[build] Release workflow improvements by titusfortner · Pull Request #16947 · SeleniumHQ/selenium
PR Code Suggestions ✨
Explore these optional code suggestions:
| Category | Suggestion | Impact |
| High-level |
Serialize jobs that push to trunkThe Examples:.github/workflows/release.yml [117-157]needs: [stage, publish, github-release] permissions: contents: write strategy: fail-fast: false matrix: language: [java, py, rb, dotnet, node] uses: ./.github/workflows/update-documentation.yml with: tag: ${{ needs.stage.outputs.tag }} ... (clipped 31 lines) Solution Walkthrough:Before:jobs: # ... docs: needs: [stage, publish, github-release] steps: - uses: actions/checkout@v4 with: ref: 'trunk' # ... - run: git push update-version: needs: [stage, unrestrict-trunk] # Does not wait for 'docs' steps: # ... - run: git push # ... After:jobs: # ... docs: needs: [stage, publish, github-release] steps: - uses: actions/checkout@v4 with: ref: 'trunk' # ... - run: git push update-version: needs: [stage, unrestrict-trunk, docs] # Waits for 'docs' to complete steps: # ... - run: git push # ... Suggestion importance[1-10]: 9__ Why: The suggestion correctly identifies a critical race condition introduced by the PR where the | High |
| General |
Declare secrets for reusable workflowIn the .github/workflows/mirror-selenium-releases.yml [7] workflow_call: + secrets: + SELENIUM_CI_TOKEN: + required: true
Suggestion importance[1-10]: 9__ Why: The PR makes the workflow reusable but omits declaring the secrets it needs, which would cause the workflow to fail when called. This suggestion fixes a critical flaw in the PR's implementation of the reusable workflow. | High |
| Possible issue |
Ensure failure notifications are always sentModify the .github/workflows/release.yml [194-217] on-release-failure: name: On Release Failure runs-on: ubuntu-latest - needs: [stage, publish, docs, github-release, update-version, nightly, mirror] - if: failure() + needs: [stage, get-approval, publish, docs, github-release, unrestrict-trunk, update-version, nightly, mirror] + if: always() && (needs.stage.result != 'success' || needs.get-approval.result != 'success' || needs.publish.result != 'success' || needs.docs.result != 'success' || needs.github-release.result != 'success' || needs.unrestrict-trunk.result != 'success' || needs.update-version.result != 'success' || needs.nightly.result != 'success' || needs.mirror.result != 'success') steps: - uses: actions/checkout@v4 - name: Slack Notification uses: rtCamp/action-slack-notify@v2 env: SLACK_ICON_EMOJI: ":rotating_light:" SLACK_COLOR: failure SLACK_CHANNEL: selenium-tlc SLACK_USERNAME: GitHub Workflows SLACK_TITLE: Release failed SLACK_MESSAGE: | • Selenium Published: ${{ needs.publish.result }} • Docs Updated: ${{ needs.docs.result }} • GitHub Release Published: ${{ needs.github-release.result }} • Nightly Version Updated: ${{ needs.update-version.result }} • Nightly Packages: ${{ needs.nightly.result }} • Mirror Updated: ${{ needs.mirror.result }} MSG_MINIMAL: actions url SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
Suggestion importance[1-10]: 7__ Why: The suggestion correctly identifies that | Medium |
| ||