@@ -10,12 +10,14 @@ name: CI
1010
1111permissions :
1212 actions : read
13+ contents : read
1314
1415on :
1516 push :
1617 branches : [main]
1718 pull_request :
1819 branches : [main]
20+ types : [opened, synchronize, reopened, labeled]
1921 merge_group :
2022 workflow_dispatch : {}
2123
@@ -31,6 +33,45 @@ concurrency:
3133 cancel-in-progress : true
3234
3335jobs :
36+ # Determine the OS matrix for CI jobs based on context:
37+ # - merge_group / workflow_dispatch / ci/merge label: all OSes
38+ # - ci/tier-1 label: centos-10 only (fast feedback on the primary target)
39+ # - plain PR: no heavy jobs
40+ compute-ci-level :
41+ runs-on : ubuntu-24.04
42+ outputs :
43+ package_os_matrix : ${{ steps.matrix.outputs.package_os_matrix }}
44+ integration_os_matrix : ${{ steps.matrix.outputs.integration_os_matrix }}
45+ upgrade_os_matrix : ${{ steps.matrix.outputs.upgrade_os_matrix }}
46+ run_heavy : ${{ steps.matrix.outputs.run_heavy }}
47+ steps :
48+ - name : Compute OS matrices
49+ id : matrix
50+ run : |
51+ LABELS='${{ toJson(github.event.pull_request.labels.*.name) }}'
52+ EVENT='${{ github.event_name }}'
53+
54+ if [[ "$EVENT" == "merge_group" || "$EVENT" == "workflow_dispatch" ]] \
55+ || echo "$LABELS" | jq -e 'index("ci/merge")' > /dev/null; then
56+ # Full suite: all OSes
57+ echo 'package_os_matrix=["fedora-43","fedora-44","fedora-45","centos-9","centos-10"]' >> "$GITHUB_OUTPUT"
58+ echo 'integration_os_matrix=["fedora-43","fedora-44","centos-9","centos-10"]' >> "$GITHUB_OUTPUT"
59+ echo 'upgrade_os_matrix=["fedora-43","centos-10"]' >> "$GITHUB_OUTPUT"
60+ echo 'run_heavy=true' >> "$GITHUB_OUTPUT"
61+ elif echo "$LABELS" | jq -e 'index("ci/tier-1")' > /dev/null; then
62+ # Tier-1 only: centos-10
63+ echo 'package_os_matrix=["centos-10"]' >> "$GITHUB_OUTPUT"
64+ echo 'integration_os_matrix=["centos-10"]' >> "$GITHUB_OUTPUT"
65+ echo 'upgrade_os_matrix=["centos-10"]' >> "$GITHUB_OUTPUT"
66+ echo 'run_heavy=true' >> "$GITHUB_OUTPUT"
67+ else
68+ # Plain PR: skip heavy jobs entirely
69+ echo 'package_os_matrix=[]' >> "$GITHUB_OUTPUT"
70+ echo 'integration_os_matrix=[]' >> "$GITHUB_OUTPUT"
71+ echo 'upgrade_os_matrix=[]' >> "$GITHUB_OUTPUT"
72+ echo 'run_heavy=false' >> "$GITHUB_OUTPUT"
73+ fi
74+
3475# Run basic validation checks (linting, formatting, etc)
3576 validate :
3677 runs-on : ubuntu-24.04
@@ -125,10 +166,12 @@ jobs:
125166 run : just build-mdbook
126167 # Build packages for each test OS
127168 package :
169+ if : needs.compute-ci-level.outputs.run_heavy == 'true'
170+ needs : compute-ci-level
128171 strategy :
129172 fail-fast : false
130173 matrix :
131- test_os : [fedora-43, fedora-44, fedora-45, centos-9, centos-10]
174+ test_os : ${{ fromJson(needs.compute-ci-level.outputs.package_os_matrix) }}
132175
133176 runs-on : ubuntu-24.04
134177
@@ -156,11 +199,12 @@ jobs:
156199 # running unit and integration tests (using TMT, leveraging the support for nested virtualization
157200 # in the GHA runners)
158201 test-integration :
159- needs : package
202+ if : needs.compute-ci-level.outputs.run_heavy == 'true'
203+ needs : [compute-ci-level, package]
160204 strategy :
161205 fail-fast : false
162206 matrix :
163- test_os : [fedora-43, fedora-44, centos-9, centos-10]
207+ test_os : ${{ fromJson(needs.compute-ci-level.outputs.integration_os_matrix) }}
164208 variant : [ostree, composefs]
165209 filesystem : ["ext4", "xfs"]
166210 bootloader : ["grub", "systemd"]
@@ -266,11 +310,12 @@ jobs:
266310 # then run readonly tests to verify the upgrade worked.
267311 # Excluded: centos-9 (lacks systemd.extra-unit.* support needed for --bind-storage-ro)
268312 test-upgrade :
269- needs : package
313+ if : needs.compute-ci-level.outputs.run_heavy == 'true'
314+ needs : [compute-ci-level, package]
270315 strategy :
271316 fail-fast : false
272317 matrix :
273- test_os : [fedora-43, centos-10]
318+ test_os : ${{ fromJson(needs.compute-ci-level.outputs.upgrade_os_matrix) }}
274319 variant : [ostree, composefs]
275320
276321 runs-on : ubuntu-24.04
@@ -316,7 +361,7 @@ jobs:
316361 # without a separate /boot partition isn't mounted in the initramfs anymore.
317362 # We need to change to use coreos-assembler.
318363 if : false
319- needs : package
364+ needs : [compute-ci-level, package]
320365 runs-on : ubuntu-24.04
321366
322367 steps :
@@ -358,7 +403,8 @@ jobs:
358403 # Builds localhost/bootc, exports as tarball, installs via Anaconda in QEMU,
359404 # and verifies the resulting disk boots.
360405 test-container-export :
361- needs : package
406+ if : needs.compute-ci-level.outputs.run_heavy == 'true'
407+ needs : [compute-ci-level, package]
362408 runs-on : ubuntu-24.04
363409
364410 steps :
@@ -389,17 +435,19 @@ jobs:
389435 name : container-export-test-${{ env.ARCH }}
390436 path : target/anaconda-test/*.log
391437
392- # Sentinel job for required checks - configure this job name in repository settings
438+ # Sentinel job for required checks - configure this job name in repository settings.
439+ # Accepts 'skipped' as success so that merge_group-only jobs don't block PRs.
393440 required-checks :
394441 if : always()
395- needs : [cargo-deny, validate, package, test-integration, test-upgrade, test-container-export]
442+ needs : [compute-ci-level, cargo-deny, validate, install-tests, docs , package, test-integration, test-upgrade, test-container-export]
396443 runs-on : ubuntu-latest
397444 steps :
398- - run : exit 1
399- if : >-
400- needs.cargo-deny.result != 'success' ||
401- needs.validate.result != 'success' ||
402- needs.package.result != 'success' ||
403- needs.test-integration.result != 'success' ||
404- needs.test-upgrade.result != 'success' ||
405- needs.test-container-export.result != 'success'
445+ - name : Check all jobs
446+ env :
447+ NEEDS : ${{ toJson(needs) }}
448+ run : |
449+ FAILED=$(echo "$NEEDS" | jq -r 'to_entries[] | select(.value.result | IN("success","skipped") | not) | .key')
450+ if [ -n "$FAILED" ]; then
451+ echo "The following jobs did not succeed: $FAILED"
452+ exit 1
453+ fi
0 commit comments