diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index 7f0580cb04c6..e44873b931f2 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -8,9 +8,82 @@ permissions: id-token: write # This is required for requesting the JWT contents: read # This is required for actions/checkout jobs: + detect-changes: + runs-on: ubuntu-latest + outputs: + version-files-only: ${{ steps.check.outputs.version-files-only }} + steps: + - uses: actions/checkout@v4 + + - uses: dorny/paths-filter@v3 + id: filter + with: + filters: | + version-files: + - 'static/latest-dev-version' + - 'static/latest-version' + - 'static/esc/latest-version' + - 'static/customer-managed-workflow-agent/latest-version' + other-files: + - '**/*' + - '!static/latest-dev-version' + - '!static/latest-version' + - '!static/esc/latest-version' + - '!static/customer-managed-workflow-agent/latest-version' + + - name: Check if version files only + id: check + run: | + if [[ "${{ steps.filter.outputs.version-files }}" == "true" && "${{ steps.filter.outputs.other-files }}" == "false" ]]; then + echo "version-files-only=true" >> $GITHUB_OUTPUT + else + echo "version-files-only=false" >> $GITHUB_OUTPUT + fi + + fast-track-version-update: + needs: detect-changes + if: needs.detect-changes.outputs.version-files-only == 'true' + name: Fast-track version file validation + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: actions/setup-node@v6 + with: + node-version: '24.x' + + - uses: peaceiris/actions-hugo@v2 + with: + hugo-version: '0.154.5' + extended: true + + - name: Install dependencies + run: make ensure + + - name: Validate version files + run: | + # Check for whitespace in version files + for file in static/latest-dev-version static/latest-version static/esc/latest-version static/customer-managed-workflow-agent/latest-version; do + if [[ -f "$file" ]]; then + if grep -q '[[:space:]]' "$file"; then + echo "ERROR: $file contains whitespace" + exit 1 + fi + echo "✓ $file is valid" + fi + done + + - name: Quick Hugo build test + run: hugo --minify --quiet + env: + HUGO_ENVIRONMENT: production + buildSite: # Only run this job for events that originate on this repository. - if: github.event.pull_request.head.repo.full_name == github.repository + needs: detect-changes + if: | + github.event.pull_request.head.repo.full_name == github.repository && + needs.detect-changes.outputs.version-files-only == 'false' env: GOPATH: ${{ github.workspace }}/go name: Install deps and build site @@ -70,10 +143,13 @@ jobs: name: origin-bucket-metadata path: origin-bucket-metadata.json notify: - if: (startsWith(github.ref, 'refs/heads/release/') || github.ref == 'refs/heads/master' || (github.event_name == 'pull_request' && github.event.pull_request.user.login == 'pulumi-bot')) && failure() + if: | + always() && + (startsWith(github.ref, 'refs/heads/release/') || github.ref == 'refs/heads/master' || (github.event_name == 'pull_request' && github.event.pull_request.user.login == 'pulumi-bot')) && + (needs.buildSite.result == 'failure' || needs.fast-track-version-update.result == 'failure') name: Send slack notification runs-on: ubuntu-latest - needs: [buildSite] + needs: [detect-changes, fast-track-version-update, buildSite] steps: - name: Fetch secrets from ESC id: esc-secrets diff --git a/BUILD-AND-DEPLOY.md b/BUILD-AND-DEPLOY.md index 0b0e4a700375..47e75c9ef4fe 100644 --- a/BUILD-AND-DEPLOY.md +++ b/BUILD-AND-DEPLOY.md @@ -1002,7 +1002,25 @@ The repository uses 24 GitHub Actions workflows organized into categories. All w **Jobs:** -1. **buildSite** +1. **detect-changes** + - Analyze changed files to determine if PR contains only version file updates + - Output: `version-files-only` flag (true/false) + +1. **fast-track-version-update** (conditional) + - Runs only when PR contains only version file changes: + - `static/latest-dev-version` + - `static/latest-version` + - `static/esc/latest-version` + - `static/customer-managed-workflow-agent/latest-version` + - Performs lightweight validation: + - Install dependencies (`make ensure`) + - Validate no whitespace in version files + - Quick Hugo build test (`hugo --minify --quiet`) + - **Duration:** ~2-3 minutes (vs 10-15 minutes for full build) + - **Why:** Version files are updated multiple times daily via automation. Full CI/CD (site build, Cypress tests, deployment) is unnecessary for these simple text file changes. + +1. **buildSite** (conditional) + - Runs only when PR contains changes beyond version files - Check if PR is from fork (skip deployment if true) - Build site in preview mode - Create PR-specific S3 bucket: @@ -1023,8 +1041,8 @@ The repository uses 24 GitHub Actions workflows organized into categories. All w - Archive test results and metadata -2. **notify** - - Slack alert on failure +1. **notify** + - Slack alert on failure from either fast-track or full build **Preview Lifecycle:** @@ -1366,7 +1384,7 @@ These workflows support repository maintenance, automation, and developer experi |----------|---------|-------------|----------|---------| | build-and-deploy | Push to master, Scheduled | Production | 8-12 min | Production deployment | | testing-build-and-deploy | Push to master, Manual | Testing | 8-12 min | Testing deployment | -| pull-request | PRs to master | Testing | 10-15 min | PR validation & preview | +| pull-request | PRs to master | Testing | 2-3 min (version files only), 10-15 min (full build) | PR validation & preview | | pr-closed | PR closed | Testing | <1 min | Cleanup preview resources | | pulumi-cli | Repository dispatch | N/A | 5-10 min | Auto-generate CLI docs | | esc-cli | Repository dispatch | N/A | 3-5 min | Auto-generate ESC docs |