ci: standardize CI/CD onto the golden path#415
Open
AlexanderBrevig wants to merge 3 commits into
Open
Conversation
skjolber
reviewed
Jun 22, 2026
skjolber
reviewed
Jun 22, 2026
skjolber
reviewed
Jun 22, 2026
skjolber
reviewed
Jun 22, 2026
2dd2601 to
870764b
Compare
- collapse build/ci/cd into ci.yml (PR + deploy dev) and cd.yml (promote tst->prd) - ci auto-deploys to dev/sbx for non-dependabot PRs; dependabot reuses ci after approval - pr.yml validates the PR title as a Conventional Commit (gha-meta verify-pr) - Template E JVM library: ci.yml runs ./gradlew build (pull_request + workflow_call) on temurin Java 25, publishing JUnit results via dorny/test-reporter over the multi-module path **/build/test-results/test/*.xml - this library publishes to Maven Central (JReleaser / gha-maven-central), NOT Artifactory, so no ARTIFACTORY_AUTH_* env was added (confirmed absent in build.gradle) - removed pr-verify.yml (superseded by ci.yml + pr.yml); KEPT main-verify.yml because it also verifies push-to-main and posts Slack success/failure, which ci.yml does not cover - KEPT Maven Central publish workflows (deploy-main-manual-gradle.yml, deploy-legacy-branch-manual-gradle.yml), codeql.yml, copilot-setup-steps.yml untouched - kept existing .github/dependabot.yaml (already covers gradle + github-actions) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
870764b to
1c144c9
Compare
- ci.yml: make test-reporter check-run name unique per run attempt so reruns don't collide on the SHA-bound check (dorny/test-reporter#67) - ci.yml: run CI on PRs to the 5.x and 6.x legacy branches, not just main - dependabot-pr.yml: drop unneeded secrets: inherit and trim permissions to match ci.yml (build/test only; no Maven Central publishing here) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Contributor
There was a problem hiding this comment.
Pull request overview
Standardizes this repository’s GitHub Actions configuration toward the kvalitet golden-path approach by introducing reusable CI, a dedicated PR-title verification workflow, and a Dependabot post-approval CI re-run mechanism.
Changes:
- Adds a new reusable
CIworkflow (ci.yml) that runs the Gradle build/tests and publishes JUnit results. - Replaces the old PR verification workflow with a
PRworkflow that callsentur/gha-meta’s PR-title verification. - Adds a
Dependabot CI (post-approval)workflow to re-run CI after a human approval, and updates Copilot setup steps to use the newer checkout action pin.
Reviewed changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/pr.yml | New PR workflow calling the shared PR-title verification reusable workflow. |
| .github/workflows/pr-verify.yml | Removes the legacy PR verification workflow. |
| .github/workflows/dependabot-pr.yml | Adds post-approval CI rerun for Dependabot PRs via reusable ci.yml. |
| .github/workflows/copilot-setup-steps.yml | Updates the actions/checkout pin used for Copilot setup validation. |
| .github/workflows/ci.yml | Adds new reusable CI workflow running Gradle build/tests with JUnit reporting and an aggregate “CI” job. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+42
to
+46
| ci: | ||
| name: CI | ||
| needs: [test] | ||
| if: ${{ !cancelled() }} | ||
| runs-on: ubuntu-24.04 |
Comment on lines
+1
to
+5
| # Continuous Integration — kvalitet golden-path variant (JVM library, Template E). | ||
| # | ||
| # Reusable (workflow_call) AND directly triggered on pull_request. Runs the multi-module | ||
| # Gradle build and publishes the JUnit test results. This library publishes to Maven Central | ||
| # (JReleaser / gha-maven-central) via the manual deploy workflows, NOT Artifactory, so no |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Standardizes this repo's CI/CD onto the kvalitet golden-path variant.
📋 Flow & rationale: https://github.com/entur/team-kvalitet/blob/cf2e0a6cc5b68330aaf45d969e2d1fa2b407e201/CICD-FLOW.md
What changes
ci.yml+cd.yml(nobuild.ymlsplit);cideploys to dev/sbx on every PR.pr.ymlvalidates the Conventional-Commit PR title.entur/*actions SHA-pinned (latest majors); workflows named CI / CD / PR.