From 04d46d25c58ccbbfc2bbf78f5a60cb7eea5a8b01 Mon Sep 17 00:00:00 2001
From: Cam <cam.soper@outlook.com>
Date: Wed, 4 Feb 2026 20:42:48 +0000
Subject: [PATCH] Add fast-track CI for version file updates

Optimize PR workflow to skip expensive CI/CD steps when PRs only update
version files. Version files are updated multiple times daily via
automation, but full CI (site build, Cypress tests, deployment) is
unnecessary for these simple text file changes.

Changes:
- Add detect-changes job to identify version-only PRs
- Add fast-track-version-update job with lightweight validation (~2-3 min)
- Update buildSite to run only for substantive changes
- Update notify job to monitor both validation paths
- Update BUILD-AND-DEPLOY.md documentation

Benefits:
- Reduces version update PR time from 10-15 min to 2-3 min
- Fewer transient CI failures due to reduced test surface
- Maintains critical validations (whitespace check, Hugo build)
- Works automatically for all four version files

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
---
 .github/workflows/pull-request.yml | 82 ++++++++++++++++++++++++++++--
 BUILD-AND-DEPLOY.md                | 26 ++++++++--
 2 files changed, 101 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
index 7f0580cb04c6..e44873b931f2 100644
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@@ -8,9 +8,82 @@ permissions:
       id-token: write # This is required for requesting the JWT
       contents: read # This is required for actions/checkout
 jobs:
+  detect-changes:
+    runs-on: ubuntu-latest
+    outputs:
+      version-files-only: ${{ steps.check.outputs.version-files-only }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: dorny/paths-filter@v3
+        id: filter
+        with:
+          filters: |
+            version-files:
+              - 'static/latest-dev-version'
+              - 'static/latest-version'
+              - 'static/esc/latest-version'
+              - 'static/customer-managed-workflow-agent/latest-version'
+            other-files:
+              - '**/*'
+              - '!static/latest-dev-version'
+              - '!static/latest-version'
+              - '!static/esc/latest-version'
+              - '!static/customer-managed-workflow-agent/latest-version'
+
+      - name: Check if version files only
+        id: check
+        run: |
+          if [[ "${{ steps.filter.outputs.version-files }}" == "true" && "${{ steps.filter.outputs.other-files }}" == "false" ]]; then
+            echo "version-files-only=true" >> $GITHUB_OUTPUT
+          else
+            echo "version-files-only=false" >> $GITHUB_OUTPUT
+          fi
+
+  fast-track-version-update:
+    needs: detect-changes
+    if: needs.detect-changes.outputs.version-files-only == 'true'
+    name: Fast-track version file validation
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v6
+        with:
+          node-version: '24.x'
+
+      - uses: peaceiris/actions-hugo@v2
+        with:
+          hugo-version: '0.154.5'
+          extended: true
+
+      - name: Install dependencies
+        run: make ensure
+
+      - name: Validate version files
+        run: |
+          # Check for whitespace in version files
+          for file in static/latest-dev-version static/latest-version static/esc/latest-version static/customer-managed-workflow-agent/latest-version; do
+            if [[ -f "$file" ]]; then
+              if grep -q '[[:space:]]' "$file"; then
+                echo "ERROR: $file contains whitespace"
+                exit 1
+              fi
+              echo "✓ $file is valid"
+            fi
+          done
+
+      - name: Quick Hugo build test
+        run: hugo --minify --quiet
+        env:
+          HUGO_ENVIRONMENT: production
+
   buildSite:
     # Only run this job for events that originate on this repository.
-    if: github.event.pull_request.head.repo.full_name == github.repository
+    needs: detect-changes
+    if: |
+      github.event.pull_request.head.repo.full_name == github.repository &&
+      needs.detect-changes.outputs.version-files-only == 'false'
     env:
       GOPATH: ${{ github.workspace }}/go
     name: Install deps and build site
@@ -70,10 +143,13 @@ jobs:
           name: origin-bucket-metadata
           path: origin-bucket-metadata.json
   notify:
-    if: (startsWith(github.ref, 'refs/heads/release/') || github.ref == 'refs/heads/master' || (github.event_name == 'pull_request' && github.event.pull_request.user.login == 'pulumi-bot')) && failure()
+    if: |
+      always() &&
+      (startsWith(github.ref, 'refs/heads/release/') || github.ref == 'refs/heads/master' || (github.event_name == 'pull_request' && github.event.pull_request.user.login == 'pulumi-bot')) &&
+      (needs.buildSite.result == 'failure' || needs.fast-track-version-update.result == 'failure')
     name: Send slack notification
     runs-on: ubuntu-latest
-    needs: [buildSite]
+    needs: [detect-changes, fast-track-version-update, buildSite]
     steps:
       - name: Fetch secrets from ESC
         id: esc-secrets
diff --git a/BUILD-AND-DEPLOY.md b/BUILD-AND-DEPLOY.md
index 0b0e4a700375..47e75c9ef4fe 100644
--- a/BUILD-AND-DEPLOY.md
+++ b/BUILD-AND-DEPLOY.md
@@ -1002,7 +1002,25 @@ The repository uses 24 GitHub Actions workflows organized into categories. All w
 
 **Jobs:**
 
-1. **buildSite**
+1. **detect-changes**
+   - Analyze changed files to determine if PR contains only version file updates
+   - Output: `version-files-only` flag (true/false)
+
+1. **fast-track-version-update** (conditional)
+   - Runs only when PR contains only version file changes:
+     - `static/latest-dev-version`
+     - `static/latest-version`
+     - `static/esc/latest-version`
+     - `static/customer-managed-workflow-agent/latest-version`
+   - Performs lightweight validation:
+     - Install dependencies (`make ensure`)
+     - Validate no whitespace in version files
+     - Quick Hugo build test (`hugo --minify --quiet`)
+   - **Duration:** ~2-3 minutes (vs 10-15 minutes for full build)
+   - **Why:** Version files are updated multiple times daily via automation. Full CI/CD (site build, Cypress tests, deployment) is unnecessary for these simple text file changes.
+
+1. **buildSite** (conditional)
+   - Runs only when PR contains changes beyond version files
    - Check if PR is from fork (skip deployment if true)
    - Build site in preview mode
    - Create PR-specific S3 bucket:
@@ -1023,8 +1041,8 @@ The repository uses 24 GitHub Actions workflows organized into categories. All w
 
    - Archive test results and metadata
 
-2. **notify**
-   - Slack alert on failure
+1. **notify**
+   - Slack alert on failure from either fast-track or full build
 
 **Preview Lifecycle:**
 
@@ -1366,7 +1384,7 @@ These workflows support repository maintenance, automation, and developer experi
 |----------|---------|-------------|----------|---------|
 | build-and-deploy | Push to master, Scheduled | Production | 8-12 min | Production deployment |
 | testing-build-and-deploy | Push to master, Manual | Testing | 8-12 min | Testing deployment |
-| pull-request | PRs to master | Testing | 10-15 min | PR validation & preview |
+| pull-request | PRs to master | Testing | 2-3 min (version files only), 10-15 min (full build) | PR validation & preview |
 | pr-closed | PR closed | Testing | <1 min | Cleanup preview resources |
 | pulumi-cli | Repository dispatch | N/A | 5-10 min | Auto-generate CLI docs |
 | esc-cli | Repository dispatch | N/A | 3-5 min | Auto-generate ESC docs |