From 41ff63c69830e4e1c71db9ee69e38691b2eeb733 Mon Sep 17 00:00:00 2001 From: John White <750350+johnhwhite@users.noreply.github.com> Date: Thu, 16 Apr 2026 14:43:34 -0400 Subject: [PATCH 1/2] ci: update pipelines --- .github/workflows/automated-translations.yml | 49 ++++++++--- .github/workflows/cherry-pick.yml | 6 +- .github/workflows/ci.yml | 28 +++---- .github/workflows/e2e-cleanup.yml | 2 +- .github/workflows/e2e.yml | 87 ++++++++++---------- .github/workflows/release-please.yml | 12 +-- .github/workflows/validate-pr.yml | 12 +-- scripts/automated-translations.ps1 | 16 +--- 8 files changed, 116 insertions(+), 96 deletions(-) diff --git a/.github/workflows/automated-translations.yml b/.github/workflows/automated-translations.yml index 7494ccf21d..0bc9fc803f 100644 --- a/.github/workflows/automated-translations.yml +++ b/.github/workflows/automated-translations.yml @@ -8,23 +8,52 @@ # # When the `automated-translations` branch is merged and deleted, this workflow recreates the branch. -name: Automated Translations 12.x.x +name: Automated Translations on: push: branches: - - 12.x.x + - '[0-9]+.x.x' - automated-translations workflow_dispatch: -env: - LTS_BRANCH: '12.x.x' + jobs: + determine-lts: + name: Determine LTS branch + runs-on: ubuntu-slim + outputs: + lts-branch: ${{ steps.find-lts.outputs.branch }} + should-sync: ${{ steps.find-lts.outputs.should-sync }} + steps: + - name: Find highest LTS branch + id: find-lts + env: + GH_TOKEN: ${{ github.token }} + run: | + LTS_BRANCH=$(gh api "repos/${{ github.repository }}/branches" --paginate --jq '.[].name' | grep -E '^[0-9]+\.x\.x$' | sort -t. -k1 -n -r | head -1) + if [[ -z "$LTS_BRANCH" ]]; then + echo "::error::No LTS branch found matching [0-9]+.x.x" + exit 1 + fi + echo "branch=$LTS_BRANCH" >> "$GITHUB_OUTPUT" + echo "Highest LTS branch: $LTS_BRANCH" + + if [[ "${{ github.event_name }}" == "push" && "${{ github.ref_name }}" =~ ^[0-9]+\.x\.x$ && "${{ github.ref_name }}" != "$LTS_BRANCH" ]]; then + echo "should-sync=false" >> "$GITHUB_OUTPUT" + echo "::notice::Push to ${{ github.ref_name }} skipped — not the highest LTS branch ($LTS_BRANCH)" + else + echo "should-sync=true" >> "$GITHUB_OUTPUT" + fi + automated-translations: + name: Sync translations + needs: determine-lts + if: needs.determine-lts.outputs.should-sync == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: token: '${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}' - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 id: setup-node with: node-version-file: '.nvmrc' @@ -35,7 +64,7 @@ jobs: id: sync run: | ./scripts/automated-translations.ps1 \ - -LtsBranchName $LTS_BRANCH \ + -LtsBranchName "${{ needs.determine-lts.outputs.lts-branch }}" \ -TempPath ${{ runner.temp }} env: GH_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} @@ -43,7 +72,7 @@ jobs: - name: Notify Slack when a PR is created if: ${{ steps.sync.outputs.prCreated == 'true' && steps.sync.outputs.prTitle && steps.sync.outputs.prUrl }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_TITLE: ':writing_hand: `automated-translations` PR created: ${{ steps.sync.outputs.prTitle }}' @@ -58,7 +87,7 @@ jobs: - name: Notify Slack when a PR is updated if: ${{ steps.sync.outputs.prCreated == 'false' && steps.sync.outputs.prTitle && steps.sync.outputs.prUrl }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_TITLE: ':writing_hand: `automated-translations` PR updated: ${{ steps.sync.outputs.prTitle }}' @@ -73,7 +102,7 @@ jobs: - name: Notify Slack for fails if: ${{ failure() || steps.sync.outputs.success != 'true' }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_TITLE: ':writing_hand: :x: `automated-translations` sync failed' diff --git a/.github/workflows/cherry-pick.yml b/.github/workflows/cherry-pick.yml index 2024a123cc..318995babc 100644 --- a/.github/workflows/cherry-pick.yml +++ b/.github/workflows/cherry-pick.yml @@ -16,12 +16,12 @@ jobs: if: github.event.pull_request.merged == true runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: ref: ${{ env.TARGET_BRANCH }} fetch-depth: 0 token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 id: setup-node with: cache: 'npm' @@ -173,7 +173,7 @@ jobs: - name: Notify Slack when cherry-pick fails if: ${{ env.CHERRY_PICK_RESULT != 'success' }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_TITLE: ':cherries: :x: Cherry-pick failed for “${{ github.event.pull_request.title }} (#${{ github.event.pull_request.number}})”' diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0a37460676..0d889013be 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,8 +1,6 @@ name: CI on: - merge_group: - types: [checks_requested] pull_request: push: branches: @@ -26,11 +24,11 @@ jobs: outputs: node-version: ${{ steps.setup-node.outputs.node-version }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: # We need to fetch all branches and commits so that Nx affected has a base to compare against. fetch-depth: 0 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 id: setup-node with: cache: 'npm' @@ -51,8 +49,8 @@ jobs: env: NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} steps: - - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/checkout@v6 + - uses: actions/setup-node@v6 id: setup-node with: cache: 'npm' @@ -75,10 +73,10 @@ jobs: env: NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -142,11 +140,11 @@ jobs: needs: install-deps runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: # We need to fetch all branches and commits so that Nx affected has a base to compare against. fetch-depth: 0 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -178,11 +176,11 @@ jobs: needs: install-deps runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: # We need to fetch all branches and commits so that Nx affected has a base to compare against. fetch-depth: 0 - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -203,8 +201,8 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event_name != 'pull_request' }} steps: - - uses: actions/checkout@v5 - - uses: actions/setup-node@v5 + - uses: actions/checkout@v6 + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -216,7 +214,7 @@ jobs: run: npx skyux-dev create-packages-dist --skipNxCache - name: Notify Slack (failure) if: ${{ failure() }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_COLOR: ${{ job.status }} diff --git a/.github/workflows/e2e-cleanup.yml b/.github/workflows/e2e-cleanup.yml index 3ff1b383e4..190930d509 100644 --- a/.github/workflows/e2e-cleanup.yml +++ b/.github/workflows/e2e-cleanup.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout blackbaud/skyux-pr-preview - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: blackbaud/skyux-pr-preview ref: 'main' diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 6ef541c582..30261624e0 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -1,8 +1,6 @@ name: E2E on: - merge_group: - types: [checks_requested] pull_request_target: push: branches: @@ -11,7 +9,7 @@ on: workflow_dispatch: concurrency: - group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.run_number || github.head_ref || github.ref_name || github.event.ref }} + group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.run_number || github.head_ref || github.ref_name }} cancel-in-progress: true env: @@ -33,7 +31,7 @@ jobs: environment-check: name: Environment Check if: ${{ !startsWith( github.head_ref || github.ref_name, 'release-please--' ) && !contains( github.event.pull_request.labels.*.name, 'skip e2e' ) }} - runs-on: ubuntu-latest + runs-on: ubuntu-slim environment: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'e2e-external-contribution' || 'e2e-team-members' }} steps: - name: Environment approved @@ -45,7 +43,7 @@ jobs: needs: environment-check runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-install-deps-${{ github.head_ref || github.ref_name || github.event.ref }} + group: ${{ github.workflow }}-install-deps-${{ github.head_ref || github.ref_name }} cancel-in-progress: true outputs: node-version: ${{ steps.setup-node.outputs.node-version }} @@ -56,12 +54,12 @@ jobs: base-branch: ${{ steps.set-shas.outputs.base-branch }} head: ${{ steps.set-shas.outputs.head }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }} - ref: ${{ github.head_ref || github.ref_name || github.event.ref }} - - uses: actions/setup-node@v5 + repository: ${{ github.repository }} + ref: ${{ github.head_ref || github.ref_name }} + - uses: actions/setup-node@v6 id: setup-node with: cache: 'npm' @@ -113,7 +111,7 @@ jobs: name: Build Project Storybook runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-build-storybook--${{ matrix.project }}-${{ github.head_ref || github.ref_name || github.event.ref }} + group: ${{ github.workflow }}-build-storybook--${{ matrix.project }}-${{ github.head_ref || github.ref_name }} cancel-in-progress: true needs: install-deps strategy: @@ -122,13 +120,13 @@ jobs: matrix: project: ${{ fromJSON(needs.install-deps.outputs.parameters).projects }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }} - ref: ${{ github.head_ref || github.ref_name || github.event.ref }} + ref: ${{ github.head_ref || github.ref_name }} if: ${{ matrix.project != 'skip' }} - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -142,7 +140,7 @@ jobs: run: npx nx run ${{ matrix.project }}:build-storybook:ci --no-parallel if: ${{ matrix.project != 'skip' }} - name: Upload storybook artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: ${{ matrix.project }} path: ./dist/storybook/${{ matrix.project }} @@ -158,7 +156,7 @@ jobs: name: Build Apps runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-build-apps--${{ matrix.app }}-${{ github.head_ref || github.ref_name || github.event.ref }} + group: ${{ github.workflow }}-build-apps--${{ matrix.app }}-${{ github.head_ref || github.ref_name }} cancel-in-progress: true needs: install-deps strategy: @@ -172,15 +170,14 @@ jobs: env: NX_BASE: ${{ needs.install-deps.outputs.base }} NX_HEAD: ${{ needs.install-deps.outputs.head }} - NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }} - ref: ${{ github.head_ref || github.ref_name || github.event.ref }} + ref: ${{ github.head_ref || github.ref_name }} if: ${{ fromJson(needs.install-deps.outputs.parameters).ghPagesRepo == 'skyux-pr-preview' }} - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -195,12 +192,16 @@ jobs: npx nx build ${{ matrix.app }} \ --baseHref="https://blackbaud.github.io/skyux-pr-preview/${{ needs.install-deps.outputs.pr-number }}/${{ matrix.app }}/" \ --no-parallel + env: + NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} if: ${{ fromJson(needs.install-deps.outputs.parameters).ghPagesRepo == 'skyux-pr-preview' && matrix.app != 'dep-graph' }} - name: Build ${{ matrix.app }} run: npx nx dep-graph --file=dist/apps/dep-graph/index.html + env: + NX_CLOUD_ACCESS_TOKEN: ${{ secrets.NX_CLOUD_ACCESS_TOKEN }} if: ${{ fromJson(needs.install-deps.outputs.parameters).ghPagesRepo == 'skyux-pr-preview' && matrix.app == 'dep-graph' }} - name: Upload app artifact - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: ${{ matrix.app }} path: ./dist/apps/${{ matrix.app }} @@ -215,19 +216,19 @@ jobs: name: Publish runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-publish-${{ github.head_ref || github.ref_name || github.event.ref }} + group: ${{ github.workflow }}-publish-${{ github.head_ref || github.ref_name }} cancel-in-progress: true needs: - install-deps - build-storybook - build-apps steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }} - ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && github.base_ref || github.head_ref || github.ref_name || github.event.ref }} - - uses: actions/setup-node@v5 + repository: ${{ github.repository }} + ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && github.base_ref || github.head_ref || github.ref_name }} + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -237,7 +238,7 @@ jobs: env: CYPRESS_INSTALL_BINARY: 0 - name: Download artifacts - uses: actions/download-artifact@v5 + uses: actions/download-artifact@v7 with: path: ./dist/${{ fromJson(needs.install-deps.outputs.parameters).storybooksPath }} - name: Move apps @@ -265,7 +266,7 @@ jobs: - name: Build Storybook Composition run: npx nx run storybook:build-storybook:ci --outputDir=dist/storybook --no-parallel - name: Checkout ${{ fromJson(needs.install-deps.outputs.parameters).ghPagesRepo }} - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: repository: ${{ env.GH_PAGES_OWNER }}/${{ fromJson(needs.install-deps.outputs.parameters).ghPagesRepo }} ref: 'main' @@ -293,13 +294,13 @@ jobs: matrix: include: ${{ fromJSON(needs.install-deps.outputs.parameters).e2eTargets }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }} - ref: ${{ github.head_ref || github.ref_name || github.event.ref }} + ref: ${{ github.head_ref || github.ref_name }} if: ${{ matrix.project != 'skip' }} - - uses: actions/setup-node@v5 + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -325,7 +326,7 @@ jobs: uses: ./.github/actions/e2e-affected id: affected with: - branch: ${{ github.head_ref || github.ref_name || github.event.ref }} + branch: ${{ github.head_ref || github.ref_name }} base: ${{ needs.install-deps.outputs.base }} head: ${{ needs.install-deps.outputs.head }} project: ${{ matrix.project }} @@ -388,27 +389,27 @@ jobs: env: PERCY_TARGET_BRANCH: ${{ needs.install-deps.outputs.base-branch }} PERCY_TARGET_COMMIT: ${{ steps.affected.outputs.percy_target_commit }} - PERCY_BRANCH: ${{ github.head_ref || github.ref_name || github.event.ref }} + PERCY_BRANCH: ${{ github.head_ref || github.ref_name }} PERCY_COMMIT: ${{ needs.install-deps.outputs.head }} PERCY_TOKEN: ${{ secrets[matrix.token] }} TERM: 'xterm-256color' if: ${{ matrix.project != 'skip' && steps.affected.outputs.affected == 'true' }} - name: Upload logs - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: ${{ matrix.project != 'skip' && steps.affected.outputs.affected == 'true' && !cancelled() }} with: name: percy-log-${{ matrix.project }}.log path: ${{ runner.temp }}/percy-log-${{ matrix.project }}.log retention-days: 4 - name: Upload build number - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: ${{ matrix.project != 'skip' }} with: name: percy-build-${{ matrix.project }}.txt path: ${{ runner.temp }}/percy-build-${{ matrix.project }}.txt retention-days: 1 - name: Upload error screenshots - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: ${{ failure() }} with: name: cypress-screenshots-${{ matrix.project }} @@ -423,7 +424,7 @@ jobs: name: E2E Visual Review runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-verify-${{ github.head_ref || github.ref_name || github.event.ref }} + group: ${{ github.workflow }}-verify-${{ github.head_ref || github.ref_name }} cancel-in-progress: false needs: - install-deps @@ -443,12 +444,12 @@ jobs: if: ${{ contains(needs.*.result, 'failure') }} with: script: 'core.setFailed("Failed.");' - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }} - ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && github.base_ref || github.head_ref || github.ref_name || github.event.ref }} - - uses: actions/setup-node@v5 + repository: ${{ github.repository }} + ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && github.base_ref || github.head_ref || github.ref_name }} + - uses: actions/setup-node@v6 with: cache: 'npm' node-version-file: '.nvmrc' @@ -467,7 +468,7 @@ jobs: if: steps.cache-e2e-schematics.outputs.cache-hit != 'true' run: 'npx nx build e2e-schematics --no-parallel' - name: Download Percy Build Numbers - uses: actions/download-artifact@v5 + uses: actions/download-artifact@v7 with: github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} path: ${{ runner.temp }}/percy-builds @@ -557,7 +558,7 @@ jobs: - name: Notify Slack (failure) if: ${{ failure() && steps.verify-e2e.outputs.shouldAlertSlack != 'false' && !steps.verify-e2e.outputs.missingScreenshots }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_COLOR: 'fail' @@ -569,7 +570,7 @@ jobs: SLACK_FOOTER: 'Blackbaud Sky Build User' - name: Notify Slack (missing screenshots) if: ${{ failure() && steps.verify-e2e.outputs.missingScreenshots }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_COLOR: 'fail' diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 9fd5142756..293d24b587 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -23,7 +23,7 @@ jobs: tag_name: ${{ steps.release.outputs.tag_name || '' }} dry_run: ${{ steps.next-release.outputs.dry_run || 'false' }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 token: '${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}' @@ -75,7 +75,7 @@ jobs: } - name: Notify Slack (failure) if: ${{ failure() }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_COLOR: ${{ job.status }} SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} @@ -92,7 +92,7 @@ jobs: if: ${{ needs.next-release.outputs.release_created || needs.next-release.outputs.dry_run == 'true' }} environment: 'npm' steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 token: '${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}' @@ -118,14 +118,14 @@ jobs: run: npx skyux-dev publish-packages-dist --skip-registry-config --dry-run=${{ needs.next-release.outputs.dry_run }} - name: Capture logs if: ${{ failure() }} - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: npm-logs path: /home/runner/.npm/_logs retention-days: 3 - name: Notify Slack (success) if: ${{ success() }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_MESSAGE: "Successfully published SKY UX ${{ needs.next-release.outputs.tag_name || steps.dry-run.outputs.tag_name }} to NPM${{ needs.next-release.outputs.dry_run == 'true' && ' (DRY RUN)' || '' }}. http://github.com/${{ github.repository }}/blob/${{ github.ref_name }}/CHANGELOG.md" @@ -135,7 +135,7 @@ jobs: SLACK_CHANNEL: ${{ needs.next-release.outputs.dry_run == 'true' && 'C01GY7ZP4HM' || 'C7CJ0QS75' }} - name: Notify Slack (failure) if: ${{ failure() }} - uses: rtCamp/action-slack-notify@07cbdbfd6c6190970778d8f98f11d073b2932aae # v2.3.3 + uses: rtCamp/action-slack-notify@c58b60ee33df2229ed2d2eed86eeaf7e6c527c5a # https://github.com/rtCamp/action-slack-notify/pull/243 env: SLACK_COLOR: ${{ job.status }} SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/validate-pr.yml b/.github/workflows/validate-pr.yml index c7f95b1444..de63ccf382 100644 --- a/.github/workflows/validate-pr.yml +++ b/.github/workflows/validate-pr.yml @@ -7,15 +7,15 @@ on: - reopened - synchronize -env: - GITHUB_TOKEN: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }} - jobs: conventional-title: - runs-on: ubuntu-latest + runs-on: ubuntu-slim + permissions: + pull-requests: read steps: - - uses: actions/checkout@v5 - - uses: amannn/action-semantic-pull-request@v5 + - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: # subject should not start with a capital letter, include an exclamation point, or end with a period subjectPattern: ^(?![A-Z]).[^!]+(? Date: Fri, 17 Apr 2026 07:17:08 -0400 Subject: [PATCH 2/2] Updates based on feedback --- .github/workflows/e2e.yml | 16 ++++++++-------- scripts/automated-translations.ps1 | 10 ++++++++++ 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 30261624e0..de30569ab8 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -9,7 +9,7 @@ on: workflow_dispatch: concurrency: - group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.run_number || github.head_ref || github.ref_name }} + group: ${{ github.workflow }}-${{ github.event_name == 'push' && github.run_number || github.event.pull_request.number || github.head_ref || github.ref_name }} cancel-in-progress: true env: @@ -43,7 +43,7 @@ jobs: needs: environment-check runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-install-deps-${{ github.head_ref || github.ref_name }} + group: ${{ github.workflow }}-install-deps-${{ github.event.pull_request.number || github.head_ref || github.ref_name }} cancel-in-progress: true outputs: node-version: ${{ steps.setup-node.outputs.node-version }} @@ -57,7 +57,7 @@ jobs: - uses: actions/checkout@v6 with: fetch-depth: 0 - repository: ${{ github.repository }} + repository: ${{ github.event.pull_request.head.repo.full_name || github.repository }} ref: ${{ github.head_ref || github.ref_name }} - uses: actions/setup-node@v6 id: setup-node @@ -111,7 +111,7 @@ jobs: name: Build Project Storybook runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-build-storybook--${{ matrix.project }}-${{ github.head_ref || github.ref_name }} + group: ${{ github.workflow }}-build-storybook--${{ matrix.project }}-${{ github.event.pull_request.number || github.head_ref || github.ref_name }} cancel-in-progress: true needs: install-deps strategy: @@ -156,7 +156,7 @@ jobs: name: Build Apps runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-build-apps--${{ matrix.app }}-${{ github.head_ref || github.ref_name }} + group: ${{ github.workflow }}-build-apps--${{ matrix.app }}-${{ github.event.pull_request.number || github.head_ref || github.ref_name }} cancel-in-progress: true needs: install-deps strategy: @@ -216,7 +216,7 @@ jobs: name: Publish runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-publish-${{ github.head_ref || github.ref_name }} + group: ${{ github.workflow }}-publish-${{ github.event.pull_request.number || github.head_ref || github.ref_name }} cancel-in-progress: true needs: - install-deps @@ -286,7 +286,7 @@ jobs: runs-on: ubuntu-latest # Baseline branches should complete the E2E jobs so Percy does not get stuck https://www.browserstack.com/question/61332 concurrency: - group: ${{ github.workflow }}-e2e--${{ matrix.project }}-${{ github.head_ref || format('{0}-{1}', github.run_id, github.run_attempt) }} + group: ${{ github.workflow }}-e2e--${{ matrix.project }}-${{ github.event.pull_request.number || github.head_ref || format('{0}-{1}', github.run_id, github.run_attempt) }} cancel-in-progress: ${{ github.event_name != 'push' }} needs: install-deps strategy: @@ -424,7 +424,7 @@ jobs: name: E2E Visual Review runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-verify-${{ github.head_ref || github.ref_name }} + group: ${{ github.workflow }}-verify-${{ github.event.pull_request.number || github.head_ref || github.ref_name }} cancel-in-progress: false needs: - install-deps diff --git a/scripts/automated-translations.ps1 b/scripts/automated-translations.ps1 index 3797cfd200..79c1d00a80 100755 --- a/scripts/automated-translations.ps1 +++ b/scripts/automated-translations.ps1 @@ -78,6 +78,11 @@ else Write-Output "`n# git rebase -X ours $LtsBranchName" git rebase -X ours $LtsBranchName + if ($LASTEXITCODE -ne 0) + { + Write-Output "`n::error::git rebase failed (exit $LASTEXITCODE).`n" + exit $LASTEXITCODE + } Write-Output "`n::endgroup::`n" Write-Output "`n::group::NPM Install`n" @@ -128,6 +133,11 @@ else { Write-Output "`n# git push --force-with-lease origin $TranslationBranchName" git push --force-with-lease origin $TranslationBranchName + if ($LASTEXITCODE -ne 0) + { + Write-Output "`n::error::git push --force-with-lease failed (exit $LASTEXITCODE).`n" + exit $LASTEXITCODE + } } else {