From bfd5ca067b8a81d477f72faf831b9d079905ecca Mon Sep 17 00:00:00 2001 From: Tim Gels Date: Sat, 7 Feb 2026 15:42:58 +0100 Subject: [PATCH 1/4] refactor: consolidate workflows using dorny/paths-filter - Replaced separate docs-validation.yml and miscellaneous-validation.yml with single workflow - Implemented dorny/paths-filter pattern following Nextcloud/Immich approach - Added changes pre-job to detect src vs docs changes - Docs-only changes get fast check without full build/test - Config-only changes (LICENSE, .gitignore, etc.) don't require CI checks - Added concurrency control and explicit permissions - Simplified maintenance with single workflow file --- .github/workflows/pr-build-test.yml | 67 +++++++++++++++++++++-------- 1 file changed, 49 insertions(+), 18 deletions(-) diff --git a/.github/workflows/pr-build-test.yml b/.github/workflows/pr-build-test.yml index ad00aa0..2d3d7c8 100644 --- a/.github/workflows/pr-build-test.yml +++ b/.github/workflows/pr-build-test.yml @@ -3,32 +3,63 @@ name: PR Build and Test on: pull_request: branches: [ main ] - paths-ignore: - - '**.md' - - 'docs/**' - - '.github/ISSUE_TEMPLATE/**' - - '.github/FUNDING.yml' - - '.github/copilot-instructions.md' - - 'LICENSE' - - '.gitignore' - - '.gitattributes' - - '.editorconfig' - - '.vsconfig' - - '.filenesting.json' - - '.vscode/**' - - 'Assets/**' - - # Allow manual trigger for testing workflow_dispatch: +permissions: + contents: read + +concurrency: + group: pr-build-test-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + env: DOTNET_VERSION: '10.0.x' DOTNET_SKIP_FIRST_TIME_EXPERIENCE: true DOTNET_CLI_TELEMETRY_OPTOUT: true jobs: + changes: + runs-on: ubuntu-latest + outputs: + src: ${{ steps.filter.outputs.src }} + docs: ${{ steps.filter.outputs.docs }} + + steps: + - uses: actions/checkout@v6 + + - uses: dorny/paths-filter@v3 + id: filter + with: + filters: | + src: + - 'src/**' + - 'tests/**' + - '*.sln' + - '*.props' + - 'global.json' + - '.github/workflows/pr-build-test.yml' + docs: + - '**/*.md' + - 'docs/**' + - '.github/workflows/pr-build-test.yml' + + docs: + name: Documentation Check + needs: changes + if: needs.changes.outputs.docs == 'true' && needs.changes.outputs.src == 'false' + runs-on: ubuntu-latest + + steps: + - name: Checkout code + uses: actions/checkout@v6 + + - name: Documentation Check Complete + run: echo "✅ Documentation-only changes, no build required" + build: name: Build ${{ matrix.target.name }} + needs: changes + if: needs.changes.outputs.src == 'true' runs-on: windows-latest strategy: @@ -106,8 +137,8 @@ jobs: test-summary: name: Test Summary runs-on: windows-latest - needs: test - if: always() + needs: [changes, test] + if: always() && needs.changes.outputs.src == 'true' steps: - name: Checkout code From 57e14ffe7c1ecbadd18b33d1e37185bb07526f62 Mon Sep 17 00:00:00 2001 From: Tim Gels Date: Sat, 7 Feb 2026 15:57:59 +0100 Subject: [PATCH 2/4] fix: add fetch-depth to checkout for paths-filter dorny/paths-filter needs access to base commit for PR diffs. Without fetch-depth, shallow clone only has HEAD and filter fails. --- .github/workflows/pr-build-test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/pr-build-test.yml b/.github/workflows/pr-build-test.yml index 2d3d7c8..e475ec6 100644 --- a/.github/workflows/pr-build-test.yml +++ b/.github/workflows/pr-build-test.yml @@ -26,6 +26,8 @@ jobs: steps: - uses: actions/checkout@v6 + with: + fetch-depth: 0 - uses: dorny/paths-filter@v3 id: filter From e20c175fcdd9eb0cc35e329112e7cfc5f70b59fc Mon Sep 17 00:00:00 2001 From: Tim Gels Date: Sat, 7 Feb 2026 16:02:32 +0100 Subject: [PATCH 3/4] fix: add pull-requests read permission to changes job dorny/paths-filter needs pull-requests: read to query PR files via GitHub API. Following Nextcloud pattern of granting permission at job level (least privilege). --- .github/workflows/pr-build-test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/pr-build-test.yml b/.github/workflows/pr-build-test.yml index e475ec6..a345dba 100644 --- a/.github/workflows/pr-build-test.yml +++ b/.github/workflows/pr-build-test.yml @@ -20,6 +20,9 @@ env: jobs: changes: runs-on: ubuntu-latest + permissions: + contents: read + pull-requests: read outputs: src: ${{ steps.filter.outputs.src }} docs: ${{ steps.filter.outputs.docs }} From ab34a4807fe9168d9905280760dd241e5edf2e27 Mon Sep 17 00:00:00 2001 From: Tim Gels Date: Sat, 7 Feb 2026 16:24:49 +0100 Subject: [PATCH 4/4] fix: exclude markdown files from src filter Markdown files in src/ or tests/ should not trigger full build/test. Added negation patterns (!src/**/*.md, !tests/**/*.md) so markdown changes are treated as docs-only regardless of location. --- .github/workflows/pr-build-test.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/pr-build-test.yml b/.github/workflows/pr-build-test.yml index a345dba..d59601f 100644 --- a/.github/workflows/pr-build-test.yml +++ b/.github/workflows/pr-build-test.yml @@ -38,7 +38,9 @@ jobs: filters: | src: - 'src/**' + - '!src/**/*.md' - 'tests/**' + - '!tests/**/*.md' - '*.sln' - '*.props' - 'global.json'