Skip to content

ci: Gate manual release workflows on wait-for-checks#1913

Merged
vdusek merged 4 commits into
masterfrom
ci/wait-for-checks-manual-workflows
May 25, 2026
Merged

ci: Gate manual release workflows on wait-for-checks#1913
vdusek merged 4 commits into
masterfrom
ci/wait-for-checks-manual-workflows

Conversation

@vdusek
Copy link
Copy Markdown
Collaborator

@vdusek vdusek commented May 25, 2026
edited
Loading

Here it is - finally, an attempt to adopt wait-for-checks action.

I started by consolidating all the checks into a single workflow. I think that makes sense: the boundaries between them weren't very well defined, and there's no real need to distinguish them.

Now wait-for-checks is in place, with Check* as the only regex specifying the checks to wait for.

Let me know what you think @janbuchar.

@vdusek vdusek added t-tooling Issues with this label are in the ownership of the tooling team. adhoc Ad-hoc unplanned task added during the sprint. labels May 25, 2026
@vdusek vdusek self-assigned this May 25, 2026
@github-actions github-actions Bot added this to the 141st sprint - Tooling team milestone May 25, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented May 25, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 92.91%. Comparing base (b13af58) to head (9efcaa4).
⚠️ Report is 1 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #1913      +/-   ##
==========================================
- Coverage   92.92%   92.91%   -0.01%     
==========================================
  Files         167      167              
  Lines       11714    11714              
==========================================
- Hits        10885    10884       -1     
- Misses        829      830       +1
Flag Coverage Δ
unit 92.91% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

vdusek added 2 commits May 25, 2026 14:24
@vdusek
ci: Consolidate check workflows into a single Checks workflow
208a166 
Merge _check_code.yaml, _check_docs.yaml, _check_package.yaml, and _tests.yaml
into a single _checks.yaml that exposes each check as a job. Reduces
duplication across on_master.yaml and on_pull_request.yaml and gives every
check the shared `Checks /` prefix. unit_tests carries `if: inputs.run_tests`
so on_master.yaml can keep skipping tests for docs-only commits.
@vdusek
ci: Gate manual release workflows on wait-for-checks
9eaa671 
Replace the in-release rerun of checks with a wait-for-checks step that
verifies the `Checks` workflow already passed on the dispatch commit (it
runs via on_master.yaml on every push). Saves the redundant rerun on the
stable release; adds gates to the beta release and the docs workflows that
previously had none. Pinned to the apify/workflows PR branch — switch to a
tagged release once apify/workflows#238 is merged.
@vdusek vdusek force-pushed the ci/wait-for-checks-manual-workflows branch from 9a5c8ad to 9eaa671 Compare May 25, 2026 12:30
@vdusek vdusek requested a review from janbuchar May 25, 2026 12:34
janbuchar
janbuchar approved these changes May 25, 2026
View reviewed changes
Comment thread .github/workflows/manual_release_beta.yaml Outdated
Comment thread .github/workflows/manual_release_stable.yaml Outdated
Comment thread .github/workflows/manual_version_docs.yaml Outdated
Comment thread .github/workflows/on_master.yaml
@vdusek vdusek merged commit 58d7881 into master May 25, 2026
31 checks passed
@vdusek vdusek deleted the ci/wait-for-checks-manual-workflows branch May 25, 2026 15:30
@vdusek vdusek mentioned this pull request May 25, 2026
Merged
vdusek added a commit that referenced this pull request May 25, 2026
@vdusek
ci: Grant checks: read to doc release job in on_master (#1914)
daf91a9 
## Summary

After merging #1913, `on_master.yaml` started failing with:

> The nested job 'release_docs' is requesting 'checks: read', but is
only allowed 'checks: none'.

When a workflow is called via `uses:`, the caller's `permissions:` block
must explicitly include every permission the called workflow requests.
The `doc_release` job in `on_master.yaml` was missing `checks: read`,
which `manual_release_docs.yaml` requests for its wait-for-checks step.

Also pins the wait-for-checks action in `manual_release_docs.yaml` to
`apify/actions/wait-for-checks@v1.2.0` (the file slipped through the
original PR — the other three release workflows already use the tagged
version).
This was referenced May 26, 2026
Merged
Merged
Merged
vdusek added a commit to apify/apify-client-python that referenced this pull request May 26, 2026
@vdusek
ci: Gate manual release workflows on wait-for-checks (#826)
45e3279 
## Summary

Ports the CI consolidation and `wait-for-checks` adoption from
`crawlee-python` to `apify-client-python`. See
[apify/crawlee-python#1913](apify/crawlee-python#1913)
for the original rationale and PR description; the follow-up permission
fixes from [#1914](apify/crawlee-python#1914)
and [#1915](apify/crawlee-python#1915) are baked
in here.

Two commits:

1. **Consolidate check workflows into a single Checks workflow** —
merges `_check_code.yaml`, `_check_docs.yaml`, `_check_docstrings.yaml`,
`_check_package.yaml`, and `_tests.yaml` into a single `_checks.yaml`.
Every check now carries the shared `Checks /` prefix. `unit_tests` and
`integration_tests` are gated on a `run_tests` input so `on_master.yaml`
can keep skipping tests for docs-only commits.
2. **Gate manual release workflows on wait-for-checks** — replaces the
inline `code_checks` step in `manual_release_stable.yaml` /
`manual_release_beta.yaml` / `manual_release_docs.yaml` /
`manual_version_docs.yaml` with an
`apify/actions/wait-for-checks@v1.2.0` step that verifies the `Checks`
workflow already passed on the dispatch commit (it runs via
`on_master.yaml` on every push). Every reusable-workflow caller that
ends up requesting `checks: read` (docs jobs in `on_master.yaml`,
`version_docs` / `doc_release` in `manual_release_stable.yaml`,
`doc_release_post_publish` in `manual_release_beta.yaml`) explicitly
grants the permission, since reusable workflows are capped at the
caller's permission set.
vdusek added a commit to apify/apify-shared-python that referenced this pull request May 26, 2026
@vdusek
ci: Gate manual release workflows on wait-for-checks (#70)
0eb9422 
## Summary

Ports the CI consolidation and `wait-for-checks` adoption from
`crawlee-python` to `apify-shared-python`. See
[apify/crawlee-python#1913](apify/crawlee-python#1913)
for the original rationale and PR description; the follow-up permission
fixes from [#1914](apify/crawlee-python#1914)
and [#1915](apify/crawlee-python#1915) are
referenced for completeness (this repo has no docs workflows so no extra
permission grants are needed).

Two commits:

1. **Consolidate check workflows into a single Checks workflow** —
merges `_check_code.yaml`, `_check_package.yaml`, and `_tests.yaml` into
a single `_checks.yaml`. Every check now carries the shared `Checks /`
prefix. `unit_tests` is gated on a `run_tests` input so `on_master.yaml`
can keep skipping tests for `ci`/`docs` commits.
2. **Gate manual release workflows on wait-for-checks** — replaces the
inline `code_checks` / `tests` jobs in `manual_release_stable.yaml` and
`manual_release_beta.yaml` with an
`apify/actions/wait-for-checks@v1.2.0` step that verifies the `Checks`
workflow already passed on the dispatch commit (it runs via
`on_master.yaml` on every push).
vdusek added a commit to apify/apify-sdk-python that referenced this pull request May 26, 2026
@vdusek
ci: Gate manual release workflows on wait-for-checks (#907)
1e5b94c 
## Summary

Ports the CI consolidation and `wait-for-checks` adoption from
`crawlee-python` to `apify-sdk-python`. See
[apify/crawlee-python#1913](apify/crawlee-python#1913)
for the original rationale and PR description; the follow-up permission
fixes from [#1914](apify/crawlee-python#1914)
and [#1915](apify/crawlee-python#1915) are baked
in here.

Two commits:

1. **Consolidate check workflows into a single Checks workflow** —
merges `_check_code.yaml`, `_check_docs.yaml`, `_check_package.yaml`,
and `_tests.yaml` into a single `_checks.yaml`. Every check now carries
the shared `Checks /` prefix. `unit_tests`, `integration_tests`, and
`e2e_tests` are gated on a `run_tests` input so `on_master.yaml` can
keep skipping tests for docs-only commits.
2. **Gate manual release workflows on wait-for-checks** — replaces the
inline `code_checks` step in `manual_release_stable.yaml` /
`manual_release_beta.yaml` / `manual_release_docs.yaml` /
`manual_version_docs.yaml` with an
`apify/actions/wait-for-checks@v1.2.0` step that verifies the `Checks`
workflow already passed on the dispatch commit (it runs via
`on_master.yaml` on every push). Every reusable-workflow caller that
ends up requesting `checks: read` (docs jobs in `on_master.yaml`,
`version_docs` / `doc_release` in `manual_release_stable.yaml`,
`doc_release_post_publish` in `manual_release_beta.yaml`) explicitly
grants the permission, since reusable workflows are capped at the
caller's permission set.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@janbuchar janbuchar janbuchar approved these changes

Assignees

@vdusek vdusek

Labels

adhoc Ad-hoc unplanned task added during the sprint. t-tooling Issues with this label are in the ownership of the tooling team.

Projects

None yet

Milestone

141st sprint - Tooling team

Development

Successfully merging this pull request may close these issues.

3 participants

@vdusek @janbuchar @apify-service-account