mirror of
https://github.com/go-gitea/gitea.git
synced 2026-06-05 11:36:46 +02:00
0359746abe
## Summary This PR improves reusable workflow support for Gitea Actions. The parsing of the called workflow now happens on Gitea side, not on the runner. When the caller becomes ready, Gitea fetches the called workflow source, parses it, and inserts each child job into the database as a `ActionRunJob` linked to the caller via `ParentCallJobID`. As a result, every callee job is dispatched as its own task and its logs surface as an independent job entry in the UI, rather than being inlined into the caller's "Set up job" step. This PR supports two kinds of `uses` : - same-repo call: `uses: ./.gitea/workflows/foo.yaml` - cross-repo call: `uses: OWNER/REPO/.gitea/workflows/foo.yaml@REF` ## **⚠️ BREAKING ⚠️** External reusable workflows (`uses: https://other-gitea-instance/OWNER/REPO/.gitea/workflows/test.yaml@REF`) are no longer supported. To keep using them, clone the repositories to the local instance. ## Main changes ### Execution model - Each caller job carries `IsReusableCaller=true` and won't be fetched by runners. - `ParentCallJobID` can link a called job to its caller. - Caller status is derived from its direct children. ### Workflow syntax - `jobparser` now supports parsing `on: workflow_call` trigger with `inputs:`, `outputs:`, and `secrets:` declarations. - **Max nesting depth**: capped at `MaxReusableCallLevels = 9`, which means a top-level caller may have at most 9 nested callers below it. - **Cycle prevention**: at expansion time, `checkCallerChain` walks the caller's ancestor chain via `ParentCallJobID` and rejects if the same `uses:` string appears anywhere upstream (`reusable workflow call cycle detected`). This catches both direct (`A -> A`) and indirect (`A -> B -> A`) cycles. ### Cross-repo access - To share reusable workflows from private repos, use `Collaborative Owners` introduced by #32562 ### Rerun semantics - `expandRerunJobIDs` partitions the latest attempt's jobs into: - a **rerun set**: jobs being rerun + downstream siblings within the same scope. - an **ancestor set**: reusable callers whose only *some* descendants are being rerun (the caller itself is not). - Cloning behavior for callers in `execRerunPlan`: - **Caller is fully rerun** (caller's `AttemptJobID` in `rerunSet`): none of its descendants are cloned. The caller is cloned with `IsCallerExpanded=false`, and re-expansion (which reinserts the children fresh) happens later when the resolver brings the caller to `Waiting` again. - **Caller is in ancestor set** (only some descendants rerun): the caller is pass-through (`Status` will be updated by its fresh children). Its non-rerun descendants are also pass-through clones (point `SourceTaskID` at the original task). Their `ParentCallJobID` is remapped to the new attempt's caller row. ### UI - Job list in `RepoActionView.vue` is now tree-shaped: callers indent their children. Callers default to collapsed. - New caller detail page using `WorkflowGraph` to show direct children only; the run summary's `WorkflowGraph` shows top-level callers and their immediate descendants. ### Known trade-offs - **Caller expansion runs inside the enclosing write transaction.** `expandReusableWorkflowCaller` performs a git read of the called workflow while holding the row locks that update the caller and insert its children. This is intentional: the caller-row update and child-row inserts must commit atomically. None of the call sites is hot (each caller is expanded once per attempt), so the trade-off is acceptable. - **A malformed `if:` expression on a job leaves it `Blocked` silently.** `evaluateJobIf` now runs server-side as part of resolver passes; deterministic expression errors (typos, undefined context fields) are logged but do not surface in the UI. This is the same behavior the resolver already had for concurrency-expression errors. Distinguishing transient DB errors from user-authored expression errors and writing the latter back as `StatusFailure` is a follow-up. #### Screenshots <img width="1600" alt="image" src="https://github.com/user-attachments/assets/bfaa9b7a-07e9-4127-8de9-a81f86e82828" /> <img width="1600" alt="image" src="https://github.com/user-attachments/assets/8af109b3-ef28-4b53-aaad-d4632b923224" /> ## References - https://docs.github.com/en/actions/how-tos/reuse-automations/reuse-workflows - https://docs.github.com/en/actions/reference/workflows-and-actions/reusing-workflow-configurations --- Replace #36388 --------- Signed-off-by: Zettat123 <zettat123@gmail.com> Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.7) <noreply@anthropic.com>
472 lines
15 KiB
Go
472 lines
15 KiB
Go
// Copyright 2026 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package jobparser
|
|
|
|
import (
|
|
"maps"
|
|
"testing"
|
|
|
|
"gitea.com/gitea/runner/act/model"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
"go.yaml.in/yaml/v4"
|
|
)
|
|
|
|
func TestParseWorkflowCallSpec(t *testing.T) {
|
|
t.Run("malformed YAML surfaces a parse error", func(t *testing.T) {
|
|
// Mismatched flow-sequence brackets — yaml.Unmarshal must reject this.
|
|
_, err := ParseWorkflowCallSpec([]byte(`name: bad
|
|
on: [workflow_call
|
|
jobs:
|
|
noop: { }
|
|
`))
|
|
require.Error(t, err)
|
|
})
|
|
|
|
t.Run("workflow without on.workflow_call is rejected", func(t *testing.T) {
|
|
notCallable := []byte(`name: ordinary
|
|
on: push
|
|
jobs:
|
|
noop:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- run: echo
|
|
`)
|
|
_, err := ParseWorkflowCallSpec(notCallable)
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), "does not declare on.workflow_call")
|
|
})
|
|
|
|
t.Run("input missing the required type field is rejected", func(t *testing.T) {
|
|
content := callableWorkflow(t, `inputs:
|
|
x:
|
|
description: missing type
|
|
`)
|
|
_, err := ParseWorkflowCallSpec(content)
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), `missing required field "type"`)
|
|
})
|
|
|
|
t.Run("inputs/secrets/outputs are decoded", func(t *testing.T) {
|
|
content := callableWorkflow(t, `inputs:
|
|
env:
|
|
type: string
|
|
required: true
|
|
secrets:
|
|
DEPLOY_KEY:
|
|
required: true
|
|
outputs:
|
|
sha:
|
|
value: ${{ jobs.build.outputs.commit }}
|
|
`)
|
|
spec, err := ParseWorkflowCallSpec(content)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, InputTypeString, spec.Inputs["env"].Type)
|
|
assert.True(t, spec.Inputs["env"].Required)
|
|
assert.True(t, spec.Secrets["DEPLOY_KEY"].Required)
|
|
assert.Equal(t, "${{ jobs.build.outputs.commit }}", spec.Outputs["sha"].Value)
|
|
})
|
|
}
|
|
|
|
func TestEvaluateCallerWith(t *testing.T) {
|
|
t.Run("empty with: returns empty map", func(t *testing.T) {
|
|
out, err := EvaluateCallerWith("caller", &Job{}, nil, callerResults("caller", nil, nil), nil, nil)
|
|
require.NoError(t, err)
|
|
assert.Empty(t, out)
|
|
})
|
|
|
|
t.Run("non-string raw values pass through unchanged", func(t *testing.T) {
|
|
job := &Job{With: map[string]any{
|
|
"already_bool": true,
|
|
"already_int": 42,
|
|
"already_slice": []any{"a", "b"},
|
|
}}
|
|
out, err := EvaluateCallerWith("caller", job, nil, callerResults("caller", nil, nil), nil, nil)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, true, out["already_bool"])
|
|
assert.Equal(t, 42, out["already_int"])
|
|
assert.Equal(t, []any{"a", "b"}, out["already_slice"])
|
|
})
|
|
|
|
t.Run("expressions resolve against vars/inputs/results", func(t *testing.T) {
|
|
job := &Job{With: map[string]any{
|
|
"env_name": "${{ vars.ENV }}",
|
|
"from_inputs": "${{ inputs.PARENT_VAR }}",
|
|
"from_needs": "${{ needs.upstream.outputs.commit }}",
|
|
}}
|
|
gitCtx := map[string]any{"event": map[string]any{}}
|
|
results := callerResults("caller", []string{"upstream"}, map[string]*JobResult{
|
|
"upstream": {Result: "success", Outputs: map[string]string{"commit": "abc123"}},
|
|
})
|
|
vars := map[string]string{"ENV": "staging"}
|
|
inputs := map[string]any{"PARENT_VAR": "from-parent"}
|
|
out, err := EvaluateCallerWith("caller", job, gitCtx, results, vars, inputs)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, "staging", out["env_name"])
|
|
assert.Equal(t, "from-parent", out["from_inputs"])
|
|
assert.Equal(t, "abc123", out["from_needs"])
|
|
})
|
|
|
|
t.Run("matrix.X resolves to this caller row's matrix instance", func(t *testing.T) {
|
|
var rawMatrix yaml.Node
|
|
require.NoError(t, rawMatrix.Encode(map[string][]any{"target": {"staging"}}))
|
|
job := &Job{
|
|
With: map[string]any{"env": "${{ matrix.target }}"},
|
|
Strategy: Strategy{RawMatrix: rawMatrix},
|
|
}
|
|
out, err := EvaluateCallerWith("caller", job, nil, callerResults("caller", nil, nil), nil, nil)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, "staging", out["env"])
|
|
})
|
|
}
|
|
|
|
func TestMatchCallerInputsAgainstSpec(t *testing.T) {
|
|
// mustParseSpec wraps ParseWorkflowCallSpec for test brevity.
|
|
mustParseSpec := func(t *testing.T, content []byte) *WorkflowCallSpec {
|
|
t.Helper()
|
|
spec, err := ParseWorkflowCallSpec(content)
|
|
require.NoError(t, err)
|
|
return spec
|
|
}
|
|
|
|
t.Run("default is filled when caller does not provide the input", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
greeting:
|
|
type: string
|
|
default: hi
|
|
`))
|
|
out, err := MatchCallerInputsAgainstSpec(spec, nil)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, map[string]any{"greeting": "hi"}, out)
|
|
})
|
|
|
|
t.Run("caller-provided value wins over default", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
greeting:
|
|
type: string
|
|
default: hi
|
|
`))
|
|
out, err := MatchCallerInputsAgainstSpec(spec, map[string]any{"greeting": "hello"})
|
|
require.NoError(t, err)
|
|
assert.Equal(t, map[string]any{"greeting": "hello"}, out)
|
|
})
|
|
|
|
t.Run("required input must be provided", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
target:
|
|
type: string
|
|
required: true
|
|
`))
|
|
_, err := MatchCallerInputsAgainstSpec(spec, nil)
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), `"target" is required`)
|
|
})
|
|
|
|
t.Run("required input is satisfied by a default value", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
target:
|
|
type: string
|
|
required: true
|
|
default: prod
|
|
`))
|
|
out, err := MatchCallerInputsAgainstSpec(spec, nil)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, map[string]any{"target": "prod"}, out)
|
|
})
|
|
|
|
t.Run("boolean inputs accept native bool values and bool defaults", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
flag1:
|
|
type: boolean
|
|
flag2:
|
|
type: boolean
|
|
default: true
|
|
flag3:
|
|
type: boolean
|
|
`))
|
|
out, err := MatchCallerInputsAgainstSpec(spec, map[string]any{
|
|
"flag1": true,
|
|
"flag3": false,
|
|
})
|
|
require.NoError(t, err)
|
|
assert.Equal(t, true, out["flag1"])
|
|
assert.Equal(t, true, out["flag2"]) // from default
|
|
assert.Equal(t, false, out["flag3"])
|
|
})
|
|
|
|
t.Run("boolean input rejects strings", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
flag:
|
|
type: boolean
|
|
`))
|
|
_, err := MatchCallerInputsAgainstSpec(spec, map[string]any{"flag": "true"})
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), "expects boolean")
|
|
})
|
|
|
|
t.Run("number inputs accept native numeric values and number defaults", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
count:
|
|
type: number
|
|
ratio:
|
|
type: number
|
|
default: 0.5
|
|
`))
|
|
out, err := MatchCallerInputsAgainstSpec(spec, map[string]any{"count": 42})
|
|
require.NoError(t, err)
|
|
assert.InDelta(t, 42.0, out["count"], 0)
|
|
assert.InDelta(t, 0.5, out["ratio"], 0)
|
|
})
|
|
|
|
t.Run("number input rejects strings", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
count:
|
|
type: number
|
|
`))
|
|
_, err := MatchCallerInputsAgainstSpec(spec, map[string]any{"count": "42"})
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), "expects number")
|
|
})
|
|
|
|
t.Run("unknown caller-with key is silently dropped", func(t *testing.T) {
|
|
spec := mustParseSpec(t, callableWorkflow(t, `inputs:
|
|
known:
|
|
type: string
|
|
default: ok
|
|
`))
|
|
out, err := MatchCallerInputsAgainstSpec(spec, map[string]any{
|
|
"known": "yes",
|
|
"unknown": "ignored",
|
|
})
|
|
require.NoError(t, err)
|
|
assert.Equal(t, map[string]any{"known": "yes"}, out)
|
|
})
|
|
}
|
|
|
|
func TestParseCallerSecrets(t *testing.T) {
|
|
// secretYAMLNode unmarshals raw YAML text into a yaml.Node so tests can hand it to ParseCallerSecrets.
|
|
secretYAMLNode := func(t *testing.T, s string) yaml.Node {
|
|
t.Helper()
|
|
var node yaml.Node
|
|
require.NoError(t, yaml.Unmarshal([]byte(s), &node))
|
|
// yaml.Unmarshal wraps content in a DocumentNode; the meaningful node is the first child.
|
|
if node.Kind == yaml.DocumentNode && len(node.Content) > 0 {
|
|
return *node.Content[0]
|
|
}
|
|
return node
|
|
}
|
|
|
|
t.Run("zero node returns no inherit, no mapping", func(t *testing.T) {
|
|
inherit, mapping, err := ParseCallerSecrets(yaml.Node{})
|
|
require.NoError(t, err)
|
|
assert.False(t, inherit)
|
|
assert.Nil(t, mapping)
|
|
})
|
|
|
|
t.Run("\"inherit\" scalar sets inherit=true", func(t *testing.T) {
|
|
inherit, mapping, err := ParseCallerSecrets(secretYAMLNode(t, `inherit`))
|
|
require.NoError(t, err)
|
|
assert.True(t, inherit)
|
|
assert.Nil(t, mapping)
|
|
})
|
|
|
|
t.Run("non-inherit scalar is rejected", func(t *testing.T) {
|
|
_, _, err := ParseCallerSecrets(secretYAMLNode(t, `something-else`))
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), "expected mapping or 'inherit'")
|
|
})
|
|
|
|
t.Run("mapping of secrets-style references is parsed", func(t *testing.T) {
|
|
inherit, mapping, err := ParseCallerSecrets(secretYAMLNode(t, `
|
|
DEPLOY_KEY: ${{ secrets.GITEA_DEPLOY_KEY }}
|
|
DB_PASS: ${{ secrets.PROD_DB_PASS }}
|
|
`))
|
|
require.NoError(t, err)
|
|
assert.False(t, inherit)
|
|
assert.Equal(t, map[string]string{
|
|
"DEPLOY_KEY": "GITEA_DEPLOY_KEY",
|
|
"DB_PASS": "PROD_DB_PASS",
|
|
}, mapping)
|
|
})
|
|
|
|
t.Run("alias and source names are upper-cased", func(t *testing.T) {
|
|
inherit, mapping, err := ParseCallerSecrets(secretYAMLNode(t, `
|
|
deploy_key: ${{ secrets.gitea_deploy_key }}
|
|
`))
|
|
require.NoError(t, err)
|
|
assert.False(t, inherit)
|
|
assert.Equal(t, map[string]string{"DEPLOY_KEY": "GITEA_DEPLOY_KEY"}, mapping)
|
|
})
|
|
|
|
t.Run("mapping value not in ${{ secrets.NAME }} form is rejected", func(t *testing.T) {
|
|
// plain string
|
|
_, _, err := ParseCallerSecrets(secretYAMLNode(t, `KEY: not-an-expression`))
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), `must be of the form ${{ secrets.NAME }}`)
|
|
|
|
// expression but referencing the wrong context (vars instead of secrets)
|
|
_, _, err = ParseCallerSecrets(secretYAMLNode(t, `KEY: ${{ vars.NAME }}`))
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), `must be of the form ${{ secrets.NAME }}`)
|
|
})
|
|
}
|
|
|
|
func TestValidateCallerSecrets(t *testing.T) {
|
|
specWith := func(secrets map[string]SecretSpec) *WorkflowCallSpec {
|
|
return &WorkflowCallSpec{Secrets: secrets}
|
|
}
|
|
|
|
t.Run("explicit mapping with all required + only declared aliases is accepted", func(t *testing.T) {
|
|
spec := specWith(map[string]SecretSpec{
|
|
"DEPLOY_KEY": {Required: true},
|
|
"OPTIONAL": {},
|
|
})
|
|
mapping := map[string]string{
|
|
"DEPLOY_KEY": "PROD_DEPLOY_KEY",
|
|
"OPTIONAL": "SOMETHING_ELSE",
|
|
}
|
|
require.NoError(t, ValidateCallerSecrets(spec, mapping))
|
|
})
|
|
|
|
t.Run("alias not in callee schema is rejected", func(t *testing.T) {
|
|
spec := specWith(map[string]SecretSpec{"DEPLOY_KEY": {}})
|
|
mapping := map[string]string{
|
|
"DEPLOY_KEY": "PROD_DEPLOY_KEY",
|
|
"EXTRA": "SOMETHING_NOT_DECLARED",
|
|
}
|
|
err := ValidateCallerSecrets(spec, mapping)
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), `caller secret "EXTRA"`)
|
|
assert.Contains(t, err.Error(), `not declared`)
|
|
})
|
|
|
|
t.Run("missing required secret is rejected", func(t *testing.T) {
|
|
spec := specWith(map[string]SecretSpec{
|
|
"MUST_HAVE": {Required: true},
|
|
"OPTIONAL": {},
|
|
})
|
|
mapping := map[string]string{"OPTIONAL": "X"}
|
|
err := ValidateCallerSecrets(spec, mapping)
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), `required secret "MUST_HAVE"`)
|
|
assert.Contains(t, err.Error(), `not provided`)
|
|
})
|
|
|
|
t.Run("callee with no secrets schema accepts an empty mapping", func(t *testing.T) {
|
|
spec := specWith(map[string]SecretSpec{})
|
|
require.NoError(t, ValidateCallerSecrets(spec, nil))
|
|
require.NoError(t, ValidateCallerSecrets(spec, map[string]string{}))
|
|
})
|
|
|
|
t.Run("callee with no secrets schema rejects a non-empty mapping", func(t *testing.T) {
|
|
spec := specWith(map[string]SecretSpec{})
|
|
err := ValidateCallerSecrets(spec, map[string]string{"X": "Y"})
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), `caller secret "X"`)
|
|
})
|
|
|
|
t.Run("name matching is case-insensitive", func(t *testing.T) {
|
|
// declared name and caller alias differ only in case; both should match.
|
|
spec := specWith(map[string]SecretSpec{"deploy_key": {Required: true}})
|
|
mapping := map[string]string{"DEPLOY_KEY": "PROD_DEPLOY_KEY"}
|
|
require.NoError(t, ValidateCallerSecrets(spec, mapping))
|
|
})
|
|
|
|
t.Run("nil spec is rejected", func(t *testing.T) {
|
|
err := ValidateCallerSecrets(nil, map[string]string{"X": "Y"})
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), "nil workflow_call spec")
|
|
})
|
|
}
|
|
|
|
func TestEvaluateWorkflowCallOutputs(t *testing.T) {
|
|
t.Run("nil spec returns empty map", func(t *testing.T) {
|
|
out, err := EvaluateWorkflowCallOutputs(nil, &model.GithubContext{}, nil, nil, nil)
|
|
require.NoError(t, err)
|
|
assert.Empty(t, out)
|
|
})
|
|
|
|
t.Run("spec with no outputs returns empty map", func(t *testing.T) {
|
|
spec := &WorkflowCallSpec{Outputs: map[string]OutputSpec{}}
|
|
out, err := EvaluateWorkflowCallOutputs(spec, &model.GithubContext{}, nil, nil, nil)
|
|
require.NoError(t, err)
|
|
assert.Empty(t, out)
|
|
})
|
|
|
|
t.Run("plain string value passes through unchanged", func(t *testing.T) {
|
|
spec := &WorkflowCallSpec{Outputs: map[string]OutputSpec{
|
|
"name": {Value: "static-value"},
|
|
}}
|
|
out, err := EvaluateWorkflowCallOutputs(spec, &model.GithubContext{}, nil, nil, nil)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, map[string]string{"name": "static-value"}, out)
|
|
})
|
|
|
|
t.Run("output references jobs.<id>.outputs.<name>", func(t *testing.T) {
|
|
spec := &WorkflowCallSpec{Outputs: map[string]OutputSpec{
|
|
"sha": {Value: "${{ jobs.build.outputs.commit }}"},
|
|
}}
|
|
jobOutputs := JobOutputs{
|
|
"build": {"commit": "deadbeef"},
|
|
}
|
|
out, err := EvaluateWorkflowCallOutputs(spec, &model.GithubContext{}, nil, nil, jobOutputs)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, "deadbeef", out["sha"])
|
|
})
|
|
|
|
t.Run("output references inputs.<name>", func(t *testing.T) {
|
|
spec := &WorkflowCallSpec{Outputs: map[string]OutputSpec{
|
|
"target": {Value: "${{ inputs.env_name }}"},
|
|
}}
|
|
inputs := map[string]any{"env_name": "staging"}
|
|
out, err := EvaluateWorkflowCallOutputs(spec, &model.GithubContext{}, nil, inputs, nil)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, "staging", out["target"])
|
|
})
|
|
|
|
t.Run("multiple outputs are all evaluated", func(t *testing.T) {
|
|
spec := &WorkflowCallSpec{Outputs: map[string]OutputSpec{
|
|
"static": {Value: "static-value"},
|
|
"dynamic": {Value: "${{ vars.SUFFIX }}"},
|
|
}}
|
|
vars := map[string]string{"SUFFIX": "abc"}
|
|
out, err := EvaluateWorkflowCallOutputs(spec, &model.GithubContext{}, vars, nil, nil)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, "static-value", out["static"])
|
|
assert.Equal(t, "abc", out["dynamic"])
|
|
})
|
|
|
|
t.Run("expression referencing an undefined symbol surfaces an error", func(t *testing.T) {
|
|
spec := &WorkflowCallSpec{Outputs: map[string]OutputSpec{
|
|
"bad": {Value: "${{ this.is.not.valid() }}"},
|
|
}}
|
|
_, err := EvaluateWorkflowCallOutputs(spec, &model.GithubContext{}, nil, nil, nil)
|
|
require.Error(t, err)
|
|
assert.Contains(t, err.Error(), `output "bad"`)
|
|
})
|
|
}
|
|
|
|
// callableWorkflow returns a minimal valid called-workflow YAML with on.workflow_call.
|
|
func callableWorkflow(t *testing.T, body string) []byte {
|
|
t.Helper()
|
|
return []byte(`name: callable
|
|
on:
|
|
workflow_call:
|
|
` + body + `
|
|
jobs:
|
|
noop:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- run: "echo"
|
|
`)
|
|
}
|
|
|
|
// callerResults returns the minimum results map shape that NewInterpeter expects
|
|
func callerResults(callerJobID string, callerNeeds []string, deps map[string]*JobResult) map[string]*JobResult {
|
|
out := make(map[string]*JobResult, len(deps)+1)
|
|
maps.Copy(out, deps)
|
|
out[callerJobID] = &JobResult{Needs: callerNeeds}
|
|
return out
|
|
}
|