - echo "any=true" >> "$GITHUB_OUTPUT" - - - name: Wait for prior instances of the workflow to finish - if: steps.get-tags.outputs.any == 'true' - uses: ./.github/actions/turnstile - with: - # Tagging should be reasonably quick, so poll more frequently. - poll-interval: 15 - - - name: Fetch tags, shallowly and blobless - if: steps.get-tags.outputs.any == 'true' - run: | - git fetch --force --depth=1 --filter=blob:none origin 'refs/tags/*:refs/tags/*' - - - name: Tag projects - if: steps.get-tags.outputs.any == 'true' - run: | - export GIT_AUTHOR_NAME=matticbot - export GIT_AUTHOR_EMAIL=matticbot@users.noreply.github.com - export GIT_COMMITTER_NAME=matticbot - export GIT_COMMITTER_EMAIL=matticbot@users.noreply.github.com - - EXIT=0 - echo "Creating tags..." - TOPUSH=() - while IFS= read -r T; do - if git tag "$T"; then - TOPUSH+=( "$T" ) - fi - done < "$GITHUB_WORKSPACE/to-tag.txt" - - if [[ ${#TOPUSH[@]} -gt 0 ]]; then - echo "Pushing tags..." - # GitHub has a limit on the number of tags that can be updated in a single push. So do them in batches. - # See https://github.blog/changelog/2022-06-15-block-potentially-destructive-git-pushes/ - DONE=() - while [[ ${#TOPUSH[@]} -gt 0 ]]; do - BATCH=( "${TOPUSH[@]:0:5}" ) - if git push origin "${BATCH[@]}"; then - DONE+=( "${BATCH[@]}" ) - else - echo "::error::Failed to create tags: ${BATCH[*]}" - EXIT=1 - fi - TOPUSH=( "${TOPUSH[@]:5}" ) - done - if [[ ${#DONE[@]} -gt 0 ]]; then - echo "::notice::Created tags: ${DONE[*]}" - fi - else - echo "::notice::No tags needed creation." - fi - exit $EXIT diff --git a/.github/workflows/block-performance.yml b/.github/workflows/block-performance.yml deleted file mode 100644 index f8fe67cfe331..000000000000 --- a/.github/workflows/block-performance.yml +++ /dev/null @@ -1,132 +0,0 @@ -name: Jetpack block performance - -on: - schedule: - - cron: '0 */12 * * *' - workflow_dispatch: - -jobs: - block-performance: - name: "Performance tests" - runs-on: ubuntu-latest - timeout-minutes: 90 # 2023-04-18: Some runs exceeded 50 minutes - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-node@v4 - with: - node-version: 20 - - - uses: actions/checkout@v4 - with: - repository: 'WordPress/gutenberg' - path: 'gutenberg' - - - uses: actions/cache@v4 - with: - path: ~/.npm - key: ${{ runner.os }}-node-${{ hashFiles('gutenberg/**/package-lock.json') }} - restore-keys: | - ${{ runner.os }}-node- - - - name: Build Gutenberg - working-directory: gutenberg - run: | - npm ci - npx playwright install chromium --with-deps - npm run build:packages - - - name: Setup tools for Jetpack - uses: ./.github/actions/tool-setup - - - name: Build Production Jetpack - run: | - pnpm install - pnpm jetpack build plugins/jetpack -v --production - - - name: Environment set-up - working-directory: tools/e2e-commons - env: - CONFIG_KEY: ${{ secrets.E2E_CONFIG_KEY }} - run: | - # Gutenberg Performance tests require disable-animations.php test - # plugin to be available on a site. Below we inject the mapping for - # that plugin into a Docker config file. - echo "e2e:" >> ../docker/jetpack-docker-config.yml - echo " volumeMappings:" >> ../docker/jetpack-docker-config.yml - echo " gutenberg/packages/e2e-tests/plugins/disable-animations.php: /var/www/html/wp-content/plugins/disable-animations.php" >> ../docker/jetpack-docker-config.yml - - mkdir results - pnpm config:decrypt - pnpm env:start - - # The twentytwentyone theme is required for the post-editor test suite. - pnpm jetpack docker --type e2e --name t1 wp theme install twentytwentyone - - - name: Run performance tests - working-directory: tools/e2e-commons - run: | - node ./bin/performance.js - - - name: Environment tear-down - if: ${{ always() }} - working-directory: tools/e2e-commons - continue-on-error: true - run: | - pnpm run tunnel:off - # Update permissions to workaround https://github.com/actions/cache/issues/753 - sudo chown -R runner:docker "$GITHUB_WORKSPACE/tools/docker" - - - name: Upload test artifacts - if: ${{ always() }} - continue-on-error: true - uses: actions/upload-artifact@v4 - with: - name: test-output-block-perf - path: tools/e2e-commons/results - include-hidden-files: true - - test-reports: - name: "Trigger test report workflow" - runs-on: ubuntu-latest - if: ${{ ! cancelled() }} - needs: block-performance - - steps: - - name: Repository Dispatch - uses: peter-evans/repository-dispatch@v3 - with: - token: ${{ secrets.E2E_TEST_REPORTS_TOKEN }} - repository: automattic/jetpack-e2e-reports - event-type: block-perf - client-payload: '{"run_id": "${{github.run_id}}", "repository": "${{github.repository}}"}' - - slack-notification: - name: "Slack notification" - runs-on: ubuntu-latest - if: ${{ ! cancelled() }} - needs: [block-performance] - - steps: - - uses: actions/checkout@v4 - - - name: Set up tools - uses: ./.github/actions/tool-setup - - - name: Build action - env: - COMPOSER_ROOT_VERSION: dev-trunk - run: | - pnpm install - composer install - composer build-development - working-directory: ./projects/github-actions/test-results-to-slack - - - name: "Send notification" - uses: ./projects/github-actions/test-results-to-slack - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - slack_token: ${{ secrets.SLACK_TOKEN }} - slack_channel: ${{ secrets.SLACK_E2E_CHANNEL }} - slack_icon_emoji: ":jetpack:" - suite_name: "blocks performance" diff --git a/.github/workflows/build-docker-monorepo.yml b/.github/workflows/build-docker-monorepo.yml deleted file mode 100644 index 2ee0b83e515f..000000000000 --- a/.github/workflows/build-docker-monorepo.yml +++ /dev/null @@ -1,202 +0,0 @@ -name: Build Monorepo Docker -on: - push: - branches: [ 'trunk' ] - paths: - - 'tools/docker/Dockerfile.monorepo' - - 'tools/docker/bin/monorepo' - - '.github/versions.sh' - - '.github/workflows/build-docker-monorepo.yml' - pull_request: - paths: - - 'tools/docker/Dockerfile.monorepo' - - 'tools/docker/bin/monorepo' - - '.github/versions.sh' - - '.github/workflows/build-docker-monorepo.yml' -concurrency: - group: build-docker-monorepo-${{ github.event_name }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - prepare: - name: Prepare - runs-on: ubuntu-latest - permissions: - contents: read - timeout-minutes: 5 # 2025-03-04: Takes just a few seconds. - outputs: - php-version: ${{ steps.buildargs.outputs.php-version }} - composer-version: ${{ steps.buildargs.outputs.composer-version }} - node-version: ${{ steps.buildargs.outputs.node-version }} - pnpm-version: ${{ steps.buildargs.outputs.pnpm-version }} - labels: ${{ steps.buildargs.outputs.labels }} - tags: ${{ steps.buildargs.outputs.tags }} - images: ${{ steps.buildargs.outputs.images }} - - steps: - - uses: actions/checkout@v4 - - - name: Fetch build args - id: buildargs - env: - LABELS: | - org.opencontainers.image.title=Jetpack Monorepo Environment - org.opencontainers.image.description=Environment for building and testing the Jetpack Monorepo. - org.opencontainers.image.documentation=${{ github.server_url }}/${{ github.repository }}/blob/trunk/tools/docker/README.md - run: | - source .github/versions.sh - source .github/files/gh-funcs.sh - - gh_set_output php-version "$PHP_VERSION" - gh_set_output composer-version "$COMPOSER_VERSION" - gh_set_output node-version "$NODE_VERSION" - gh_set_output pnpm-version "$PNPM_VERSION" - gh_set_output labels "$LABELS" - - # We're not git-tagging for the env. Just tag all trunk builds as latest. - if [[ "$GITHUB_EVENT_NAME" == "push" ]]; then - gh_set_output tags "type=raw,latest" - gh_set_output images $'automattic/jetpack-monorepo\nghcr.io/automattic/jetpack-monorepo' - elif [[ "$GITHUB_EVENT_NAME" == "pull_request" ]]; then - gh_set_output tags "type=ref,event=pr" - gh_set_output images "ghcr.io/automattic/jetpack-monorepo" - else - echo "Unknown GITHUB_EVENT_NAME $GITHUB_EVENT_NAME" - exit 1 - fi - - build: - name: Build Jetpack Monorepo Environment (${{ matrix.platform }}) - runs-on: ${{ matrix.runner }} - needs: prepare - permissions: - packages: write - contents: read - timeout-minutes: 15 # 2025-03-04: Arm64 build takes about 5 minutes, amd64 build about 3. - strategy: - matrix: - include: - - runner: ubuntu-latest - platform: amd64 - - runner: ubuntu-24.04-arm - platform: arm64 - - steps: - - uses: actions/checkout@v4 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Log in to Docker Hub - uses: docker/login-action@v3 - with: - username: matticbot - password: ${{ secrets.DOCKER_HUB_MATTICBOT_TOKEN }} - - - name: Log in to GitHub Packages - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v5 - with: - flavor: latest=false - images: ${{ needs.prepare.outputs.images }} - labels: ${{ needs.prepare.outputs.labels }} - - - name: Build and push by digest - id: build - uses: docker/build-push-action@v6 - with: - context: tools/docker - file: tools/docker/Dockerfile.monorepo - platforms: linux/${{ matrix.platform }} - # For push by digest, the "tags" are just the images. We tag later. - tags: ${{ needs.prepare.outputs.images }} - labels: ${{ steps.meta.outputs.labels }} - outputs: type=image,push-by-digest=true,name-canonical=true,push=true - build-args: | - PHP_VERSION=${{ needs.prepare.outputs.php-version }} - COMPOSER_VERSION=${{ needs.prepare.outputs.composer-version }} - NODE_VERSION=${{ needs.prepare.outputs.node-version }} - PNPM_VERSION=${{ needs.prepare.outputs.pnpm-version }} - - - name: Export digest - env: - TEMP: ${{ runner.temp }} - DIGEST: ${{ steps.build.outputs.digest }} - run: | - mkdir -p "$TEMP/digests" - touch "$TEMP/digests/${DIGEST#sha256:}" - - - name: Upload digest - uses: actions/upload-artifact@v4 - with: - name: digests-linux-${{ matrix.platform }} - path: ${{ runner.temp }}/digests/* - if-no-files-found: error - retention-days: 1 - - merge: - name: Merge and publish Jetpack Monorepo Environment - runs-on: ubuntu-latest - needs: [ prepare, build ] - permissions: - packages: write - contents: read - timeout-minutes: 5 # 2025-03-04: Merge takes less than a minute. - - steps: - - name: Download digests - uses: actions/download-artifact@v4 - with: - path: ${{ runner.temp }}/digests - pattern: digests-* - merge-multiple: true - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Log in to Docker Hub - uses: docker/login-action@v3 - with: - username: matticbot - password: ${{ secrets.DOCKER_HUB_MATTICBOT_TOKEN }} - - - name: Log in to GitHub Packages - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v5 - with: - flavor: latest=false - tags: ${{ needs.prepare.outputs.tags }} - images: ${{ needs.prepare.outputs.images }} - labels: ${{ needs.prepare.outputs.labels }} - - - name: Create manifest list and push - working-directory: ${{ runner.temp }}/digests - run: | - while IFS= read -r IMAGE; do - echo "=== $IMAGE ===" - docker buildx imagetools create $(jq -cr --arg IMG "$IMAGE" '.tags | map( select( startswith( $IMG + ":" ) ) | "-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ - $(printf "$IMAGE@sha256:%s " *) - done < <( jq -r '.tags[] | sub( ":.*"; "" )' <<< "$DOCKER_METADATA_OUTPUT_JSON" ) - - - name: Inspect image - env: - VERSION: ${{ steps.meta.outputs.version }} - run: | - while IFS= read -r IMAGE; do - echo "=== $IMAGE ===" - docker buildx imagetools inspect "$IMAGE:$VERSION" - done < <( jq -r '.tags[] | sub( ":.*"; "" )' <<< "$DOCKER_METADATA_OUTPUT_JSON" ) diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml deleted file mode 100644 index 50619d302aa9..000000000000 --- a/.github/workflows/build-docker.yml +++ /dev/null @@ -1,203 +0,0 @@ -name: Build Docker -on: - push: - branches: [ 'trunk' ] - paths: - - 'tools/docker/Dockerfile' - - 'tools/docker/bin/run.sh' - - 'tools/docker/config/*' - - '.github/versions.sh' - - '.github/workflows/build-docker.yml' - pull_request: - paths: - - 'tools/docker/Dockerfile' - - 'tools/docker/bin/run.sh' - - 'tools/docker/config/*' - - '.github/versions.sh' - - '.github/workflows/build-docker.yml' -concurrency: - group: build-docker-${{ github.event_name }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - prepare: - name: Prepare - runs-on: ubuntu-latest - permissions: - contents: read - timeout-minutes: 5 # 2025-03-04: Takes just a few seconds. - outputs: - php-version: ${{ steps.buildargs.outputs.php-version }} - composer-version: ${{ steps.buildargs.outputs.composer-version }} - node-version: ${{ steps.buildargs.outputs.node-version }} - pnpm-version: ${{ steps.buildargs.outputs.pnpm-version }} - labels: ${{ steps.buildargs.outputs.labels }} - tags: ${{ steps.buildargs.outputs.tags }} - images: ${{ steps.buildargs.outputs.images }} - - steps: - - uses: actions/checkout@v4 - - - name: Fetch build args - id: buildargs - env: - LABELS: | - org.opencontainers.image.title=Jetpack Development Environment - org.opencontainers.image.description=Unified environment for developing in the Jetpack Monorepo using Docker containers. - org.opencontainers.image.documentation=${{ github.server_url }}/${{ github.repository }}/blob/trunk/tools/docker/README.md - run: | - source .github/versions.sh - source .github/files/gh-funcs.sh - - gh_set_output php-version "$PHP_VERSION" - gh_set_output composer-version "$COMPOSER_VERSION" - gh_set_output node-version "$NODE_VERSION" - gh_set_output pnpm-version "$PNPM_VERSION" - gh_set_output labels "$LABELS" - - # We're not git-tagging for the env. Just tag all trunk builds as latest. - if [[ "$GITHUB_EVENT_NAME" == "push" ]]; then - gh_set_output tags "type=raw,latest" - gh_set_output images $'automattic/jetpack-wordpress-dev\nghcr.io/automattic/jetpack-wordpress-dev' - elif [[ "$GITHUB_EVENT_NAME" == "pull_request" ]]; then - gh_set_output tags "type=ref,event=pr" - gh_set_output images "ghcr.io/automattic/jetpack-wordpress-dev" - else - echo "Unknown GITHUB_EVENT_NAME $GITHUB_EVENT_NAME" - exit 1 - fi - - build: - name: Build Jetpack Dev Environment (${{ matrix.platform }}) - runs-on: ${{ matrix.runner }} - needs: prepare - permissions: - packages: write - contents: read - timeout-minutes: 15 # 2025-03-04: Arm64 build takes about 5 minutes, amd64 build about 3. - strategy: - matrix: - include: - - runner: ubuntu-latest - platform: amd64 - - runner: ubuntu-24.04-arm - platform: arm64 - - steps: - - uses: actions/checkout@v4 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Log in to Docker Hub - uses: docker/login-action@v3 - with: - username: matticbot - password: ${{ secrets.DOCKER_HUB_MATTICBOT_TOKEN }} - - - name: Log in to GitHub Packages - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v5 - with: - flavor: latest=false - images: ${{ needs.prepare.outputs.images }} - labels: ${{ needs.prepare.outputs.labels }} - - - name: Build and push by digest - id: build - uses: docker/build-push-action@v6 - with: - context: tools/docker - platforms: linux/${{ matrix.platform }} - # For push by digest, the "tags" are just the images. We tag later. - tags: ${{ needs.prepare.outputs.images }} - labels: ${{ steps.meta.outputs.labels }} - outputs: type=image,push-by-digest=true,name-canonical=true,push=true - build-args: | - PHP_VERSION=${{ needs.prepare.outputs.php-version }} - COMPOSER_VERSION=${{ needs.prepare.outputs.composer-version }} - NODE_VERSION=${{ needs.prepare.outputs.node-version }} - PNPM_VERSION=${{ needs.prepare.outputs.pnpm-version }} - - - name: Export digest - env: - TEMP: ${{ runner.temp }} - DIGEST: ${{ steps.build.outputs.digest }} - run: | - mkdir -p "$TEMP/digests" - touch "$TEMP/digests/${DIGEST#sha256:}" - - - name: Upload digest - uses: actions/upload-artifact@v4 - with: - name: digests-linux-${{ matrix.platform }} - path: ${{ runner.temp }}/digests/* - if-no-files-found: error - retention-days: 1 - - merge: - name: Merge and publish Jetpack Dev Environment - runs-on: ubuntu-latest - needs: [ prepare, build ] - permissions: - packages: write - contents: read - timeout-minutes: 5 # 2025-03-04: Merge takes less than a minute. - - steps: - - name: Download digests - uses: actions/download-artifact@v4 - with: - path: ${{ runner.temp }}/digests - pattern: digests-* - merge-multiple: true - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Log in to Docker Hub - uses: docker/login-action@v3 - with: - username: matticbot - password: ${{ secrets.DOCKER_HUB_MATTICBOT_TOKEN }} - - - name: Log in to GitHub Packages - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract Docker metadata - id: meta - uses: docker/metadata-action@v5 - with: - flavor: latest=false - tags: ${{ needs.prepare.outputs.tags }} - images: ${{ needs.prepare.outputs.images }} - labels: ${{ needs.prepare.outputs.labels }} - - - name: Create manifest list and push - working-directory: ${{ runner.temp }}/digests - run: | - while IFS= read -r IMAGE; do - echo "=== $IMAGE ===" - docker buildx imagetools create $(jq -cr --arg IMG "$IMAGE" '.tags | map( select( startswith( $IMG + ":" ) ) | "-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \ - $(printf "$IMAGE@sha256:%s " *) - done < <( jq -r '.tags[] | sub( ":.*"; "" )' <<< "$DOCKER_METADATA_OUTPUT_JSON" ) - - - name: Inspect image - env: - VERSION: ${{ steps.meta.outputs.version }} - run: | - while IFS= read -r IMAGE; do - echo "=== $IMAGE ===" - docker buildx imagetools inspect "$IMAGE:$VERSION" - done < <( jq -r '.tags[] | sub( ":.*"; "" )' <<< "$DOCKER_METADATA_OUTPUT_JSON" ) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e8427a189985..8d1586ca85cb 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -249,39 +249,3 @@ jobs: retention-days: 1 # Already compressed. compression-level: 0 - - update_mirrors: - name: Push to mirror repos - runs-on: ubuntu-latest - needs: build - - if: github.event_name == 'push' && github.repository == 'Automattic/jetpack' - - # Not setting a job-level timeout because it would be kind of pointless with the blocking step. Set a step timeout for all other steps instead. - steps: - - uses: actions/checkout@v4 - with: - path: monorepo - timeout-minutes: 1 # 2021-01-18: Successful runs seem to take a few seconds - - - name: Download build artifact - uses: actions/download-artifact@v4 - with: - name: jetpack-build - timeout-minutes: 2 # 2022-03-15: Successful runs normally take a few seconds, but on occasion they've been taking 60+ recently. - - name: Extract build archive - run: tar --xz -xvvf build.tar.xz build - timeout-minutes: 1 # 2021-01-18: Successful runs seem to take a few seconds - - - name: Wait for prior instances of the workflow to finish - uses: ./monorepo/.github/actions/turnstile - - - name: Push changed projects - uses: ./monorepo/projects/github-actions/push-to-mirrors - with: - source-directory: ${{ github.workspace }}/monorepo - token: ${{ secrets.API_TOKEN_GITHUB }} - upstream-ref-since: '2024-04-10' # No point in checking 12 years of earlier commits from before we started adding "Upstream-Ref". - username: matticbot - working-directory: ${{ github.workspace }}/build - timeout-minutes: 10 # 2024-04-11: Successful runs seem to take about a minute. diff --git a/.github/workflows/check-actions-rate-limit.yml b/.github/workflows/check-actions-rate-limit.yml deleted file mode 100644 index 6aa949eda55a..000000000000 --- a/.github/workflows/check-actions-rate-limit.yml +++ /dev/null @@ -1,14 +0,0 @@ -name: Check Actions rate limit -on: - workflow_dispatch: - -jobs: - check: - name: Check Actions rate limit - runs-on: ubuntu-latest - steps: - - name: Check rate limit - env: - TOKEN: ${{ github.token }} - run: | - curl -v --no-progress-meter --header "Authorization: Bearer $TOKEN" https://api.github.com/rate_limit diff --git a/.github/workflows/coverage-check.yml b/.github/workflows/coverage-check.yml deleted file mode 100644 index 1e50a5456d1f..000000000000 --- a/.github/workflows/coverage-check.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: Coverage check -on: - pull_request: - types: [labeled, unlabeled] - workflow_dispatch: - inputs: - pr: - description: PR - type: number - required: true - -concurrency: - group: coverage-check-${{ github.head_ref || github.ref_name }}-${{ github.event_name == 'pull_request' && github.event.pull_request.number || inputs.pr }}-${{ github.event.pull_request.label.id || '' }} - cancel-in-progress: true - -permissions: - checks: read - pull-requests: write - statuses: write - -jobs: - code-coverage-label: - name: "Update code coverage check" - runs-on: ubuntu-latest - if: github.event_name == 'workflow_dispatch' || github.event.label.name == 'I don''t care about code coverage for this PR' || github.event.label.name == 'Covered by non-unit tests' || github.event.label.name == 'Coverage tests to be added later' - timeout-minutes: 5 # 2025-02-06: Should be pretty quick. - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Get token - id: get_token - uses: ./.github/actions/gh-app-token - with: - app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }} - private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }} - - - name: Post message - env: - PR_ID: ${{ github.event_name == 'pull_request' && github.event.pull_request.number || inputs.pr }} - PR_HEAD: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }} - POST_MESSAGE_TOKEN: ${{ steps.get_token.outputs.token }} - run: .github/files/coverage-munger/post-message.sh diff --git a/.github/workflows/delete-mirror-branches.yml b/.github/workflows/delete-mirror-branches.yml deleted file mode 100644 index 3d2030a8883e..000000000000 --- a/.github/workflows/delete-mirror-branches.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Delete mirror branches -on: - delete: - -jobs: - delete: - name: Delete `${{ github.event.ref }}` - runs-on: ubuntu-latest - timeout-minutes: 5 # 2022-11-21: Shouldn't take long. - if: github.event_name == 'delete' && github.repository == 'Automattic/jetpack' && github.event.ref == 'prerelease' - steps: - - uses: actions/checkout@v4 - with: - ref: trunk - - name: Delete branches - env: - TOKEN: ${{ secrets.API_TOKEN_GITHUB }} - REF: heads/${{ github.event.ref }} - run: | - for repo in $(jq -r '.extra["mirror-repo"] // empty' projects/*/*/composer.json | sort -u); do - echo "::group::Deleting $REF on $repo" - RES="$(curl -v -L -X DELETE --header "Authorization: Bearer $TOKEN" "https://api.github.com/repos/$repo/git/refs/$REF")" - echo '::endgroup::' - echo "$RES" - done diff --git a/.github/workflows/e2e-tests.yml b/.github/workflows/e2e-tests.yml deleted file mode 100644 index b2209d3edb07..000000000000 --- a/.github/workflows/e2e-tests.yml +++ /dev/null @@ -1,406 +0,0 @@ -name: E2E Tests - -on: - pull_request: - paths-ignore: - - '**.md' - repository_dispatch: - types: [ 'e2e tests**' ] - -concurrency: - group: e2e-tests-${{ github.event_name }}-${{ github.ref }}-${{ github.event.action }} - cancel-in-progress: true - -jobs: - create-test-matrix: - name: "Determine tests matrix" - runs-on: ubuntu-latest - timeout-minutes: 5 # 2023-09-15: The pnpm install may take a few minutes on cache miss. - # Only run tests in the main repository - if: github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name - outputs: - matrix: ${{ steps.evaluate.outputs.matrix }} - build-matrix: ${{ steps.evaluate.outputs.build-matrix }} - steps: - - uses: actions/checkout@v4 - - # For pull requests, list-changed-projects.sh needs the merge base. - - name: Deepen to merge base - if: github.event_name == 'pull_request' - uses: ./.github/actions/deepen-to-merge-base - - - name: Setup tools - uses: ./.github/actions/tool-setup - - # Required for list-changed-projects.sh - - name: Install monorepo - run: | - pnpm install - - - name: Create test plan - id: evaluate - env: - DISPATCH_REPO: ${{ github.event.client_payload.repository }} - REF_NAME: ${{ github.event.client_payload.ref_name }} - REF_TYPE: ${{ github.event.client_payload.ref_type }} - run: | - MATRIX="$(node .github/files/e2e-tests/e2e-matrix.js)" - echo "matrix: $MATRIX" - echo "matrix=$MATRIX" >> "$GITHUB_OUTPUT" - if [[ "$GITHUB_EVENT_NAME" == repository_dispatch ]]; then - echo "No build needed for $GITHUB_EVENT_NAME" - BUILD_MATRIX="[]" - else - BUILD_MATRIX=$(jq -c '[ .[] | select( .suite | startswith( "atomic" ) | not ) | { buildGroup: .buildGroup, path: .path } ] | unique' <<<"$MATRIX") - echo "build matrix: $BUILD_MATRIX" - BAD=$( jq -r '[ group_by( .buildGroup )[] | select( length > 1 ) | .[0].buildGroup ] | unique | join( "," )' <<<"$BUILD_MATRIX" ) - if [[ -n "$BAD" ]]; then - echo "::error::One or more build groups have multiple paths: $BAD" - exit 1 - fi - fi - echo "build-matrix=$BUILD_MATRIX" >> "$GITHUB_OUTPUT" - - build-projects: - name: "E2E: Build ${{ matrix.buildGroup }}" - runs-on: ubuntu-latest - needs: create-test-matrix - timeout-minutes: 30 - if: needs.create-test-matrix.outputs.build-matrix != '[]' - strategy: - fail-fast: false - matrix: - include: ${{ fromJson( needs.create-test-matrix.outputs.build-matrix ) }} - steps: - - name: Ensure ${{ matrix.buildGroup }} build cache - id: jetpack-build-cache - uses: actions/cache/restore@v4 - with: - lookup-only: true - path: | - . - !./.github/ - key: ${{ matrix.buildGroup }}-${{ github.sha }} - - - name: Checkout code - if: steps.jetpack-build-cache.outputs.cache-hit != 'true' - uses: actions/checkout@v4 - - - name: Setup tools - if: steps.jetpack-build-cache.outputs.cache-hit != 'true' - uses: ./.github/actions/tool-setup - - - name: Install monorepo - if: steps.jetpack-build-cache.outputs.cache-hit != 'true' - run: pnpm install - - - name: Build projects - id: build-step - if: steps.jetpack-build-cache.outputs.cache-hit != 'true' - env: - COMPOSER_ROOT_VERSION: "dev-trunk" - BUILD_DIR: ./build-output - PROJECT_PATH: ${{ matrix.path }} - run: | - find . -path ./.github -prune -o -type f -print | sort > /tmp/before.txt - echo "::group::Build plugin(s)" - cd "$PROJECT_PATH" - pnpm run build - cd "$GITHUB_WORKSPACE" - echo "::endgroup::" - - # We only want to save the files that were actually created or changed. - # But we can't just list them for actions/cache/save, "Argument list too long". - # So instead we delete all the unchanged files so we can tell actions/cache/save - # to save everything that's left. - git -c core.quotepath=off diff --name-only | sort > /tmp/changed.txt - if [[ -s /tmp/changed.txt ]]; then - grep -F -x -v -f /tmp/changed.txt /tmp/before.txt > /tmp/remove.txt - else - cp /tmp/before.txt /tmp/remove.txt - fi - xargs -d '\n' rm < /tmp/remove.txt - find . -type d -empty -delete - - - name: Save ${{ matrix.buildGroup }} build cache - if: steps.jetpack-build-cache.outputs.cache-hit != 'true' - id: jetpack-build-cache-save - uses: actions/cache/save@v4 - with: - path: | - . - !./.github/ - key: ${{ steps.jetpack-build-cache.outputs.cache-primary-key }} - - e2e-tests: - name: "${{ matrix.project }} e2e tests" - runs-on: ubuntu-latest - needs: [ create-test-matrix, build-projects ] - # The "always() && ! cancelled() && ! failure()" bit is needed to still run if the build was skipped. - if: > - always() && ! cancelled() && ! failure() && - needs.create-test-matrix.result == 'success' && needs.create-test-matrix.outputs.matrix != '[]' - timeout-minutes: 60 - env: - WP_DEBUG_PATH: '${{ github.workspace }}/tools/docker/wordpress/wp-content/debug.log' - strategy: - fail-fast: false - matrix: - include: ${{ fromJson( needs.create-test-matrix.outputs.matrix ) }} - steps: - - uses: actions/checkout@v4 - - - name: Restore ${{ matrix.buildGroup }} build cache - id: jetpack-build-cache - if: needs.build-projects.result == 'success' && ! startsWith( matrix.suite, 'atomic' ) - uses: actions/cache/restore@v4 - with: - path: | - . - !./.github/ - key: ${{ matrix.buildGroup }}-${{ github.sha }} - fail-on-cache-miss: true - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - name: Install monorepo - run: | - pnpm install - - - name: Checkout jetpack-production - if: github.event_name == 'repository_dispatch' && github.event.client_payload.repository != 'Automattic/jetpack-production' - uses: actions/checkout@v4 - with: - repository: Automattic/jetpack-production - path: build-output/build/Automattic/jetpack-production - - - name: Checkout mirror repo - if: github.event_name == 'repository_dispatch' - uses: actions/checkout@v4 - with: - repository: ${{ github.event.client_payload.repository }} - ref: ${{ github.event.client_payload.ref_name }} - path: build-output/build/${{ github.event.client_payload.repository }} - - - name: Prepare build - env: - COMPOSER_ROOT_VERSION: "dev-trunk" - BUILD_DIR: ./build-output - PROJECT_PATH: ${{ matrix.path }} - SUITE: ${{ matrix.suite }} - BUILD_JOB_RESULT: ${{ needs.build-projects.result }} - run: | - # Only execute these steps if the event name is 'repository_dispatch' - if [[ "$GITHUB_EVENT_NAME" == repository_dispatch ]]; then - if [[ "$BUILD_JOB_RESULT" != 'skipped' ]]; then - echo "::error::Build job ran but result is not being used!" - exit 1 - fi - - echo "::group::Update volume mapping" - .github/files/e2e-tests/map-plugins-for-e2e-env.sh - echo "::endgroup::" - elif [[ "$SUITE" != atomic* ]]; then - echo "Using artifact from build-projects job" - fi - - - name: Test environment set-up - working-directory: ${{ matrix.path }} - env: - CONFIG_KEY: ${{ secrets.E2E_CONFIG_KEY }} - SUITE: ${{ matrix.suite }} - PROJECT_NAME: ${{ matrix.project }} - HOST_CWD: ${{ github.workspace }} - run: | - echo "::group::Decrypt config" - pnpm run config:decrypt - echo "::endgroup::" - - # Ensure that wp debug.log exists and the web process can write to it - mkdir -p "$(dirname "$WP_DEBUG_PATH")" - touch "$WP_DEBUG_PATH" - chmod 0666 "$WP_DEBUG_PATH" - - if [[ "${SUITE}" != atomic* && "${SUITE}" != vip ]]; then - echo "::group::Start docker environment" - pnpm run env:up - echo "::endgroup::" - - echo "::group::Create tunnel" - nohup pnpm run tunnel:up "$HOME/tunnel.log" - echo "::endgroup::" - fi - - if [ "${SUITE}" == gutenberg ]; then - echo "::group::Setting up Gutenberg" - pnpm e2e-env gb-setup - echo "::endgroup::" - fi - - - name: Wait for atomic site to be ready - if: ${{ startsWith(matrix.suite, 'atomic') }} - working-directory: ${{ matrix.path }} - env: - DISPATCH_REF_NAME: ${{ github.event.client_payload.ref_name }} - DISPATCH_REF_TYPE: ${{ github.event.client_payload.ref_type }} - run: | - SITE="atomic" - - if [[ "${DISPATCH_REF_NAME}" != trunk ]]; then - SITE="atomicRc" - fi - - echo "TEST_SITE=${SITE}" >> $GITHUB_ENV - - # Wait for the site to pick up latest tag version (DISPATCH_REF_NAME) - TEST_SITE="${SITE}" node "$GITHUB_WORKSPACE/tools/e2e-commons/bin/update-beta-version.js" $DISPATCH_REF_TYPE $DISPATCH_REF_NAME - - - name: Set up VIP site - if: ${{ matrix.suite == 'vip' }} - working-directory: ${{ matrix.path }} - run: | - echo "TEST_SITE=vip" >> $GITHUB_ENV - - - name: Run ${{ matrix.project }} tests - working-directory: ${{ matrix.path }} - env: - JSON_ARGS: ${{ toJSON(matrix.testArgs) }} - run: | - mapfile -t TEST_ARGS < <(jq -r '.[]' <<<"$JSON_ARGS") - pnpm run test:run "${TEST_ARGS[@]}" - - - name: Write report metadata - if: ${{ always() }} - env: - SUITE: ${{ matrix.suite }} - PR_NUMBER: ${{ github.event.pull_request.number }} - OUTPUT_PATH: ${{ matrix.path }} - run: .github/files/e2e-tests/report-metadata.sh - - - name: Test environment tear-down - if: ${{ always() }} - working-directory: ${{ matrix.path }} - continue-on-error: true - run: | - # Copy debug.log to output folder, if it exists - [[ ! -f "$WP_DEBUG_PATH" ]] || cp "$WP_DEBUG_PATH" "output/logs/php_errors.log" - - pnpm run tunnel:down - echo "::group::Tunnel logs" - cat "$HOME/tunnel.log" - echo "::endgroup::" - - # Update permissions to workaround https://github.com/actions/cache/issues/753 - sudo chown -R runner:docker "$GITHUB_WORKSPACE/tools/docker" - - - name: Upload test artifacts - if: ${{ always() }} - continue-on-error: true - uses: actions/upload-artifact@v4 - with: - name: test-output-${{ matrix.project }} - path: ${{ matrix.path }}/output - include-hidden-files: true - - test-report: - name: "Test report" - runs-on: ubuntu-latest - if: ${{ success() || failure() }} - needs: [e2e-tests] - - steps: - - name: Set report context - id: report-context - env: - DISPATCH_REF_NAME: ${{ github.event.client_payload.ref_name }} - DISPATCH_REPO: ${{ github.event.client_payload.repository }} - PR_TITLE: ${{ github.event.pull_request.title }} - PR_NUMBER: ${{ github.event.pull_request.number }} - run: | - REPOSITORY=$GITHUB_REPOSITORY - - if [ "$GITHUB_EVENT_NAME" == pull_request ]; then - BRANCH=$GITHUB_HEAD_REF - elif [ "$GITHUB_EVENT_NAME" == repository_dispatch ]; then - BRANCH=$DISPATCH_REF_NAME - REPOSITORY=$DISPATCH_REPO - else - BRANCH=${GITHUB_REF:11} - fi - - echo "EVENT_TYPE=e2e run $GITHUB_RUN_ID at $GITHUB_EVENT_NAME on $GITHUB_REPOSITORY" >> "$GITHUB_OUTPUT" - echo "CLIENT_PAYLOAD=$( jq -nrc --arg repository "$REPOSITORY" --arg branch "$BRANCH" --arg pr_title "$PR_TITLE" --arg pr_number "$PR_NUMBER" --arg run_id "$GITHUB_RUN_ID" '{ repository: $repository, branch: $branch, pr_title: $pr_title, pr_number: $pr_number, run_id: $run_id }' )" >> "$GITHUB_OUTPUT" - - - name: Trigger test report workflow - uses: peter-evans/repository-dispatch@v3 - with: - token: ${{ secrets.E2E_TEST_REPORTS_TOKEN }} - repository: automattic/jetpack-e2e-reports - event-type: ${{ steps.report-context.outputs.event_type }} - client-payload: ${{ steps.report-context.outputs.client_payload }} - - - name: Display link to test report in Action Summary - uses: actions/github-script@v7 - with: - script: | - await core.summary - .addHeading( 'E2E Test Report' ) - .addLink( - `E2E Test Report`, - `https://automattic.github.io/jetpack-e2e-reports/${ context.issue.number }/report/` - ) - .addBreak() - .addRaw('Please note that it can take a few minutes after the e2e tests checks are complete for the report to be available.', true) - .write() - - slack-notification: - name: "Slack notification" - runs-on: ubuntu-latest - if: ${{ success() || failure() }} - needs: [e2e-tests] - - steps: - - uses: actions/checkout@v4 - - - name: Set up tools - uses: ./.github/actions/tool-setup - - - name: Build action - env: - COMPOSER_ROOT_VERSION: dev-trunk - run: | - pnpm install - composer install - composer build-development - working-directory: ./projects/github-actions/test-results-to-slack - - - name: Download test artifacts - uses: actions/download-artifact@v4 - with: - path: test-output - - - name: Decrypt config - env: - CONFIG_KEY: ${{ secrets.E2E_CONFIG_KEY }} - run: ./.github/files/e2e-tests/encryption.sh decrypt - - - name: Tag release candidate runs - if: github.event_name == 'repository_dispatch' && github.event.client_payload.ref_type == 'tag' - env: - VERSION: ${{ github.event.client_payload.ref_name }} - run: echo "NOTIFICATION_SUITE=rc-${VERSION}" >> $GITHUB_ENV - - - name: "Send notification" - uses: ./projects/github-actions/test-results-to-slack - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - slack_token: ${{ secrets.SLACK_TOKEN }} - slack_channel: ${{ secrets.SLACK_E2E_CHANNEL }} - slack_icon_emoji: ":jetpack:" - suite_name: ${{ env.NOTIFICATION_SUITE }} - playwright_report_path: test-output/**/summary.json - playwright_output_dir: test-output/**/results - rules_configuration_path: .github/files/e2e-tests/notification-rules.json - - diff --git a/.github/workflows/gardening.yml b/.github/workflows/gardening.yml deleted file mode 100644 index a32fee68ea63..000000000000 --- a/.github/workflows/gardening.yml +++ /dev/null @@ -1,70 +0,0 @@ -name: Gardening -on: - pull_request_target: # When a PR is opened, edited, updated, closed, or a label is added. - types: [opened, reopened, synchronize, edited, labeled, closed ] - issues: # For auto-triage of issues. - types: [opened, reopened, labeled, edited, closed] - issue_comment: # To gather support references in issue comments. - types: [created] - push: - branches: - - trunk # Every time a PR is merged to trunk. -concurrency: - # For pull_request_target, cancel any concurrent jobs with the same type (e.g. "opened", "labeled") and branch. - # Don't cancel any for other events, accomplished by grouping on the unique run_id. - group: gardening-${{ github.event_name }}-${{ github.event.action }}-${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.ref || github.run_id }} - cancel-in-progress: true - -jobs: - repo-gardening: - name: "Manage labels and assignees" - runs-on: ubuntu-latest - if: github.event_name == 'pull_request_target' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name - timeout-minutes: 10 # 2021-03-12: Successful runs seem to take a few seconds, but can sometimes take a lot longer since we wait for previous runs to complete. - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - name: Building Action - env: - COMPOSER_ROOT_VERSION: dev-trunk - run: | - pnpm install - composer install - composer build-development - working-directory: ./projects/github-actions/repo-gardening - - - name: Check out the PR - if: github.event_name == 'pull_request_target' && github.event.pull_request.state != 'closed' - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.ref }} - repository: ${{ github.event.pull_request.head.repo.full_name }} - # DO NOT run any code in this checkout. Not even an `npm install`. - path: ./pr-checkout - - - name: Wait for prior instances of the workflow to finish - uses: ./.github/actions/turnstile - with: - # Split issues and issue_comment triggers from the rest. Otherwise a lot of issue work can result in pushes to trunk timing out. - events: ${{ ( github.event_name == 'issues' || github.event_name == 'issue_comment' ) && 'issues issue_comment' || '' }} - ignore-events: ${{ ( github.event_name != 'issues' && github.event_name != 'issue_comment' ) && 'issues issue_comment' || '' }} - - - name: "Run the action (assign, manage milestones, for issues and PRs)" - uses: ./projects/github-actions/repo-gardening - env: - PR_WORKSPACE: ${{ github.workspace }}${{ github.event_name == 'pull_request_target' && '/pr-checkout' || '' }} - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - slack_token: ${{ secrets.SLACK_TOKEN }} - slack_team_channel: ${{ secrets.SLACK_TEAM_CHANNEL }} - slack_design_channel: ${{ secrets.SLACK_DESIGN_CHANNEL }} - slack_editorial_channel: ${{ secrets.SLACK_EDITORIAL_CHANNEL }} - slack_he_triage_channel: ${{ secrets.SLACK_HE_TRIAGE_CHANNEL }} - slack_quality_channel: ${{ secrets.SLACK_QUALITY_CHANNEL }} - triage_projects_token: ${{ secrets.PROJECT_AUTOMATION_TOKEN }} - project_board_url: ${{ secrets.PROJECT_BOARD_URL }} - openai_api_key: ${{ secrets.OPENAI_API_KEY }} diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml deleted file mode 100644 index b8fdf3f47c14..000000000000 --- a/.github/workflows/linting.yml +++ /dev/null @@ -1,487 +0,0 @@ -# This workflow holds jobs for linting, currently PHP and JavaScript. -# -# The jobs are all set up to only run if appropriate files have changed; the -# `changed_files` job is used to determine whether files have changed in -# various categories so the rest of the jobs can know whether to run or not. - -name: Linting - -on: pull_request -concurrency: - group: linting-${{ github.event_name }}-${{ github.ref }} - cancel-in-progress: true - -env: - COMPOSER_ROOT_VERSION: "dev-trunk" - -jobs: - - ### Job to categorize changed files. Other jobs depend on this to know when they should run. - changed_files: - name: detect changed files - runs-on: ubuntu-latest - timeout-minutes: 1 # 2021-01-18: Successful runs seem to take a few seconds - outputs: - # Whether any PHP files have changed. - php: ${{ steps.filter.outputs.php }} - - # Whether any JavaScript files have changed. - js: ${{ steps.filter.outputs.js }} - - # Whether any lock files have changed. - lockfiles: ${{ steps.filter.outputs.lockfiles }} - - # Whether any GitHub Actions yaml files have changed. - ghactionsfiles: ${{ steps.filter.outputs.ghactionsfiles }} - - # Whether any miscellaneous files related to linting have changed. - misc: ${{ steps.filter.outputs.misc }} - - # Whether any miscellaneous files related to PHP linting have changed. - misc_php: ${{ steps.filter.outputs.misc == 'true' || steps.filter.outputs.misc_php == 'true' }} - - # Whether any miscellaneous files related to JS linting have changed. - misc_js: ${{ steps.filter.outputs.misc == 'true' || steps.filter.outputs.misc_js == 'true' }} - - # JSON string holding an array of files in phpcs-excludelist.json that have changed. - php_excluded_files: ${{ steps.filterPHP.outputs.php_excluded_files }} - - # JSON string holding an array of files in eslint-excludelist.json that have changed. - js_excluded_files: ${{ steps.filterJS.outputs.js_excluded_files }} - - # Whether any excluded files were modified or deleted. - excludelist: ${{ steps.filterExcludeList.outputs.excluded_files != '[]' || steps.filter.outputs.misc == 'true' || steps.filter.outputs.misc_php == 'true' || steps.filter.outputs.misc_js == 'true' || steps.filter.outputs.misc_excludelist == 'true' }} - - steps: - - uses: actions/checkout@v4 - - - uses: dorny/paths-filter@v3 - id: filter - with: - list-files: json - filters: | - php: - # If any PHP file changed, they need checking. - - added|modified: - - '**.php' - js: - # If any JS file changed, they need checking. - - added|modified: - - '**.cjs' - - '**.js' - - '**.jsx' - - '**.mjs' - - '**.ts' - - '**.tsx' - - '**.svelte' - excludelist: - # If any PHP or JS file changed or was deleted, we need to check the excludelist. - - modified|deleted: - - '**.php' - - '**.js' - - '**.jsx' - - '**.ts' - lockfiles: - - 'composer.json' - - 'composer.lock' - - 'package.json' - - 'pnpm-lock.yaml' - - '**/composer.json' - - '**/composer.lock' - - '**/package.json' - ghactionsfiles: - - '.github/workflows/*.{yml,yaml}' - - '.github/actions/*/action.{yml,yaml}' - - 'projects/github-actions/*/action.{yml,yaml}' - # If we edit the linting JS files, we need to run it. - - 'tools/js-tools/lint-gh-actions.{js,mjs}' - misc_php: - # If composer, phpcs config, or the codesniffer package itself changed, there may be a new standard. - - 'composer.json' - - 'composer.lock' - - '.phpcs.config.xml' - - '.phpcs.xml.dist' - - '.phpcsignore' - - '**/.phpcs.dir.xml' - - '**/.phpcsignore' - - 'projects/packages/codesniffer/**' - # If the excludelist changed, run to ensure newly non-excluded files pass. - - 'tools/phpcs-excludelist.json' - # If other files used by this workflow changed, run it to test those changes. - - 'tools/parallel-lint.sh' - - '.github/files/php-linting-phpcs.xml' - - '.github/matchers/phpcs-problem-matcher.json' - - '.github/matchers/php-lint-problem-matcher.json' - misc_js: - # If package or eslint config changed, there may be new checks. - - 'package.json' - - 'tools/js-tools/package.json' - - 'pnpm-lock.yaml' - - '.eslintignore' - - '.eslintignore.root' - - 'eslint.config.*' - - '**/.eslintignore' - - '**/eslint.config.*' - # If the excludelist changed, run to ensure newly non-excluded files pass. - - 'tools/eslint-excludelist.json' - misc_excludelist: - - 'tools/cleanup-excludelists.sh' - - 'tools/js-tools/check-excludelist-diff.js' - misc: - # If the workflow itself changed, everything should re-run. - - '.github/workflows/linting.yml' - - - id: filterPHP - shell: bash - env: - PHP_FILES: ${{ steps.filter.outputs.php_files }} - run: | - EXCLUDED_FILES=$(jq --argjson files "$PHP_FILES" --slurpfile excludes tools/phpcs-excludelist.json -nc '$files - ($files - $excludes[0])') - echo "php_excluded_files=$EXCLUDED_FILES" >> "$GITHUB_OUTPUT" - echo "Excluded files:" - jq --argjson files "$EXCLUDED_FILES" -nr '" - " + $files[]' - - - id: filterJS - shell: bash - env: - JS_FILES: ${{ steps.filter.outputs.js_files }} - run: | - EXCLUDED_FILES=$(jq --argjson files "$JS_FILES" --slurpfile excludes tools/eslint-excludelist.json -nc '$files - ($files - $excludes[0])') - echo "js_excluded_files=$EXCLUDED_FILES" >> "$GITHUB_OUTPUT" - echo "Excluded files:" - jq --argjson files "$EXCLUDED_FILES" -nr '" - " + $files[]' - - - id: filterExcludeList - shell: bash - env: - FILES: ${{ steps.filter.outputs.excludelist_files }} - run: | - EXCLUDED_FILES=$(jq --argjson files "$FILES" --slurpfile phpexcludes tools/phpcs-excludelist.json --slurpfile jsexcludes tools/eslint-excludelist.json -nc '$files - ($files - $phpexcludes[0] - $jsexcludes[0])') - echo "excluded_files=$EXCLUDED_FILES" >> "$GITHUB_OUTPUT" - echo "Excluded files:" - jq --argjson files "$EXCLUDED_FILES" -nr '" - " + $files[]' - - ### Runs `php -l` over all PHP files, in all relevant PHP versions - # Local equivalent: `composer php:lint` - php_lint: - name: PHP lint (${{ matrix.php-versions }}) - runs-on: ubuntu-latest - needs: changed_files - continue-on-error: ${{ matrix.experimental }} - timeout-minutes: 3 # 2021-01-18: Successful runs seem to take ~1 minute - - strategy: - fail-fast: false - matrix: - php-versions: [ '7.2', '7.4', '8.0', '8.1', '8.2', '8.3', '8.4' ] - experimental: [ false ] - - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - php: ${{ matrix.php-versions }} - node: false - - - name: Install dependencies - run: | - # Install stuff ignoring platform reqs. - composer install --ignore-platform-reqs - # Remove stuff we don't need here that fails some platform reqs. - # This will complain if we missed any. - composer remove --dev sirbrillig/phpcs-changed automattic/jetpack-codesniffer automattic/jetpack-phan-plugins phan/phan - - - name: Run linter - run: | - echo "::add-matcher::.github/matchers/php-lint-problem-matcher.json" - composer php:lint -- --checkstyle - echo "::remove-matcher owner=php-lint" - - ### Runs phpcs on all PHP files not listed in phpcs-excludelist.json. - # Local equivalent: `composer phpcs:lint:required` - phpcs: - name: PHP Code Sniffer (non-excluded files only) - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.php == 'true' || needs.changed_files.outputs.misc_php == 'true' - timeout-minutes: 5 # 2021-01-18: Successful runs seem to take ~1 minute. Leaving some extra for future expansion. - - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - node: false - - - name: Install dependencies - run: composer install - - - name: Run phpcs - run: | - echo "::add-matcher::.github/matchers/phpcs-problem-matcher.json" - composer phpcs:lint:required -- --report=emacs --standard=.github/files/php-linting-phpcs.xml - echo "::remove-matcher owner=phpcs" - - ### Runs PHPCompatibility over all PHP files. - # Local equivalent: `composer phpcs:compatibility` - phpcompatibility: - name: PHP Compatibility - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.php == 'true' || needs.changed_files.outputs.misc_php == 'true' - timeout-minutes: 5 # 2021-01-18: Successful runs seem to take ~1 minute. Leaving some extra for future expansion. - - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - node: false - - - name: Install dependencies - run: composer install - - - name: Run phpcs for PHPCompatibility - run: | - echo "::add-matcher::.github/matchers/phpcs-problem-matcher.json" - composer phpcs:compatibility -- --report=emacs . - echo "::remove-matcher owner=phpcs" - - ### Runs phpcs-changed on PHP files listed in phpcs-excludelist.json. - # Local equivalent: `composer phpcs:changed -- --git-base= ` - # `` is the branch this PR is to be merged into, probably `origin/trunk`. - # - # Pre-commit, you might also `git add` the relevant files and run `composer phpcs:changed` - phpcs_changed: - name: PHP Code Sniffer (changes to excluded files only) - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.php_excluded_files != '[]' - continue-on-error: true - timeout-minutes: 5 # 2021-01-18: Successful runs seem to take ~1 minute. Leaving some extra for future expansion. - - steps: - # We don't need full git history, but phpcs-changed does need everything up to the merge-base. - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 10 - - uses: ./.github/actions/deepen-to-merge-base - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - node: false - - - name: Install dependencies - run: composer install - - - name: Run phpcs-changed - shell: bash - env: - SHA: ${{ github.event.pull_request.base.sha }} - FILES: ${{ needs.changed_files.outputs.php_excluded_files }} - run: | - echo "::add-matcher::.github/matchers/phpcs-problem-matcher.json" - composer phpcs:changed -- --report=json --standard=.github/files/php-linting-phpcs.xml --git-base=$SHA $(jq -rn --argjson files "$FILES" '$files[]') | - jq -r '.files | to_entries | .[] | .key as $key | .value.messages[] | [ $key, ":", .line, ":", .column, ": ", .type, " - ", .message, " (", .source, ")" ] | map(tostring) | join("")' - echo "::remove-matcher owner=phpcs" - - ### Runs eslint on JS files not listed in eslint-excludelist.json - # Local equivalent: `pnpm run lint-required` - eslint: - name: ESLint (non-excluded files only) - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.js == 'true' || needs.changed_files.outputs.misc_js == 'true' - timeout-minutes: 10 # 2021-03-05: Runs now take ~5 minutes due to now installing all php/js deps to ensure valid linting. - - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - name: Monorepo pnpm install - run: pnpm install - - run: pnpm run lint-required - - ### Runs eslint-changed on JS files listed in eslint-excludelist.json. - # Local equivalent: `pnpm run lint-changed --git-base=` - # `` is the branch this PR is to be merged into, probably `origin/trunk`. - # - # Pre-commit, you might also `git add` the relevant files and run `pnpm run lint-changed` - eslint_changed: - name: ESLint (changes to excluded files only) - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.js_excluded_files != '[]' - continue-on-error: true - timeout-minutes: 10 # 2021-03-05: Taking ~4:30 now due to now installing all php/js deps to ensure valid linting. - - steps: - # We don't need full git history, but eslint-changed does need everything up to the merge-base. - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 10 - - uses: ./.github/actions/deepen-to-merge-base - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - name: Monorepo pnpm install - run: pnpm install - - name: Run eslint-changed - env: - SHA: ${{ github.event.pull_request.base.sha }} - FILES: ${{ needs.changed_files.outputs.js_excluded_files }} - run: pnpm run lint-changed --git-base=$SHA $(jq -rn --argjson files "$FILES" '$files[]') - - ### Lints GitHub Actions yaml files. - # Local equivalent: `./tools/js-tools/lint-gh-actions.mjs ` - lint_gh_actions: - name: Lint GitHub Actions yaml files - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.ghactionsfiles == 'true' || needs.changed_files.outputs.misc == 'true' - timeout-minutes: 5 # 2021-03-24: Pnpm stuff takes about a minute. - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - php: false - - - run: pnpm install - - name: Run lint - run: ./tools/js-tools/lint-gh-actions.mjs -v '.github/workflows/*.{yml,yaml}' '.github/actions/*/action.{yml,yaml}' 'projects/github-actions/*/action.{yml,yaml}' - - ### Checks that copied files (e.g. readme, license) are in sync - # Local equivalent: `./tools/check-copied-files.sh` - copied_files: - name: Copied files are in sync - runs-on: ubuntu-latest - timeout-minutes: 1 # 2021-01-18: Successful runs seem to take a few seconds. - - steps: - - uses: actions/checkout@v4 - - run: ./tools/check-copied-files.sh - - ### Runs tools/cleanup-excludelists.sh and checks for any changes - # Local equivalent: `tools/cleanup-excludelists.sh` - check_excludelists: - name: Check linter exclude lists - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.excludelist == 'true' - timeout-minutes: 10 # 2022-05-11: The check itself takes 4 minutes. - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - run: composer install - - name: Monorepo pnpm install - run: pnpm install - - - name: Cleanup excludelists - run: tools/cleanup-excludelists.sh - - name: Check for changes to exclude lists - run: tools/js-tools/check-excludelist-diff.js - - ### Checks that changelogger change files are being created. - # Local equivalent: Probably `tools/check-changelogger-use.php origin/trunk HEAD` - changelogger_used: - name: Changelogger use - runs-on: ubuntu-latest - timeout-minutes: 5 # 2021-03-24: Takes about a minute. - steps: - # We don't need full git history, but tools/check-changelogger-use.php does need everything up to the merge-base. - - uses: actions/checkout@v4 - with: - ref: ${{ github.event.pull_request.head.sha }} - fetch-depth: 10 - - uses: ./.github/actions/deepen-to-merge-base - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - node: false - - - name: Check change files are touched for touched projects - env: - BASE: ${{ github.event.pull_request.base.sha }} - HEAD: ${{ github.event.pull_request.head.sha }} - run: tools/check-changelogger-use.php --debug "$BASE" "$HEAD" - - ### Checks that changelogger change files are valid. - # Local equivalent: `./tools/changelogger-validate-all.sh` - changelogger_valid: - name: Changelogger validity - runs-on: ubuntu-latest - timeout-minutes: 5 # 2021-03-24: Takes about a minute - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - node: false - - - name: Check change file validity - run: tools/changelogger-validate-all.sh -vv - - ### Checks that lock files are up to date. - # Local equivalent: .github/files/check-lock-files.sh - # Note that may modify lock files in your working tree! - lock_files: - name: "Lock files are up to date" - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.lockfiles == 'true' || needs.changed_files.outputs.misc == 'true' - timeout-minutes: 7 # 2021-03-17: Successful runs seem to take 3+ minutes, thanks to pnpm building stuff. - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - run: .github/files/check-lock-files.sh - - ### Check that monorepo packages are correctly referenced. - # Local equivalent: tools/check-intra-monorepo-deps.sh -v && .github/files/check-monorepo-package-repos.sh - monorepo_package_refs: - name: Monorepo package version refs - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.lockfiles == 'true' || needs.changed_files.outputs.misc == 'true' - timeout-minutes: 5 # 2022-03-25: The pnpm install will probably take a minute or so. - steps: - - uses: actions/checkout@v4 - - name: Setup tools - uses: ./.github/actions/tool-setup - - run: pnpm install - - run: tools/check-intra-monorepo-deps.sh -v - - run: .github/files/check-monorepo-package-repos.sh - - ### Checks against project structure, e.g. that composer.json exists. - # Local equivalent: `./.github/files/lint-project-structure.sh` - project_structure: - name: Project structure - runs-on: ubuntu-latest - timeout-minutes: 5 # 2021-03-24: Pnpm stuff takes about a minute. - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - run: pnpm install - - run: .github/files/lint-project-structure.sh diff --git a/.github/workflows/phpcompatibility-dev.yml b/.github/workflows/phpcompatibility-dev.yml deleted file mode 100644 index 811b4124a82d..000000000000 --- a/.github/workflows/phpcompatibility-dev.yml +++ /dev/null @@ -1,83 +0,0 @@ -# This Github Action is temporary, to run the development version of PHPCompatibility to test for PHP 8 issues. -# -# Once we're getting that by default (likely due to an upgrade of automattic/jetpack-codesniffer to pull a version of phpcompatibility/phpcompatibility-wp that pulls phpcompatibility/php-compatibility 10.0+), -# this action and .github/files/phpcompatibility-dev-phpcs.xml should be deleted. - -name: PHP Compatibility - -on: pull_request -concurrency: - group: phpcompatibility-dev-${{ github.event_name }}-${{ github.ref }} - cancel-in-progress: true - -env: - COMPOSER_ROOT_VERSION: "dev-trunk" - -jobs: - changed_files: - name: detect changed files - runs-on: ubuntu-latest - timeout-minutes: 1 # 2021-01-18: Successful runs seem to take a few seconds. - outputs: - php: ${{ steps.filter.outputs.php }} - misc: ${{ steps.filter.outputs.misc }} - - steps: - - uses: dorny/paths-filter@v3 - id: filter - with: - filters: | - php: - # If any PHP file changed, they need checking. - - '**.php' - misc: - # If composer or phpcs config changed, there may be a new standard. - - 'composer.json' - - 'composer.lock' - - '.phpcs.config.xml' - - '.phpcs.xml.dist' - - '.phpcsignore' - - '**/.phpcs.dir.xml' - - '**/.phpcsignore' - # If other files used by this workflow changed, run it to test those changes. - - '.github/files/phpcompatibility-dev-phpcs.xml' - - '.github/matchers/phpcs-problem-matcher.json' - - '.github/workflows/phpcompatibility-dev.yml' - - phpcompatibility: - name: dev branch for PHP 8.0 - runs-on: ubuntu-latest - needs: changed_files - if: needs.changed_files.outputs.php == 'true' || needs.changed_files.outputs.misc == 'true' - timeout-minutes: 5 # 2021-01-18: Successful runs seem to take ~1 minute. - - steps: - - uses: actions/checkout@v4 - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - node: false - - - name: Install dependencies - run: composer install - - - name: Upgrade PHPCompatibility - run: | - if [[ -e vendor/phpcompatibility/php-compatibility/PHPCompatibility/Sniffs/ControlStructures/NewNonCapturingCatchSniff.php ]]; then - echo "::error file=.github/workflows/phpcompatibility-dev.yml,line=4,col=1::It looks like PHPCompatibility is already at version 10.0, making this Github Action obsolete. Please remove it." - exit 1 - fi - composer remove --dev --no-update automattic/jetpack-codesniffer - composer require --dev --no-update phpcompatibility/php-compatibility='dev-develop as 9.9999.9999' - composer require --dev --no-update phpcompatibility/phpcompatibility-wp=dev-master - # Update any other packages needing update now too. - composer update - # Even though we uninstalled our codesniffer package, we need the compat rulesets to be found. - vendor/bin/phpcs --config-set installed_paths "$(vendor/bin/phpcs --config-show | sed -n 's/^installed_paths: //p'),../../../projects/packages/codesniffer" - - - name: Run phpcs for PHPCompatibility - run: | - echo "::add-matcher::.github/matchers/phpcs-problem-matcher.json" - vendor/bin/phpcs -p -s --report=emacs --standard=.github/files/phpcompatibility-dev-phpcs.xml - echo "::remove-matcher owner=phpcs" diff --git a/.github/workflows/post-build.yml b/.github/workflows/post-build.yml index c012cf8abb71..1ff2217d133a 100644 --- a/.github/workflows/post-build.yml +++ b/.github/workflows/post-build.yml @@ -234,12 +234,83 @@ jobs: Post-build run skipped because no plugins were built. token: ${{ steps.get_token.outputs.token }} - upgrade_test: - name: Test plugin upgrades + prepare_upgrade_test: + name: Prepare plugin upgrades matrix runs-on: ubuntu-latest needs: [ setup, find_artifact ] if: needs.find_artifact.outputs.any_plugins == 'true' + outputs: + matrix: ${{ steps.matrix.outputs.matrix }} + timeout-minutes: 5 # 2025-03-13: Should be just a few seconds. + + steps: + - uses: actions/checkout@v4 + + - name: Get token + id: get_token + uses: ./.github/actions/gh-app-token + env: + # Work around a weird node 16/openssl 3 issue in the docker env + OPENSSL_CONF: '/dev/null' + with: + app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }} + private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }} + + - name: Notify check in progress + uses: ./.github/actions/check-run + with: + id: ${{ needs.setup.outputs.upgrade_check }} + status: in_progress + title: Test started... + summary: | + ${{ env.SUMMARY }} + + See run [#${{ github.run_id }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details. + token: ${{ steps.get_token.outputs.token }} + + - name: Download build artifact + env: + TOKEN: ${{ github.token }} + ZIPURL: ${{ needs.find_artifact.outputs.zip_url }} + shell: bash + run: | + for (( i=1; i<=2; i++ )); do + [[ $i -gt 1 ]] && sleep 10 + echo "::group::Downloading artifact (attempt $i/2)" + curl -v -L --get \ + --header "Authorization: token $TOKEN" \ + --url "$ZIPURL" \ + --output "artifact.zip" + echo "::endgroup::" + if [[ -e "artifact.zip" ]] && zipinfo artifact.zip &>/dev/null; then + break + fi + done + [[ ! -e "artifact.zip" ]] && { echo "::error::Failed to download artifact."; exit 1; } + unzip artifact.zip + tar --xz -xvvf build.tar.xz build/plugins.tsv + + - name: Prepare matrix + id: matrix + run: | + RET=$( jq -c -s --raw-input 'split( "\n" )[0:-1] | map( split( "\t" ) | { src: .[0], mirror: .[1], slug: .[2] } )' build/plugins.tsv ) + jq '.' <<<"$RET" + echo "matrix=$RET" >> "$GITHUB_OUTPUT" + + upgrade_test: + name: Test upgrades for ${{ matrix.slug }} + runs-on: ubuntu-latest + needs: [ setup, find_artifact, prepare_upgrade_test ] + if: needs.find_artifact.outputs.any_plugins == 'true' timeout-minutes: 15 # 2022-08-26: Successful runs seem to take about 6 minutes, but give some extra time for the downloads. + strategy: + fail-fast: false + matrix: + include: ${{ fromJson( needs.prepare_upgrade_test.outputs.matrix ) }} + env: + PLUGIN_SRC: ${{ matrix.src }} + PLUGIN_MIRROR: ${{ matrix.mirror }} + PLUGIN_SLUG: ${{ matrix.slug }} services: db: image: mariadb:lts @@ -263,6 +334,7 @@ jobs: HOST_PORT: 80 ports: - 80:80 + steps: - uses: actions/checkout@v4 with: @@ -272,28 +344,6 @@ jobs: ref: ${{ github.event.workflow_run.head_commit.id }} path: commit - - name: Get token - id: get_token - uses: ./trunk/.github/actions/gh-app-token - env: - # Work around a weird node 16/openssl 3 issue in the docker env - OPENSSL_CONF: '/dev/null' - with: - app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }} - private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }} - - - name: Notify check in progress - uses: ./trunk/.github/actions/check-run - with: - id: ${{ needs.setup.outputs.upgrade_check }} - status: in_progress - title: Test started... - summary: | - ${{ env.SUMMARY }} - - See run [#${{ github.run_id }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details. - token: ${{ steps.get_token.outputs.token }} - - name: Download build artifact env: TOKEN: ${{ github.token }} @@ -320,25 +370,40 @@ jobs: run: trunk/.github/files/test-plugin-update/setup.sh - name: Prepare plugin zips - id: zips run: trunk/.github/files/test-plugin-update/prepare-zips.sh - name: Test upgrades - id: tests run: trunk/.github/files/test-plugin-update/test.sh + post_upgrade_test: + name: Finalize plugin test + runs-on: ubuntu-latest + needs: [ setup, find_artifact, upgrade_test ] + if: always() && needs.find_artifact.outputs.any_plugins == 'true' + timeout-minutes: 5 # 2025-03-13: Should be just a few seconds. + + steps: + - uses: actions/checkout@v4 + + - name: Get token + id: get_token + uses: ./.github/actions/gh-app-token + env: + # Work around a weird node 16/openssl 3 issue in the docker env + OPENSSL_CONF: '/dev/null' + with: + app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }} + private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }} + - name: Notify final status - if: always() - uses: ./trunk/.github/actions/check-run + uses: ./.github/actions/check-run with: id: ${{ needs.setup.outputs.upgrade_check }} - conclusion: ${{ job.status }} - title: ${{ job.status == 'success' && 'Tests passed' || job.status == 'cancelled' && 'Cancelled' || 'Tests failed' }} + conclusion: ${{ needs.upgrade_test.result }} + title: ${{ needs.upgrade_test.result == 'success' && 'Tests passed' || needs.upgrade_test.result == 'cancelled' && 'Cancelled' || 'Tests failed' }} summary: | ${{ env.SUMMARY }} - ${{ steps.zips.outputs.info }}${{ steps.tests.outputs.info }} - See run [#${{ github.run_id }}](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for details. token: ${{ steps.get_token.outputs.token }} diff --git a/.github/workflows/pr-is-up-to-date.yml b/.github/workflows/pr-is-up-to-date.yml deleted file mode 100644 index b6dcd5342b9a..000000000000 --- a/.github/workflows/pr-is-up-to-date.yml +++ /dev/null @@ -1,87 +0,0 @@ -name: PR is up-to-date -on: - pull_request_target: - branches: [ trunk ] - push: - branches: [ trunk ] - tags: - - pr-update-to - - pr-update-to-projects/** - -jobs: - check: - name: Check - runs-on: ubuntu-latest - timeout-minutes: 5 # 2021-03-23: The run on push to the tag might take a minute or two. - steps: - - # We basically have two workflows in one here, one for pushes to trunk and one for PRs and pushes to tags. - # The reason we don't separate them into two is because GitHub's UI would then always be showing a skipped job - # in the PR check list, which is kind of annoying. - - # First, the "PR or tag" job. - - - name: Checkout trunk for tag push or PR - uses: actions/checkout@v4 - if: github.event_name != 'push' || github.ref != 'refs/heads/trunk' - with: - ref: trunk - token: ${{ secrets.API_TOKEN_GITHUB }} - - # On a PR, we need to fetch (but not check out) the actual PR too. - - name: Deepen to merge base - if: github.event_name != 'push' - uses: ./.github/actions/deepen-to-merge-base - with: - checkout: false - - - name: Determine tags for PR or tag and paths for tag push - id: determine - if: github.event_name != 'push' || github.ref != 'refs/heads/trunk' - env: - REF: ${{ github.event.pull_request.head.sha }} - run: | - TAGS=() - TAG= - PATHS= - if [[ "$GITHUB_EVENT_NAME" == "push" ]]; then - TAG="${GITHUB_REF#refs/tags/}" - if [[ "$TAG" == pr-update-to-* ]]; then - PATHS="${TAG#pr-update-to-}" - fi - else - TMP="$(git -c core.quotepath=off diff --name-only "origin/trunk...${REF}" projects/*/*/ | sed -nE 's!^(projects/[^/]+/[^/]+)/.*!pr-update-to-\1!p' | sort -u)" - mapfile -t TAGS <<<"$TMP" - TAGS+=( pr-update-to ) - fi - echo "pr-tags=${TAGS[*]}" >> "$GITHUB_OUTPUT" - echo "push-tag=$TAG" >> "$GITHUB_OUTPUT" - echo "push-paths=$PATHS" >> "$GITHUB_OUTPUT" - - - name: Check PR or tag push - if: github.event_name != 'push' || github.ref != 'refs/heads/trunk' - uses: ./projects/github-actions/pr-is-up-to-date - with: - tags: ${{ steps.determine.outputs.pr-tags }} - tag: ${{ steps.determine.outputs.push-tag }} - paths: ${{ steps.determine.outputs.push-paths }} - token: ${{ secrets.API_TOKEN_GITHUB }} - status: PR is up to date - - # Second, the "push to trunk" job. - - - name: Checkout push to trunk - uses: actions/checkout@v4 - if: github.event_name == 'push' && github.ref == 'refs/heads/trunk' - with: - # The "Check whether the tag needs updating for trunk commit" needs the previous commit for diffing. - fetch-depth: 2 - token: ${{ secrets.API_TOKEN_GITHUB }} - - - name: Wait for prior instances of the workflow to finish - if: github.event_name == 'push' && github.ref == 'refs/heads/trunk' - uses: ./.github/actions/turnstile - - - name: Check whether the tag needs updating for trunk commit - if: github.event_name == 'push' && github.ref == 'refs/heads/trunk' - run: .github/files/pr-update-to.sh diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 8bd4b7ce9600..3fb5e9cf38b0 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -18,8 +18,6 @@ on: - full - lookup - extract - schedule: - - cron: '0 0/2 * * *' concurrency: group: renovate-${{ github.ref }} diff --git a/.github/workflows/slack-branch-existence-notification.yml b/.github/workflows/slack-branch-existence-notification.yml deleted file mode 100644 index da4cba5f44dc..000000000000 --- a/.github/workflows/slack-branch-existence-notification.yml +++ /dev/null @@ -1,65 +0,0 @@ -name: Slack branch existence notification -on: - create: - delete: - -jobs: - notify: - name: Notify - runs-on: ubuntu-latest - timeout-minutes: 5 # 2022-11-22: Shouldn't take long. - if: github.event.ref == 'prerelease' - - steps: - - uses: actions/checkout@v4 - with: - ref: trunk - - name: Generate message - id: message - run: | - source .github/files/gh-funcs.sh - - if [[ "$GITHUB_EVENT_NAME" == 'create' ]]; then - gh_set_output message "$( - jq -nc --slurpfile event "$GITHUB_EVENT_PATH" '$event[0] as $e | { - icon_emoji: ":lock:", - text: "Incoming release! Prerelease branch was created by \( $e.sender.login ).", - blocks: [ - { - type: "section", - text: { - type: "mrkdwn", - text: ":holdontoyourbutts: Incoming release! Prerelease branch was created by \( $e.sender.login ).", - }, - } - ], - }' - )" - elif [[ "$GITHUB_EVENT_NAME" == 'delete' ]]; then - gh_set_output message "$( - jq -nc --slurpfile event "$GITHUB_EVENT_PATH" '$event[0] as $e | { - icon_emoji: ":unlock:", - text: "Prerelease branch was deleted by \( $e.sender.login ).", - blocks: [ - { - type: "section", - text: { - type: "mrkdwn", - text: "Prerelease branch was deleted by \( $e.sender.login ).", - }, - } - ], - }' - )" - else - echo "::error::Unknown event \"$GITHUB_EVENT_NAME\"" - exit 1 - fi - - - name: Send message to releases channel - uses: slackapi/slack-github-action@v1.25.0 - with: - channel-id: ${{ secrets.SLACK_RELEASES_CHANNEL }} - payload: ${{ steps.message.outputs.message }} - env: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_TOKEN }} diff --git a/.github/workflows/slack-workflow-failed.yml b/.github/workflows/slack-workflow-failed.yml deleted file mode 100644 index 4d88b01e6981..000000000000 --- a/.github/workflows/slack-workflow-failed.yml +++ /dev/null @@ -1,163 +0,0 @@ -name: CI Results -run-name: ${{ github.event.workflow.name }} on ${{ github.event.workflow_run.head_branch }} -on: - workflow_run: - types: [ 'completed' ] - workflows: - - Build - - Build Docker - - Tests - - Gardening - - Monorepo Auto-tagger - - Post-Build - - PR is up-to-date - - Update Jetpack Staging Test Sites - - Update Phan stubs - - k6 Tests for Jetpack Staging Test Sites - branches: [ 'trunk', 'prerelease', '*/branch-*' ] - -jobs: - notify: - name: Notify failure - runs-on: ubuntu-latest - if: ${{ github.repository == 'Automattic/jetpack' && github.event.workflow_run.conclusion == 'failure' && github.event.workflow_run.event != 'issues' && github.event.workflow_run.event != 'issue_comment' }} - - steps: - - uses: actions/checkout@v4 - - name: Generate message - id: message - run: | - source .github/files/gh-funcs.sh - - # If this is triggered off of another "workflow_run" workflow, it'll always see the head_branch as "trunk". - # In that case, we assume it's setting display_title to be like "NAME on BRANCH" and extract the branch from there. - if jq -e '.workflow_run.event == "workflow_run"' "$GITHUB_EVENT_PATH" &>/dev/null; then - TITLE=$(jq -r '.workflow_run.display_title' "$GITHUB_EVENT_PATH") - BRANCH=${TITLE##* on } - echo "branch=$BRANCH" >> "$GITHUB_OUTPUT" - DATA=$( jq -nc --slurpfile event "$GITHUB_EVENT_PATH" --arg branch "$BRANCH" '$event[0] as $e | $e.workflow_run as $run | - { - workflow_name: $e.workflow.name, - branch: $branch, - run_id: $run.id, - run_url: $run.html_url, - duration: ( ( $run.updated_at | fromdateiso8601 ) - ( $run.run_started_at | fromdateiso8601 ) | strftime( "%H:%M:%S" ) ), - } - ' ) - else - BRANCH=$(jq -r '.workflow_run.head_branch' "$GITHUB_EVENT_PATH") - echo "branch=$BRANCH" >> "$GITHUB_OUTPUT" - DATA=$( jq -nc --slurpfile event "$GITHUB_EVENT_PATH" '$event[0] as $e | $e.workflow_run as $run | - ( $run.head_commit.message | sub( "\n.*"; ""; "m" ) | match( " \\(#([0-9]+)\\)$" ).captures[0].string // null ) as $pr | - { - workflow_name: $e.workflow.name, - branch: $run.head_branch, - run_id: $run.id, - run_url: $run.html_url, - duration: ( ( $run.updated_at | fromdateiso8601 ) - ( $run.run_started_at | fromdateiso8601 ) | strftime( "%H:%M:%S" ) ), - commit: "\( $run.head_commit.id[0:8] ) \( $run.head_commit.message | sub( "\n.*"; ""; "m" ) )", - author: ( $run.head_commit.author.name ), - commit_url: "\( $run.head_repository.html_url )/commit/\( $run.head_commit.id )", - pr: $pr, - pr_url: ( if $pr then "\( $run.head_repository.html_url )/pull/\( $pr )" else null end ) - } - ' ) - fi - - jq -r '[ - "### \( .workflow_name ) failed on \( .branch )", - "", - if .commit then "Commit: \( .commit )" else empty end, - if .author then "Author: \( .author )" else empty end, - "Duration: \( .duration )", - "", - ( - [ - "[Run #\( .run_id )](\( .run_url ))", - if .commit_url then "[Commit](\( .commit_url ))" else empty end, - if .pr then "[PR #\( .pr )](\( .pr_url ))" else empty end - ] | join( " | " ) - ) - ] | join( "\n" )' <<<"$DATA" >> $GITHUB_STEP_SUMMARY - - gh_set_output message "$( jq -c ' - { - icon_emoji: ":github-rejected:", - text: "*\( .workflow_name ) failed on \( .branch )*\n<\( .run_url )|Run #\( .run_id )>", - blocks: [ - { - type: "section", - text: { - type: "mrkdwn", - text: "*\( .workflow_name ) failed on \( .branch )*" - } - }, - { - type: "context", - elements: [ - if .commit then { - type: "plain_text", - text: "Commit: \( .commit )", - emoji: false - } else empty end, - if .author then { - type: "plain_text", - text: "Author: \( .author )", - emoji: false - } else empty end, - { - type: "plain_text", - text: "Duration: \( .duration )" - } - ] - }, - { - type: "actions", - elements: [ - { - type: "button", - text: { - type: "plain_text", - text: "Run #\( .run_id )" - }, - url: .run_url - }, - if .commit_url then { - type: "button", - text: { - type: "plain_text", - text: "Commit" - }, - url: .commit_url - } else empty end, - if .pr then { - type: "button", - text: { - type: "plain_text", - text: "PR #\( .pr )" - }, - url: .pr_url, - } else empty end - ] - } - ] - } - ' <<<"$DATA" )" - - - name: Send message to alerts channel - uses: slackapi/slack-github-action@v1.25.0 - if: steps.message.outputs.branch == 'trunk' - with: - channel-id: ${{ secrets.SLACK_JP_ALERTS_CHANNEL }} - payload: ${{ steps.message.outputs.message }} - env: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_TOKEN }} - - - name: Send message to releases channel - uses: slackapi/slack-github-action@v1.25.0 - if: contains( steps.message.outputs.branch, '/branch-' ) || steps.message.outputs.branch == 'prerelease' - with: - channel-id: ${{ secrets.SLACK_RELEASES_CHANNEL }} - payload: ${{ steps.message.outputs.message }} - env: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_TOKEN }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml deleted file mode 100644 index 6d518cb24fb7..000000000000 --- a/.github/workflows/stale.yml +++ /dev/null @@ -1,65 +0,0 @@ - -name: 'Mark stale issues' -on: - schedule: - - cron: '30 0 * * *' - workflow_dispatch: - -jobs: - stale: - runs-on: ubuntu-latest - timeout-minutes: 10 # 2024-01-30: v9 takes longer, and it's not like it matters a whole lot since this only runs once per day anyway. - steps: - - uses: actions/stale@v9 - with: - # Get issues in descending (newest first) order. - ascending: false - # Operations (roughly API calls) per run. Adjust to avoid using up the rate limit (1000/hr shared across all jobs in the repo for the token used here). - operations-per-run: 50 - # After 6 months, mark issue as stale. - days-before-issue-stale: 180 - # Do not auto-close issues marked as stale. - days-before-issue-close: -1 - # After 3 months, mark PR as stale. - days-before-pr-stale: 90 - # Auto-close PRs marked as stale a month later. - days-before-pr-close: 31 - # Delete the branch when closing PRs. GitHub's "restore branch" function works indefinitely, so no reason not to. - delete-branch: true - # Issues and PRs with these labels will never be considered stale. - exempt-issue-labels: '[Pri] High,[Pri] BLOCKER,[Type] Feature Request,[Type] Enhancement,[Type] Janitorial,Good For Community,[Type] Good First Bug,FixTheFlows' - exempt-pr-labels: '[Pri] High,[Pri] BLOCKER,FixTheFlows' - # Label to use when marking an issue / PR as stale - stale-pr-label: '[Status] Stale' - stale-issue-label: '[Status] Stale' - # Messages to display. - stale-issue-message: | -

This issue has been marked as stale. This happened because:

- -
    -
  • It has been inactive for the past 6 months.
    • -
  • It hasn’t been labeled `[Pri] BLOCKER`, `[Pri] High`, `[Type] Feature Request`, `[Type] Enhancement`, `[Type] Janitorial`, `Good For Community`, `[Type] Good First Bug`, etc.
    • -
- -

No further action is needed. But it's worth checking if this ticket has clear - reproduction steps and it is still reproducible. Feel free to close this issue - if you think it's not valid anymore — if you do, please add a brief - explanation.

- stale-pr-message: | -

This PR has been marked as stale. This happened because:

- -
    -
  • It has been inactive for the past 3 months.
    • -
  • It hasn’t been labeled `[Pri] BLOCKER`, `[Pri] High`, etc.
    • -
- -

If this PR is still useful, please do a [trunk merge or rebase](https://github.com/Automattic/jetpack/blob/trunk/docs/git-workflow.md#keeping-your-branch-up-to-date) - and otherwise make sure it's up to date and has clear testing instructions. - You may also want to ping possible reviewers in case they've forgotten about it. - Please close this PR if you think it's not valid anymore — if you - do, please add a brief explanation.

- -

If the PR is not updated (or at least commented on) in another month, it will be automatically closed.

- close-pr-message: | -

This PR has been automatically closed as it has not been updated in some time. - If you want to resume work on the PR, feel free to restore the branch and reopen the PR.

diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml deleted file mode 100644 index 1c711de04c60..000000000000 --- a/.github/workflows/tests.yml +++ /dev/null @@ -1,479 +0,0 @@ -name: Tests - -on: - pull_request: - push: - branches: [ 'trunk', '*/branch-*' ] - -concurrency: - # Trunk runs need to not be cancelled for concurrency, mainly for code coverage. Everything else can be. - group: tests-${{ github.event_name }}-${{ github.ref }}-${{ github.event_name == 'push' && github.ref == 'refs/heads/trunk' && github.run_id || '' }} - cancel-in-progress: true - -env: - COMPOSER_ROOT_VERSION: "dev-trunk" - -jobs: - create-matrix: - name: "Determine tests matrix" - runs-on: ubuntu-latest - timeout-minutes: 1 # 2021-02-03: Should only take a second. - outputs: - matrix: ${{ steps.create-matrix.outputs.matrix }} - steps: - - uses: actions/checkout@v4 - - id: create-matrix - run: | - MATRIX="$(.github/files/generate-ci-matrix.php)" - echo "matrix=$MATRIX" >> "$GITHUB_OUTPUT" - - run-tests: - name: ${{ matrix.name }} - runs-on: ${{ matrix.runner }} - needs: create-matrix - services: - database: - image: mariadb:10.4 - env: - MARIADB_ROOT_PASSWORD: root - ports: - - 3306:3306 - options: --health-cmd="healthcheck.sh --su-mysql --connect --innodb_initialized" --health-interval=10s --health-timeout=5s --health-retries=5 - continue-on-error: ${{ matrix.experimental }} - timeout-minutes: ${{ matrix.timeout }} - env: - TEST_SCRIPT: ${{ matrix.script }} - WP_BRANCH: ${{ matrix.wp }} - PHP_VERSION: ${{ matrix.php }} - NODE_VERSION: ${{ matrix.node }} - MONOREPO_BASE: ${{ github.workspace }} - WITH_WOOCOMMERCE: ${{ matrix.with-woocommerce }} - WITH_WPCOMSH: ${{ matrix.with-wpcomsh }} - strategy: - fail-fast: false - matrix: - include: ${{ fromJson( needs.create-matrix.outputs.matrix ) }} - - # Note matrix-job outputs are kind of weird. Last-to-run job that sets a non-empty value wins. - outputs: - did-coverage: ${{ ( steps.run-tests.conclusion != 'cancelled' && steps.process-coverage.conclusion == 'success' && steps.upload-artifacts.conclusion == 'success' ) && 'true' || '' }} - coverage-status: ${{ matrix.script == 'test-coverage' && steps.run-tests.conclusion || '' }} - - steps: - - uses: actions/checkout@v4 - with: - # Test coverage checks require a fetch depth > 1. - fetch-depth: 2 - - # For pull requests, list-changed-projects.sh needs the merge base. - # But it doesn't have to be checked out. - - name: Deepen to merge base - if: github.event_name == 'pull_request' - uses: ./.github/actions/deepen-to-merge-base - with: - checkout: false - - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - php: ${{ matrix.php }} - coverage: ${{ matrix.script == 'test-coverage' && 'pcov' || 'none' }} - node: ${{ matrix.node }} - - - name: Monorepo install - run: | - echo "::group::Pnpm" - pnpm install - echo "::endgroup::" - - - name: Detect changed projects - id: changed - run: | - CHANGED="$(EXTRA=test .github/files/list-changed-projects.sh)" - - # Only test certain plugins in combination with WC - if [[ "$WITH_WOOCOMMERCE" == true ]]; then - echo "Testing with WooCommerce, filtering for projects that have WooCommerce-specific tests." - CHANGED=$( jq -c 'with_entries( select( .key == "plugins/jetpack" ) )' <<<"$CHANGED" ) - fi - - ANY_PLUGINS="$(jq --argjson changed "$CHANGED" -n '$changed | with_entries( select( .key | startswith( "plugins/" ) ) ) | any')" - echo "projects=${CHANGED}" >> "$GITHUB_OUTPUT" - echo "any-plugins=${ANY_PLUGINS}" >> "$GITHUB_OUTPUT" - - - name: Select WordPress version - if: matrix.wp != 'none' - run: .github/files/select-wordpress-tag.sh - - - name: Composer Install - run: | - # If we're going to be making WorDBless use WP "nightlies", remove the relevant package from Composer's cache to get the latest version. - if [[ "$WP_BRANCH" == 'trunk' && ( "$TEST_SCRIPT" == "test-php" || "$TEST_SCRIPT" == "test-coverage" ) ]]; then - echo "::group::Clear composer cache for roots/wordpress" - DIR=$(composer config cache-files-dir) - rm -rf "$DIR/roots/wordpress" "$DIR/roots/wordpress-no-content" - echo "::endgroup::" - fi - - echo "::group::Composer" - composer install --working-dir=tools/php-test-env - - if [[ ( "$TEST_SCRIPT" == "test-php" || "$TEST_SCRIPT" == "test-coverage" ) && ( "$WP_BRANCH" == 'trunk' || "$WP_BRANCH" == 'previous' ) ]]; then - VER=$(composer --format=json --working-dir="tools/php-test-env" show | jq -r '.installed[] | select( .name == "roots/wordpress" ) | .version') - if [[ -n "$VER" ]]; then - INSVER=$WORDPRESS_TAG - [[ "$WORDPRESS_TAG" == 'trunk' ]] && INSVER="dev-main as $VER" - echo "Supposed to run tests against WordPress $WORDPRESS_TAG, so setting roots/wordpress and roots/wordpress-no-content to \"$INSVER\"" - # Composer seems to sometimes have issues with deleting the wordpress dir on its own, so do it manually first. - rm -rf "tools/php-test-env/wordpress" - composer --working-dir="tools/php-test-env" require --dev "roots/wordpress:$INSVER" "roots/wordpress-no-content:$INSVER" - fi - fi - echo "::endgroup::" - - - name: Setup WordPress environment for plugin tests - env: - API_TOKEN_GITHUB: ${{ secrets.GITHUB_TOKEN }} - CHANGED: ${{ steps.changed.outputs.projects }} - if: steps.changed.outputs.any-plugins == 'true' && matrix.wp != 'none' - run: .github/files/setup-wordpress-env.sh - - - name: Run project tests - id: run-tests - env: - FORCE_PACKAGE_TESTS: ${{ matrix.force-package-tests && 'true' || 'false' }} - CHANGED: ${{ steps.changed.outputs.projects }} - run: | - EXIT=0 - declare -A PIDS - PIDS=() - MAXPIDS=$( nproc ) - FAILED=() - mkdir artifacts - [[ "$TEST_SCRIPT" == "test-coverage" ]] && mkdir coverage - for P in composer.json projects/*/*/composer.json; do - if [[ ${#PIDS[@]} -ge $MAXPIDS ]]; then - if ! wait -fn -p PID "${!PIDS[@]}"; then - echo "::error::Tests for ${PIDS[$PID]} failed!" - FAILED+=( "${PIDS[$PID]}" ) - EXIT=1 - fi - echo "Finished ${PIDS[$PID]}" - unset PIDS[$PID] - fi - - if [[ "$P" == "composer.json" ]]; then - DIR="." - SLUG="monorepo" - else - DIR="${P%/composer.json}" - SLUG="${DIR#projects/}" - fi - - if [[ "${SLUG%%/*}" != "plugins" && "$WP_BRANCH" != 'latest' && "$WP_BRANCH" != 'none' && "$FORCE_PACKAGE_TESTS" != "true" ]]; then - echo "Skipping $SLUG, only plugins run for WP_BRANCH = $WP_BRANCH" - continue - fi - - if ! jq --argjson changed "$CHANGED" --arg p "$SLUG" -ne '$changed[$p] // false' > /dev/null; then - echo "Skipping $SLUG, no changes in it or its dependencies" - elif ! jq --arg script "$TEST_SCRIPT" -e '.scripts[$script] // false' "$P" > /dev/null; then - echo "Skipping $SLUG, no test script is defined in composer.json" - elif php -r 'exit( preg_match( "/^>=\\s*(\\d+\\.\\d+)$/", $argv[1], $m ) && version_compare( PHP_VERSION, $m[1], "<" ) ? 0 : 1 );' "$( jq -r '.require.php // ""' "$P" )"; then - echo "Skipping $SLUG, requires PHP $( jq -r '.require.php // ""' "$P" ) but PHP version is $( php -r 'echo PHP_VERSION;' )" - else - if jq --arg script "skip-$TEST_SCRIPT" -e '.scripts[$script] // false' "$P" > /dev/null; then - { composer --working-dir="$DIR" run "skip-$TEST_SCRIPT"; CODE=$?; } || true - if [[ $CODE -eq 3 ]]; then - echo "Skipping tests for $SLUG due to skip-$TEST_SCRIPT script" - continue - elif [[ $CODE -ne 0 ]]; then - echo "::error::Script skip-$TEST_SCRIPT failed to run $CODE!" - FAILED+=( "$SLUG" ) - EXIT=1 - continue - fi - fi - - echo "Running tests for $SLUG" - { - # Composer install, if appropriate. Note setup-wordpress-env.sh did it already for plugins. - if [[ "${SLUG%%/*}" != "plugins" && ( "$TEST_SCRIPT" == "test-php" || "$TEST_SCRIPT" == "test-coverage" ) ]]; then - if [[ "$TEST_SCRIPT" == "test-coverage" ]] && - ! jq -e '.scripts["test-php"]' "$DIR/composer.json" &>/dev/null - then - echo "Skipping composer install, assuming test-coverage is only JS because the project has no test-php." - else - if [[ ! -f "$DIR/composer.lock" ]]; then - echo 'No composer.lock, running `composer update`' - composer --working-dir="$DIR" update - elif composer --working-dir="$DIR" check-platform-reqs --lock; then - echo 'Platform reqs pass, running `composer install`' - composer --working-dir="$DIR" install - else - echo 'Platform reqs failed, running `composer update`' - composer --working-dir="$DIR" update - fi - fi - fi - - if [[ "${SLUG%%/*}" == "plugins" ]]; then - export WP_TESTS_CONFIG_FILE_PATH="$WORDPRESS_DEVELOP_DIR/wp-tests-config.${SLUG##*/}.php" - fi - - mkdir -p "artifacts/$SLUG" - export ARTIFACTS_DIR="$GITHUB_WORKSPACE/artifacts/$SLUG" - if [[ "$TEST_SCRIPT" == "test-coverage" ]]; then - mkdir -p "coverage/$SLUG" - export COVERAGE_DIR="$GITHUB_WORKSPACE/coverage/$SLUG" - fi - FAIL=false - if ! composer run --timeout=0 --working-dir="$DIR" "$TEST_SCRIPT"; then - FAIL=true - fi - - # Actions seems to slow down if there are a lot of files, so clean up Composer stuff after each test. - # We don't do it for JS stuff, as that might break things with how JS does package deps. - rm -rf "$DIR/vendor" "$DIR/jetpack_vendor" "$DIR/wordpress" - - if $FAIL; then - echo "Tests for $SLUG failed!" - exit 1 - fi - } 2> >( sed -u 's!^!['"$SLUG"'] !' >&2 ) > >( sed -u 's!^!['"$SLUG"'] !' ) & - PIDS[$!]=$SLUG - fi - done - while [[ ${#PIDS[@]} -gt 0 ]]; do - if ! wait -fn -p PID "${!PIDS[@]}"; then - echo "::error::Tests for ${PIDS[$PID]} failed!" - FAILED+=( "${PIDS[$PID]}" ) - EXIT=1 - fi - echo "Finished ${PIDS[$PID]}" - unset PIDS[$PID] - done - - if [[ ${#FAILED[@]} -gt 0 ]]; then - echo '' - echo 'The following tests failed:' - printf " - %s\n" "${FAILED[@]}" - fi - - exit $EXIT - - - name: Process coverage results - id: process-coverage - env: - CHANGED: ${{ steps.changed.outputs.projects }} - if: matrix.script == 'test-coverage' && always() - run: .github/files/coverage-munger/process-coverage.sh - - - name: Check for artifacts - id: check-artifacts - # Default for `if` is `success()`, we want this to run always. - if: always() - run: | - [[ -d artifacts ]] && find artifacts -type d -empty -delete - if [[ -d artifacts ]]; then - echo "any=true" >> "$GITHUB_OUTPUT" - else - echo "any=false" >> "$GITHUB_OUTPUT" - fi - - name: Upload artifacts - id: upload-artifacts - if: always() && steps.check-artifacts.outputs.any == 'true' - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.artifact }} - path: artifacts - include-hidden-files: true - retention-days: 7 - - publish-coverage-data: - name: Publish coverage data - runs-on: ubuntu-latest - timeout-minutes: 10 # 2025-01-10 Wild guess - needs: run-tests - if: always() && needs.run-tests.outputs.did-coverage == 'true' && github.repository == 'Automattic/jetpack' && ( github.event_name == 'pull_request' || github.ref == 'refs/heads/trunk' ) - steps: - - uses: actions/checkout@v4 - - - name: Get token - id: get_token - if: github.event_name == 'pull_request' - uses: ./.github/actions/gh-app-token - with: - app_id: ${{ secrets.JP_LAUNCH_CONTROL_ID }} - private_key: ${{ secrets.JP_LAUNCH_CONTROL_KEY }} - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - name: Download coverage artifact - uses: actions/download-artifact@v4 - with: - name: 'Code coverage' - path: coverage - - - name: Upload coverage results - env: - PR_ID: ${{ github.event_name != 'pull_request' && 'trunk' || github.event.pull_request.number }} - SECRET: ${{ secrets.CODECOV_SECRET }} - STATUS: ${{ needs.run-tests.outputs.coverage-status }} - PR_HEAD: ${{ github.event.pull_request.head.sha }} - POST_MESSAGE_TOKEN: ${{ steps.get_token.outputs.token }} - run: .github/files/coverage-munger/upload-coverage.sh - - storybook-test: - name: Storybook tests - runs-on: ubuntu-latest - timeout-minutes: 20 # 2024-02-23 Wild guess - steps: - - uses: actions/checkout@v4 - - # For pull requests, list-changed-projects.sh needs the merge base. - # But it doesn't have to be checked out. - - name: Deepen to merge base - if: github.event_name == 'pull_request' - uses: ./.github/actions/deepen-to-merge-base - with: - checkout: false - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - name: Monorepo install - run: | - echo "::group::Pnpm" - pnpm install - echo "::endgroup::" - - - name: Detect changed projects - id: changed - run: | - CHANGED=$( .github/files/list-changed-projects.sh ) - PROJECTS=$( node -e 'const r = { "js-packages/storybook": true }; for ( const p of require( "./projects/js-packages/storybook/storybook/projects.js" ) ) { const m = p.match( /\/projects\/([^/]+\/[^/]+)(?:$|\/)/ ); m && ( r[ m[1] ] = true ); } console.log( JSON.stringify( r ) );' ) - - ANY=$( jq --argjson changed "$CHANGED" --argjson projects "$PROJECTS" -n '$changed | with_entries( select( $projects[ .key ] ) ) | any' ) - echo "any=${ANY}" >> "$GITHUB_OUTPUT" - - - name: Build storybook - if: steps.changed.outputs.any == 'true' - run: | - pnpm jetpack build -v js-packages/storybook - - - name: Install playwright - if: steps.changed.outputs.any == 'true' - run: | - cd projects/js-packages/storybook - pnpm exec playwright install --with-deps chromium - - - name: Test storybook - if: steps.changed.outputs.any == 'true' - run: | - cd projects/js-packages/storybook - node bin/webserver.mjs - REFERENCE_URL=https://automattic.github.io/jetpack-storybook/ pnpm exec test-storybook -c storybook --url 'http://127.0.0.1:6006/index.html' - - # Probably this should be a linting test, but we don't run linting on trunk or release branches. - plugin-deps: - name: Check plugin monorepo dep versions - runs-on: ubuntu-latest - timeout-minutes: 2 # 2022-09-08: Should only take a few seconds. - steps: - - uses: actions/checkout@v4 - - name: Setup tools - uses: ./.github/actions/tool-setup - with: - node: false - - name: Run check - run: | - if [[ "$GITHUB_EVENT_NAME" == 'push' ]]; then - REF="${GITHUB_REF#refs/heads/}" - elif [[ "$GITHUB_EVENT_NAME" == 'pull_request' || "$GITHUB_EVENT_NAME" == 'pull_request_target' ]]; then - REF="$GITHUB_BASE_REF" - else - echo "::error::Unsupported github event \"$GITHUB_EVENT_NAME\"" - exit 1 - fi - echo "Detected target ref \"$REF\"" - - if [[ "$REF" == trunk ]]; then - ARGS=( --dev ) - elif [[ "$REF" == */branch-* ]]; then - ARGS=( --release ) - TMP="$(jq -r --arg P "${REF%%/branch-*}" '.extra["release-branch-prefix"] | if type == "array" then . else [ . ] end | if index( $P ) then input_filename | match( "^projects/plugins/([^/]+)/composer.json$" ).captures[0].string else empty end' projects/plugins/*/composer.json)" - while IFS= read -r LINE; do - ARGS+=( "$LINE" ) - done <<<"$TMP" - else - echo "Unsupported ref \"$REF\", ignoring" - exit 0 - fi - - echo "Running tools/check-plugin-monorepo-deps.sh ${ARGS[@]}" - tools/check-plugin-monorepo-deps.sh "${ARGS[@]}" - - # Probably this should be a linting test too, but we don't run linting on trunk or release branches. - phan: - name: Static analysis - runs-on: ubuntu-latest - timeout-minutes: 20 # 2024-05-02: Up to about 8 minutes now that we're running against the old WP stubs too. - steps: - - uses: actions/checkout@v4 - - name: Setup tools - uses: ./.github/actions/tool-setup - - name: Pnpm install - run: pnpm install - - name: Run phan - run: pnpm jetpack phan --all -v --update-baseline --format github - - name: Run phan for previous WP version too - env: - # Don't bother complaining about unused suppressions that may be used with the newer stubs. See .phan/config.base.php for how this gets applied. - NO_PHAN_UNUSED_SUPPRESSION: 1 - run: | - composer update --prefer-lowest php-stubs/wordpress-stubs php-stubs/wordpress-tests-stubs - # Don't re-update baselines here, only check. - pnpm jetpack phan --all -v --format github - - name: Check baselines - run: | - # Anything changed? (with a side of printing the diff) - if git diff --exit-code --ignore-matching-lines='^ // ' -- .phan/baseline.php '*/.phan/baseline.php'; then - exit 0 - fi - - # Collect which projects changed to suggest the right command. - PROJECTS=() - for f in $( git -c core.quotepath=off diff --name-only -- .phan/baseline.php '*/.phan/baseline.php' ); do - # --name-only and --ignore-matching-lines don't combine, so we have to do the check separately. - if git diff --quiet --exit-code --ignore-matching-lines='^ // ' -- "$f"; then - continue - fi - - if [[ "$f" == ".phan/baseline.php" ]]; then - SLUG=monorepo - elif [[ "$f" == projects/*/*/.phan/baseline.php ]]; then - SLUG=${f%/.phan/baseline.php} - SLUG=${SLUG#projects/} - elif SLUG=$( grep -v '^[ \t]*\/\/' .phan/monorepo-pseudo-projects.jsonc | jq -re --arg f "${f%.phan/baseline.php}" 'to_entries[] | select( .value == $f ) | .key' ); then - : # Ok - else - SLUG= - fi - if grep -q 'This baseline has no suppressions' "$f"; then - if [[ -n "$SLUG" ]]; then - echo "::error file=$f::This Phan baseline is now empty (good job!). You may remove it, or if you want to keep it (e.g. if you expect new unfixed issues to be added in the future) you can run \`jetpack phan --update-baseline $SLUG\` to update it." - else - echo "::error file=$f::This Phan baseline is now empty (good job!). You may remove it." - fi - elif [[ -n "$SLUG" ]]; then - PROJECTS+=( "$SLUG" ) - else - echo "::error file=$f::This Phan baseline has changed and should be updated. This Action was unable to determine the command needed to update it; please report this to the Garage team." - fi - done - if [[ ${#PROJECTS[@]} -gt 0 ]]; then - echo "::error::Phan baselines have changed (good job!). Run \`jetpack phan --update-baseline ${PROJECTS[*]}\` to update them." - fi - exit 1 diff --git a/.github/workflows/update-jetpack-staging-sites.yml b/.github/workflows/update-jetpack-staging-sites.yml deleted file mode 100644 index 1c4193d4185d..000000000000 --- a/.github/workflows/update-jetpack-staging-sites.yml +++ /dev/null @@ -1,64 +0,0 @@ -name: Update Jetpack Staging Test Sites -# Ran as part of the `UpdateJetpackStaging` TeamCity build. -# After updating the sites, runs k6 tests against the same sites. - -on: - workflow_dispatch: - -jobs: - run_shell_script: - runs-on: ubuntu-latest - steps: - - name: Checkout repo - uses: actions/checkout@v4 - - - name: Env config - env: - SSH_KEY: ${{ secrets.UPDATEJETPACKSTAGING_SSH_KEY }} - SSH_KNOWN_HOSTS: ${{ secrets.UPDATEJETPACKSTAGING_SSH_KNOWN_HOSTS }} - run: | - mkdir -p ~/.ssh/ - echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts - echo "$SSH_KEY" > ~/.ssh/id_rsa - chmod 0600 ~/.ssh/id_rsa - - - name: Execute shell script - shell: bash - run: .github/files/jetpack-staging-sites/update-jetpack-staging-sites.sh - - run_k6_tests: - needs: run_shell_script - runs-on: ubuntu-latest - steps: - - name: Checkout repo - uses: actions/checkout@v4 - - - name: Run k6 frontend tests - uses: grafana/k6-action@v0.3.0 - with: - filename: .github/files/jetpack-staging-sites/k6-frontend.js - env: - JETPACKSTAGING_K6_USERNAME: ${{ secrets.JETPACKSTAGING_K6_USERNAME }} - JETPACKSTAGING_K6_PASSWORD: ${{ secrets.JETPACKSTAGING_K6_PASSWORD }} - - - name: Run k6 backend tests - uses: grafana/k6-action@v0.3.0 - with: - filename: .github/files/jetpack-staging-sites/k6-backend.js - env: - JETPACKSTAGING_K6_USERNAME: ${{ secrets.JETPACKSTAGING_K6_USERNAME }} - JETPACKSTAGING_K6_PASSWORD: ${{ secrets.JETPACKSTAGING_K6_PASSWORD }} - - trigger_e2e_tests: - needs: run_shell_script - runs-on: ubuntu-latest - steps: - - name: Checkout repo - uses: actions/checkout@v4 - - - name: Execute shell script - shell: bash - run: .github/files/jetpack-staging-sites/run-atomic-deploy-e2e-tests.sh - env: - SIGNATURE_KEY: ${{ secrets.ATOMIC_DEPLOY_E2E_TESTS_KEY }} - TRIGGER_URL: ${{ secrets.ATOMIC_DEPLOY_E2E_TESTS_URL }} diff --git a/.github/workflows/update-phan-stubs.yml b/.github/workflows/update-phan-stubs.yml deleted file mode 100644 index 783eeedb7288..000000000000 --- a/.github/workflows/update-phan-stubs.yml +++ /dev/null @@ -1,78 +0,0 @@ -name: Update Phan stubs -on: - workflow_dispatch: - schedule: - - cron: '22 0 * * 1,2,3,4,5' -concurrency: - group: update-phan-stubs-${{ github.ref }} - -permissions: - contents: write - pull-requests: write - -env: - GIT_AUTHOR_NAME: matticbot - GIT_AUTHOR_EMAIL: matticbot@users.noreply.github.com - GIT_COMMITTER_NAME: matticbot - GIT_COMMITTER_EMAIL: matticbot@users.noreply.github.com - -jobs: - update-stubs: - name: Update stubs - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - # Use the matticbot token so CI runs on the created PR. - token: ${{ secrets.API_TOKEN_GITHUB }} - - - name: Update stubs - run: tools/stubs/update-stubs.sh - - - name: Check for changes - id: changes - run: | - if git diff --exit-code; then - echo "::notice::No changes" - echo "needed=false" >> "$GITHUB_OUTPUT" - elif ! [[ "$(date +%e)" -le 7 && "$(date +%A)" == Thursday ]] && git diff --exit-code --ignore-matching-lines='^ \* Stubs automatically generated from' >/dev/null; then - echo "::notice::No changes (other than version bumps) and it's not the first Thursday" - echo "needed=false" >> "$GITHUB_OUTPUT" - elif git -c protocol.version=2 fetch --no-tags --prune --progress --no-recurse-submodules --depth=1 origin update/phan-custom-stubs >/dev/null; then - TMP=$( git -c core.quotepath=off diff --name-only ) - mapfile -t FILES <<<"$TMP" - if git diff --quiet --exit-code origin/update/phan-custom-stubs "${FILES[@]}"; then - echo "::notice::Branch already exists and is up to date with these changes" - echo "needed=false" >> "$GITHUB_OUTPUT" - else - echo "::notice::Branch needs updating" - echo "has-branch=true" >> "$GITHUB_OUTPUT" - echo "needed=true" >> "$GITHUB_OUTPUT" - fi - else - echo "::notice::Branch needs creating" - echo "has-branch=false" >> "$GITHUB_OUTPUT" - echo "needed=true" >> "$GITHUB_OUTPUT" - fi - - - name: Create commit and PR - if: steps.changes.outputs.needed == 'true' && steps.changes.outputs.has-branch == 'false' - env: - GH_TOKEN: ${{ secrets.STUB_UPDATE_TOKEN_GITHUB }} - run: | - git checkout -b update/phan-custom-stubs - git commit -am 'phan: Update custom stubs' - git push origin update/phan-custom-stubs - if ! gh pr create --title 'phan: Update custom stubs' --body 'This is an automatic update generated by a GitHub Action. If closed it will be recreated the next time the action runs.' --label '[Pri] Normal' --label '[Type] Janitorial' --label '[Status] Needs Review' --reviewer Automattic/jetpack-garage; then - git push --delete origin update/phan-custom-stubs - exit 1 - fi - - - name: Update existing branch - if: steps.changes.outputs.needed == 'true' && steps.changes.outputs.has-branch == 'true' - run: | - git commit -am 'phan: Update custom stubs' - SHA=$( git rev-parse HEAD ) - git checkout update/phan-custom-stubs - git reset --hard "$SHA" - git push --force-with-lease origin HEAD diff --git a/.github/workflows/wpcloud.yml b/.github/workflows/wpcloud.yml deleted file mode 100644 index bb271906d65d..000000000000 --- a/.github/workflows/wpcloud.yml +++ /dev/null @@ -1,145 +0,0 @@ -name: WPCloud Unit Testing for WPCOMSH - -on: - pull_request: - push: - branches: ['trunk', '*/branch-*'] -concurrency: - group: wpcloud-wpcomsh - cancel-in-progress: false - # Concurrency is set up to make sure we can only run one WPCloud testing job at the same time. - -jobs: - build: - name: Install the Monorepo and build wpcomsh - runs-on: ubuntu-latest - outputs: - wpcomsh: ${{ steps.changed.outputs.wpcomsh }} - steps: - - uses: actions/checkout@v4 - - # For pull requests, list-changed-projects.sh needs the merge base. - # But it doesn't have to be checked out. - - name: Deepen to merge base - if: github.event_name == 'pull_request' - uses: ./.github/actions/deepen-to-merge-base - with: - checkout: false - - - name: Setup tools - uses: ./.github/actions/tool-setup - - name: Monorepo install - run: | - echo "::group::Pnpm" - pnpm install - echo "::endgroup::" - - name: Detect if wpcomsh has changed - id: changed - run: | - CHANGED="$(EXTRA=test .github/files/list-changed-projects.sh)" - - WPCOMSH_CHANGED="$(jq --argjson changed "$CHANGED" -n '$changed | has( "plugins/wpcomsh" ) ')" - echo "wpcomsh=${WPCOMSH_CHANGED}" >> "$GITHUB_OUTPUT" - - name: Build wpcomsh - if: steps.changed.outputs.wpcomsh == 'true' - run: | - find . -path ./.github -prune -o -type f -print | sort > /tmp/before.txt - echo "::group::Installing and building wpcomsh" - pnpm jetpack build -v --deps plugins/wpcomsh - echo "::endgroup::" - - # We only want to save the files that were actually created or changed. - # But we can't just list them for actions/cache/save, "Argument list too long". - # So instead we delete all the unchanged files so we can tell actions/cache/save - # to save everything that's left. - git -c core.quotepath=off diff --name-only | sort > /tmp/changed.txt - if [[ -s /tmp/changed.txt ]]; then - grep -F -x -v -f /tmp/changed.txt /tmp/before.txt > /tmp/remove.txt - else - cp /tmp/before.txt /tmp/remove.txt - fi - xargs -d '\n' rm < /tmp/remove.txt - find . -type d -empty -delete - - - name: Save wpcomsh build cache - if: steps.changed.outputs.wpcomsh == 'true' - id: wpcomsh-build-cache-save - uses: actions/cache/save@v4 - with: - path: | - . - !./.github/ - key: ${{ github.sha }} - deploy: - name: Run PHPUnit on the WPCloud test site - runs-on: ubuntu-latest - needs: build - if: needs.build.outputs.wpcomsh == 'true' - steps: - - uses: actions/checkout@v4 - - - name: Restore wpcomsh build cache - id: wpcomsh-build-cache - uses: actions/cache/restore@v4 - with: - path: | - . - !./.github/ - key: ${{ github.sha }} - fail-on-cache-miss: true - - - name: Setup tools - uses: ./.github/actions/tool-setup - - - name: Install monorepo - run: | - pnpm install - - - name: Configure Github to be able to SSH to the Atomic site - run: | - echo "::group::Intializing" - - mkdir -vp ~/.ssh/ - chmod -v 700 ~/.ssh - - touch ~/.ssh/id_site - touch ~/.ssh/known_hosts - touch ~/.ssh/config - chmod 600 ~/.ssh/id_site - chmod 600 ~/.ssh/known_hosts - chmod 600 ~/.ssh/config - echo "$SSH_KEY" > ~/.ssh/id_site - echo "wrote ~/.ssh/id_site" - echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts - echo "wrote ~/.ssh/known_hosts" - echo "Host jpwpcomsh" > ~/.ssh/config - echo " Hostname sftp.wp.com" >> ~/.ssh/config - echo " User wpcom-jetpackisbestpack-default-237778992" >> ~/.ssh/config - echo " IdentityFile ~/.ssh/id_site" >> ~/.ssh/config - echo " IdentitiesOnly yes" >> ~/.ssh/config - - echo "::endgroup::" - - echo "::group::Transferring wpcomsh to the testing server" - ssh jpwpcomsh "wp --skip-plugins --skip-themes dereferenced freshen > /dev/null 2>&1" || CODE=$? - echo "wp dereferenced freshen has exited with code $CODE" - ssh jpwpcomsh "rm -rf /tmp/old-* > /dev/null 2>&1" - pnpm jetpack rsync wpcomsh jpwpcomsh:~/htdocs/wp-content/mu-plugins - scp -r projects/plugins/wpcomsh/bin jpwpcomsh:/srv/htdocs/wp-content/mu-plugins/wpcomsh - scp -r projects/plugins/wpcomsh/tests jpwpcomsh:/srv/htdocs/wp-content/mu-plugins/wpcomsh/ - scp projects/plugins/wpcomsh/phpunit.9.xml.dist jpwpcomsh:/srv/htdocs/wp-content/mu-plugins/wpcomsh/phpunit.xml.dist - - echo "::engroup::" - - echo "::group::execution" - ssh jpwpcomsh "~/htdocs/github-action-handler.sh" || CODE=$? - echo "::endgroup::" - - echo "::group::teardown" - rm -rvf ~/.ssh/ - echo "::endgroup::" - echo "Exiting with exit code $CODE" - exit $CODE - env: - SSH_KEY: ${{ secrets.UPDATEJETPACKSTAGING_SSH_KEY }} - SSH_KNOWN_HOSTS: ${{ secrets.UPDATEJETPACKSTAGING_SSH_KNOWN_HOSTS }} diff --git a/dummy.txt b/dummy.txt new file mode 100644 index 000000000000..e69de29bb2d1