From 0fbf280d4a5bc6daa729e6d2851ba242ee6bb60c Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos Date: Mon, 29 Jul 2024 23:50:57 -0700 Subject: [PATCH 01/11] Manually run extra tests & emit metric if token expired --- .github/workflows/codebuild-ci.yml | 21 ++++++++++--- .github/workflows/run-local-mode-tests.yml | 35 ++++++++++++++++++++++ .github/workflows/run-slow-tests.yml | 35 ++++++++++++++++++++++ 3 files changed, 87 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/run-local-mode-tests.yml create mode 100644 .github/workflows/run-slow-tests.yml diff --git a/.github/workflows/codebuild-ci.yml b/.github/workflows/codebuild-ci.yml index 8c6bd6b337..b38f9c0e66 100644 --- a/.github/workflows/codebuild-ci.yml +++ b/.github/workflows/codebuild-ci.yml @@ -17,9 +17,16 @@ jobs: outputs: approval-env: ${{ steps.collab-check.outputs.result }} steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.MONITORING_AWS_ROLE_ARN }} + aws-region: us-west-2 - name: Collaborator Check uses: actions/github-script@v7 id: collab-check + env: + PR_USER_LOGIN: ${{ github.event.pull_request.user.login }} with: github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} result-encoding: string @@ -28,13 +35,19 @@ jobs: const res = await github.rest.repos.checkCollaborator({ owner: context.repo.owner, repo: context.repo.repo, - username: "${{ github.event.pull_request.user.login }}", + username: ${{ env.PR_USER_LOGIN }}, }); - console.log("Verifed ${{ github.event.pull_request.user.login }} is a repo collaborator. Auto Approving PR Checks.") + console.log("Verifed ${{ env.PR_USER_LOGIN }} is a repo collaborator. Auto Approving PR Checks.") return res.status == "204" ? "auto-approve" : "manual-approval" } catch (error) { - console.log("${{ github.event.pull_request.user.login }} is not a collaborator. Requiring Manual Approval to run PR Checks.") - return "manual-approval" + if (error.message == "Bad credentials") { + console.log("Token Expired. Please update the COLLAB_CHECK_TOKEN secret. Requiring Manual Approval to run PR Checks becuase the collaborator status could not be verified.") + const { execSync } = require('child_process') + execSync('aws cloudwatch put-metric-data --namespace "GitHubActions" --metric-name "BadCredentials" --value 1') + } else { + console.log("${{ env.PR_USER_LOGIN }} is not a collaborator. Requiring Manual Approval to run PR Checks.") + } + return "manual-approval" } wait-for-approval: runs-on: ubuntu-latest diff --git a/.github/workflows/run-local-mode-tests.yml b/.github/workflows/run-local-mode-tests.yml new file mode 100644 index 0000000000..79073e3948 --- /dev/null +++ b/.github/workflows/run-local-mode-tests.yml @@ -0,0 +1,35 @@ +name: Run Local Mode Tests + +on: + workflow_dispatch: + inputs: + prNumber: + description: 'Pull Request Number' + required: true + commitSha: + description: 'Commit SHA' + required: true + +concurrency: + group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Slow Tests + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.event.repository.name }}-ci-localmode-tests + source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' + diff --git a/.github/workflows/run-slow-tests.yml b/.github/workflows/run-slow-tests.yml new file mode 100644 index 0000000000..bb31a04ed6 --- /dev/null +++ b/.github/workflows/run-slow-tests.yml @@ -0,0 +1,35 @@ +name: Run Slow Tests + +on: + workflow_dispatch: + inputs: + prNumber: + description: 'Pull Request Number' + required: true + commitSha: + description: 'Commit SHA' + required: true + +concurrency: + group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + slow-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Slow Tests + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.event.repository.name }}-ci-slow-tests + source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' + From 826e44044e2e73e4598f86a8d9c8ecdcd24aab09 Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos <141277478+benieric@users.noreply.github.com> Date: Tue, 30 Jul 2024 00:17:24 -0700 Subject: [PATCH 02/11] Update test_factorization_machines.py --- tests/integ/test_factorization_machines.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/integ/test_factorization_machines.py b/tests/integ/test_factorization_machines.py index 08f3dd003b..51c1423645 100644 --- a/tests/integ/test_factorization_machines.py +++ b/tests/integ/test_factorization_machines.py @@ -57,7 +57,7 @@ def test_factorization_machines(sagemaker_session, cpu_instance_type, training_s ) predictor = model.deploy(1, cpu_instance_type, endpoint_name=job_name) result = predictor.predict(training_set[0][:10]) - + # Random Test assert len(result) == 10 for record in result: assert record.label["score"] is not None From da0f49a8f469e6028070b025d59f12c76cb8c3c0 Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos Date: Tue, 30 Jul 2024 01:27:38 -0700 Subject: [PATCH 03/11] run extras on comment --- .github/workflows/codebuild-ci.yml | 4 +- .github/workflows/localmode-tests.yml | 34 ++++++++++++ .github/workflows/run-extras.yml | 61 ++++++++++++++++++++++ .github/workflows/run-local-mode-tests.yml | 35 ------------- .github/workflows/run-slow-tests.yml | 35 ------------- .github/workflows/slow-tests.yml | 34 ++++++++++++ 6 files changed, 131 insertions(+), 72 deletions(-) create mode 100644 .github/workflows/localmode-tests.yml create mode 100644 .github/workflows/run-extras.yml delete mode 100644 .github/workflows/run-local-mode-tests.yml delete mode 100644 .github/workflows/run-slow-tests.yml create mode 100644 .github/workflows/slow-tests.yml diff --git a/.github/workflows/codebuild-ci.yml b/.github/workflows/codebuild-ci.yml index 44f34f2fd9..bd2678a6bb 100644 --- a/.github/workflows/codebuild-ci.yml +++ b/.github/workflows/codebuild-ci.yml @@ -26,7 +26,7 @@ jobs: uses: actions/github-script@v7 id: collab-check env: - PR_USER_LOGIN: ${{ github.event.pull_request.user.login }} + GH_USER_LOGIN: ${{ github.event.pull_request.user.login }} with: github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} result-encoding: string @@ -35,7 +35,7 @@ jobs: const res = await github.rest.repos.checkCollaborator({ owner: context.repo.owner, repo: context.repo.repo, - username: "${{ env.PR_USER_LOGIN }}", + username: "${{ env.GH_USER_LOGIN }}", }); console.log("Verifed user is a repo collaborator. Auto Approving PR Checks.") return res.status == "204" ? "auto-approve" : "manual-approval" diff --git a/.github/workflows/localmode-tests.yml b/.github/workflows/localmode-tests.yml new file mode 100644 index 0000000000..2fe684cda3 --- /dev/null +++ b/.github/workflows/localmode-tests.yml @@ -0,0 +1,34 @@ +name: Run Local Mode Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-localmode-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file diff --git a/.github/workflows/run-extras.yml b/.github/workflows/run-extras.yml new file mode 100644 index 0000000000..ccc5c491f5 --- /dev/null +++ b/.github/workflows/run-extras.yml @@ -0,0 +1,61 @@ +name: Run Extras + +on: + pull_request_review: + types: [submitted] + +jobs: + check-comment: + if: github.event.review.body == '/run slow' || github.event.review.body == '/run localmode' + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.MONITORING_AWS_ROLE_ARN }} + aws-region: us-west-2 + - name: Collaborator Check + uses: actions/github-script@v7 + id: collab-check + env: + GH_USER_LOGIN: ${{ github.event.review.user.login }} + with: + github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} + result-encoding: string + script: | + try { + const res = await github.rest.repos.checkCollaborator({ + owner: context.repo.owner, + repo: context.repo.repo, + username: "${{ env.GH_USER_LOGIN }}", + }); + console.log("Verifed user is a repo collaborator.") + return + } catch (error) { + if (error.message == "Bad credentials") { + console.log("Token Expired. Please update the COLLAB_CHECK_TOKEN secret.") + const { execSync } = require('child_process') + execSync('aws cloudwatch put-metric-data --namespace "GitHubActions" --metric-name "BadCredentials" --value 1') + } + throw new Error("Collaborator status could not be verified.") + } + run-slow-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run slow' + runs-on: ubuntu-latest + steps: + - name: Run Slow Tests + uses: ./.github/workflows/slow-tests.yml + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} + run-localmode-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run localmode' + runs-on: ubuntu-latest + steps: + - name: Run Local Mode Tests + uses: ./.github/workflows/localmode-tests.yml + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/run-local-mode-tests.yml b/.github/workflows/run-local-mode-tests.yml deleted file mode 100644 index 79073e3948..0000000000 --- a/.github/workflows/run-local-mode-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Local Mode Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - local-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-localmode-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/run-slow-tests.yml b/.github/workflows/run-slow-tests.yml deleted file mode 100644 index bb31a04ed6..0000000000 --- a/.github/workflows/run-slow-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Slow Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - slow-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-slow-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/slow-tests.yml b/.github/workflows/slow-tests.yml new file mode 100644 index 0000000000..5241558a14 --- /dev/null +++ b/.github/workflows/slow-tests.yml @@ -0,0 +1,34 @@ +name: Run Slow Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-slow-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file From cc39ec79523ff6b329e839760c10c0569ec11225 Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos Date: Tue, 30 Jul 2024 01:27:38 -0700 Subject: [PATCH 04/11] run extras on comment --- .github/workflows/codebuild-ci.yml | 4 +- .github/workflows/localmode-tests.yml | 34 ++++++++++++ .github/workflows/run-extras.yml | 64 ++++++++++++++++++++++ .github/workflows/run-local-mode-tests.yml | 35 ------------ .github/workflows/run-slow-tests.yml | 35 ------------ .github/workflows/slow-tests.yml | 34 ++++++++++++ 6 files changed, 134 insertions(+), 72 deletions(-) create mode 100644 .github/workflows/localmode-tests.yml create mode 100644 .github/workflows/run-extras.yml delete mode 100644 .github/workflows/run-local-mode-tests.yml delete mode 100644 .github/workflows/run-slow-tests.yml create mode 100644 .github/workflows/slow-tests.yml diff --git a/.github/workflows/codebuild-ci.yml b/.github/workflows/codebuild-ci.yml index 44f34f2fd9..bd2678a6bb 100644 --- a/.github/workflows/codebuild-ci.yml +++ b/.github/workflows/codebuild-ci.yml @@ -26,7 +26,7 @@ jobs: uses: actions/github-script@v7 id: collab-check env: - PR_USER_LOGIN: ${{ github.event.pull_request.user.login }} + GH_USER_LOGIN: ${{ github.event.pull_request.user.login }} with: github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} result-encoding: string @@ -35,7 +35,7 @@ jobs: const res = await github.rest.repos.checkCollaborator({ owner: context.repo.owner, repo: context.repo.repo, - username: "${{ env.PR_USER_LOGIN }}", + username: "${{ env.GH_USER_LOGIN }}", }); console.log("Verifed user is a repo collaborator. Auto Approving PR Checks.") return res.status == "204" ? "auto-approve" : "manual-approval" diff --git a/.github/workflows/localmode-tests.yml b/.github/workflows/localmode-tests.yml new file mode 100644 index 0000000000..2fe684cda3 --- /dev/null +++ b/.github/workflows/localmode-tests.yml @@ -0,0 +1,34 @@ +name: Run Local Mode Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-localmode-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file diff --git a/.github/workflows/run-extras.yml b/.github/workflows/run-extras.yml new file mode 100644 index 0000000000..d750265656 --- /dev/null +++ b/.github/workflows/run-extras.yml @@ -0,0 +1,64 @@ +name: Run Extras + +on: + pull_request_review: + types: [submitted] + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + check-comment: + if: github.event.review.body == '/run slow' || github.event.review.body == '/run localmode' + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.MONITORING_AWS_ROLE_ARN }} + aws-region: us-west-2 + - name: Collaborator Check + uses: actions/github-script@v7 + id: collab-check + env: + GH_USER_LOGIN: ${{ github.event.review.user.login }} + with: + github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} + result-encoding: string + script: | + try { + const res = await github.rest.repos.checkCollaborator({ + owner: context.repo.owner, + repo: context.repo.repo, + username: "${{ env.GH_USER_LOGIN }}", + }); + console.log("Verifed user is a repo collaborator.") + return + } catch (error) { + if (error.message == "Bad credentials") { + console.log("Token Expired. Please update the COLLAB_CHECK_TOKEN secret.") + const { execSync } = require('child_process') + execSync('aws cloudwatch put-metric-data --namespace "GitHubActions" --metric-name "BadCredentials" --value 1') + } + throw new Error("Collaborator status could not be verified.") + } + run-slow-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run slow' + runs-on: ubuntu-latest + steps: + - name: Run Slow Tests + uses: ./.github/workflows/slow-tests.yml + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} + run-localmode-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run localmode' + runs-on: ubuntu-latest + steps: + - name: Run Local Mode Tests + uses: ./.github/workflows/localmode-tests.yml + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/run-local-mode-tests.yml b/.github/workflows/run-local-mode-tests.yml deleted file mode 100644 index 79073e3948..0000000000 --- a/.github/workflows/run-local-mode-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Local Mode Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - local-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-localmode-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/run-slow-tests.yml b/.github/workflows/run-slow-tests.yml deleted file mode 100644 index bb31a04ed6..0000000000 --- a/.github/workflows/run-slow-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Slow Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - slow-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-slow-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/slow-tests.yml b/.github/workflows/slow-tests.yml new file mode 100644 index 0000000000..5241558a14 --- /dev/null +++ b/.github/workflows/slow-tests.yml @@ -0,0 +1,34 @@ +name: Run Slow Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-slow-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file From 5f1fd98f533004eb139216f622ca0bc8ab971102 Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos Date: Tue, 30 Jul 2024 01:27:38 -0700 Subject: [PATCH 05/11] run extras on comment --- .github/workflows/codebuild-ci.yml | 4 +- .github/workflows/localmode-tests.yml | 34 +++++++++++ .github/workflows/run-extras.yml | 66 ++++++++++++++++++++++ .github/workflows/run-local-mode-tests.yml | 35 ------------ .github/workflows/run-slow-tests.yml | 35 ------------ .github/workflows/slow-tests.yml | 34 +++++++++++ 6 files changed, 136 insertions(+), 72 deletions(-) create mode 100644 .github/workflows/localmode-tests.yml create mode 100644 .github/workflows/run-extras.yml delete mode 100644 .github/workflows/run-local-mode-tests.yml delete mode 100644 .github/workflows/run-slow-tests.yml create mode 100644 .github/workflows/slow-tests.yml diff --git a/.github/workflows/codebuild-ci.yml b/.github/workflows/codebuild-ci.yml index 44f34f2fd9..bd2678a6bb 100644 --- a/.github/workflows/codebuild-ci.yml +++ b/.github/workflows/codebuild-ci.yml @@ -26,7 +26,7 @@ jobs: uses: actions/github-script@v7 id: collab-check env: - PR_USER_LOGIN: ${{ github.event.pull_request.user.login }} + GH_USER_LOGIN: ${{ github.event.pull_request.user.login }} with: github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} result-encoding: string @@ -35,7 +35,7 @@ jobs: const res = await github.rest.repos.checkCollaborator({ owner: context.repo.owner, repo: context.repo.repo, - username: "${{ env.PR_USER_LOGIN }}", + username: "${{ env.GH_USER_LOGIN }}", }); console.log("Verifed user is a repo collaborator. Auto Approving PR Checks.") return res.status == "204" ? "auto-approve" : "manual-approval" diff --git a/.github/workflows/localmode-tests.yml b/.github/workflows/localmode-tests.yml new file mode 100644 index 0000000000..2fe684cda3 --- /dev/null +++ b/.github/workflows/localmode-tests.yml @@ -0,0 +1,34 @@ +name: Run Local Mode Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-localmode-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file diff --git a/.github/workflows/run-extras.yml b/.github/workflows/run-extras.yml new file mode 100644 index 0000000000..7f3162affb --- /dev/null +++ b/.github/workflows/run-extras.yml @@ -0,0 +1,66 @@ +name: Run Extras + +on: + pull_request_review: + types: [submitted] + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + check-comment: + if: github.event.review.body == '/run slow' || github.event.review.body == '/run localmode' || github.event.review.body == '/run extras' + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.MONITORING_AWS_ROLE_ARN }} + aws-region: us-west-2 + - name: Collaborator Check + uses: actions/github-script@v7 + id: collab-check + env: + GH_USER_LOGIN: ${{ github.event.review.user.login }} + with: + github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} + result-encoding: string + script: | + try { + const res = await github.rest.repos.checkCollaborator({ + owner: context.repo.owner, + repo: context.repo.repo, + username: "${{ env.GH_USER_LOGIN }}", + }); + console.log("Verifed user is a repo collaborator.") + return + } catch (error) { + if (error.message == "Bad credentials") { + console.log("Token Expired. Please update the COLLAB_CHECK_TOKEN secret.") + const { execSync } = require('child_process') + execSync('aws cloudwatch put-metric-data --namespace "GitHubActions" --metric-name "BadCredentials" --value 1') + } + throw new Error("Collaborator status could not be verified.") + } + run-slow-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run slow' || github.event.review.body == '/run extras' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Run Slow Tests + uses: ./.github/workflows/slow-tests.yml + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} + run-localmode-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run localmode' || github.event.review.body == '/run extras' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: Run Local Mode Tests + uses: ./.github/workflows/localmode-tests.yml + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/run-local-mode-tests.yml b/.github/workflows/run-local-mode-tests.yml deleted file mode 100644 index 79073e3948..0000000000 --- a/.github/workflows/run-local-mode-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Local Mode Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - local-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-localmode-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/run-slow-tests.yml b/.github/workflows/run-slow-tests.yml deleted file mode 100644 index bb31a04ed6..0000000000 --- a/.github/workflows/run-slow-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Slow Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - slow-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-slow-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/slow-tests.yml b/.github/workflows/slow-tests.yml new file mode 100644 index 0000000000..5241558a14 --- /dev/null +++ b/.github/workflows/slow-tests.yml @@ -0,0 +1,34 @@ +name: Run Slow Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-slow-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file From b3eef175dd7f5746be793fd58891176d75e513ae Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos Date: Tue, 30 Jul 2024 01:27:38 -0700 Subject: [PATCH 06/11] run extras on comment --- .github/workflows/codebuild-ci.yml | 4 +- .github/workflows/localmode-tests.yml | 34 +++++++++++++ .github/workflows/run-extras.yml | 58 ++++++++++++++++++++++ .github/workflows/run-local-mode-tests.yml | 35 ------------- .github/workflows/run-slow-tests.yml | 35 ------------- .github/workflows/slow-tests.yml | 34 +++++++++++++ 6 files changed, 128 insertions(+), 72 deletions(-) create mode 100644 .github/workflows/localmode-tests.yml create mode 100644 .github/workflows/run-extras.yml delete mode 100644 .github/workflows/run-local-mode-tests.yml delete mode 100644 .github/workflows/run-slow-tests.yml create mode 100644 .github/workflows/slow-tests.yml diff --git a/.github/workflows/codebuild-ci.yml b/.github/workflows/codebuild-ci.yml index 44f34f2fd9..bd2678a6bb 100644 --- a/.github/workflows/codebuild-ci.yml +++ b/.github/workflows/codebuild-ci.yml @@ -26,7 +26,7 @@ jobs: uses: actions/github-script@v7 id: collab-check env: - PR_USER_LOGIN: ${{ github.event.pull_request.user.login }} + GH_USER_LOGIN: ${{ github.event.pull_request.user.login }} with: github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} result-encoding: string @@ -35,7 +35,7 @@ jobs: const res = await github.rest.repos.checkCollaborator({ owner: context.repo.owner, repo: context.repo.repo, - username: "${{ env.PR_USER_LOGIN }}", + username: "${{ env.GH_USER_LOGIN }}", }); console.log("Verifed user is a repo collaborator. Auto Approving PR Checks.") return res.status == "204" ? "auto-approve" : "manual-approval" diff --git a/.github/workflows/localmode-tests.yml b/.github/workflows/localmode-tests.yml new file mode 100644 index 0000000000..2fe684cda3 --- /dev/null +++ b/.github/workflows/localmode-tests.yml @@ -0,0 +1,34 @@ +name: Run Local Mode Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-localmode-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file diff --git a/.github/workflows/run-extras.yml b/.github/workflows/run-extras.yml new file mode 100644 index 0000000000..009ea43c0d --- /dev/null +++ b/.github/workflows/run-extras.yml @@ -0,0 +1,58 @@ +name: Run Extras + +on: + pull_request_review: + types: [submitted] + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + check-comment: + if: github.event.review.body == '/run slow' || github.event.review.body == '/run localmode' || github.event.review.body == '/run extras' + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.MONITORING_AWS_ROLE_ARN }} + aws-region: us-west-2 + - name: Collaborator Check + uses: actions/github-script@v7 + id: collab-check + env: + GH_USER_LOGIN: ${{ github.event.review.user.login }} + with: + github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} + result-encoding: string + script: | + try { + const res = await github.rest.repos.checkCollaborator({ + owner: context.repo.owner, + repo: context.repo.repo, + username: "${{ env.GH_USER_LOGIN }}", + }); + console.log("Verifed user is a repo collaborator.") + return + } catch (error) { + if (error.message == "Bad credentials") { + console.log("Token Expired. Please update the COLLAB_CHECK_TOKEN secret.") + const { execSync } = require('child_process') + execSync('aws cloudwatch put-metric-data --namespace "GitHubActions" --metric-name "BadCredentials" --value 1') + } + throw new Error("Collaborator status could not be verified.") + } + run-slow-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run slow' || github.event.review.body == '/run extras' + uses: ./.github/workflows/slow-tests.yml + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} + run-localmode-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run localmode' || github.event.review.body == '/run extras' + uses: ./.github/workflows/localmode-tests.yml + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/run-local-mode-tests.yml b/.github/workflows/run-local-mode-tests.yml deleted file mode 100644 index 79073e3948..0000000000 --- a/.github/workflows/run-local-mode-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Local Mode Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - local-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-localmode-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/run-slow-tests.yml b/.github/workflows/run-slow-tests.yml deleted file mode 100644 index bb31a04ed6..0000000000 --- a/.github/workflows/run-slow-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Slow Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - slow-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-slow-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/slow-tests.yml b/.github/workflows/slow-tests.yml new file mode 100644 index 0000000000..5241558a14 --- /dev/null +++ b/.github/workflows/slow-tests.yml @@ -0,0 +1,34 @@ +name: Run Slow Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-slow-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file From b38d9797938434a0a548d88f4010867f802e07f5 Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos Date: Tue, 30 Jul 2024 01:27:38 -0700 Subject: [PATCH 07/11] run extras on comment --- .github/workflows/codebuild-ci.yml | 4 +- .github/workflows/localmode-tests.yml | 37 +++++++++++++ .github/workflows/run-extras.yml | 62 ++++++++++++++++++++++ .github/workflows/run-local-mode-tests.yml | 35 ------------ .github/workflows/run-slow-tests.yml | 35 ------------ .github/workflows/slow-tests.yml | 37 +++++++++++++ 6 files changed, 138 insertions(+), 72 deletions(-) create mode 100644 .github/workflows/localmode-tests.yml create mode 100644 .github/workflows/run-extras.yml delete mode 100644 .github/workflows/run-local-mode-tests.yml delete mode 100644 .github/workflows/run-slow-tests.yml create mode 100644 .github/workflows/slow-tests.yml diff --git a/.github/workflows/codebuild-ci.yml b/.github/workflows/codebuild-ci.yml index 44f34f2fd9..bd2678a6bb 100644 --- a/.github/workflows/codebuild-ci.yml +++ b/.github/workflows/codebuild-ci.yml @@ -26,7 +26,7 @@ jobs: uses: actions/github-script@v7 id: collab-check env: - PR_USER_LOGIN: ${{ github.event.pull_request.user.login }} + GH_USER_LOGIN: ${{ github.event.pull_request.user.login }} with: github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} result-encoding: string @@ -35,7 +35,7 @@ jobs: const res = await github.rest.repos.checkCollaborator({ owner: context.repo.owner, repo: context.repo.repo, - username: "${{ env.PR_USER_LOGIN }}", + username: "${{ env.GH_USER_LOGIN }}", }); console.log("Verifed user is a repo collaborator. Auto Approving PR Checks.") return res.status == "204" ? "auto-approve" : "manual-approval" diff --git a/.github/workflows/localmode-tests.yml b/.github/workflows/localmode-tests.yml new file mode 100644 index 0000000000..ba2d90015b --- /dev/null +++ b/.github/workflows/localmode-tests.yml @@ -0,0 +1,37 @@ +name: Run Local Mode Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + secrets: + CI_AWS_ROLE_ARN: + required: true + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-localmode-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file diff --git a/.github/workflows/run-extras.yml b/.github/workflows/run-extras.yml new file mode 100644 index 0000000000..db395375e0 --- /dev/null +++ b/.github/workflows/run-extras.yml @@ -0,0 +1,62 @@ +name: Run Extras + +on: + pull_request_review: + types: [submitted] + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + check-comment: + if: github.event.review.body == '/run slow' || github.event.review.body == '/run localmode' || github.event.review.body == '/run extras' + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.MONITORING_AWS_ROLE_ARN }} + aws-region: us-west-2 + - name: Collaborator Check + uses: actions/github-script@v7 + id: collab-check + env: + GH_USER_LOGIN: ${{ github.event.review.user.login }} + with: + github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} + result-encoding: string + script: | + try { + const res = await github.rest.repos.checkCollaborator({ + owner: context.repo.owner, + repo: context.repo.repo, + username: "${{ env.GH_USER_LOGIN }}", + }); + console.log("Verifed user is a repo collaborator.") + return + } catch (error) { + if (error.message == "Bad credentials") { + console.log("Token Expired. Please update the COLLAB_CHECK_TOKEN secret.") + const { execSync } = require('child_process') + execSync('aws cloudwatch put-metric-data --namespace "GitHubActions" --metric-name "BadCredentials" --value 1') + } + throw new Error("Collaborator status could not be verified.") + } + run-slow-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run slow' || github.event.review.body == '/run extras' + uses: ./.github/workflows/slow-tests.yml + secrets: + CI_AWS_ROLE_ARN: ${{ secrets.CI_AWS_ROLE_ARN }} + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} + run-localmode-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run localmode' || github.event.review.body == '/run extras' + uses: ./.github/workflows/localmode-tests.yml + secrets: + CI_AWS_ROLE_ARN: ${{ secrets.CI_AWS_ROLE_ARN }} + with: + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/run-local-mode-tests.yml b/.github/workflows/run-local-mode-tests.yml deleted file mode 100644 index 79073e3948..0000000000 --- a/.github/workflows/run-local-mode-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Local Mode Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - local-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-localmode-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/run-slow-tests.yml b/.github/workflows/run-slow-tests.yml deleted file mode 100644 index bb31a04ed6..0000000000 --- a/.github/workflows/run-slow-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Slow Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - slow-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-slow-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/slow-tests.yml b/.github/workflows/slow-tests.yml new file mode 100644 index 0000000000..0f936cc767 --- /dev/null +++ b/.github/workflows/slow-tests.yml @@ -0,0 +1,37 @@ +name: Run Slow Tests + +on: + workflow_call: + inputs: + prNumber: + required: true + type: number + commitSha: + required: true + type: string + secrets: + CI_AWS_ROLE_ARN: + required: true + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + slow-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.repository.name }}-ci-slow-tests + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file From ae1e742e6947f9fff66ff2e243f08adffaecbe70 Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos Date: Tue, 30 Jul 2024 01:27:38 -0700 Subject: [PATCH 08/11] run extras on comment --- .github/workflows/Trigger-codebuild.yml | 40 ++++++++++++++ .github/workflows/codebuild-ci.yml | 4 +- .github/workflows/run-extras.yml | 64 ++++++++++++++++++++++ .github/workflows/run-local-mode-tests.yml | 35 ------------ .github/workflows/run-slow-tests.yml | 35 ------------ .github/workflows/trigger-codebuild.yml | 40 ++++++++++++++ 6 files changed, 146 insertions(+), 72 deletions(-) create mode 100644 .github/workflows/Trigger-codebuild.yml create mode 100644 .github/workflows/run-extras.yml delete mode 100644 .github/workflows/run-local-mode-tests.yml delete mode 100644 .github/workflows/run-slow-tests.yml create mode 100644 .github/workflows/trigger-codebuild.yml diff --git a/.github/workflows/Trigger-codebuild.yml b/.github/workflows/Trigger-codebuild.yml new file mode 100644 index 0000000000..d9fc87d7e7 --- /dev/null +++ b/.github/workflows/Trigger-codebuild.yml @@ -0,0 +1,40 @@ +name: Trigger CodeBuild Job + +on: + workflow_call: + inputs: + codeBuildProjectName: + required: true + type: string + prNumber: + required: true + type: number + commitSha: + required: true + type: string + secrets: + CI_AWS_ROLE_ARN: + required: true + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + slow-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ inputs.codeBuildProjectName}} + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file diff --git a/.github/workflows/codebuild-ci.yml b/.github/workflows/codebuild-ci.yml index 44f34f2fd9..bd2678a6bb 100644 --- a/.github/workflows/codebuild-ci.yml +++ b/.github/workflows/codebuild-ci.yml @@ -26,7 +26,7 @@ jobs: uses: actions/github-script@v7 id: collab-check env: - PR_USER_LOGIN: ${{ github.event.pull_request.user.login }} + GH_USER_LOGIN: ${{ github.event.pull_request.user.login }} with: github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} result-encoding: string @@ -35,7 +35,7 @@ jobs: const res = await github.rest.repos.checkCollaborator({ owner: context.repo.owner, repo: context.repo.repo, - username: "${{ env.PR_USER_LOGIN }}", + username: "${{ env.GH_USER_LOGIN }}", }); console.log("Verifed user is a repo collaborator. Auto Approving PR Checks.") return res.status == "204" ? "auto-approve" : "manual-approval" diff --git a/.github/workflows/run-extras.yml b/.github/workflows/run-extras.yml new file mode 100644 index 0000000000..57bfad880e --- /dev/null +++ b/.github/workflows/run-extras.yml @@ -0,0 +1,64 @@ +name: Run Extras + +on: + pull_request_review: + types: [submitted] + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + check-comment: + if: github.event.review.body == '/run slow' || github.event.review.body == '/run localmode' || github.event.review.body == '/run extras' + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.MONITORING_AWS_ROLE_ARN }} + aws-region: us-west-2 + - name: Collaborator Check + uses: actions/github-script@v7 + id: collab-check + env: + GH_USER_LOGIN: ${{ github.event.review.user.login }} + with: + github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} + result-encoding: string + script: | + try { + const res = await github.rest.repos.checkCollaborator({ + owner: context.repo.owner, + repo: context.repo.repo, + username: "${{ env.GH_USER_LOGIN }}", + }); + console.log("Verifed user is a repo collaborator.") + return + } catch (error) { + if (error.message == "Bad credentials") { + console.log("Token Expired. Please update the COLLAB_CHECK_TOKEN secret.") + const { execSync } = require('child_process') + execSync('aws cloudwatch put-metric-data --namespace "GitHubActions" --metric-name "BadCredentials" --value 1') + } + throw new Error("Collaborator status could not be verified.") + } + run-slow-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run slow' || github.event.review.body == '/run extras' + uses: ./.github/workflows/trigger-codebuild.yml + secrets: + CI_AWS_ROLE_ARN: ${{ secrets.CI_AWS_ROLE_ARN }} + with: + codeBuildProjectName: "${{ github.repository.name }}-ci-slow-tests" + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} + run-localmode-tests: + needs: [check-comment] + if: needs.check-comment.result == 'success' && github.event.review.body == '/run localmode' || github.event.review.body == '/run extras' + uses: ./.github/workflows/trigger-codebuild.yml + secrets: + CI_AWS_ROLE_ARN: ${{ secrets.CI_AWS_ROLE_ARN }} + with: + codeBuildProjectName: "${{ github.repository.name }}-ci-localmode-tests" + prNumber: ${{ github.event.pull_request.number }} + commitSha: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/run-local-mode-tests.yml b/.github/workflows/run-local-mode-tests.yml deleted file mode 100644 index 79073e3948..0000000000 --- a/.github/workflows/run-local-mode-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Local Mode Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - local-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-localmode-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/run-slow-tests.yml b/.github/workflows/run-slow-tests.yml deleted file mode 100644 index bb31a04ed6..0000000000 --- a/.github/workflows/run-slow-tests.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Run Slow Tests - -on: - workflow_dispatch: - inputs: - prNumber: - description: 'Pull Request Number' - required: true - commitSha: - description: 'Commit SHA' - required: true - -concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - slow-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Slow Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-slow-tests - source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' - diff --git a/.github/workflows/trigger-codebuild.yml b/.github/workflows/trigger-codebuild.yml new file mode 100644 index 0000000000..d9fc87d7e7 --- /dev/null +++ b/.github/workflows/trigger-codebuild.yml @@ -0,0 +1,40 @@ +name: Trigger CodeBuild Job + +on: + workflow_call: + inputs: + codeBuildProjectName: + required: true + type: string + prNumber: + required: true + type: number + commitSha: + required: true + type: string + secrets: + CI_AWS_ROLE_ARN: + required: true + +concurrency: + group: ${{ github.workflow }}-${{ inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + slow-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Test + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ inputs.codeBuildProjectName}} + source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file From b35358a282ebe6b4543e0697c4423c85d8a8daca Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos <141277478+benieric@users.noreply.github.com> Date: Tue, 30 Jul 2024 02:07:02 -0700 Subject: [PATCH 09/11] Delete .github/workflows/localmode-tests.yml --- .github/workflows/localmode-tests.yml | 37 --------------------------- 1 file changed, 37 deletions(-) delete mode 100644 .github/workflows/localmode-tests.yml diff --git a/.github/workflows/localmode-tests.yml b/.github/workflows/localmode-tests.yml deleted file mode 100644 index ba2d90015b..0000000000 --- a/.github/workflows/localmode-tests.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: Run Local Mode Tests - -on: - workflow_call: - inputs: - prNumber: - required: true - type: number - commitSha: - required: true - type: string - secrets: - CI_AWS_ROLE_ARN: - required: true - -concurrency: - group: ${{ github.workflow }}-${{ inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - local-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Test - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.repository.name }}-ci-localmode-tests - source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file From 1a8e1ae859b82b19b52a14fbda60e5ba9453fe55 Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos <141277478+benieric@users.noreply.github.com> Date: Tue, 30 Jul 2024 02:07:16 -0700 Subject: [PATCH 10/11] Delete .github/workflows/slow-tests.yml --- .github/workflows/slow-tests.yml | 37 -------------------------------- 1 file changed, 37 deletions(-) delete mode 100644 .github/workflows/slow-tests.yml diff --git a/.github/workflows/slow-tests.yml b/.github/workflows/slow-tests.yml deleted file mode 100644 index 0f936cc767..0000000000 --- a/.github/workflows/slow-tests.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: Run Slow Tests - -on: - workflow_call: - inputs: - prNumber: - required: true - type: number - commitSha: - required: true - type: string - secrets: - CI_AWS_ROLE_ARN: - required: true - -concurrency: - group: ${{ github.workflow }}-${{ inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - slow-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Test - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.repository.name }}-ci-slow-tests - source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file From a62681f509d74815264292fad82ac3e7f53b964d Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos <141277478+benieric@users.noreply.github.com> Date: Tue, 30 Jul 2024 02:11:08 -0700 Subject: [PATCH 11/11] Delete .github/workflows/Trigger-codebuild.yml --- .github/workflows/Trigger-codebuild.yml | 40 ------------------------- 1 file changed, 40 deletions(-) delete mode 100644 .github/workflows/Trigger-codebuild.yml diff --git a/.github/workflows/Trigger-codebuild.yml b/.github/workflows/Trigger-codebuild.yml deleted file mode 100644 index d9fc87d7e7..0000000000 --- a/.github/workflows/Trigger-codebuild.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Trigger CodeBuild Job - -on: - workflow_call: - inputs: - codeBuildProjectName: - required: true - type: string - prNumber: - required: true - type: number - commitSha: - required: true - type: string - secrets: - CI_AWS_ROLE_ARN: - required: true - -concurrency: - group: ${{ github.workflow }}-${{ inputs.prNumber }} - cancel-in-progress: true - -permissions: - id-token: write # This is required for requesting the JWT - -jobs: - slow-mode-tests: - runs-on: ubuntu-latest - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Test - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ inputs.codeBuildProjectName}} - source-version-override: 'refs/pull/${{ inputs.prNumber }}/head^{${{ inputs.commitSha }}}' \ No newline at end of file