chore: Ny workflow for push/pr

Forsøk på å forhindre at flere jobber kjører i parallell når vi dytter noe til en branch med en åpen PR

Author: torhakon

.github/workflows/on_push_pr_branch.yml

@@ -0,0 +1,156 @@
+name: ON PUSH OR PR FEATURE BRANCH
+run-name:
+on:
+  push:
+    branches-ignore:
+      - main
+    paths:
+      - "src/**"
+  pull_request:
+    branches-ignore:
+      - main
+    paths:
+      - "src/**"
+  workflow_dispatch:
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref_name }}
+jobs:
+  staticCodeValidation:
+    name: Validation jobs
+    uses: navikt/sf-platform/.github/workflows/ciStaticCodeValidation.yml@main
+    permissions:
+      contents: read
+      security-events: write
+
+  # Detect changes in the src directory
+  # The job is executed on the ubuntu-latest runner
+  # It runs after the staticCodeValidation job
+  checkChanges:
+    name: Check changes
+    runs-on: ubuntu-latest
+    outputs:
+      hasSrcChanges: ${{ steps.checkChanges.outputs.hasSrcChanges }}
+    permissions:
+      contents: read
+    steps:
+      # Checkout the repository
+      - name: "Checkout"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          fetch-depth: 0
+          persist-credentials: false
+
+      # Check for changes in the src directory excluding .md files
+      - uses: navikt/sf-platform/.github/actions/checkForPackageChanges@5a37e9b86c238d23ec7bc31cd8d437daaad6e952
+        id: checkChanges
+
+  # Validate changes
+  # The job is executed on the ubuntu-latest runner in a container with the SFP CLI installed
+  # It runs after the checkChanges job and only if there are changes to the packages detected
+  # It uses the SFP CLI to validate the changes
+  # It also handles the case where the validation fails and deletes the scratch org
+  # It uploads the build artifacts and logs generated during the validation process
+  validateChanges:
+    name: Validate changes
+    needs: ["checkChanges", "staticCodeValidation"]
+    if: ${{ github.event_name == 'workflow_dispatch' || needs.checkChanges.outputs.hasSrcChanges == 'true' }}
+    runs-on: ubuntu-latest
+    container: ghcr.io/flxbl-io/sfp:${{ vars.SFP_CONTAINER_VERSION }}
+    permissions:
+      contents: read
+      packages: write
+    env:
+      POOLS: ${{ vars.DEFAULT_CI_POOL }}
+      DEVHUB_ALIAS: "devhub"
+      COVERAGE_PERCENT: ${{ vars.CODE_COVERAGE_PERCENTAGE }}
+      SFP_LOG_LEVEL: ${{ vars.SFP_LOG_LEVEL }}
+      EVENT: ${{ github.event_name }}
+    steps:
+      # Checkout the repository
+      - name: "Checkout"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          fetch-depth: 0
+          persist-credentials: true
+
+      # Authenticate with DevHub
+      - name: Authenticate DevHub
+        uses: navikt/sf-platform/.github/actions/authenticateOrg@8cb5b2d5a19ce8ccfd5c4ee95cecddc4d5fa984f
+        with:
+          auth-url: ${{ secrets.SF_DEVHUB_URL }}
+          alias: "devhub"
+          setDefaultDevhubUsername: "true"
+
+      # Quickbuild on push
+      # This step is only executed on push events
+      - name: "Quickbuild package"
+        id: quickbuildPackage
+        if: ${{ env.EVENT == 'push' }}
+        shell: bash
+        run: |
+          sfp quickbuild --devhubalias devhub --diffcheck --buildnumber ${GITHUB_RUN_ID} --branch ${GITHUB_REF#refs/heads/} --loglevel ${SFP_LOG_LEVEL}
+
+      # Validate against CI Pool
+      # This step is only executed on pull_request events
+      # It validates the changes against the CI pool
+      # and deletes the scratch org after validation
+      # It also handles the case where the validation fails
+      # and deletes the scratch org
+      - name: "Validate against CI Pool"
+        if: ${{ env.EVENT == 'pull_request' || env.EVENT == 'workflow_dispatch' }}
+        run: |
+          command=("sfp" "validate" "pool")
+          command+=("--pools" "${POOLS}")
+          command+=("--targetdevhubusername" "${DEVHUB_ALIAS}")
+          command+=("--mode" "${MODE}")
+          command+=("--logsgroupsymbol" "::group::,::endgroup::")
+          command+=("--loglevel" "${SFP_LOG_LEVEL}")
+
+          if [ "${COVERAGE_PERCENT}" ]; then
+            command+=("--coveragepercent" "${COVERAGE_PERCENT}")
+          fi
+
+          if [ "${REF}" ]; then
+            command+=( "--ref" "${REF}" )
+          fi
+
+          if [ "${BASE_REF}" ]; then
+            command+=( "--baseRef" "${BASE_REF}" )
+          fi
+
+          if [ "${DELETE_SCRATCH}" == "true" ]; then
+            command+=("--deletescratchorg")
+          fi
+
+          echo "Executing command: ${command[*]}"
+          "${command[@]}"
+        env:
+          MODE: "thorough"
+          REF: ${{ github.event.pull_request.head.sha }}
+          BASE_REF: ${{ github.event.pull_request.base.sha }}
+          DELETE_SCRATCH: "true"
+
+      # Delete the scratch org if the validation fails
+      # This step is only executed if the validation fails
+      # It deletes the scratch org to clean up resources
+      # and prevent stale orgs from accumulating
+      # It uses the sf org delete command with the -p flag
+      # to delete the scratch org without confirmation
+      - name: Delete Stale Validation Org
+        if: ${{ failure() }}
+        run: sf org delete scratch -p
+
+      # Upload build artifacts and logs if present
+      # This step is executed regardless of the outcome of the previous steps
+      # It uploads the artifacts and logs generated during the build process
+      # It uses the navikt/sf-platform action to upload the artifacts and logs
+      # The artifacts are uploaded with the name "build-artifacts"
+      # The logs are uploaded with the name "build-logs"
+      - name: Upload artifacts and logs
+        if: always()
+        uses: navikt/sf-platform/.github/actions/uploadWorkflowArtifactsAndLogs@8cb5b2d5a19ce8ccfd5c4ee95cecddc4d5fa984f
+        with:
+          artifactName: "build-artifacts"
+          uploadArtifacts: true
+          logName: "build-logs"
+          publishLogs: true