|
| 1 | +# SPDX-FileCopyrightText: Copyright (c) 2024 NVIDIA CORPORATION & AFFILIATES. All rights reserved. |
| 2 | +# SPDX-License-Identifier: Apache-2.0 |
| 3 | +# |
| 4 | +# Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | +# you may not use this file except in compliance with the License. |
| 6 | +# You may obtain a copy of the License at |
| 7 | +# |
| 8 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | +# |
| 10 | +# Unless required by applicable law or agreed to in writing, software |
| 11 | +# distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | +# See the License for the specific language governing permissions and |
| 14 | +# limitations under the License. |
| 15 | + |
| 16 | +# A workflow to trigger ci on hybrid infra (github + self hosted runner) |
| 17 | +name: Blossom-CI |
| 18 | +on: |
| 19 | + issue_comment: |
| 20 | + types: [created] |
| 21 | + workflow_dispatch: |
| 22 | + inputs: |
| 23 | + platform: |
| 24 | + description: 'runs-on argument' |
| 25 | + required: false |
| 26 | + args: |
| 27 | + description: 'argument' |
| 28 | + required: false |
| 29 | +jobs: |
| 30 | + Authorization: |
| 31 | + name: Authorization3 |
| 32 | + runs-on: blossom |
| 33 | + outputs: |
| 34 | + args: ${{ env.args }} |
| 35 | + |
| 36 | + # This job only runs for pull request comments |
| 37 | + if: | |
| 38 | + github.event.comment.body == '/build' && (github.actor == 'niukuo' || github.actor == 'niukuo') |
| 39 | + steps: |
| 40 | + - name: Check if comment is issued by authorized person |
| 41 | + run: blossom-ci |
| 42 | + env: |
| 43 | + OPERATION: 'AUTH' |
| 44 | + REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 45 | + REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} |
| 46 | + |
| 47 | + Vulnerability-scan: |
| 48 | + name: Vulnerability scan |
| 49 | + needs: [Authorization] |
| 50 | + runs-on: vulnerability-scan |
| 51 | + steps: |
| 52 | + - name: Checkout code |
| 53 | + uses: actions/checkout@v2 |
| 54 | + with: |
| 55 | + repository: ${{ fromJson(needs.Authorization.outputs.args).repo }} |
| 56 | + ref: ${{ fromJson(needs.Authorization.outputs.args).ref }} |
| 57 | + lfs: 'true' |
| 58 | + |
| 59 | + - name: Run blossom action |
| 60 | + uses: NVIDIA/blossom-action@main |
| 61 | + env: |
| 62 | + REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 63 | + REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} |
| 64 | + with: |
| 65 | + args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }} |
| 66 | + args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }} |
| 67 | + args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }} |
| 68 | + |
| 69 | + Job-trigger: |
| 70 | + name: Start ci job |
| 71 | + needs: [Vulnerability-scan] |
| 72 | + runs-on: blossom |
| 73 | + steps: |
| 74 | + - name: Start ci job |
| 75 | + run: blossom-ci |
| 76 | + env: |
| 77 | + OPERATION: 'START-CI-JOB' |
| 78 | + CI_SERVER: ${{ secrets.CI_SERVER }} |
| 79 | + REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
| 80 | + |
| 81 | + Upload-Log: |
| 82 | + name: Upload log |
| 83 | + runs-on: blossom |
| 84 | + if : github.event_name == 'workflow_dispatch' |
| 85 | + steps: |
| 86 | + - name: Jenkins log for pull request ${{ fromJson(github.event.inputs.args).pr }} (click here) |
| 87 | + run: blossom-ci |
| 88 | + env: |
| 89 | + OPERATION: 'POST-PROCESSING' |
| 90 | + CI_SERVER: ${{ secrets.CI_SERVER }} |
| 91 | + REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} |
0 commit comments