2525 args :
2626 description : ' argument'
2727 required : false
28- jobs :
29- Authorization :
30- name : Authorization
28+ jobs :
29+ Check-Authorization :
30+ runs-on : ubuntu-latest
31+ outputs :
32+ AUTHORIZED : ${{ steps.check-authorization.outputs.authorized }}
33+ steps :
34+ - id : check-authorization
35+ name : Check if commentor is allowed to launch NVIDIA CI
36+ env :
37+ AUTHORIZED_USERS : ${{ secrets.AUTHORIZED_USERS }}
38+ if : |
39+ contains(${{env.AUTHORIZED_USERS }}, format('{0},', github.actor)) &&
40+ github.event.comment.body == '/nvidia-ci'
41+ run : echo "::set-output name=authorized=true"
42+
43+
44+ Authorize-Blossom :
3145 runs-on : blossom
46+ needs : [Check-Authorization]
3247 outputs :
3348 args : ${{ env.args }}
3449
3550 steps :
36- - name : Check if comment is issued by authorized person
51+ - name : Authorize Blossom launch
3752 env :
3853 OPERATION : ' AUTH'
39- AUTHORIZED_USERS : ${{ secrets.AUTHORIZED_USERS }}
4054 REPO_TOKEN : ${{ secrets.GITHUB_TOKEN }}
4155 REPO_KEY_DATA : ${{ secrets.BLOSSOM_KEY }}
42- if : |
43- contains( ${{ env.AUTHORIZED_USERS }}, format('{0},', github.actor)) &&
44- github.event.comment.body == '/nvidia-ci'
56+ if : needs.Check-Authorization.outputs.authorized == 'true'
4557 run : blossom-ci
4658
47- Vulnerability-scan :
59+ Vulnerability-Scan :
4860 name : Vulnerability scan
49- needs : [Authorization ]
61+ needs : [Authorize-Blossom ]
5062 runs-on : ubuntu-latest
5163 steps :
5264 - name : Checkout code
@@ -66,12 +78,12 @@ jobs:
6678 args2 : ${{ fromJson(needs.Authorization.outputs.args).args2 }}
6779 args3 : ${{ fromJson(needs.Authorization.outputs.args).args3 }}
6880
69- Job-trigger :
70- name : Start ci job
71- needs : [Vulnerability-scan ]
81+ Launch-NVIDIA-CI :
82+ name : Start ci job on Blossom
83+ needs : [Vulnerability-Scan ]
7284 runs-on : blossom
7385 steps :
74- - name : Start ci job
86+ - name : Launch CI
7587 run : blossom-ci
7688 env :
7789 OPERATION : ' START-CI-JOB'
0 commit comments