From 54ea393a7c03647e448a20ea96111b76420774e0 Mon Sep 17 00:00:00 2001 From: "nikita.smirnov" Date: Thu, 21 Mar 2024 18:40:34 +0400 Subject: [PATCH 1/2] add if condition because failure of previous tasks are propagated --- .github/workflows/build-dev-release.yml | 8 ++++---- .github/workflows/build-release.yml | 6 ++++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-dev-release.yml b/.github/workflows/build-dev-release.yml index 2fa17ad..9bb49b7 100644 --- a/.github/workflows/build-dev-release.yml +++ b/.github/workflows/build-dev-release.yml @@ -95,9 +95,7 @@ jobs: needs: - build-and-publish-grpc-java - changes - if: | - always() && - (needs.changes.outputs.core == 'true' || needs.changes.outputs.grpc == 'true') + if: (needs.changes.outputs.core == 'true' || needs.changes.outputs.grpc == 'true') && !cancelled() steps: - uses: actions/checkout@v3 - name: Set up JDK 'zulu' '11' @@ -115,6 +113,7 @@ jobs: ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SONATYPE_GPG_ARMORED_KEY }} ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SONATYPE_SIGNING_PASSWORD }} owasp-scan: + if: needs.build-and-publish-core-java.result == 'success' && !cancelled() needs: - build-and-publish-core-java uses: th2-net/.github/.github/workflows/owasp-gradle-scan.yml@main @@ -129,8 +128,8 @@ jobs: - app-version - changes if: | - always() && (needs.changes.outputs.app == 'true' || needs.changes.outputs.grpc == 'true' || needs.changes.outputs.core == 'true') + && !cancelled() uses: th2-net/.github/.github/workflows/compaund-java-docker-push.yml@main with: docker-username: ${{ github.actor }} @@ -143,6 +142,7 @@ jobs: docker-password: ${{ secrets.GITHUB_TOKEN }} trivy-docker-scan: name: Scan Docker image for vulnerabilities + if: needs.publish-docker.result == 'success' && !cancelled() needs: - publish-docker - app-version diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml index 5382f5b..d54c07e 100644 --- a/.github/workflows/build-release.yml +++ b/.github/workflows/build-release.yml @@ -61,7 +61,7 @@ jobs: needs: - changes - build-and-publish-grpc-java - if: ${{ needs.changes.outputs.core == 'true' }} + if: (needs.changes.outputs.core == 'true' || needs.changes.outputs.grpc == 'true') && !cancelled() uses: th2-net/.github/.github/workflows/compaund-java-multi-project-build-release.yml@main with: projectPath: core @@ -73,6 +73,7 @@ jobs: sonatypeSigningKey: ${{ secrets.SONATYPE_GPG_ARMORED_KEY }} sonatypeSigningPassword: ${{ secrets.SONATYPE_SIGNING_PASSWORD }} owasp-scan: + if: needs.build-and-publish-core-java.result == 'success' && !cancelled() needs: - build-and-publish-core-java uses: th2-net/.github/.github/workflows/owasp-gradle-scan.yml@main @@ -83,8 +84,8 @@ jobs: publish-docker: name: Build and publish docker image if: | - always() && (needs.changes.outputs.app == 'true' || needs.changes.outputs.grpc == 'true' || needs.changes.outputs.core == 'true') + && !cancelled() needs: - build-and-publish-grpc-python - build-and-publish-grpc-java @@ -102,6 +103,7 @@ jobs: docker-password: ${{ secrets.GITHUB_TOKEN }} trivy-docker-scan: name: Scan Docker image for vulnerabilities + if: needs.publish-docker.result == 'success' && !cancelled() needs: - publish-docker - app-version From 653db092ae7f063aedcc0fc630f56297c9bd33b6 Mon Sep 17 00:00:00 2001 From: "nikita.smirnov" Date: Mon, 1 Apr 2024 15:46:23 +0400 Subject: [PATCH 2/2] Corrected after review --- .github/workflows/build-dev-release.yml | 4 +--- .github/workflows/build-release.yml | 4 +--- .github/workflows/build-sanpshot.yml | 3 +-- 3 files changed, 3 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-dev-release.yml b/.github/workflows/build-dev-release.yml index 9bb49b7..d436dd5 100644 --- a/.github/workflows/build-dev-release.yml +++ b/.github/workflows/build-dev-release.yml @@ -113,9 +113,7 @@ jobs: ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SONATYPE_GPG_ARMORED_KEY }} ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SONATYPE_SIGNING_PASSWORD }} owasp-scan: - if: needs.build-and-publish-core-java.result == 'success' && !cancelled() - needs: - - build-and-publish-core-java + if: "!cancelled()" uses: th2-net/.github/.github/workflows/owasp-gradle-scan.yml@main with: multiproject: true diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml index d54c07e..1e41fc8 100644 --- a/.github/workflows/build-release.yml +++ b/.github/workflows/build-release.yml @@ -73,9 +73,7 @@ jobs: sonatypeSigningKey: ${{ secrets.SONATYPE_GPG_ARMORED_KEY }} sonatypeSigningPassword: ${{ secrets.SONATYPE_SIGNING_PASSWORD }} owasp-scan: - if: needs.build-and-publish-core-java.result == 'success' && !cancelled() - needs: - - build-and-publish-core-java + if: "!cancelled()" uses: th2-net/.github/.github/workflows/owasp-gradle-scan.yml@main with: multiproject: true diff --git a/.github/workflows/build-sanpshot.yml b/.github/workflows/build-sanpshot.yml index 12e3d01..48f9509 100644 --- a/.github/workflows/build-sanpshot.yml +++ b/.github/workflows/build-sanpshot.yml @@ -55,8 +55,7 @@ jobs: sonatypeSigningKey: ${{ secrets.SONATYPE_GPG_ARMORED_KEY }} sonatypeSigningPassword: ${{ secrets.SONATYPE_SIGNING_PASSWORD }} owasp-scan: - needs: - - build-and-publish-core-java + if: "!cancelled()" uses: th2-net/.github/.github/workflows/owasp-gradle-scan.yml@main with: multiproject: true