diff --git a/.github/workflows/build-and-publish.yml b/.github/workflows/build-and-publish.yml index 9ba56f8d6..867d79c9b 100644 --- a/.github/workflows/build-and-publish.yml +++ b/.github/workflows/build-and-publish.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/check-release-tag.yml b/.github/workflows/check-release-tag.yml index 5423c11a4..f099fa94e 100644 --- a/.github/workflows/check-release-tag.yml +++ b/.github/workflows/check-release-tag.yml @@ -17,7 +17,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index a258fef3a..91277c4fa 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -16,7 +16,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" @@ -42,7 +42,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" @@ -67,7 +67,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: ${{ matrix.python-versions }} poetry-version: "2.3.0" @@ -102,7 +102,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: ${{ matrix.python-versions }} poetry-version: "2.3.0" @@ -128,7 +128,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: ${{ matrix.python-versions }} poetry-version: "2.3.0" @@ -157,7 +157,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" @@ -179,7 +179,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" @@ -200,7 +200,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" @@ -227,7 +227,7 @@ jobs: fetch-depth: 0 - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: ${{ matrix.python-versions }} poetry-version: "2.3.0" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 104045ade..82c8388b1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,6 +26,11 @@ jobs: name: Report needs: - merge-gate + # This condition ensures the job runs if merge-gate finished (success or failure) + if: | + always() && + needs.merge-gate.result != 'skipped' && + needs.merge-gate.result != 'cancelled' uses: ./.github/workflows/report.yml secrets: inherit permissions: diff --git a/.github/workflows/gh-pages.yml b/.github/workflows/gh-pages.yml index 147d0453a..73c74dc99 100644 --- a/.github/workflows/gh-pages.yml +++ b/.github/workflows/gh-pages.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/matrix-all.yml b/.github/workflows/matrix-all.yml index 69a5aa4b4..558f5ef67 100644 --- a/.github/workflows/matrix-all.yml +++ b/.github/workflows/matrix-all.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/matrix-exasol.yml b/.github/workflows/matrix-exasol.yml index 44b5cfd98..a64b88c3f 100644 --- a/.github/workflows/matrix-exasol.yml +++ b/.github/workflows/matrix-exasol.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/matrix-python.yml b/.github/workflows/matrix-python.yml index 328799b6c..e68fd4d1e 100644 --- a/.github/workflows/matrix-python.yml +++ b/.github/workflows/matrix-python.yml @@ -19,7 +19,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/merge-gate.yml b/.github/workflows/merge-gate.yml index 7219a4d83..24200ed93 100644 --- a/.github/workflows/merge-gate.yml +++ b/.github/workflows/merge-gate.yml @@ -59,6 +59,7 @@ jobs: # This job ensures inputs have been executed successfully. allow-merge: name: Allow Merge + if: ${{ !cancelled() }} runs-on: "ubuntu-24.04" permissions: contents: read @@ -67,7 +68,13 @@ jobs: - run-fast-checks - run-slow-checks - test-python-environment - # Each job requires a step, so we added this dummy step. + # To prevent accidentally merges, this step is required. For more details + # see: https://github.com/exasol/python-toolbox/issues/563 steps: - - name: Approve - run: echo "Merge Approved" + - name: Branch Protection - failure if any ancestor failed or was cancelled + if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} + run: | + echo '${{ toJSON(needs) }}' + exit 1 + - name: branch protection + run: echo "All required checks passed. Merge allowed." diff --git a/.github/workflows/report.yml b/.github/workflows/report.yml index 8790ca1ab..7612aeba7 100644 --- a/.github/workflows/report.yml +++ b/.github/workflows/report.yml @@ -20,7 +20,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: "3.10" poetry-version: "2.3.0" diff --git a/.github/workflows/slow-checks.yml b/.github/workflows/slow-checks.yml index 8f1b55e42..46ed19863 100644 --- a/.github/workflows/slow-checks.yml +++ b/.github/workflows/slow-checks.yml @@ -29,7 +29,7 @@ jobs: - name: Set up Python & Poetry Environment id: set-up-python-and-poetry-environment - uses: exasol/python-toolbox/.github/actions/python-environment@v6 + uses: exasol/python-toolbox/.github/actions/python-environment@v7 with: python-version: ${{ matrix.python-version }} poetry-version: "2.3.0" diff --git a/doc/changes/unreleased.md b/doc/changes/unreleased.md index fb4737052..58a72b160 100644 --- a/doc/changes/unreleased.md +++ b/doc/changes/unreleased.md @@ -1,3 +1,7 @@ # Unreleased ## Summary + +## Bugfix + +* #563: Fixed merge-gate to prevent auto-merges from happening when integration tests failed diff --git a/exasol/toolbox/templates/github/workflows/ci.yml b/exasol/toolbox/templates/github/workflows/ci.yml index f58bbfe3c..8b93f291f 100644 --- a/exasol/toolbox/templates/github/workflows/ci.yml +++ b/exasol/toolbox/templates/github/workflows/ci.yml @@ -26,6 +26,11 @@ jobs: name: Report needs: - merge-gate + # This condition ensures the job runs if merge-gate finished (success or failure) + if: | + always() && + needs.merge-gate.result != 'skipped' && + needs.merge-gate.result != 'cancelled' uses: ./.github/workflows/report.yml secrets: inherit permissions: diff --git a/exasol/toolbox/templates/github/workflows/merge-gate.yml b/exasol/toolbox/templates/github/workflows/merge-gate.yml index 1b991327a..c6f01ed9b 100644 --- a/exasol/toolbox/templates/github/workflows/merge-gate.yml +++ b/exasol/toolbox/templates/github/workflows/merge-gate.yml @@ -51,6 +51,7 @@ jobs: # This job ensures inputs have been executed successfully. allow-merge: name: Allow Merge + if: ${{ !cancelled() }} runs-on: "(( os_version ))" permissions: contents: read @@ -58,7 +59,13 @@ jobs: needs: - run-fast-checks - run-slow-checks - # Each job requires a step, so we added this dummy step. + # To prevent accidentally merges, this step is required. For more details + # see: https://github.com/exasol/python-toolbox/issues/563 steps: - - name: Approve - run: echo "Merge Approved" + - name: Branch Protection - failure if any ancestor failed or was cancelled + if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} + run: | + echo '${{ toJSON(needs) }}' + exit 1 + - name: branch protection + run: echo "All required checks passed. Merge allowed."