chore(ci): separate labeler and e2e tests

.github/workflows/ci.yml

@@ -1,5 +1,6 @@
 # this workflow will run on every pr to make sure the project is following the guidelines
 
+# after labeler, run other actions with strict permissions
 name: CI
 
 on:
@@ -19,18 +20,6 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-  labeler:
-    name: Label PR
-    permissions:
-      contents: read
-      pull-requests: write
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/labeler@v4
-        with:
-          repo-token: "${{ secrets.GITHUB_TOKEN }}"
-          sync-labels: true
-
   lint:
     runs-on: ubuntu-latest
     name: Run ESLint
@@ -127,54 +116,6 @@ jobs:
 
       - run: pnpm typecheck
 
-  build-t3-app:
-    runs-on: ubuntu-latest
-    needs: labeler
-    if: |
-      contains(github.event.pull_request.labels.*.name, '📌 area: cli') ||
-      contains(github.event.pull_request.labels.*.name, '📌 area: t3-app')
-    strategy:
-      matrix:
-        trpc: ["trpc", "nope"]
-        tailwind: ["tailwind", "nope"]
-        nextAuth: ["nextAuth", "nope"]
-        prisma: ["prisma", "nope"]
-
-    name: "Build and Start T3 App ${{ matrix.trpc }}-${{ matrix.tailwind }}-${{ matrix.nextAuth }}-${{ matrix.prisma }}"
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - name: Install Node.js
-        uses: actions/setup-node@v3
-        with:
-          node-version: 16
-      - uses: pnpm/action-setup@v2.2.2
-        name: Install pnpm
-        id: pnpm-install
-        with:
-          run_install: false
-      - name: Get pnpm store directory
-        id: pnpm-cache
-        run: |
-          echo "::set-output name=pnpm_cache_dir::$(pnpm store path)"
-      - uses: actions/cache@v3
-        name: Setup pnpm cache
-        with:
-          path: ${{ steps.pnpm-cache.outputs.pnpm_cache_dir }}
-          key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
-          restore-keys: |
-            ${{ runner.os }}-pnpm-store-
-      - name: Install dependencies
-        run: pnpm install
-
-      - run: pnpm turbo --filter=create-t3-app build
-      # has to be scaffolded outside the CLI project so that no lint/tsconfig are leaking
-      # through. this way it ensures that it is the app's configs that are being used
-      # FIXME: this is a bit hacky, would rather have --packages=trpc,tailwind,... but not sure how to setup the matrix for that
-      - run: cd cli && pnpm start ../../ci-${{ matrix.trpc }}-${{ matrix.tailwind }}-${{ matrix.nextAuth }}-${{ matrix.prisma }} --noGit --CI --trpc=${{ matrix.trpc }} --tailwind=${{ matrix.tailwind }} --nextAuth=${{ matrix.nextAuth }} --prisma=${{ matrix.prisma }}
-      - run: cd ../ci-${{ matrix.trpc }}-${{ matrix.tailwind }}-${{ matrix.nextAuth }}-${{ matrix.prisma }} && pnpm build
-
   build-www:
     runs-on: ubuntu-latest
     name: Build and Check Astro

.github/workflows/e2e.yml

@@ -0,0 +1,62 @@
+# this workflow will run on every pr to make sure the project is following the guidelines
+
+# after labeler, run other actions with strict permissions
+name: CI
+
+on:
+  workflow_run:
+    workflows: [Labeler]
+    types: [completed]
+    branches: ["*"]
+
+env:
+  TURBO_TOKEN: ${{ secrets.TURBO_TOKEN }}
+  TURBO_TEAM: ${{ secrets.TURBO_TEAM }}
+
+jobs:
+  build-t3-app:
+    runs-on: ubuntu-latest
+    if: |
+      contains(github.event.pull_request.labels.*.name, '📌 area: cli') ||
+      contains(github.event.pull_request.labels.*.name, '📌 area: t3-app')
+    strategy:
+      matrix:
+        trpc: ["trpc", "nope"]
+        tailwind: ["tailwind", "nope"]
+        nextAuth: ["nextAuth", "nope"]
+        prisma: ["prisma", "nope"]
+
+    name: "Build and Start T3 App ${{ matrix.trpc }}-${{ matrix.tailwind }}-${{ matrix.nextAuth }}-${{ matrix.prisma }}"
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      - name: Install Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: 16
+      - uses: pnpm/action-setup@v2.2.2
+        name: Install pnpm
+        id: pnpm-install
+        with:
+          run_install: false
+      - name: Get pnpm store directory
+        id: pnpm-cache
+        run: |
+          echo "::set-output name=pnpm_cache_dir::$(pnpm store path)"
+      - uses: actions/cache@v3
+        name: Setup pnpm cache
+        with:
+          path: ${{ steps.pnpm-cache.outputs.pnpm_cache_dir }}
+          key: ${{ runner.os }}-pnpm-store-${{ hashFiles('**/pnpm-lock.yaml') }}
+          restore-keys: |
+            ${{ runner.os }}-pnpm-store-
+      - name: Install dependencies
+        run: pnpm install
+
+      - run: pnpm turbo --filter=create-t3-app build
+      # has to be scaffolded outside the CLI project so that no lint/tsconfig are leaking
+      # through. this way it ensures that it is the app's configs that are being used
+      # FIXME: this is a bit hacky, would rather have --packages=trpc,tailwind,... but not sure how to setup the matrix for that
+      - run: cd cli && pnpm start ../../ci-${{ matrix.trpc }}-${{ matrix.tailwind }}-${{ matrix.nextAuth }}-${{ matrix.prisma }} --noGit --CI --trpc=${{ matrix.trpc }} --tailwind=${{ matrix.tailwind }} --nextAuth=${{ matrix.nextAuth }} --prisma=${{ matrix.prisma }}
+      - run: cd ../ci-${{ matrix.trpc }}-${{ matrix.tailwind }}-${{ matrix.nextAuth }}-${{ matrix.prisma }} && pnpm build

.github/workflows/pr-labeler.yml

@@ -0,0 +1,22 @@
+# this workflow will run on every pr to make sure the project is following the guidelines
+
+# run labeler with elevated permissions before other actions
+
+name: Labeler
+
+on:
+  pull_request_target:
+    branches: ["*"]
+
+jobs:
+  labeler:
+    name: Label PR
+    permissions:
+      contents: read
+      pull-requests: write
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/labeler@v4
+        with:
+          repo-token: "${{ secrets.GITHUB_TOKEN }}"
+          sync-labels: true