molecule-ai/molecule-core
41
0
Fork 2
Code Issues 44 Pull Requests 15 Actions 6 Packages Projects Releases Wiki Activity
83c8efee11
molecule-core/.github/workflows/check-merge-group-trigger.yml
Molecule AI Core-BE 9368b20d49
Some checks failed
sop-tier-check / tier-check (pull_request) Failing after 5s
Details
Secret scan / Scan diff for credential-shaped strings (pull_request) Successful in 6s
Details
[core-be-agent] fix(ci): replace gh api calls with Gitea-compatible alternatives 
Issue #75 PR-D: two remaining `gh` CLI calls in .github/workflows/.

1. ci.yml canvas-deploy-reminder:
   - Replaced `gh api POST repos/.../commits/.../comments` with writing
     to GITHUB_STEP_SUMMARY. Gitea has no commit-comments API (confirmed
     in issue #75), so the gh call always failed. GITHUB_STEP_SUMMARY works
     on both GitHub Actions and Gitea Actions as the workflow-run summary
     page, which is the natural place for post-deploy action items.
   - Removed now-unnecessary GH_TOKEN env var and contents:write permission.

2. check-merge-group-trigger.yml:
   - Converted to no-op stub. Gitea has no merge queue feature and no
     merge_group: event type, so this workflow's lint would find nothing
     to verify (all workflows vacuously pass). Keeping workflow+job name
     unchanged preserves commit-status context names for branch protection
     consumers. Dropped the merge_group: trigger since it would never fire
     on Gitea. Dropped the full bash linter + gh api call.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-09 23:10:07 +00:00

49 lines
1.9 KiB
YAML
Raw Blame History

name: Check merge_group trigger on required workflows
# Pre-merge guard against the deadlock pattern where a workflow whose
# check is in `required_status_checks` lacks a `merge_group:` trigger.
# Without it, GitHub merge queue stalls forever in AWAITING_CHECKS
# because the required check can't fire on `gh-readonly-queue/...` refs.
#
# This workflow:
# 1. Lists required status checks on the branch protection rule for `staging`
# 2. For each required check, finds the workflow that produces it (by job
# name match)
# 3. Fails if any such workflow lacks `merge_group:` in its triggers
#
# Reasoning for staging-only: main has its own CI gating model (PR review),
# but staging is what the merge queue runs on, so it's the trigger that
# matters.
#
# Gitea stub: Gitea has no merge queue feature and no `merge_group:`
# event type. The linter would find no `merge_group:` triggers to verify
# (they don't exist on Gitea), so the lint is vacuously satisfied.
# Converting to a no-op stub keeps the workflow+job name stable for any
# commit-status context consumers while eliminating the `gh api` call
# that fails against Gitea's REST surface (#75 / PR-D).
on:
pull_request:
paths:
- '.github/workflows/**.yml'
- '.github/workflows/**.yaml'
push:
branches: [staging, main]
paths:
- '.github/workflows/**.yml'
- '.github/workflows/**.yaml'
jobs:
check:
name: Required workflows have merge_group trigger
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Gitea no-op (merge queue not applicable)
run: |
echo "Gitea Actions — merge queue not supported; no-op."
echo "On GitHub this workflow lints that required-check workflows declare"
echo "merge_group: triggers to prevent queue deadlock. On Gitea that"
echo "constraint is inapplicable — all workflows pass vacuously."
Reference in New Issue View Git Blame Copy Permalink