ilia/ansible
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add CI skip check for branch name and commit message
All checks were successful
CI / skip-ci-check (pull_request) Successful in 1m12s
Details
CI / lint-and-test (pull_request) Has been skipped
Details
CI / ansible-validation (pull_request) Has been skipped
Details
CI / secret-scanning (pull_request) Has been skipped
Details
CI / dependency-scan (pull_request) Has been skipped
Details
CI / sast-scan (pull_request) Has been skipped
Details
CI / license-check (pull_request) Has been skipped
Details
CI / vault-check (pull_request) Has been skipped
Details
CI / playbook-test (pull_request) Has been skipped
Details
CI / container-scan (pull_request) Has been skipped
Details
CI / sonar-analysis (pull_request) Has been skipped
Details
CI / workflow-summary (pull_request) Successful in 1m11s
Details

Browse Source 
- Introduce a new job in the CI workflow to determine if CI should be skipped based on specific patterns in the branch name or commit message.
- Update existing jobs to depend on the skip check, ensuring that CI processes are only executed when necessary.
- Enhance the overall efficiency of the CI pipeline by preventing unnecessary runs for certain commits.
This commit is contained in:
ilia 2025-12-28 23:05:46 -05:00
parent c84b0b8260
commit 32479d03f8
2 changed files with 89 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
.gitea/workflows/ci.yml
View File

@ -7,7 +7,69 @@ on:
pull_request:
jobs:
# Check if CI should be skipped based on branch name or commit message
skip-ci-check:
runs-on: ubuntu-latest
outputs:
should-skip: ${{ steps.check.outputs.skip }}
steps:
- name: Check out code (for commit message)
uses: actions/checkout@v4
with:
fetch-depth: 1
- name: Check if CI should be skipped
id: check
run: |
# Centralized skip patterns - add more here as needed
SKIP_PATTERNS="skip-ci,no-ci,skip ci,[skip ci],[ci skip]"
# Get branch name (works for both push and PR)
# For PRs, GITHUB_HEAD_REF contains the branch name
BRANCH_NAME="${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}"
# Get commit message (works for both push and PR)
# Try multiple sources for commit message
COMMIT_MSG="${GITHUB_EVENT_HEAD_COMMIT_MESSAGE:-}"
if [ -z "$COMMIT_MSG" ]; then
# For PRs, try pull request head commit
COMMIT_MSG="${GITHUB_EVENT_PULL_REQUEST_HEAD_COMMIT_MESSAGE:-}"
fi
if [ -z "$COMMIT_MSG" ]; then
# Fallback: try to get from git log (requires checkout)
COMMIT_MSG=$(git log -1 --pretty=%B 2>/dev/null || echo "")
fi
SKIP=0
# Check branch name (case-insensitive)
for pattern in $(echo $SKIP_PATTERNS | tr ',' ' '); do
if echo "$BRANCH_NAME" | grep -qi "$pattern"; then
echo "Skipping CI: branch name contains '$pattern'"
SKIP=1
break
fi
done
# Check commit message (case-insensitive)
if [ $SKIP -eq 0 ] && [ -n "$COMMIT_MSG" ]; then
for pattern in $(echo $SKIP_PATTERNS | tr ',' ' '); do
if echo "$COMMIT_MSG" | grep -qi "$pattern"; then
echo "Skipping CI: commit message contains '$pattern'"
SKIP=1
break
fi
done
fi
echo "skip=$SKIP" >> $GITHUB_OUTPUT
echo "Branch: $BRANCH_NAME"
echo "Commit: ${COMMIT_MSG:0:50}..."
echo "Skip CI: $SKIP"
lint-and-test:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: node:20-bullseye
@ -26,6 +88,8 @@ jobs:
continue-on-error: true
ansible-validation:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: ubuntu:22.04
@ -60,6 +124,8 @@ jobs:
continue-on-error: true
secret-scanning:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: zricethezav/gitleaks:latest
@ -78,6 +144,8 @@ jobs:
continue-on-error: true
dependency-scan:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: aquasec/trivy:latest
@ -93,6 +161,8 @@ jobs:
run: trivy fs --scanners vuln,secret --exit-code 0 .
sast-scan:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: ubuntu:22.04
@ -116,6 +186,8 @@ jobs:
continue-on-error: true
license-check:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: node:20-bullseye
@ -136,6 +208,8 @@ jobs:
continue-on-error: true
vault-check:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: ubuntu:22.04
@ -182,6 +256,8 @@ jobs:
echo "All vault files are properly encrypted!"
playbook-test:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: ubuntu:22.04
@ -224,6 +300,8 @@ jobs:
continue-on-error: true
container-scan:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: ubuntu:22.04
@ -273,6 +351,8 @@ jobs:
continue-on-error: true
sonar-analysis:
needs: skip-ci-check
if: needs.skip-ci-check.outputs.should-skip != '1'
runs-on: ubuntu-latest
container:
image: sonarsource/sonar-scanner-cli:latest

22
inventories/production/hosts
View File

@ -7,23 +7,13 @@
# `playbooks/app/site.yml` (it uses `add_host` based on `app_projects`).
# You generally do NOT need to add project hosts here.
[gitea]
giteaVM ansible_host=10.0.30.169 ansible_user=root
[portainer]
portainerVM ansible_host=10.0.30.69 ansible_user=ladmin
[homepage]
homepageVM ansible_host=10.0.30.12 ansible_user=homepage
[vaultwarden]
vaultwardenVM ansible_host=10.0.10.142 ansible_user=ladmin
[dev]
dev01 ansible_host=10.0.30.105 ansible_user=ladmin
bottom ansible_host=10.0.10.156 ansible_user=beast
debianDesktopVM ansible_host=10.0.10.206 ansible_user=user skip_reboot=true
devGPU ansible_host=10.0.30.63 ansible_user=root
[qa]
git-ci-01 ansible_host=10.0.10.223 ansible_user=ladmin
sonarqube-01 ansible_host=10.0.10.54 ansible_user=ladmin
@ -38,8 +28,14 @@ caddy ansible_host=10.0.10.50 ansible_user=root
jellyfin ansible_host=10.0.10.232 ansible_user=root
listmonk ansible_host=10.0.10.149 ansible_user=root
nextcloud ansible_host=10.0.10.25 ansible_user=root
actual ansible_host=10.0.10.159 ansible_user=root
actual ansible_host=10.0.10.158 ansible_user=root
vikanjans ansible_host=10.0.10.159 ansible_user=root
n8n ansible_host=10.0.10.158 ansible_user=root
giteaVM ansible_host=10.0.30.169 ansible_user=root
portainerVM ansible_host=10.0.30.69 ansible_user=ladmin
homepageVM ansible_host=10.0.30.12 ansible_user=homepage
vaultwardenVM ansible_host=10.0.10.142 ansible_user=ladmin
qBittorrent ansible_host=10.0.10.91 ansible_user=root port=8080
[desktop]
desktop-beast ansible_host=100.117.34.106 ansible_user=beast