diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2c4e139f58c..bae978a8279 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,8 +6,6 @@ on: - main - dependabot/** pull_request: - schedule: - - cron: 0 20,23,2,5 * * * workflow_dispatch: env: @@ -28,7 +26,6 @@ jobs: conditional: name: Check conditional workflows and jobs - if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest outputs: ci: ${{ steps.conditional.outputs.ci }} @@ -607,7 +604,7 @@ jobs: check: name: Status Check - Keycloak CI - if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) + if: always() needs: - conditional - check-set-status diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 11b29692c9a..d542c05f827 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -7,8 +7,7 @@ on: - dependabot/** pull_request: branches: [main] - schedule: - - cron: 0 9 * * 2 + workflow_dispatch: concurrency: # Only cancel jobs for PR updates @@ -23,7 +22,6 @@ jobs: conditional: name: Check conditional workflows and jobs - if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest outputs: java: ${{ steps.conditional.outputs.codeql-java }} @@ -94,7 +92,7 @@ jobs: check: name: Status Check - CodeQL - if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) + if: always() needs: [conditional, java, themes] runs-on: ubuntu-latest diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml index e8a1f7eb805..04677feae88 100644 --- a/.github/workflows/documentation.yml +++ b/.github/workflows/documentation.yml @@ -6,8 +6,6 @@ on: - main - dependabot/** pull_request: - schedule: - - cron: 0 5 * * * workflow_dispatch: env: @@ -27,7 +25,6 @@ jobs: conditional: name: Check conditional workflows and jobs - if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest outputs: documentation: ${{ steps.conditional.outputs.documentation }} @@ -125,7 +122,7 @@ jobs: check: name: Status Check - Keycloak Documentation - if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) + if: always() needs: - conditional - check-set-status diff --git a/.github/workflows/guides.yml b/.github/workflows/guides.yml index 698bc301e38..90befaa3a56 100644 --- a/.github/workflows/guides.yml +++ b/.github/workflows/guides.yml @@ -25,7 +25,6 @@ jobs: conditional: name: Check conditional workflows and jobs - if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest outputs: guides: ${{ steps.conditional.outputs.guides }} @@ -64,7 +63,7 @@ jobs: check: name: Status Check - Keycloak Guides - if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) + if: always() needs: - conditional - check-set-status diff --git a/.github/workflows/js-ci.yml b/.github/workflows/js-ci.yml index e7e6409c5bf..a5eca061ca1 100644 --- a/.github/workflows/js-ci.yml +++ b/.github/workflows/js-ci.yml @@ -6,8 +6,6 @@ on: - main - dependabot/** pull_request: - schedule: - - cron: 0 20,23,2,5 * * * workflow_dispatch: concurrency: @@ -22,7 +20,6 @@ defaults: jobs: conditional: name: Check conditional workflows and jobs - if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest outputs: js-ci: ${{ steps.conditional.outputs.js }} @@ -197,7 +194,7 @@ jobs: browser: [chrome, firefox] exclude: # Only test with Firefox on scheduled runs - - browser: ${{ github.event_name != 'schedule' && 'firefox' || '' }} + - browser: ${{ github.event_name != 'workflow_dispatch' && 'firefox' || '' }} steps: - uses: actions/checkout@v3 @@ -287,7 +284,7 @@ jobs: check: name: Status Check - Keycloak JavaScript CI - if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) + if: always() needs: - conditional - check-set-status diff --git a/.github/workflows/operator-ci.yml b/.github/workflows/operator-ci.yml index 14a3a54c392..ed456c11ebe 100644 --- a/.github/workflows/operator-ci.yml +++ b/.github/workflows/operator-ci.yml @@ -6,8 +6,6 @@ on: - main - dependabot/** pull_request: - schedule: - - cron: 0 20,23,2,5 * * * workflow_dispatch: env: @@ -29,7 +27,6 @@ jobs: conditional: name: Check conditional workflows and jobs - if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' runs-on: ubuntu-latest outputs: operator: ${{ steps.conditional.outputs.operator }} @@ -226,7 +223,7 @@ jobs: check: name: Status Check - Keycloak Operator CI - if: always() && ( github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' ) + if: always() needs: - conditional - check-set-status diff --git a/.github/workflows/schedule-nightly.yml b/.github/workflows/schedule-nightly.yml new file mode 100644 index 00000000000..8fd3343f347 --- /dev/null +++ b/.github/workflows/schedule-nightly.yml @@ -0,0 +1,60 @@ +name: Scheduled nightly workflows + +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: + +jobs: + + setup: + if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' + runs-on: ubuntu-latest + outputs: + latest-release-branch: ${{ steps.latest-release.outputs.branch }} + steps: + - id: latest-release + run: | + branch="release/$(gh api repos/keycloak/keycloak/branches | jq -r '.[].name' | sort -r | awk -F'/' '/[0-9.]+$/ {print $NF; exit}')" + echo "branch=$branch" + echo "branch=$branch" >> "$GITHUB_OUTPUT" + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + run-default-branch: + name: Run default branch + runs-on: ubuntu-latest + needs: setup + + strategy: + matrix: + workflow: + - cy.yml + - documentation.yml + - js-ci.yml + - operator-ci.yml + - snyk-analysis.yml + - trivy-analysis.yml + + steps: + - name: Run workflow + run: gh workflow run -R ${{ github.repository }} ${{ matrix.workflow }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + run-latest-release-branch: + name: Run latest release branch + needs: setup + runs-on: ubuntu-latest + + strategy: + matrix: + workflow: + - snyk-analysis.yml + + steps: + - run: echo ${{ needs.setup.outputs.latest-release-branch }} + - name: Run workflow + run: gh workflow run -R ${{ github.repository }} ${{ matrix.workflow }} -R ${{ needs.setup.outputs.latest-release-branch }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/schedule.yml b/.github/workflows/schedule.yml deleted file mode 100644 index e0341cb5db5..00000000000 --- a/.github/workflows/schedule.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Scheduled workflows - -on: - schedule: - - cron: '0 0 * * *' - workflow_dispatch: - -jobs: - - run-ci: - name: Run CI workflow - runs-on: ubuntu-latest - steps: - - name: Run Snyk with main branch - run: gh workflow run -R keycloak/keycloak snyk-analysis.yml -r main - if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Run Snyk with latest release branch - run: | - patch_release=$(gh api repos/keycloak/keycloak/branches | jq -r '.[].name' | sort -r | awk -F'/' '/[0-9.]+$/ {print $NF; exit}') - gh workflow run -R keycloak/keycloak snyk-analysis.yml -r "release/$patch_release" - if: github.event_name != 'schedule' || github.repository == 'keycloak/keycloak' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/trivy-analysis.yml b/.github/workflows/trivy-analysis.yml index 3a3248aaf3d..5bf92b7578f 100644 --- a/.github/workflows/trivy-analysis.yml +++ b/.github/workflows/trivy-analysis.yml @@ -1,8 +1,6 @@ name: Trivy on: - schedule: - - cron: 0 6 * * * workflow_dispatch: defaults: