Skip to content

fix: ETU-70728: Merge multi-job workflows to single job #132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rikard-swahn merged 9 commits into from
Apr 16, 2026
Merged

fix: ETU-70728: Merge multi-job workflows to single job #132

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
36685e6
fix: ETU-70728: Merged jobs "evaluate-input" and "validate-spec" into…
rikard-swahn Apr 15, 2026
cdf4962
fix: ETU-70728: Merged jobs into single job.
rikard-swahn Apr 15, 2026
8e0842b
fix: ETU-70728: Testing publish.
rikard-swahn Apr 15, 2026
7037647
fix: ETU-70728: Testing publish.
rikard-swahn Apr 15, 2026
b1a152a
Revert "fix: ETU-70728: Testing publish."
rikard-swahn Apr 15, 2026
bd5814c
fix: ETU-70728: Removed dryRun
rikard-swahn Apr 15, 2026
93d1d4d
fix: ETU-70728: Merged jobs into steps.
rikard-swahn Apr 15, 2026
d267902
fix: ETU-70728: Fixed names of jobs
rikard-swahn Apr 16, 2026
d2b3189
Merge branch 'main' into ETU-70728-jobs
rikard-swahn Apr 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
86 changes: 29 additions & 57 deletions .github/workflows/lint.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,18 +23,28 @@ env:
SPECTRAL_VERSION: "6.15.0"

jobs:
evaluate-input:
name: Evaluate input
lint:
name: OpenAPI Lint
runs-on: ubuntu-latest
permissions:
contents: read
actions: read
outputs:
spec_path: ${{ steps.resolve-spec-path.outputs.spec_path }}
id-token: write
env:
GHA_API_FAIL_THRESHOLD: ${{ inputs.fail_threshold }}
GHA_API_ARTIFACT: ${{ inputs.artifact }}
GHA_API_PATH: ${{ inputs.path }}
SHOULD_UPLOAD: >-
${{
inputs.upload_to_bucket == true
&& (
(github.event_name == 'push' && github.ref_name == github.event.repository.default_branch) ||
(github.event_name == 'pull_request' &&
github.event.action == 'closed' &&
github.event.pull_request.merged == true &&
github.event.pull_request.base.ref == github.event.repository.default_branch)
)
}}
steps:
- name: Checkout repository (if spec provided)
if: ${{ inputs.artifact == '' }}
Expand Down Expand Up @@ -86,29 +96,6 @@ jobs:
fi

echo "spec_path=$spec_path" >> "$GITHUB_OUTPUT"
- name: Send analytics
if: always()
uses: entur/gha-api/.github/actions/posthog@main
with:
workflow_name: lint
workflow_inputs: ${{ toJSON(inputs) }}
api_key: "phc_yhR5iXxjC2n6J7tqznFQURld147kruAy4HuYgjbyEyk"
Comment thread
egrimstad marked this conversation as resolved.
lint:
name: OpenAPI Lint
runs-on: ubuntu-latest
needs: evaluate-input
permissions:
contents: read
steps:
- name: Checkout repository (if spec provided)
if: ${{ inputs.artifact == '' }}
uses: actions/checkout@v6
- name: Download artifact (if artifact provided)
if: ${{ inputs.artifact != '' }}
uses: actions/download-artifact@v8
with:
pattern: ${{ inputs.artifact }}
path: /tmp/artifacts
- name: Checkout linting rulesets
uses: actions/checkout@v6
with:
Expand All @@ -122,7 +109,7 @@ jobs:
- name: Lint OpenAPI
shell: bash
env:
GHA_API_PATH: ${{ needs.evaluate-input.outputs.spec_path }}
GHA_API_PATH: ${{ steps.resolve-spec-path.outputs.spec_path }}
GHA_API_FAIL_THRESHOLD: ${{ inputs.fail_threshold }}
run: |
set -o errexit
Expand Down Expand Up @@ -156,35 +143,8 @@ jobs:
fi
fi
fi


upload-to-bucket:
name: Upload to bucket
if: |
inputs.upload_to_bucket == true
&& (
(github.event_name == 'push' && github.ref_name == github.event.repository.default_branch) ||
(github.event_name == 'pull_request' &&
github.event.action == 'closed' &&
github.event.pull_request.merged == true &&
github.event.pull_request.base.ref == github.event.repository.default_branch)
)
needs: evaluate-input
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
steps:
- name: Checkout repository (if spec provided)
if: ${{ inputs.artifact == '' }}
uses: actions/checkout@v6
- name: Download artifact (if artifact provided)
if: ${{ inputs.artifact != '' }}
uses: actions/download-artifact@v8
with:
pattern: ${{ inputs.artifact }}
path: /tmp/artifacts
- name: Check ENTUR_API_DATA_SA secret exists
if: ${{ env.SHOULD_UPLOAD == 'true' }}
env:
ENTUR_API_DATA_SA: ${{ secrets.ENTUR_API_DATA_SA }}
REPO_VISIBILITY: ${{ github.event.repository.visibility }}
Expand All @@ -199,17 +159,21 @@ jobs:
exit 1
fi
- uses: actions/setup-node@v6
Comment thread
rikard-swahn marked this conversation as resolved.
if: ${{ env.SHOULD_UPLOAD == 'true' }}
with:
node-version: 24
- name: Authenticate with Google Cloud
if: ${{ env.SHOULD_UPLOAD == 'true' }}
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
with:
credentials_json: "${{ secrets.ENTUR_API_DATA_SA }}"
- name: Set up Cloud SDK
if: ${{ env.SHOULD_UPLOAD == 'true' }}
uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1
- name: Bundle spec
if: ${{ env.SHOULD_UPLOAD == 'true' }}
env:
GHA_API_PATH: ${{ needs.evaluate-input.outputs.spec_path }}
GHA_API_PATH: ${{ steps.resolve-spec-path.outputs.spec_path }}
run: |
set -o errexit
set -o nounset
Expand All @@ -222,9 +186,17 @@ jobs:

cp $GHA_API_PATH /tmp/specs
- name: Upload specs to GCS
if: ${{ env.SHOULD_UPLOAD == 'true' }}
run: |
set -o errexit
set -o nounset
set -o pipefail
echo "Starting to sync files in /tmp/specs/ to GCS Bucket to path /${GITHUB_REPOSITORY#*/}"
gcloud storage rsync /tmp/specs/ "gs://ent-gcs-api-specs-prd-001/${GITHUB_REPOSITORY#*/}"
- name: Send analytics
if: always()
uses: entur/gha-api/.github/actions/posthog@main
with:
workflow_name: lint
workflow_inputs: ${{ toJSON(inputs) }}
api_key: "phc_yhR5iXxjC2n6J7tqznFQURld147kruAy4HuYgjbyEyk"
66 changes: 13 additions & 53 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,17 +15,17 @@ env:
SPECTRAL_VERSION: "6.15.0"

jobs:
evaluate-input:
name: Evaluate input
publish:
name: OpenAPI Publish
runs-on: ubuntu-latest
permissions:
contents: read
actions: read
outputs:
spec_path: ${{ steps.resolve-spec-path.outputs.spec_path }}
id-token: write
env:
GHA_API_ARTIFACT: ${{ inputs.artifact }}
GHA_API_PATH: ${{ inputs.path }}
CLOUD_RUN_ENDPOINT: https://europe-west1-ent-apidata-prd.cloudfunctions.net/publish-spec
steps:
- name: Checkout repository (if spec provided)
if: ${{ inputs.artifact == '' }}
Expand Down Expand Up @@ -62,29 +62,6 @@ jobs:
fi

echo "spec_path=$spec_path" >> "$GITHUB_OUTPUT"
- name: Send analytics
if: always()
uses: entur/gha-api/.github/actions/posthog@main
with:
workflow_name: publish
workflow_inputs: ${{ toJSON(inputs) }}
api_key: "phc_yhR5iXxjC2n6J7tqznFQURld147kruAy4HuYgjbyEyk"
validate-spec:
needs: evaluate-input
name: Validate spec
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Checkout repository (if spec provided)
if: ${{ inputs.artifact == '' }}
uses: actions/checkout@v6
- name: Download artifact (if artifact provided)
if: ${{ inputs.artifact != '' }}
uses: actions/download-artifact@v8
with:
name: ${{ inputs.artifact }}
path: /tmp/artifact
- uses: actions/setup-node@v6
with:
node-version: 24
Expand All @@ -100,7 +77,7 @@ jobs:
- name: Validate spec
shell: bash
env:
GHA_API_PATH: ${{ needs.evaluate-input.outputs.spec_path }}
GHA_API_PATH: ${{ steps.resolve-spec-path.outputs.spec_path }}
run: |
set -o errexit
set -o nounset
Expand All @@ -116,29 +93,6 @@ jobs:
echo "::error::Spec bundling failed. Failing workflow."
exit 1
fi

upload:
name: Upload spec
needs: [evaluate-input, validate-spec]
permissions:
contents: read
id-token: write
runs-on: ubuntu-latest
env:
CLOUD_RUN_ENDPOINT: https://europe-west1-ent-apidata-prd.cloudfunctions.net/publish-spec
steps:
- name: Checkout repository (if spec provided)
if: ${{ inputs.artifact == '' }}
uses: actions/checkout@v6
- name: Download artifact (if artifact provided)
if: ${{ inputs.artifact != '' }}
uses: actions/download-artifact@v8
with:
name: ${{ inputs.artifact }}
path: /tmp/artifact
- uses: actions/setup-node@v6
with:
node-version: 24
- name: Authenticate with Google Cloud
id: auth
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
Expand All @@ -149,10 +103,9 @@ jobs:
id_token_audience: ${{ env.CLOUD_RUN_ENDPOINT }}
id_token_include_email: true
create_credentials_file: false

- name: Upload
env:
GHA_API_PATH: ${{ needs.evaluate-input.outputs.spec_path }}
GHA_API_PATH: ${{ steps.resolve-spec-path.outputs.spec_path }}
ID_TOKEN: ${{ steps.auth.outputs.id_token }}
shell: bash
run: |
Expand Down Expand Up @@ -185,4 +138,11 @@ jobs:
}

echo "Successfully published: $GHA_API_PATH"
- name: Send analytics
if: always()
uses: entur/gha-api/.github/actions/posthog@main
with:
workflow_name: publish
workflow_inputs: ${{ toJSON(inputs) }}
api_key: "phc_yhR5iXxjC2n6J7tqznFQURld147kruAy4HuYgjbyEyk"

60 changes: 21 additions & 39 deletions .github/workflows/validate.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,17 +15,17 @@ env:
SPECTRAL_VERSION: "6.15.0"

jobs:
evaluate-input:
name: Evaluate input
validate-spec:
name: OpenAPI Validate
runs-on: ubuntu-latest
permissions:
contents: read
actions: read
outputs:
spec_path: ${{ steps.resolve-spec-path.outputs.spec_path }}
id-token: write
env:
GHA_API_ARTIFACT: ${{ inputs.artifact }}
GHA_API_PATH: ${{ inputs.path }}
CLOUD_RUN_ENDPOINT: https://europe-west1-ent-apidata-prd.cloudfunctions.net/publish-spec
steps:
- name: Checkout repository (if spec provided)
if: ${{ inputs.artifact == '' }}
Expand Down Expand Up @@ -55,38 +55,13 @@ jobs:
fi

echo "Path to spec resolved to $spec_path"

if [ ! -f $spec_path ]; then
echo "File $spec_path not found."
exit 1
fi

echo "spec_path=$spec_path" >> "$GITHUB_OUTPUT"
- name: Send analytics
if: always()
uses: entur/gha-api/.github/actions/posthog@main
with:
workflow_name: validate
workflow_inputs: ${{ toJSON(inputs) }}
api_key: "phc_yhR5iXxjC2n6J7tqznFQURld147kruAy4HuYgjbyEyk"
validate-spec:
name: OpenAPI Validate
needs: evaluate-input
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
env:
CLOUD_RUN_ENDPOINT: https://europe-west1-ent-apidata-prd.cloudfunctions.net/publish-spec
steps:
- uses: actions/checkout@v6
if: ${{ inputs.artifact == '' }}

- uses: actions/download-artifact@v8
if: ${{ inputs.artifact != '' }}
with:
name: ${{ inputs.artifact }}
path: /tmp/artifacts
echo "spec_path=$spec_path" >> "$GITHUB_OUTPUT"
- uses: actions/setup-node@v6
with:
node-version: 24
Expand Down Expand Up @@ -115,12 +90,12 @@ jobs:
- name: Validate
shell: bash
env:
GHA_API_PATH: ${{ needs.evaluate-input.outputs.spec_path }}
GHA_API_PATH: ${{ steps.resolve-spec-path.outputs.spec_path }}
ID_TOKEN: ${{ steps.auth.outputs.id_token }}
run: |
set -o errexit
set -o nounset
set -o pipefail
set -o pipefail
shopt -s globstar

echo "Validating spec: $GHA_API_PATH"
Expand All @@ -135,15 +110,15 @@ jobs:
filename=$(basename $GHA_API_PATH)
mkdir -p /tmp/specs
npx --ignore-scripts @redocly/cli@$REDOCLY_VERSION bundle -o /tmp/specs/$filename $GHA_API_PATH

# Extract repository name (without owner)
REPO_NAME="${GITHUB_REPOSITORY#*/}"

# Create metadata JSON
METADATA="{\"repository\": \"$REPO_NAME\"}"

echo "Uploading to api-spec-registry with dryRun=true..."

RESPONSE=$(curl --fail-with-body -sS \
-X PUT \
-H "Authorization: Bearer $ID_TOKEN" \
Expand All @@ -153,7 +128,14 @@ jobs:
DETAIL=$(echo "$RESPONSE" | jq -r '.detail')
echo "::error file=$GHA_API_PATH,line=1::$DETAIL"
exit 1
}
}

echo "Successfully validated: $GHA_API_PATH"
- name: Send analytics
if: always()
uses: entur/gha-api/.github/actions/posthog@main
with:
workflow_name: validate
workflow_inputs: ${{ toJSON(inputs) }}
api_key: "phc_yhR5iXxjC2n6J7tqznFQURld147kruAy4HuYgjbyEyk"

Loading