Run more tests, more of the time #9737
Conversation
|
create-cloudflare
@cloudflare/kv-asset-handler
miniflare
@cloudflare/pages-shared
@cloudflare/unenv-preset
@cloudflare/vite-plugin
@cloudflare/vitest-pool-workers
@cloudflare/workers-editor-shared
wrangler
commit: |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
penalosa
added
the
skip-pr-description-validation
| }, | ||
| "optionalDependencies": { | ||
| "@cdktf/node-pty-prebuilt-multiarch": "0.10.1-pre.11" | ||
| "@cdktf/node-pty-prebuilt-multiarch": "0.10.2" |
There was a problem hiding this comment.
Just a version bump while trying to get this fixture working in later versions of Node. Turns out it doesn't support them though (see cdktf/node-pty-prebuilt-multiarch#119), but there's no harm in using a slightly newer version
| - name: Check for errors | ||
| run: pnpm run check --summarize | ||
| - name: Bump package versions | ||
| run: node .github/changeset-version.js |
There was a problem hiding this comment.
is there anything to worry about here re: order of merges? is this on every workflow just in case, or could they conflict somehow? i guess i don't really understand why different versions has caused failures in VP/what sort of failures.
There was a problem hiding this comment.
This won't affect the actual code that is merged from a PR, it just ensures that the tests run against the PR as if it was on VP (with the version bumps applied). This is both to prevent problems (e.g. C3 inadvertently works because the published version of Wrangler is the same as the version on disk, but fails for some reason if they're different, which has happened in the past), but also to fix turbo caches so that VP can be cached. Currently VP is completely uncached because all the package.json files change, which busts the cache
| - Tests | ||
| - [ ] TODO (before merge) | ||
| - [ ] Tests included | ||
| - [ ] Tests not necessary because: |
There was a problem hiding this comment.
did you mean to remove this checkbox? this change doesn't seem intentional to me? 🤔
(test being the only checkbox without the not-necessary checkbox)
There was a problem hiding this comment.
Samuel mentioned in the description that Changing the tests checkbox to only have the option to mark "Tests included". This can be bypassed with the no-tests label.
But I wonder if it's better to keep the no test checkbox as we lost the context on why if we rely on the label.
There was a problem hiding this comment.
I see... yeah but the way I would expect it, similarly to how V3 backporting works, is that we do have the check and also the label 🤔
There was a problem hiding this comment.
The description had my motivation here: "hopefully removing the visible option for not including tests will encourage people to include tests", but happy to revert this. My thinking was that basically all PRs should have tests, and it should be fairly hidden option to not add tests. It'll also be much more obvious for us when reviewing that a PR has the no-tests label, which should make it easier to spot if something has been inadvertently marked as not requiring tests.
There was a problem hiding this comment.
I've reverted this change
There was a problem hiding this comment.
It'll also be much more obvious for us when reviewing that a PR has the
no-testslabel, which should make it easier to spot if something has been inadvertently marked as not requiring tests.
External contributors can't add the label though 😕
There was a problem hiding this comment.
My thinking was that basically all PRs should have tests
I agree if we're talking about actual code changes, but often there other types of changes that don't require tests, such as code comments, changeset changes, templates changes, infra changes, md changes (which we do have a comment about in the pr template anyways) 🤔
.github/workflows/c3-e2e.yml
Outdated
| on: | ||
| merge_group: | ||
| pull_request: | ||
| types: [synchronize, opened, reopened, labeled, unlabeled] |
There was a problem hiding this comment.
if we're not checking for labels anymore shouldn't we remove labeled/unlabeled from here? (we don't need to re-run the workflow when labels change, right?)
There was a problem hiding this comment.
(this also applies to the other workflows)
.github/workflows/c3-e2e.yml
Outdated
| group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }}-${{ matrix.pm.name }}-${{ matrix.pm.version }} | ||
| cancel-in-progress: true | ||
| name: ${{ format('Run tests for {0}@{1} on {2}', matrix.pm.name, matrix.pm.version, matrix.os) }} | ||
| name: ${{ format('C3 ({0})', matrix.label) }} |
There was a problem hiding this comment.
I would really avoid using the word label used for something different from what GitHub refers as labels, sounds to me like something bound to cause confusion at some point
There was a problem hiding this comment.
(this also applies to the other workflows)
dario-piotrowicz
left a comment
dario-piotrowicz
left a comment
There was a problem hiding this comment.
I've left a few comments, but nothing blocking, looks good to me 🙂
| name: ${{ format('Wrangler ({0})', matrix.description) }} | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }}-${{ matrix.node }} | ||
| group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }}-${{ matrix.node }}-wrangler | ||
| cancel-in-progress: true | ||
| timeout-minutes: 60 | ||
| if: github.event_name == 'pull_request' && contains(github.event.*.labels.*.name, 'e2e' ) && github.event.pull_request.head.repo.owner.login == 'cloudflare' && (github.head_ref == 'changeset-release/main' || contains(github.event.*.labels.*.name, 'every-os' )) | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| os: [macos-13, windows-2022] | ||
| node: ["20.19.1"] | ||
| include: | ||
| - os: macos-13 | ||
| description: v20, macOS | ||
| node: 20.19.1 | ||
| - os: windows-2022 | ||
| description: v20, Windows | ||
| node: 20.19.1 | ||
| - os: ubuntu-22.04-arm | ||
| description: v20, Linux | ||
| node: 20.19.1 | ||
|
|
||
| runs-on: ${{ matrix.os }} | ||
| steps: | ||
| - name: Checkout Repo | ||
| if: github.event.pull_request.head.repo.owner.login == 'cloudflare' | ||
| uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
|
|
||
| - name: Install Dependencies | ||
| if: github.event.pull_request.head.repo.owner.login == 'cloudflare' | ||
| uses: ./.github/actions/install-dependencies | ||
| with: | ||
| node-version: ${{ matrix.node }} | ||
| turbo-api: ${{ secrets.TURBO_API }} | ||
| turbo-team: ${{ secrets.TURBO_TEAM }} | ||
| turbo-token: ${{ secrets.TURBO_TOKEN }} | ||
| turbo-signature: ${{ secrets.TURBO_REMOTE_CACHE_SIGNATURE_KEY }} | ||
|
|
||
| - name: Run Vite E2E tests | ||
| run: pnpm test:e2e -F @cloudflare/vite-plugin --log-order=stream | ||
| timeout-minutes: 15 | ||
| - name: Bump package versions | ||
| run: node .github/changeset-version.js | ||
| env: | ||
| NODE_DEBUG: "vite-plugin:test" | ||
| # The AI tests need to connect to Cloudflare | ||
| CLOUDFLARE_API_TOKEN: ${{ secrets.TEST_CLOUDFLARE_API_TOKEN }} | ||
| CLOUDFLARE_ACCOUNT_ID: ${{ secrets.TEST_CLOUDFLARE_ACCOUNT_ID }} | ||
| NODE_OPTIONS: "--max_old_space_size=8192" | ||
| CI_OS: ${{ matrix.os }} | ||
| GITHUB_TOKEN: ${{ github.token }} | ||
|
|
||
| - name: Run Wrangler E2E tests | ||
| if: github.event.pull_request.head.repo.owner.login == 'cloudflare' | ||
| run: pnpm run test:e2e:wrangler | ||
| env: | ||
| CLOUDFLARE_API_TOKEN: ${{ secrets.TEST_CLOUDFLARE_API_TOKEN }} | ||
| CLOUDFLARE_ACCOUNT_ID: ${{ secrets.TEST_CLOUDFLARE_ACCOUNT_ID }} | ||
| HYPERDRIVE_DATABASE_URL: ${{ secrets.TEST_HYPERDRIVE_DATABASE_URL}} | ||
| WRANGLER: node --no-warnings ${{ github.workspace}}/packages/wrangler/bin/wrangler.js | ||
| WRANGLER_IMPORT: ${{ github.workspace}}/packages/wrangler/wrangler-dist/cli.js | ||
| MINIFLARE_IMPORT: ${{ github.workspace}}/packages/miniflare/dist/src/index.js | ||
| NODE_OPTIONS: "--max_old_space_size=8192" | ||
| WRANGLER_LOG_PATH: ${{ runner.temp }}/wrangler-debug-logs/ | ||
| TEST_REPORT_PATH: ${{ runner.temp }}/test-report/index.html | ||
| CI_OS: ${{ matrix.os }} | ||
|
|
||
| - name: Upload turbo logs | ||
| if: always() | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: turbo-runs-${{ matrix.os }}-${{ matrix.node }} | ||
| path: .turbo/runs | ||
|
|
||
| e2e-test: | ||
| name: "E2E tests" | ||
| e2e-vite-test: | ||
| name: ${{ format('Vite ({0})', matrix.description) }} | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }}-${{ matrix.node }} | ||
| group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.os }}-${{ matrix.node }}-vite | ||
| cancel-in-progress: true | ||
| timeout-minutes: 60 | ||
| if: github.event_name == 'pull_request' && contains(github.event.*.labels.*.name, 'e2e' ) && github.event.pull_request.head.repo.owner.login == 'cloudflare' | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| os: [ubuntu-22.04-arm] | ||
| node: ["20.19.1"] | ||
| include: | ||
| - os: macos-13 |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 7 months ago
To fix the issue, we will add a permissions block at the root of the workflow file. This block will define the minimal permissions required for the workflow to function correctly. Based on the workflow's operations, the following permissions are necessary:
contents: readfor accessing repository contents.contents: writefor the "Bump package versions" step, which modifies repository files.
The permissions block will be added at the root level to apply to all jobs in the workflow. If any job requires additional permissions, they can be overridden within the specific job.
| @@ -2,2 +2,5 @@ | ||
|
|
||
| permissions: | ||
| contents: write | ||
|
|
||
| on: |
4 participants
One of the most painful category of release issues is Something is wrong in VP that could have been caught earlier. e.g.
This PR aims to address that pain by running all tests (including E2E tests) in the Merge Queue, which we already enforce as a merge strategy. That will mean that forks can run E2E tests (since at the point a fork PR is in the Merge Queue it’s been approved, so can be trusted to run E2E tests with tokens). It will also mean that nothing lands in main without fully passing E2E tests, having been rebased on top of the tip of main. This also means we no longer have a split between PRs and VP in terms of what OS tests are run on.
There are a couple of things this PR has done to make this work well:
This PR also simplifies the pull request template by:
no-testslabel, but hopefully removing the visible option for not including tests will encourage people to include tests