From ac5ff383568133fb13d0439e67dd5f9b09e53e23 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 5 Apr 2023 11:53:13 +0200 Subject: [PATCH 01/10] action: less less in parallel --- .github/workflows/tav-command.yml | 2 +- .github/workflows/tav.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index 59229dfc6a..2a14d17e36 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -46,7 +46,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 40 strategy: - max-parallel: 20 + max-parallel: 15 fail-fast: false matrix: node: ${{ fromJSON(needs.command-validation.outputs.versions) }} diff --git a/.github/workflows/tav.yml b/.github/workflows/tav.yml index 8f0e5f129c..0f2cc0e207 100644 --- a/.github/workflows/tav.yml +++ b/.github/workflows/tav.yml @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 40 strategy: - max-parallel: 30 + max-parallel: 15 fail-fast: false matrix: node: ${{ fromJSON(needs.prepare-matrix.outputs.versions) }} From 989fd9ec09606e532342c3619a71d9f6e4f80020 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 5 Apr 2023 19:50:41 +0200 Subject: [PATCH 02/10] action: support github commands for the tav modules --- .ci/generate-github-tav-matrix.sh | 5 --- .github/workflows/tav-command.yml | 64 ++++++++++++++++++++++--------- .github/workflows/tav.yml | 34 ++++++++++++---- 3 files changed, 73 insertions(+), 30 deletions(-) delete mode 100755 .ci/generate-github-tav-matrix.sh diff --git a/.ci/generate-github-tav-matrix.sh b/.ci/generate-github-tav-matrix.sh deleted file mode 100755 index 0750ef4bba..0000000000 --- a/.ci/generate-github-tav-matrix.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash -set -e - -echo "versions=$(jq -c .versions .ci/tav.json)" >> $GITHUB_OUTPUT -echo "modules=$(jq -c .modules .ci/tav.json)" >> $GITHUB_OUTPUT diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index 2a14d17e36..56c00b522e 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -18,28 +18,56 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 outputs: - versions: ${{ steps.generate-matrix.outputs.versions }} - modules: ${{ steps.generate-matrix.outputs.modules }} - pull-request: ${{ steps.transform.outputs.pull-request }} + versions: ${{ steps.transform.outputs.versions }} + modules: ${{ steps.transform.outputs.modules }} + pull-request: ${{ steps.pr.outputs.number }} steps: - - name: Validate github comment - uses: elastic/apm-pipeline-library/.github/actions/validate-github-comment@current + - name: Validate github comment + uses: elastic/apm-pipeline-library/.github/actions/validate-github-comment@main - - id: transform - name: Transform comment to the supported matrix - uses: actions/github-script@v6 - with: - script: | - core.setOutput('pull-request', context.payload.issue.number) + - id: pr + uses: actions/github-script@v6 + with: + script: core.setOutput('number', context.payload.issue.number) - - uses: actions/checkout@v3 - with: - ref: refs/pull/${{ steps.transform.outputs.pull-request }}/merge + - uses: actions/checkout@v3 + with: + ref: refs/pull/${{ steps.pr.outputs.number }}/merge - ## TODO: use elastic/apm-pipeline-library/.github/actions/version-framework - ## as soon as https://github.com/elastic/apm-pipeline-library/issues/2171 is done. - - id: generate-matrix - run: .ci/generate-github-tav-matrix.sh + - id: transform + name: Transform comment to the supported matrix + uses: actions/github-script@v6 + with: + script: | + if ('${{ github.event.comment.body }}' === '/test tav') { + const fs = require("fs"); + fs.readFile("./matrix.json", "utf8", (err, jsonString) => { + if (err) { + core.setFailed("Error reading file from disk") + return + } + try { + const matrix = JSON.parse(jsonString) + core.setOutput('modules', matrix.modules) + core.setOutput('versions', matrix.versions) + } catch (err) { + core.setFailed("Error parsing JSON string") + } + }) + return + } + // Transform comment in the right data structure to be consumed later on + const comment = context.payload.comment.body + const regexpSize = /\/test tav (.+) (.+)/ + const match = comment.match(regexpSize) + if (match[1]) { + const modules = match[1].replace(/\s/g, '').split(',') + core.setOutput('modules', modules) + } + if (match[2]) { + const versions = match[2].replace(/\s/g, '').split(',') + core.setOutput('versions', versions) + } test-tav: needs: command-validation diff --git a/.github/workflows/tav.yml b/.github/workflows/tav.yml index 0f2cc0e207..d5ab48980a 100644 --- a/.github/workflows/tav.yml +++ b/.github/workflows/tav.yml @@ -24,14 +24,34 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 5 outputs: - versions: ${{ steps.generate-matrix.outputs.versions }} - modules: ${{ steps.generate-matrix.outputs.modules }} + versions: ${{ steps.transform.outputs.versions }} + modules: ${{ steps.transform.outputs.modules }} steps: - - uses: actions/checkout@v3 - ## TODO: use elastic/apm-pipeline-library/.github/actions/version-framework - ## as soon as https://github.com/elastic/apm-pipeline-library/issues/2171 is done. - - id: generate-matrix - run: .ci/generate-github-tav-matrix.sh + + - uses: actions/checkout@v3 + + - id: transform + name: Transform comment to the supported matrix + uses: actions/github-script@v6 + with: + script: | + if ('${{ github.event.comment.body }}' === '/test tav') { + const fs = require("fs"); + fs.readFile("./matrix.json", "utf8", (err, jsonString) => { + if (err) { + core.setFailed("Error reading file from disk") + return + } + try { + const matrix = JSON.parse(jsonString) + core.setOutput('modules', matrix.modules) + core.setOutput('versions', matrix.versions) + } catch (err) { + core.setFailed("Error parsing JSON string") + } + }) + return + } test-tav: needs: prepare-matrix From 5e5c341f46bac4cc7ec395424dbb5e099e5b8b4e Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 5 Apr 2023 19:52:53 +0200 Subject: [PATCH 03/10] read .ci/tav.json --- .github/workflows/tav-command.yml | 2 +- .github/workflows/tav.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index 56c00b522e..30d2439ad9 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -41,7 +41,7 @@ jobs: script: | if ('${{ github.event.comment.body }}' === '/test tav') { const fs = require("fs"); - fs.readFile("./matrix.json", "utf8", (err, jsonString) => { + fs.readFile("./.ci/tav.json", "utf8", (err, jsonString) => { if (err) { core.setFailed("Error reading file from disk") return diff --git a/.github/workflows/tav.yml b/.github/workflows/tav.yml index d5ab48980a..378d977052 100644 --- a/.github/workflows/tav.yml +++ b/.github/workflows/tav.yml @@ -37,7 +37,7 @@ jobs: script: | if ('${{ github.event.comment.body }}' === '/test tav') { const fs = require("fs"); - fs.readFile("./matrix.json", "utf8", (err, jsonString) => { + fs.readFile("./.ci/tav.json", "utf8", (err, jsonString) => { if (err) { core.setFailed("Error reading file from disk") return From e9a5ffdcd851f596d0121cd78ec04cb2a2ebc62f Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Wed, 5 Apr 2023 22:42:21 +0200 Subject: [PATCH 04/10] support all the cases --- .github/workflows/tav-command.yml | 53 ++++++++++++++++--------------- .github/workflows/tav.yml | 30 ++++++++--------- 2 files changed, 43 insertions(+), 40 deletions(-) diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index 30d2439ad9..dc4045932e 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -26,6 +26,7 @@ jobs: uses: elastic/apm-pipeline-library/.github/actions/validate-github-comment@main - id: pr + name: Fetch PR uses: actions/github-script@v6 with: script: core.setOutput('number', context.payload.issue.number) @@ -39,35 +40,37 @@ jobs: uses: actions/github-script@v6 with: script: | - if ('${{ github.event.comment.body }}' === '/test tav') { - const fs = require("fs"); - fs.readFile("./.ci/tav.json", "utf8", (err, jsonString) => { - if (err) { - core.setFailed("Error reading file from disk") - return - } - try { - const matrix = JSON.parse(jsonString) - core.setOutput('modules', matrix.modules) - core.setOutput('versions', matrix.versions) - } catch (err) { - core.setFailed("Error parsing JSON string") - } - }) + async function f() { + const fsPromises = require('fs').promises; + const data = await fsPromises.readFile('./.ci/tav.json') + .catch((err) => core.setFailed('Failed to read file', err)); + return JSON.parse(data.toString()); + } + const matrix = await f() + let modules, versions + try { + versions = matrix.versions + modules = matrix.modules + } catch (err) { + core.setFailed("Error parsing JSON string") return } - // Transform comment in the right data structure to be consumed later on const comment = context.payload.comment.body - const regexpSize = /\/test tav (.+) (.+)/ - const match = comment.match(regexpSize) - if (match[1]) { - const modules = match[1].replace(/\s/g, '').split(',') - core.setOutput('modules', modules) - } - if (match[2]) { - const versions = match[2].replace(/\s/g, '').split(',') - core.setOutput('versions', versions) + if (comment !== '/test tav') { + const regex = /\/test tav ([^\s\\]+)(\s*)([^\s\\]*)/ + const match = comment.match(regex) + console.log(`parse comment - ${match}`) + if (match[1]) { + if (match[1] !== 'all') { + modules = match[1].split(',') + } + } + if (match[3]) { + versions = match[3].split(',') + } } + core.setOutput('modules', modules) + core.setOutput('versions', versions) test-tav: needs: command-validation diff --git a/.github/workflows/tav.yml b/.github/workflows/tav.yml index 378d977052..f83b794f70 100644 --- a/.github/workflows/tav.yml +++ b/.github/workflows/tav.yml @@ -35,23 +35,23 @@ jobs: uses: actions/github-script@v6 with: script: | - if ('${{ github.event.comment.body }}' === '/test tav') { - const fs = require("fs"); - fs.readFile("./.ci/tav.json", "utf8", (err, jsonString) => { - if (err) { - core.setFailed("Error reading file from disk") - return - } - try { - const matrix = JSON.parse(jsonString) - core.setOutput('modules', matrix.modules) - core.setOutput('versions', matrix.versions) - } catch (err) { - core.setFailed("Error parsing JSON string") - } - }) + async function f() { + const fsPromises = require('fs').promises; + const data = await fsPromises.readFile('./.ci/tav.json') + .catch((err) => core.setFailed('Failed to read file', err)); + return JSON.parse(data.toString()); + } + const matrix = await f() + let modules, versions + try { + versions = matrix.versions + modules = matrix.modules + } catch (err) { + core.setFailed("Error parsing JSON string") return } + core.setOutput('modules', modules) + core.setOutput('versions', versions) test-tav: needs: prepare-matrix From 19247dd941c831ee8d9eddd1c5ba4a9da1150faf Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 6 Apr 2023 07:57:41 +0200 Subject: [PATCH 05/10] Apply suggestions from code review Co-authored-by: Trent Mick --- .github/workflows/tav-command.yml | 14 +++++--------- .github/workflows/tav.yml | 19 ++++++------------- 2 files changed, 11 insertions(+), 22 deletions(-) diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index dc4045932e..4b047f33db 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -40,24 +40,20 @@ jobs: uses: actions/github-script@v6 with: script: | - async function f() { - const fsPromises = require('fs').promises; - const data = await fsPromises.readFile('./.ci/tav.json') - .catch((err) => core.setFailed('Failed to read file', err)); - return JSON.parse(data.toString()); - } - const matrix = await f() + const fs = require('fs') + let modules, versions try { + const matrix = JSON.parse(fs.readFileSync('./.ci/tav.json')) versions = matrix.versions modules = matrix.modules } catch (err) { - core.setFailed("Error parsing JSON string") + core.setFailed(`Error loading './.ci/tav.json': ${err}`) return } const comment = context.payload.comment.body if (comment !== '/test tav') { - const regex = /\/test tav ([^\s\\]+)(\s*)([^\s\\]*)/ + const regex = /\/test tav ([^\s]+)(\s*)([^\s]*)/ const match = comment.match(regex) console.log(`parse comment - ${match}`) if (match[1]) { diff --git a/.github/workflows/tav.yml b/.github/workflows/tav.yml index f83b794f70..fadde73a89 100644 --- a/.github/workflows/tav.yml +++ b/.github/workflows/tav.yml @@ -35,23 +35,16 @@ jobs: uses: actions/github-script@v6 with: script: | - async function f() { - const fsPromises = require('fs').promises; - const data = await fsPromises.readFile('./.ci/tav.json') - .catch((err) => core.setFailed('Failed to read file', err)); - return JSON.parse(data.toString()); - } - const matrix = await f() - let modules, versions + const fs = require('fs') + let matrix try { - versions = matrix.versions - modules = matrix.modules + matrix = JSON.parse(fs.readFileSync('./.ci/tav.json')) } catch (err) { - core.setFailed("Error parsing JSON string") + core.setFailed(`Error loading './.ci/tav.json': ${err}`) return } - core.setOutput('modules', modules) - core.setOutput('versions', versions) + core.setOutput('modules', matrix.modules) + core.setOutput('versions', matrix.versions) test-tav: needs: prepare-matrix From 9e3c64a7bd1458a927caf6cf6cf684373cb3ba2d Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 6 Apr 2023 08:08:12 +0200 Subject: [PATCH 06/10] action: report if no right regex --- .github/workflows/tav-command.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index 4b047f33db..1997bd12c5 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -55,7 +55,10 @@ jobs: if (comment !== '/test tav') { const regex = /\/test tav ([^\s]+)(\s*)([^\s]*)/ const match = comment.match(regex) - console.log(`parse comment - ${match}`) + if (!match) { + core.setFailed(`Incorrect comment, please use /test tav(\\s(module1,...,moduleN)?(\\s)?(node1,...,nodeN)?)?'`) + return + } if (match[1]) { if (match[1] !== 'all') { modules = match[1].split(',') From c58a8b44a48bf6b2108aa28c5ce7b44c66de7d5e Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Thu, 6 Apr 2023 08:15:05 +0200 Subject: [PATCH 07/10] notify with reaction if a wrong regex --- .github/workflows/tav-command.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index 1997bd12c5..2ce4f5a9e9 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -71,6 +71,17 @@ jobs: core.setOutput('modules', modules) core.setOutput('versions', versions) + - name: Notify - failure + if: failure() + uses: actions/github-script@v6 + with: + script: | + await github.rest.reactions.createForIssueComment({ + ...context.repo, + comment_id: context.payload.comment.id, + content: '-1', + }) + test-tav: needs: command-validation runs-on: ubuntu-latest From a3f17eaf100d8b521adf5985fb156db2d9d0d575 Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 8 May 2023 10:07:30 +0200 Subject: [PATCH 08/10] ci: use pull_request_review since it's linked to a specific git sha commit hence it's more secured and there is no need to create a reaction with the status --- .github/workflows/tav-command.yml | 76 ++++++++++--------------------- 1 file changed, 25 insertions(+), 51 deletions(-) diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index 2ce4f5a9e9..4e19252a11 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -1,39 +1,49 @@ name: tav-command on: - issue_comment: - types: [created] + pull_request_review: concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} permissions: - contents: write - pull-requests: write + contents: read jobs: command-validation: - if: github.event.issue.pull_request && startsWith(github.event.comment.body, '/test tav') + if: startsWith(github.event.review.body, '/test tav') runs-on: ubuntu-latest timeout-minutes: 5 + permissions: + pull-requests: write outputs: versions: ${{ steps.transform.outputs.versions }} modules: ${{ steps.transform.outputs.modules }} - pull-request: ${{ steps.pr.outputs.number }} steps: - - name: Validate github comment - uses: elastic/apm-pipeline-library/.github/actions/validate-github-comment@main - - - id: pr - name: Fetch PR + - name: Is comment allowed? uses: actions/github-script@v6 with: - script: core.setOutput('number', context.payload.issue.number) + script: | + const actorPermission = (await github.rest.repos.getCollaboratorPermissionLevel({ + ...context.repo, + username: context.actor + })).data.permission + const isPermitted = ['write', 'admin'].includes(actorPermission) + if (!isPermitted) { + const errorMessage = 'Only users with write permission to the repository can run GitHub commands' + await github.rest.issues.createComment({ + ...context.repo, + issue_number: context.issue.number, + body: errorMessage, + }) + core.setFailed(errorMessage) + return; + } - uses: actions/checkout@v3 with: - ref: refs/pull/${{ steps.pr.outputs.number }}/merge + ref: ${{ github.event.pull_request.head.sha }} - id: transform name: Transform comment to the supported matrix @@ -51,7 +61,7 @@ jobs: core.setFailed(`Error loading './.ci/tav.json': ${err}`) return } - const comment = context.payload.comment.body + const comment = context.payload.review.body if (comment !== '/test tav') { const regex = /\/test tav ([^\s]+)(\s*)([^\s]*)/ const match = comment.match(regex) @@ -71,17 +81,6 @@ jobs: core.setOutput('modules', modules) core.setOutput('versions', versions) - - name: Notify - failure - if: failure() - uses: actions/github-script@v6 - with: - script: | - await github.rest.reactions.createForIssueComment({ - ...context.repo, - comment_id: context.payload.comment.id, - content: '-1', - }) - test-tav: needs: command-validation runs-on: ubuntu-latest @@ -96,33 +95,8 @@ jobs: - uses: actions/checkout@v3 with: - ref: refs/pull/${{ needs.command-validation.outputs.pull-request }}/merge + ref: ${{ github.event.pull_request.head.sha }} - run: .ci/scripts/test.sh -b "release" -t "${{ matrix.module }}" "${{ matrix.node }}" env: ELASTIC_APM_CONTEXT_MANAGER: '' - - ## - ## POST-BUILD notifications - ## - - name: Notify - success - if: success() - uses: actions/github-script@v6 - with: - script: | - await github.rest.reactions.createForIssueComment({ - ...context.repo, - comment_id: context.payload.comment.id, - content: 'heart', - }) - - - name: Notify - failure - if: failure() - uses: actions/github-script@v6 - with: - script: | - await github.rest.reactions.createForIssueComment({ - ...context.repo, - comment_id: context.payload.comment.id, - content: '-1', - }) From 465c228a28060e3620d7cc6b4572e287f738fbaf Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 8 May 2023 10:09:15 +0200 Subject: [PATCH 09/10] Update .github/workflows/tav-command.yml --- .github/workflows/tav-command.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/tav-command.yml b/.github/workflows/tav-command.yml index 4e19252a11..8fd2a822f4 100644 --- a/.github/workflows/tav-command.yml +++ b/.github/workflows/tav-command.yml @@ -2,6 +2,7 @@ name: tav-command on: pull_request_review: + types: [submitted] concurrency: group: ${{ github.workflow }}-${{ github.ref }} From 74e0e97528dd1f584eed9c0958c1866ec2a830bd Mon Sep 17 00:00:00 2001 From: Victor Martinez Date: Mon, 8 May 2023 10:12:33 +0200 Subject: [PATCH 10/10] Update .github/workflows/tav.yml --- .github/workflows/tav.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tav.yml b/.github/workflows/tav.yml index 6b61b0eeea..4c40916c6c 100644 --- a/.github/workflows/tav.yml +++ b/.github/workflows/tav.yml @@ -31,7 +31,7 @@ jobs: - uses: actions/checkout@v3 - id: transform - name: Transform comment to the supported matrix + name: Load matrix from tav.json uses: actions/github-script@v6 with: script: |