# Copyright (c) 2022-2024, NVIDIA CORPORATION & AFFILIATES. All rights reserved. # # See LICENSE for license information. # A workflow to trigger ci on hybrid infra (github + self hosted runner) name: TE-CI Trigger on: issue_comment: types: [created] jobs: Authorization: name: Authorization runs-on: blossom outputs: args: ${{ env.args }} # This job only runs for pull request comments if: > startsWith(github.event.comment.body, '/te-ci') && ( github.actor == 'ptrendx' || github.actor == 'ksivaman' || github.actor == 'schetlur-nv' || github.actor == 'timmoon10' || github.actor == 'zlsh80826' || github.actor == 'mingxu1067' || github.actor == 'cyanguwa' || github.actor == 'nzmora-nvidia' || github.actor == 'galagam' || github.actor == 'nouiz' || github.actor == 'denera' || github.actor == 'sudhakarsingh27' || github.actor == 'Oleg-Goncharov' || github.actor == 'phu0ngng' || github.actor == 'xrennvidia' ) steps: - name: Check if comment is issued by authorized person run: blossom-ci env: OPERATION: 'AUTH' REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} Vulnerability-scan: name: Vulnerability scan needs: [Authorization] runs-on: ubuntu-latest steps: - name: Checkout code uses: actions/checkout@v2 with: repository: ${{ fromJson(needs.Authorization.outputs.args).repo }} ref: ${{ fromJson(needs.Authorization.outputs.args).ref }} lfs: 'true' - name: Run blossom action uses: NVIDIA/blossom-action@main env: REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }} REPO_KEY_DATA: ${{ secrets.BLOSSOM_KEY }} with: args1: ${{ fromJson(needs.Authorization.outputs.args).args1 }} args2: ${{ fromJson(needs.Authorization.outputs.args).args2 }} args3: ${{ fromJson(needs.Authorization.outputs.args).args3 }} Job-trigger: name: Start ci job needs: [Vulnerability-scan] runs-on: blossom steps: - name: Start ci job run: blossom-ci env: OPERATION: 'START-CI-JOB' CI_SERVER: ${{ secrets.CI_SERVER }} REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}