ci/logging: Add failure detection

.github/workflows/_cache.yml

@@ -29,7 +29,7 @@ on:
 # For a job that does, you can restore with something like:
 #
 #    steps:
-#    - uses: envoyproxy/toolshed/gh-actions/docker/cache/restore@actions-v0.2.26
+#    - uses: envoyproxy/toolshed/gh-actions/docker/cache/restore@actions-v0.2.27
 #      with:
 #        key: "${{ needs.env.outputs.build-image }}"
 #
@@ -39,28 +39,28 @@ jobs:
   docker:
     runs-on: ubuntu-22.04
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.27
       id: appauth
       name: Appauth (mutex lock)
       with:
         app_id: ${{ secrets.app-id }}
         key: ${{ secrets.app-key }}
-    - uses: envoyproxy/toolshed/gh-actions/docker/cache/prime@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/docker/cache/prime@actions-v0.2.27
       id: docker
       name: Prime Docker cache (${{ inputs.image-tag }})
       with:
         image-tag: ${{ inputs.image-tag }}
         lock-token: ${{ steps.appauth.outputs.token }}
         lock-repository: ${{ inputs.lock-repository }}
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       id: data
       name: Cache data
       with:
         input-format: yaml
         input: |
           cached: ${{ steps.docker.outputs.cached }}
           key: ${{ inputs.image-tag }}
-    - uses: envoyproxy/toolshed/gh-actions/json/table@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/json/table@actions-v0.2.27
       name: Summary
       with:
         json: ${{ steps.data.outputs.value }}

.github/workflows/_finish.yml

@@ -36,7 +36,7 @@ jobs:
       actions: read
       contents: read
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       name: Incoming data
       id: needs
       with:
@@ -87,21 +87,21 @@ jobs:
                    summary: "Check has finished",
                    text: $text}}}}
 
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       name: Print summary
       with:
         input: ${{ toJSON(steps.needs.outputs.value).summary-title }}
         filter: |
           "## \(.)"
         options: -Rr
         output-path: GITHUB_STEP_SUMMARY
-    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.27
       name: Appauth
       id: appauth
       with:
         app_id: ${{ secrets.app-id }}
         key: ${{ secrets.app-key }}
-    - uses: envoyproxy/toolshed/gh-actions/github/checks@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/checks@actions-v0.2.27
       name: Update check
       with:
         action: update

.github/workflows/_load.yml

@@ -91,7 +91,7 @@ jobs:
     # Handle any failure in triggering job
     # Remove any `checks` we dont care about
     # Prepare a check request
-    - uses: envoyproxy/toolshed/gh-actions/github/env/load@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/env/load@actions-v0.2.27
       name: Load env
       id: data
       with:
@@ -102,21 +102,21 @@ jobs:
         GH_TOKEN: ${{ github.token }}
 
     #  Update the check
-    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.27
       name: Appauth
       id: appauth
       with:
         app_id: ${{ secrets.app-id }}
         key: ${{ secrets.app-key }}
-    - uses: envoyproxy/toolshed/gh-actions/github/checks@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/checks@actions-v0.2.27
       name: Update check
       if: ${{ fromJSON(steps.data.outputs.data).data.check.action == 'RUN' }}
       with:
         action: update
         checks: ${{ toJSON(fromJSON(steps.data.outputs.data).checks) }}
         token: ${{ steps.appauth.outputs.token }}
 
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       name: Print request summary
       with:
         input: |
@@ -136,7 +136,7 @@ jobs:
           | $summary.summary as $summary
           | "${{ inputs.template-request-summary }}"
 
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       id: request-output
       name: Load request
       with:

.github/workflows/_load_env.yml

@@ -63,18 +63,18 @@ jobs:
       request: ${{ steps.env.outputs.data }}
       trusted: true
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       id: started
       name: Create timestamp
       with:
         options: -r
         filter: |
           now
-    - uses: envoyproxy/toolshed/gh-actions/github/checkout@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/checkout@actions-v0.2.27
       id: checkout
       name: Checkout Envoy repository
     - name: Generate environment variables
-      uses: envoyproxy/toolshed/gh-actions/envoy/ci/env@actions-v0.2.26
+      uses: envoyproxy/toolshed/gh-actions/envoy/ci/env@actions-v0.2.27
       id: env
       with:
         branch-name: ${{ inputs.branch-name }}
@@ -86,7 +86,7 @@ jobs:
 
     - name: Request summary
       id: summary
-      uses: envoyproxy/toolshed/gh-actions/github/env/summary@actions-v0.2.26
+      uses: envoyproxy/toolshed/gh-actions/github/env/summary@actions-v0.2.27
       with:
         actor: ${{ toJSON(fromJSON(steps.env.outputs.data).request.actor) }}
         base-sha: ${{ fromJSON(steps.env.outputs.data).request.base-sha }}

.github/workflows/_request.yml

@@ -40,14 +40,14 @@ jobs:
       env: ${{ steps.data.outputs.value }}
       config: ${{ steps.config.outputs.config }}
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       id: started
       name: Create timestamp
       with:
         options: -r
         filter: |
           now
-    - uses: envoyproxy/toolshed/gh-actions/github/checkout@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/checkout@actions-v0.2.27
       id: checkout
       name: Checkout Envoy repository
       with:
@@ -60,7 +60,7 @@ jobs:
     # *ALL* variables collected should be treated as untrusted and should be sanitized before
     # use
     - name: Generate environment variables from commit
-      uses: envoyproxy/toolshed/gh-actions/envoy/ci/request@actions-v0.2.26
+      uses: envoyproxy/toolshed/gh-actions/envoy/ci/request@actions-v0.2.27
       id: env
       with:
         branch-name: ${{ steps.checkout.outputs.branch-name }}
@@ -71,7 +71,7 @@ jobs:
         vars: ${{ toJSON(vars) }}
     - name: Request summary
       id: summary
-      uses: envoyproxy/toolshed/gh-actions/github/env/summary@actions-v0.2.26
+      uses: envoyproxy/toolshed/gh-actions/github/env/summary@actions-v0.2.27
       with:
         actor: ${{ toJSON(fromJSON(steps.env.outputs.data).request.actor) }}
         base-sha: ${{ fromJSON(steps.env.outputs.data).request.base-sha }}
@@ -87,7 +87,7 @@ jobs:
         target-branch: ${{ fromJSON(steps.env.outputs.data).request.target-branch }}
 
     - name: Environment data
-      uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+      uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       id: data
       with:
         input: |

.github/workflows/_run.yml

@@ -52,6 +52,8 @@ on:
           ERROR
           error:
           Error:
+      fail-match:
+        type: string
       notice-match:
         type: string
         default: |
@@ -94,7 +96,7 @@ on:
       summary-post:
         type: string
         default: |
-          - uses: envoyproxy/toolshed/gh-actions/envoy/run/summary@actions-v0.2.26
+          - uses: envoyproxy/toolshed/gh-actions/envoy/run/summary@actions-v0.2.27
             with:
               context: %{{ inputs.context }}
       steps-pre:
@@ -156,15 +158,15 @@ jobs:
     name: ${{ inputs.command }} ${{ inputs.target }}
     timeout-minutes: ${{ inputs.timeout-minutes }}
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       id: started
       name: Create timestamp
       with:
         options: -r
         filter: |
           now
     # This controls which input vars are exposed to the run action (and related steps)
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       name: Context
       id: context
       with:
@@ -185,11 +187,11 @@ jobs:
           | . * {$config, $check}
     - if: ${{ inputs.cache-build-image }}
       name: Restore Docker cache ${{ inputs.cache-build-image && format('({0})', inputs.cache-build-image) || '' }}
-      uses: envoyproxy/toolshed/gh-actions/docker/cache/restore@actions-v0.2.26
+      uses: envoyproxy/toolshed/gh-actions/docker/cache/restore@actions-v0.2.27
       with:
         image_tag: ${{ inputs.cache-build-image }}
 
-    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.27
       id: appauth
       name: Appauth
       if: ${{ inputs.trusted }}
@@ -200,7 +202,7 @@ jobs:
         # - the workaround is to allow the token to be passed through.
         token: ${{ github.token }}
         token-ok: true
-    - uses: envoyproxy/toolshed/gh-actions/github/checkout@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/checkout@actions-v0.2.27
       id: checkout
       name: Checkout Envoy repository
       with:
@@ -217,15 +219,15 @@ jobs:
         token: ${{ inputs.trusted && steps.appauth.outputs.token || github.token }}
 
     # This is currently only use by mobile-docs and can be removed once they are updated to the newer website
-    - uses: envoyproxy/toolshed/gh-actions/github/checkout@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/checkout@actions-v0.2.27
       id: checkout-extra
       name: Checkout extra repository (for publishing)
       if: ${{ inputs.checkout-extra }}
       with:
         config: ${{ inputs.checkout-extra }}
         ssh-key: ${{ inputs.trusted && inputs.ssh-key-extra || '' }}
 
-    - uses: envoyproxy/toolshed/gh-actions/github/run@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/run@actions-v0.2.27
       name: Run CI ${{ inputs.command }} ${{ inputs.target }}
       with:
         args: ${{ inputs.args != '--' && inputs.args || inputs.target }}
@@ -239,6 +241,7 @@ jobs:
         downloads: ${{ inputs.downloads }}
         entrypoint: ${{ inputs.entrypoint }}
         error-match: ${{ inputs.error-match }}
+        fail-match: ${{ inputs.fail-match }}
         notice-match: ${{ inputs.notice-match }}
         output-path: ${{ inputs.output-path }}
         report-pre: ${{ inputs.report-pre }}

.github/workflows/_stage_publish.yml

@@ -63,7 +63,7 @@ jobs:
             export ENVOY_PUBLISH_DRY_RUN=${{ (fromJSON(inputs.request).request.version.dev || ! inputs.trusted) && 1 || '' }}
           steps-pre: |
             - id: url
-              uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+              uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
               with:
                 options: -Rr
                 input: >-
@@ -80,7 +80,7 @@ jobs:
                     end
                   | . as $bucket
                   | "https://storage.googleapis.com/\($bucket)/\($sha)/\($path)"
-            - uses: envoyproxy/toolshed/gh-actions/fetch@actions-v0.2.26
+            - uses: envoyproxy/toolshed/gh-actions/fetch@actions-v0.2.27
               with:
                 url: %{{ steps.url.outputs.value }}
                 path: %{{ runner.temp }}/release.signed
@@ -98,12 +98,12 @@ jobs:
     needs:
     - publish
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.27
       id: appauth
       with:
         app_id: ${{ secrets.ENVOY_CI_SYNC_APP_ID }}
         key: ${{ secrets.ENVOY_CI_SYNC_APP_KEY }}
-    - uses: envoyproxy/toolshed/gh-actions/dispatch@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/dispatch@actions-v0.2.27
       with:
         ref: main
         repository: ${{ fromJSON(inputs.request).request.version.dev && 'envoyproxy/envoy-website' || 'envoyproxy/archive' }}

.github/workflows/_stage_verify.yml

@@ -50,7 +50,7 @@ jobs:
           rbe: false
           steps-pre: |
             - id: url
-              uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+              uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
               with:
                 options: -Rr
                 input: >-
@@ -66,15 +66,15 @@ jobs:
                     end
                   | . as $bucket
                   | "https://storage.googleapis.com/\($bucket)/\($sha)"
-            - uses: envoyproxy/toolshed/gh-actions/docker/fetch@actions-v0.2.26
+            - uses: envoyproxy/toolshed/gh-actions/docker/fetch@actions-v0.2.27
               with:
                 url: %{{ steps.url.outputs.value }}/docker/envoy.tar
                 variant: dev
-            - uses: envoyproxy/toolshed/gh-actions/docker/fetch@actions-v0.2.26
+            - uses: envoyproxy/toolshed/gh-actions/docker/fetch@actions-v0.2.27
               with:
                 url: %{{ steps.url.outputs.value }}/docker/envoy-contrib.tar
                 variant: contrib-dev
-            - uses: envoyproxy/toolshed/gh-actions/docker/fetch@actions-v0.2.26
+            - uses: envoyproxy/toolshed/gh-actions/docker/fetch@actions-v0.2.27
               with:
                 url: %{{ steps.url.outputs.value }}/docker/envoy-google-vrp.tar
                 variant: google-vrp-dev

.github/workflows/_start.yml

@@ -54,7 +54,7 @@ jobs:
   start:
     runs-on: ubuntu-22.04
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/jq@actions-v0.2.27
       id: check-config
       name: Prepare check data
       with:
@@ -77,13 +77,13 @@ jobs:
           | .skipped.output.summary = "${{ inputs.skipped-summary }}"
           | .skipped.output.text = ""
 
-    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/appauth@actions-v0.2.27
       name: Appauth
       id: appauth
       with:
         app_id: ${{ secrets.app-id }}
         key: ${{ secrets.app-key }}
-    - uses: envoyproxy/toolshed/gh-actions/github/checks@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/checks@actions-v0.2.27
       name: Start checks
       id: checks
       with:
@@ -94,7 +94,7 @@ jobs:
 
           ${{ fromJSON(inputs.env).summary.summary }}
         token: ${{ steps.appauth.outputs.token }}
-    - uses: envoyproxy/toolshed/gh-actions/json/table@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/json/table@actions-v0.2.27
       name: Summary
       with:
         collapse-open: true
@@ -118,7 +118,7 @@ jobs:
         output-path: GITHUB_STEP_SUMMARY
         title: Checks started/skipped
 
-    - uses: envoyproxy/toolshed/gh-actions/github/env/save@actions-v0.2.26
+    - uses: envoyproxy/toolshed/gh-actions/github/env/save@actions-v0.2.27
       name: Save env
       id: data
       with:

.github/workflows/codeql-daily.yml

@@ -30,7 +30,7 @@ jobs:
       uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11  # v4.1.1
 
     - name: Free disk space
-      uses: envoyproxy/toolshed/gh-actions/diskspace@actions-v0.2.26
+      uses: envoyproxy/toolshed/gh-actions/diskspace@actions-v0.2.27
       with:
         to_remove: |
           /usr/local/lib/android