Envoy/Checks #404

Workflow file for this run

.github/workflows/envoy-checks.yml at 42068a5

	name: Envoy/Checks

	permissions:
	contents: read

	on:
	workflow_run:
	workflows:
	# Workaround issue with PRs not triggering tertiary workflows
	- Request
	# - Envoy/Prechecks
	types:
	- completed

	concurrency:
	group: ${{ github.head_ref \|\| github.run_id }}-${{ github.workflow }}
	cancel-in-progress: true

	env:
	CI_DEBUG: ${{ vars.CI_DEBUG }}


	jobs:
	load:
	secrets:
	app-key: ${{ secrets.ENVOY_CI_APP_KEY }}
	app-id: ${{ secrets.ENVOY_CI_APP_ID }}
	lock-app-key: ${{ secrets.ENVOY_CI_MUTEX_APP_KEY }}
	lock-app-id: ${{ secrets.ENVOY_CI_MUTEX_APP_ID }}
	permissions:
	actions: read
	contents: read
	packages: read
	pull-requests: read
	if: >-
	${{ github.event.workflow_run.conclusion == 'success'
	&& (github.repository == 'envoyproxy/envoy' \|\| vars.ENVOY_CI) }}
	uses: ./.github/workflows/_load.yml
	with:
	check-name: checks
	# head-sha: ${{ github.sha }}

	build:
	secrets:
	gcp-key: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
	permissions:
	actions: read
	contents: read
	packages: read
	pull-requests: read
	name: Check (${{ fromJSON(needs.load.outputs.request).summary.title }})
	uses: ./.github/workflows/_check_build.yml
	if: ${{ fromJSON(needs.load.outputs.request).run.check-build }}
	needs:
	- load
	with:
	request: ${{ needs.load.outputs.request }}
	trusted: ${{ fromJSON(needs.load.outputs.trusted) }}

	coverage:
	secrets:
	gcp-key: ${{ fromJSON(needs.load.outputs.trusted) && secrets.GCP_SERVICE_ACCOUNT_KEY_TRUSTED \|\| secrets.GCP_SERVICE_ACCOUNT_KEY }}
	permissions:
	actions: read
	contents: read
	packages: read
	pull-requests: read
	name: Check (${{ fromJSON(needs.load.outputs.request).summary.title }})
	uses: ./.github/workflows/_check_coverage.yml
	if: ${{ fromJSON(needs.load.outputs.request).run.check-coverage }}
	needs:
	- load
	with:
	request: ${{ needs.load.outputs.request }}
	trusted: ${{ fromJSON(needs.load.outputs.trusted) }}

	san:
	secrets:
	gcp-key: ${{ secrets.GCP_SERVICE_ACCOUNT_KEY }}
	permissions:
	actions: read
	contents: read
	packages: read
	pull-requests: read
	name: Check (${{ fromJSON(needs.load.outputs.request).summary.title }})
	uses: ./.github/workflows/_check_san.yml
	if: ${{ fromJSON(needs.load.outputs.request).run.check-san }}
	needs:
	- load
	with:
	request: ${{ needs.load.outputs.request }}
	trusted: ${{ fromJSON(needs.load.outputs.trusted) }}

	request:
	secrets:
	app-id: ${{ secrets.ENVOY_CI_APP_ID }}
	app-key: ${{ secrets.ENVOY_CI_APP_KEY }}
	permissions:
	actions: read
	contents: read
	pull-requests: read
	if: >-
	${{ always()
	&& github.event.workflow_run.conclusion == 'success'
	&& (fromJSON(needs.load.outputs.request).run.check-build
	\|\| fromJSON(needs.load.outputs.request).run.check-coverage
	\|\| fromJSON(needs.load.outputs.request).run.check-san) }}
	needs:
	- load
	- build
	- coverage
	- san
	uses: ./.github/workflows/_finish.yml
	with:
	needs: ${{ toJSON(needs) }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Envoy/Checks #404

Workflow file

Envoy/Checks #404

Jobs

Run details

Workflow file for this run