Skip to content

Decouple --github-token and is_github_actions logic #313

Decouple --github-token and is_github_actions logic

Decouple --github-token and is_github_actions logic #313

Workflow file for this run

name: Production test
on:
pull_request:
types:
- opened
- reopened
- synchronize
- labeled
jobs:
build:
uses: ./.github/workflows/build.yaml
if: |
(github.event.action == 'labeled' && github.event.label.name == 'production test')
|| (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'production test'))
production-test:
needs: build
runs-on: UbuntuLatest32Cores128G
timeout-minutes: 5
if: |
(github.event.action == 'labeled' && github.event.label.name == 'production test')
|| (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'production test'))
permissions:
id-token: write # In order to request a JWT for AWS auth
contents: read # Specifying id-token wiped this out, so manually specify that this action is allowed to checkout this private repo
steps:
- uses: actions/checkout@v3
- uses: DeterminateSystems/nix-installer-action@main
- uses: DeterminateSystems/magic-nix-cache-action@main
- uses: actions/download-artifact@v3
with:
name: flakehub-push-X64-Linux
path: flakehub-push-X64-Linux
- name: Production test
if: |
(github.event.action == 'labeled' && github.event.label.name == 'production test')
|| (github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'production test'))
uses: ./
with:
visibility: "hidden"
rolling-minor: 0
rolling: true
log-directives: "flakehub_push=trace"
logger: "pretty"
flakehub-push-binary: ./flakehub-push-X64-Linux/flakehub-push