-
Notifications
You must be signed in to change notification settings - Fork 1.1k
75 lines (66 loc) · 3.6 KB
/
code-freeze.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
name: Code-Freeze
# Stop the current running job if a new push is made to the PR
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
### Code freeze documentation: https://datadoghq.atlassian.net/wiki/spaces/ENG/pages/2754481240/CodeFreeze+Runbook
### To enable a freeze:
# 1. Set ACTIVE_FREEZE to "true".
# 2. Change codefreeze-check-unfrozen to codefreeze-check-YYYYmmdd format `echo "check-$(date -u +'%Y%m%d')"`.
# 3. Push the changes to the Github repo and open a PR.
# 4. Merge the PR.
# 5. In the Github repo settings, add codefreeze-check-YYYYmmdd as a required status check for the master branch.
### To disable a freeze:
# 1. Set ACTIVE_FREEZE to "false".
# 2. Change codefreeze-check-YYYYmmdd to `codefreeze-check-unfrozen`.
# 3. In the Github repo settings, remove the codefreeze-check-YYYYmmdd required status check from the master branch.
# 4. Open a PR and merge the changes.
on:
pull_request:
types:
- labeled
- unlabeled
- opened
- reopened
- synchronize
branches:
# only target `master` branch
- master
env:
ACTIVE_FREEZE: "false"
# toggle to true like below to enable + change the job unique name and add a required branch protection!
# ACTIVE_FREEZE: "true"
jobs:
# during an unfrozen state leave as the unfrozen name so it is more obvious
codefreeze-check-unfrozen:
# NOTE: update this date for every new freeze, update the protected branches to require the new name
# codefreeze-check-incident-19254:
runs-on: ubuntu-latest
steps:
- name: checkout repository
if: env.ACTIVE_FREEZE == 'true' && ! (contains( github.event.pull_request.labels.*.name, 'MERGE-NOW') || contains( github.event.pull_request.labels.*.name, 'codefreeze-approved'))
uses: actions/checkout@v3
- name: Get Changed files
if: env.ACTIVE_FREEZE == 'true' && ! (contains( github.event.pull_request.labels.*.name, 'MERGE-NOW') || contains( github.event.pull_request.labels.*.name, 'codefreeze-approved'))
id: changed-files
uses: tj-actions/changed-files@v42
with:
separator: ","
fetch_depth: 5
files_ignore: |
DOESNOTEXIST
- uses: actions/setup-python@v4
if: env.ACTIVE_FREEZE == 'true' && ( steps.changed-files.outputs.any_modified == 'true' ) && ! (contains( github.event.pull_request.labels.*.name, 'MERGE-NOW') || contains( github.event.pull_request.labels.*.name, 'codefreeze-approved'))
with:
python-version: '3.10' # get all commits, not just the latest
- name: Check for frozen files
env:
ALL_CHANGED_AND_MODIFIED_FILES: ${{ steps.changed-files.outputs.all_changed_and_modified_files }}
if: env.ACTIVE_FREEZE == 'true' && steps.changed-files.outputs.any_modified == 'true' && ! (contains( github.event.pull_request.labels.*.name, 'MERGE-NOW') || contains( github.event.pull_request.labels.*.name, 'codefreeze-approved'))
run: python local/bin/py/code-freeze-check.py -c $ALL_CHANGED_AND_MODIFIED_FILES
- name: Frozen file exception pass
if: env.ACTIVE_FREEZE == 'true' && (contains( github.event.pull_request.labels.*.name, 'MERGE-NOW') || contains( github.event.pull_request.labels.*.name, 'codefreeze-approved'))
run: echo 'This PR was marked for exception, passing.'
- name: All Ignored Files pass
if: env.ACTIVE_FREEZE == 'true' && steps.changed-files.outputs.any_modified != 'true' && ! (contains( github.event.pull_request.labels.*.name, 'MERGE-NOW') || contains( github.event.pull_request.labels.*.name, 'codefreeze-approved'))
run: echo 'This PR is not affected by the code freeze, passing.'