Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: Integrate Git Hub Action Results into Tide #11262

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

test: Integrate Git Hub Action Results into Tide #11262

wants to merge 1 commit into from
+49 −0

Conversation

VaniHaripriya
Copy link
Contributor

@VaniHaripriya VaniHaripriya commented Oct 1, 2024
edited
Loading

Description of your changes:

  • Introduced a GitHub Action workflow to validate the successful completion of all CI checks.
  • Automatically adds a ci-passed label once all CI checks have passed.
  • Removes the ci-passed label when the pull request is either synchronized or reopened.

PR to update GoogleCloudPlatform/oss-test-infra
GoogleCloudPlatform/oss-test-infra#2392

Checklist:

@google-oss-prow Google OSS Prow
Copy link

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign dharmitd for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@google-oss-prow Google OSS Prow
Copy link

Hi @VaniHaripriya. Thanks for your PR.

I'm waiting for a kubeflow member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@VaniHaripriya VaniHaripriya force-pushed the ghaction-tide-integration branch 4 times, most recently from b63e395 to 1cf98e2 Compare October 1, 2024 18:33
@VaniHaripriya VaniHaripriya marked this pull request as ready for review October 1, 2024 19:02
@VaniHaripriya VaniHaripriya changed the title test: Integrate Git Hub Actions into Tide test: Integrate Git Hub Action Results into Tide Oct 1, 2024
gmfrasca
gmfrasca reviewed Oct 1, 2024
View reviewed changes
.github/workflows/ci-checks.yml Outdated
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- name: Remove 'ci-passed' Label on PR Synchronize
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For clarity I would rename this to "Reset ci-passed label status on PR Syncronization" - as it stands it suggests the label should no longer exist after a sync event (even though the very next check is attempting to re-add it)

gmfrasca
gmfrasca reviewed Oct 1, 2024
View reviewed changes
.github/workflows/ci-checks.yml Outdated
pull-requests: write

jobs:
remove_ci_passed_label:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

similar to below, perhaps we should rename this to say reset instead of remove

DharmitD
DharmitD reviewed Oct 2, 2024
View reviewed changes
.github/workflows/ci-checks.yml
- name: Add 'ci-passed' label
if: success()
run: |
gh pr edit ${{ github.event.pull_request.number }} --add-label "ci-passed" --repo $GITHUB_REPOSITORY
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems like the gh pr edit --add-label command requires that the labels you are adding already exist in your repository. It cannot create new labels on the fly; it can only assign existing labels to pull requests. From the GitHub CLI manual for gh pr edit:

--add-label stringArray
    Add labels by name

This makes me think that the command expects the label names provided to match existing labels in the repository.

DharmitD
DharmitD reviewed Oct 2, 2024
View reviewed changes
.github/workflows/ci-checks.yml
- name: Reset ci-passed label status on PR Syncronization
run: |
echo "Resetting 'ci-passed' label as new changes have been pushed."
gh pr edit ${{ github.event.pull_request.number }} --remove-label "ci-passed" --repo $GITHUB_REPOSITORY || echo "Label not present"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same as https://github.com/kubeflow/pipelines/pull/11262/files#r1783673378
I believe we'd need to add a step to create the label for this repo: https://docs.github.com/en/issues/using-labels-and-milestones-to-track-work/managing-labels

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@DharmitD That's correct. @HumairAK added the 'ci-passed' label to the repo.

@VaniHaripriya
Copy link
Contributor Author

/rerun-all

@gmfrasca
Copy link
Member

gmfrasca commented Oct 2, 2024

/ok-to-test

(not sure if that label is needed for /rerun-all to work)

@gmfrasca
Copy link
Member

gmfrasca commented Oct 2, 2024

/rerun-all

gmfrasca
gmfrasca reviewed Oct 2, 2024
View reviewed changes
.github/workflows/ci-checks.yml Outdated
- name: Check if all CI checks passed
uses: wechuli/allcheckspassed@0b68b3b7d92e595bcbdea0c860d05605720cf479
with:
GITHUB_TOKEN: ${{ env.GITHUB_TOKEN }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure this is needed (There is a warning in the GHAction result logs about GITHUB_TOKEN being an unexpected key).

Documentation suggests this either should be under steps[].env, or more likely this is already covered by the job env

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good catch @gmfrasca will update accordingly..

@gmfrasca
Copy link
Member

gmfrasca commented Oct 3, 2024

Resource not accessible by integration (addLabelsToLabelable)

sounds like the GITHUB_TOKEN provided doesn't have proper permissions to add the label (likely needs write on pull-requests)

@VaniHaripriya VaniHaripriya force-pushed the ghaction-tide-integration branch 3 times, most recently from c4ef08d to 52e2a81 Compare October 3, 2024 21:37
@VaniHaripriya VaniHaripriya force-pushed the ghaction-tide-integration branch 2 times, most recently from c385a0e to 4abc933 Compare October 4, 2024 14:47
@HumairAK
Copy link
Collaborator

HumairAK commented Oct 4, 2024
edited
Loading

the token's permissions are limited when runnin on PRs

https://docs.github.com/en/actions/security-for-github-actions/security-guides/automatic-token-authentication#permissions-for-the-github_token

GraphQL: Resource not accessible by integration (addLabelsToLabelable)

we have to be careful here, if we give this workflow the permission to add labels, users will be able to change the workflow and game their way to a merge by adjusting the checks/labels

you can use workflow_run event to put a workflow in main , and run the label add functionality there, this should have access to ${{ secrets.GITHUB_TOKEN }} because it's running from main branch

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gmfrasca gmfrasca gmfrasca left review comments

@DharmitD DharmitD DharmitD left review comments

@HumairAK HumairAK Awaiting requested review from HumairAK

@rimolive rimolive Awaiting requested review from rimolive

Assignees
No one assigned
Labels
ok-to-test size/M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@VaniHaripriya @gmfrasca @HumairAK @DharmitD