Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[release-v0.59.x] .github/workflows: backport e2e workflows #8450

Open
wants to merge 2 commits into
base: release-v0.59.x
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
81 changes: 81 additions & 0 deletions .github/workflows/chatops_retest.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
# The _chatops_retest workflow reruns failed GHA for a PR
#
# This workflow is triggered by leaving a "/retest" comment on
# a pull request. If the required preconditions are met, it will
# rerun failed GitHub actions checks on that PR
#
# Condition for the "/retest" command are:
# - either the issuer is a maintainer
# - or the issuer is the owner the PR

name: Rerun Failed Actions
on:
repository_dispatch:
types: [retest-command]

jobs:
retest:
name: Rerun Failed Actions
runs-on: ubuntu-latest
steps:
- name: Show Environment Variables
run: env
- name: Show Github Object
run: |
cat <<'EOF'
${{ toJson(github) }}
EOF
- name: Show Github Event Path Json
run: 'cat $GITHUB_EVENT_PATH || true'
- name: Rerun Failed Actions
run: |
echo '::group:: Get the PR commit sha'
# Get the sha of the HEAD commit in the PR
GITHUB_COMMIT_SHA=$(gh api $(echo ${GITHUB_PULL_URL#https://api.github.com/}) | \
jq -r .head.sha)
echo GITHUB_COMMIT_SHA=${GITHUB_COMMIT_SHA}
echo '::endgroup::'

echo '::group:: Get the list of run IDs'
# Get a list of run IDs
RUN_IDS=$(gh api repos/${GITHUB_REPO}/commits/${GITHUB_COMMIT_SHA}/check-runs | \
jq -r '.check_runs[] | select(.name != "Rerun Failed Actions") | .html_url | capture("/runs/(?<number>[0-9]+)/job") | .number' | \
sort -u)
echo RUN_IDS=${RUN_IDS}
echo '::endgroup::'

echo '::group:: Rerun failed runs'
# For each run, retrigger faild jobs
for runid in ${RUN_IDS}; do
echo Restarting run ${runid} for commit ${GITHUB_COMMIT_SHA}
gh run \
--repo ${GITHUB_REPO} \
rerun ${runid} \
--failed || true
done
echo '::endgroup::'
env:
GITHUB_TOKEN: ${{ secrets.CHATOPS_TOKEN }}
GITHUB_REPO: ${{ github.event.client_payload.github.payload.repository.full_name }}
GITHUB_PULL_URL: ${{ github.event.client_payload.github.payload.issue.pull_request.url }}

- name: Create comment
if: ${{ failure() && steps.landStack.outcome == 'failure' }}
uses: peter-evans/create-or-update-comment@v4
with:
token: ${{ secrets.CHATOPS_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
body: |
Something went wrong with your `/${{ github.event.client_payload.slash_command.command }}` command: [please check the logs][1].

[1]: ${{ steps.vars.outputs.run-url }}

- name: Add reaction
if: ${{ success() }}
uses: peter-evans/create-or-update-comment@v4
with:
token: ${{ secrets.CHATOPS_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
reactions: hooray
29 changes: 29 additions & 0 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# Dependency Review Action
#
# This Action will scan dependency manifest files that change as part of a Pull Request,
# surfacing known-vulnerable versions of the packages declared or updated in the PR.
# Once installed, if the workflow run is marked as required,
# PRs introducing known-vulnerable packages will be blocked from merging.
#
# Source repository: https://github.com/actions/dependency-review-action
name: 'Dependency Review'
on: [pull_request]

permissions:
contents: read

jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit

- name: 'Checkout Repository'
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: 'Dependency Review'
uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
with:
fail-on-severity: low
108 changes: 108 additions & 0 deletions .github/workflows/e2e-matrix.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,108 @@
name: Tekton Integration
# Adapted from https://github.com/mattmoor/mink/blob/master/.github/workflows/minkind.yaml

on: [ pull_request ]

defaults:
run:
shell: bash

jobs:
e2e-tests:
name: e2e tests
runs-on: ubuntu-latest
strategy:
fail-fast: false # Keep running if one leg fails.
matrix:
k8s-name:
- k8s-oldest
- k8s-plus-one

feature-flags:
- stable
- beta
- alpha
# - prow-feature-flags - this is tested today as a periodic job, but we could integrate it here

include:
- k8s-name: k8s-oldest
k8s-version: v1.28.x
- k8s-name: k8s-plus-one
k8s-version: v1.29.x
- feature-flags: stable
env-file: prow
- feature-flags: alpha
env-file: prow-alpha
- feature-flags: beta
env-file: prow-beta
env:
GOPATH: ${{ github.workspace }}
GO111MODULE: on
KO_DOCKER_REPO: registry.local:5000/tekton
CLUSTER_DOMAIN: c${{ github.run_id }}.local
ARTIFACTS: ${{ github.workspace }}/artifacts

steps:
- name: Check out code onto GOPATH
uses: actions/checkout@v4
with:
path: ${{ github.workspace }}/src/github.com/tektoncd/pipeline


- name: Set up Go 1.22
uses: actions/setup-go@v5
with:
go-version: 1.22.5

- name: Install Dependencies
working-directory: ./
run: |
echo '::group:: install ko'
curl -L https://github.com/ko-build/ko/releases/download/v0.15.4/ko_0.15.4_Linux_x86_64.tar.gz | tar xzf - ko
chmod +x ./ko
sudo mv ko /usr/local/bin
echo '::endgroup::'

echo '::group:: install go-junit-report'
go install github.com/jstemmer/go-junit-report@v0.9.1
echo '::endgroup::'

echo '::group:: created required folders'
mkdir -p "${ARTIFACTS}"
echo '::endgroup::'

echo "${GOPATH}/bin" >> "$GITHUB_PATH"

- name: Run tests
working-directory: ${{ github.workspace }}/src/github.com/tektoncd/pipeline
run: |
./hack/setup-kind.sh \
--registry-url $(echo ${KO_DOCKER_REPO} | cut -d'/' -f 1) \
--cluster-suffix c${{ github.run_id }}.local \
--nodes 3 \
--k8s-version ${{ matrix.k8s-version }} \
--e2e-script ./test/e2e-tests.sh \
--e2e-env ./test/e2e-tests-kind-${{ matrix.env-file }}.env

- name: Upload test results
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }}
path: ${{ env.ARTIFACTS }}

- uses: chainguard-dev/actions/kind-diag@main
if: ${{ failure() }}
with:
artifact-name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }}-logs

- name: Dump Artifacts
if: ${{ failure() }}
run: |
if [[ -d ${{ env.ARTIFACTS }} ]]; then
cd ${{ env.ARTIFACTS }}
for x in $(find . -type f); do
echo "::group:: artifact $x"
cat $x
echo '::endgroup::'
done
fi
41 changes: 41 additions & 0 deletions .github/workflows/slash.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# The slash workflow handles slash commands
#
# Slash commands are given through comments on pull requests
# and may be used only by individuals with "write" access to
# the repository (i.e. maintainers).
#
# Slash commands must be placed at the very beginning of the
# first line of a comment. More details are available in the
# action docs: https://github.com/peter-evans/slash-command-dispatch/tree/main?tab=readme-ov-file#how-comments-are-parsed-for-slash-commands
#
# The workflow looks for and dispatches to another workflow
# named <command>-command which must exist in the repository.
#
# Supported commands:
# - /land: invokes the land-command workflow, to land (merge) PRs
# stacked through ghstack
#
# When a command is recognised, the rocket and eyes emojis are added

name: Slash Command Routing
on:
issue_comment:
types: [created]

jobs:
check_comments:
runs-on: ubuntu-latest
steps:
- name: route-land
uses: peter-evans/slash-command-dispatch@v4
with:
token: ${{ secrets.CHATOPS_TOKEN }}
config: >
[
{
"command": "retest",
"permission": "write",
"issue_type": "pull-request",
"repository": "tektoncd/pipeline"
}
]
Loading
Loading