From 2fe2b5d9778005e2769ab30e4e9ae5b268820961 Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Sun, 8 Dec 2024 18:45:08 +0000 Subject: [PATCH 1/9] fix(ci): ephemeral get SHA --- .github/workflows/ephemeral-env.yml | 45 +++++++++++++++-------------- 1 file changed, 23 insertions(+), 22 deletions(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index 99eb63a3263c1..b6b3fac6b07ed 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -27,8 +27,28 @@ jobs: outputs: slash-command: ${{ steps.eval-body.outputs.result }} feature-flags: ${{ steps.eval-feature-flags.outputs.result }} + sha: ${{ steps.get-sha.outputs.sha }} steps: + - name: Get Info from comment + uses: actions/github-script@v7 + id: get-pr-info + with: + script: | + const request = { + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, + }; + core.info(`Getting PR #${request.pull_number} from ${request.owner}/${request.repo}`); + const pr = await github.rest.pulls.get(request); + return pr.data; + + - name: Debug + id: get-sha + run: | + echo "sha=${{ fromJSON(steps.get-pr-info.outputs.result).head.sha }}" >> $GITHUB_OUTPUT + - name: Debug run: | echo "Comment on PR #${{ github.event.issue.number }} by ${{ github.event.issue.user.login }}, ${{ github.event.comment.author_association }}" @@ -109,29 +129,10 @@ jobs: name: ephemeral-docker-build runs-on: ubuntu-22.04 steps: - - name: Get Info from comment - uses: actions/github-script@v7 - id: get-pr-info - with: - script: | - const request = { - owner: context.repo.owner, - repo: context.repo.repo, - pull_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, - }; - core.info(`Getting PR #${request.pull_number} from ${request.owner}/${request.repo}`); - const pr = await github.rest.pulls.get(request); - return pr.data; - - - name: Debug - id: get-sha - run: | - echo "sha=${{ fromJSON(steps.get-pr-info.outputs.result).head.sha }}" >> $GITHUB_OUTPUT - - - name: "Checkout ${{ github.ref }} ( ${{ github.sha }} : ${{steps.get-sha.outputs.sha}} )" + - name: "Checkout ${{ github.ref }} ( ${{ needs.ephemeral-env-comment.outputs.sha }} : ${{steps.get-sha.outputs.sha}} )" uses: actions/checkout@v4 with: - ref: ${{ steps.get-sha.outputs.sha }} + ref: ${{ needs.ephemeral-env-comment.outputs.sha }} persist-credentials: false - name: Set up QEMU @@ -168,7 +169,7 @@ jobs: env: ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} ECR_REPOSITORY: superset-ci - IMAGE_TAG: apache/superset:${{ steps.get-sha.outputs.sha }}-ci + IMAGE_TAG: apache/superset:${{ needs.ephemeral-env-comment.outputs.sha }}-ci run: | docker tag $IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-ci docker push -a $ECR_REGISTRY/$ECR_REPOSITORY From 8a8a328682d9a175b0a88bbaf90d50f6c66aaf96 Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Mon, 27 Jan 2025 12:24:44 +0000 Subject: [PATCH 2/9] use labels instead, address comments --- .github/workflows/ephemeral-env.yml | 181 ++++++++++++---------------- 1 file changed, 80 insertions(+), 101 deletions(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index 50f4de4b0c76b..5ba89a05a0da6 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -1,31 +1,33 @@ name: Ephemeral env workflow -# Example manual trigger: gh workflow run ephemeral-env.yml --ref fix_ephemerals --field comment_body="/testenv up" --field issue_number=666 +# Example manual trigger: +# gh workflow run ephemeral-env.yml --ref fix_ephemerals --field label_name="testenv-up" --field issue_number=666 on: - issue_comment: - types: [created] + pull_request: + types: + - labeled workflow_dispatch: inputs: - comment_body: - description: 'Comment body to simulate /testenv command' + label_name: + description: 'Label name to simulate label-based /testenv trigger' required: true - default: '/testenv up' + default: 'testenv-up' issue_number: description: 'Issue or PR number' required: true jobs: - ephemeral-env-comment: + ephemeral-env-label: concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.issue_number || github.event.issue.number || github.run_id }}-comment + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }}-label cancel-in-progress: true - name: Evaluate ephemeral env comment trigger (/testenv) + name: Evaluate ephemeral env label trigger runs-on: ubuntu-24.04 permissions: pull-requests: write outputs: - slash-command: ${{ steps.eval-body.outputs.result }} + slash-command: ${{ steps.eval-label.outputs.result }} feature-flags: ${{ steps.eval-feature-flags.outputs.result }} sha: ${{ steps.get-sha.outputs.sha }} env: @@ -33,114 +35,91 @@ jobs: DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} steps: - - name: Get Info from comment - uses: actions/github-script@v7 - id: get-pr-info - with: - script: | - const request = { + - name: Check for the "testenv-up" label + id: eval-label + run: | + if [[ "${{ github.event.label.name }}" == "testenv-up" ]]; then + echo "result=up" >> $GITHUB_OUTPUT + else + echo "result=noop" >> $GITHUB_OUTPUT + exit 1 + fi + + - name: Get PR Info + uses: actions/github-script@v7 + id: get-pr-info + with: + script: | + const pr = await github.rest.pulls.get({ owner: context.repo.owner, repo: context.repo.repo, - pull_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, - }; - core.info(`Getting PR #${request.pull_number} from ${request.owner}/${request.repo}`); - const pr = await github.rest.pulls.get(request); - return pr.data; - - - name: Debug - id: get-sha - run: | - echo "sha=${{ fromJSON(steps.get-pr-info.outputs.result).head.sha }}" >> $GITHUB_OUTPUT - - - name: Debug - run: | - echo "Comment on PR #${{ github.event.issue.number }} by ${{ github.event.issue.user.login }}, ${{ github.event.comment.author_association }}" + pull_number: context.payload.pull_request.number, + }); + return pr.data; - - name: Eval comment body for /testenv slash command - uses: actions/github-script@v7 - env: - COMMENT_BODY: ${{ github.event.inputs.comment_body || github.event.comment.body }} - id: eval-body - with: - result-encoding: string - script: | - const pattern = /^\/testenv (up|down)/; - const result = pattern.exec(process.env.COMMENT_BODY || ''); - return result === null ? 'noop' : result[1]; + - name: Check if a commit was pushed after PR was labeled + env: + COMMENT_AT: ${{ github.event.pull_request.updated_at }} + PUSHED_AT: ${{ fromJSON(steps.get-pr-info.outputs.result).pushedAt }} + run: | + if [[ $(date -d "$PUSHED_AT" +%s) -gt $(date -d "$COMMENT_AT" +%s) ]]; then + echo "Commit was pushed after the PR was updated." + exit 1 + fi + echo "sha=${{ fromJSON(steps.get-pr-info.outputs.result).headSha }}" >> $GITHUB_OUTPUT - - name: Looking for feature flags - uses: actions/github-script@v7 - env: - COMMENT_BODY: ${{ github.event.inputs.comment_body || github.event.comment.body }} - id: eval-feature-flags - with: - script: | - const pattern = /FEATURE_(\w+)=(\w+)/g; - let results = []; - [...process.env.COMMENT_BODY.matchAll(pattern)].forEach(match => { - const config = { - name: `SUPERSET_FEATURE_${match[1]}`, - value: match[2], - }; - results.push(config); - }); - return results; + - name: Debug + id: get-sha + run: | + echo "sha=${{ fromJSON(steps.get-pr-info.outputs.result).head.sha }}" >> $GITHUB_OUTPUT - - name: Limit to committers - if: > - steps.eval-body.outputs.result != 'noop' && - github.event_name == 'issue_comment' && - github.event.comment.author_association != 'MEMBER' && - github.event.comment.author_association != 'OWNER' - uses: actions/github-script@v7 - with: - github-token: ${{ github.token }} - script: | - const errMsg = '@${{ github.event.comment.user.login }} Ephemeral environment creation is currently limited to committers.'; - github.rest.issues.createComment({ - issue_number: ${{ github.event.issue.number }}, - owner: context.repo.owner, - repo: context.repo.repo, - body: errMsg - }); - core.setFailed(errMsg); + - name: Looking for feature flags in PR description + uses: actions/github-script@v7 + id: eval-feature-flags + with: + script: | + const description = context.payload.pull_request.body || ''; + const pattern = /FEATURE_(\w+)=(\w+)/g; + let results = []; + [...description.matchAll(pattern)].forEach(match => { + const config = { + name: `SUPERSET_FEATURE_${match[1]}`, + value: match[2], + }; + results.push(config); + }); + return results; - - name: Reply with confirmation comment - uses: actions/github-script@v7 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const issueNumber = ${{ github.event.inputs.issue_number || github.event.issue.number }}; - const user = '${{ github.event.comment.user.login || github.actor }}'; - const action = '${{ steps.eval-body.outputs.result }}'; - const runId = context.runId; - const workflowUrl = `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${runId}`; - const body = `@${user} Processing your ephemeral environment request [here](${workflowUrl}).`; - if (action !== 'noop') { + - name: Reply with confirmation comment + uses: actions/github-script@v7 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + const action = '${{ steps.eval-label.outputs.result }}'; + const user = context.actor; + const runId = context.runId; + const workflowUrl = `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${runId}`; + const body = `@${user} Processing your ephemeral environment request [here](${workflowUrl}). Action: **${action}**.`; await github.rest.issues.createComment({ owner: context.repo.owner, repo: context.repo.repo, - issue_number: issueNumber, + issue_number: context.payload.pull_request.number, body, }); - } - else { - core.setFailed('No ephemeral environment action detected.'); - } ephemeral-docker-build: concurrency: group: ${{ github.workflow }}-${{ github.event.inputs.issue_number || github.event.issue.number || github.run_id }}-build cancel-in-progress: true - needs: ephemeral-env-comment - if: needs.ephemeral-env-comment.outputs.slash-command == 'up' + needs: ephemeral-env-label + if: needs.ephemeral-env-label.outputs.slash-command == 'up' name: ephemeral-docker-build runs-on: ubuntu-24.04 steps: - - name: "Checkout ${{ github.ref }} ( ${{ needs.ephemeral-env-comment.outputs.sha }} : ${{steps.get-sha.outputs.sha}} )" + - name: "Checkout ${{ github.ref }} ( ${{ needs.ephemeral-env-label.outputs.sha }} : ${{steps.get-sha.outputs.sha}} )" uses: actions/checkout@v4 with: - ref: ${{ needs.ephemeral-env-comment.outputs.sha }} + ref: ${{ needs.ephemeral-env-label.outputs.sha }} persist-credentials: false - name: Setup Docker Environment @@ -182,14 +161,14 @@ jobs: env: ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} ECR_REPOSITORY: superset-ci - IMAGE_TAG: apache/superset:${{ needs.ephemeral-env-comment.outputs.sha }}-ci + IMAGE_TAG: apache/superset:${{ needs.ephemeral-env-label.outputs.sha }}-ci run: | docker tag $IMAGE_TAG $ECR_REGISTRY/$ECR_REPOSITORY:pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-ci docker push -a $ECR_REGISTRY/$ECR_REPOSITORY ephemeral-env-up: - needs: [ephemeral-env-comment, ephemeral-docker-build] - if: needs.ephemeral-env-comment.outputs.slash-command == 'up' + needs: [ephemeral-env-label, ephemeral-docker-build] + if: needs.ephemeral-env-label.outputs.slash-command == 'up' name: Spin up an ephemeral environment runs-on: ubuntu-24.04 permissions: @@ -246,7 +225,7 @@ jobs: - name: Update env vars in the Amazon ECS task definition run: | - cat <<< "$(jq '.containerDefinitions[0].environment += ${{ needs.ephemeral-env-comment.outputs.feature-flags }}' < ${{ steps.task-def.outputs.task-definition }})" > ${{ steps.task-def.outputs.task-definition }} + cat <<< "$(jq '.containerDefinitions[0].environment += ${{ needs.ephemeral-env-label.outputs.feature-flags }}' < ${{ steps.task-def.outputs.task-definition }})" > ${{ steps.task-def.outputs.task-definition }} - name: Describe ECS service id: describe-services From c147df4b8ab7b44f79a318bde0e6bf1aa09e221a Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Mon, 27 Jan 2025 12:41:32 +0000 Subject: [PATCH 3/9] use labels instead, address comments --- .github/workflows/ephemeral-env.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index 5ba89a05a0da6..e43ec242ad91b 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -58,19 +58,15 @@ jobs: return pr.data; - name: Check if a commit was pushed after PR was labeled + id: get-sha env: COMMENT_AT: ${{ github.event.pull_request.updated_at }} - PUSHED_AT: ${{ fromJSON(steps.get-pr-info.outputs.result).pushedAt }} + PUSHED_AT: ${{ fromJSON(steps.get-pr-info.outputs.result).pushed_at }} run: | if [[ $(date -d "$PUSHED_AT" +%s) -gt $(date -d "$COMMENT_AT" +%s) ]]; then echo "Commit was pushed after the PR was updated." exit 1 fi - echo "sha=${{ fromJSON(steps.get-pr-info.outputs.result).headSha }}" >> $GITHUB_OUTPUT - - - name: Debug - id: get-sha - run: | echo "sha=${{ fromJSON(steps.get-pr-info.outputs.result).head.sha }}" >> $GITHUB_OUTPUT - name: Looking for feature flags in PR description From 90032a08a7a5e1b3a79c58523a7514baa26d906c Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Tue, 28 Jan 2025 14:28:53 +0000 Subject: [PATCH 4/9] fixes --- .github/workflows/ephemeral-env.yml | 273 ++++++++++++++++------------ 1 file changed, 152 insertions(+), 121 deletions(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index e43ec242ad91b..1ec959a40ec9b 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -38,7 +38,15 @@ jobs: - name: Check for the "testenv-up" label id: eval-label run: | - if [[ "${{ github.event.label.name }}" == "testenv-up" ]]; then + if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then + LABEL_NAME="${{ github.event.inputs.label_name }}" + else + LABEL_NAME="${{ github.event.label.name }}" + fi + + echo "Evaluating label: $LABEL_NAME" + + if [[ "$LABEL_NAME" == "testenv-up" ]]; then echo "result=up" >> $GITHUB_OUTPUT else echo "result=noop" >> $GITHUB_OUTPUT @@ -50,11 +58,20 @@ jobs: id: get-pr-info with: script: | + const pull_number = context.payload.pull_request + ? context.payload.pull_request.number + : context.payload.inputs.issue_number; + + if (!pull_number) { + throw new Error("Pull request number is not available."); + } + const pr = await github.rest.pulls.get({ owner: context.repo.owner, repo: context.repo.repo, - pull_number: context.payload.pull_request.number, + pull_number, }); + return pr.data; - name: Check if a commit was pushed after PR was labeled @@ -74,7 +91,10 @@ jobs: id: eval-feature-flags with: script: | - const description = context.payload.pull_request.body || ''; + const description = context.payload.pull_request + ? context.payload.pull_request.body || '' + : context.payload.inputs.pr_description || ''; + const pattern = /FEATURE_(\w+)=(\w+)/g; let results = []; [...description.matchAll(pattern)].forEach(match => { @@ -84,6 +104,7 @@ jobs: }; results.push(config); }); + return results; - name: Reply with confirmation comment @@ -95,11 +116,21 @@ jobs: const user = context.actor; const runId = context.runId; const workflowUrl = `${context.serverUrl}/${context.repo.owner}/${context.repo.repo}/actions/runs/${runId}`; + + const issueNumber = context.payload.pull_request + ? context.payload.pull_request.number + : context.payload.inputs.issue_number; + + if (!issueNumber) { + throw new Error("Issue number is not available."); + } + const body = `@${user} Processing your ephemeral environment request [here](${workflowUrl}). Action: **${action}**.`; + await github.rest.issues.createComment({ owner: context.repo.owner, repo: context.repo.repo, - issue_number: context.payload.pull_request.number, + issue_number: issueNumber, body, }); @@ -172,120 +203,120 @@ jobs: pull-requests: write steps: - - uses: actions/checkout@v4 - with: - persist-credentials: false - - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: us-west-2 - - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - - - name: Check target image exists in ECR - id: check-image - continue-on-error: true - run: | - aws ecr describe-images \ - --registry-id $(echo "${{ steps.login-ecr.outputs.registry }}" | grep -Eo "^[0-9]+") \ - --repository-name superset-ci \ - --image-ids imageTag=pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-ci - - - name: Fail on missing container image - if: steps.check-image.outcome == 'failure' - uses: actions/github-script@v7 - with: - github-token: ${{ github.token }} - script: | - const errMsg = '@${{ github.event.comment.user.login }} Container image not yet published for this PR. Please try again when build is complete.'; - github.rest.issues.createComment({ - issue_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, - owner: context.repo.owner, - repo: context.repo.repo, - body: errMsg - }); - core.setFailed(errMsg); - - - name: Fill in the new image ID in the Amazon ECS task definition - id: task-def - uses: aws-actions/amazon-ecs-render-task-definition@v1 - with: - task-definition: .github/workflows/ecs-task-definition.json - container-name: superset-ci - image: ${{ steps.login-ecr.outputs.registry }}/superset-ci:pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-ci - - - name: Update env vars in the Amazon ECS task definition - run: | - cat <<< "$(jq '.containerDefinitions[0].environment += ${{ needs.ephemeral-env-label.outputs.feature-flags }}' < ${{ steps.task-def.outputs.task-definition }})" > ${{ steps.task-def.outputs.task-definition }} - - - name: Describe ECS service - id: describe-services - run: | - echo "active=$(aws ecs describe-services --cluster superset-ci --services pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-service | jq '.services[] | select(.status == "ACTIVE") | any')" >> $GITHUB_OUTPUT - - name: Create ECS service - id: create-service - if: steps.describe-services.outputs.active != 'true' - env: - ECR_SUBNETS: subnet-0e15a5034b4121710,subnet-0e8efef4a72224974 - ECR_SECURITY_GROUP: sg-092ff3a6ae0574d91 - run: | - aws ecs create-service \ - --cluster superset-ci \ - --service-name pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-service \ - --task-definition superset-ci \ - --launch-type FARGATE \ - --desired-count 1 \ - --platform-version LATEST \ - --network-configuration "awsvpcConfiguration={subnets=[$ECR_SUBNETS],securityGroups=[$ECR_SECURITY_GROUP],assignPublicIp=ENABLED}" \ - --tags key=pr,value=${{ github.event.inputs.issue_number || github.event.issue.number }} key=github_user,value=${{ github.actor }} - - name: Deploy Amazon ECS task definition - id: deploy-task - uses: aws-actions/amazon-ecs-deploy-task-definition@v2 - with: - task-definition: ${{ steps.task-def.outputs.task-definition }} - service: pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-service - cluster: superset-ci - wait-for-service-stability: true - wait-for-minutes: 10 - - - name: List tasks - id: list-tasks - run: | - echo "task=$(aws ecs list-tasks --cluster superset-ci --service-name pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-service | jq '.taskArns | first')" >> $GITHUB_OUTPUT - - name: Get network interface - id: get-eni - run: | - echo "eni=$(aws ecs describe-tasks --cluster superset-ci --tasks ${{ steps.list-tasks.outputs.task }} | jq '.tasks | .[0] | .attachments | .[0] | .details | map(select(.name==\"networkInterfaceId\")) | .[0] | .value')" >> $GITHUB_OUTPUT - - name: Get public IP - id: get-ip - run: | - echo "ip=$(aws ec2 describe-network-interfaces --network-interface-ids ${{ steps.get-eni.outputs.eni }} | jq -r '.NetworkInterfaces | first | .Association.PublicIp')" >> $GITHUB_OUTPUT - - name: Comment (success) - if: ${{ success() }} - uses: actions/github-script@v7 - with: - github-token: ${{github.token}} - script: | - github.rest.issues.createComment({ - issue_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, - owner: context.repo.owner, - repo: context.repo.repo, - body: '@${{ github.event.inputs.user_login || github.event.comment.user.login }} Ephemeral environment spinning up at http://${{ steps.get-ip.outputs.ip }}:8080. Credentials are `admin`/`admin`. Please allow several minutes for bootstrapping and startup.' - }) - - name: Comment (failure) - if: ${{ failure() }} - uses: actions/github-script@v7 - with: - github-token: ${{github.token}} - script: | - github.rest.issues.createComment({ - issue_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, - owner: context.repo.owner, - repo: context.repo.repo, - body: '@${{ github.event.inputs.user_login || github.event.comment.user.login }} Ephemeral environment creation failed. Please check the Actions logs for details.' - }) + - uses: actions/checkout@v4 + with: + persist-credentials: false + + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: us-west-2 + + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + + - name: Check target image exists in ECR + id: check-image + continue-on-error: true + run: | + aws ecr describe-images \ + --registry-id $(echo "${{ steps.login-ecr.outputs.registry }}" | grep -Eo "^[0-9]+") \ + --repository-name superset-ci \ + --image-ids imageTag=pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-ci + + - name: Fail on missing container image + if: steps.check-image.outcome == 'failure' + uses: actions/github-script@v7 + with: + github-token: ${{ github.token }} + script: | + const errMsg = '@${{ github.event.comment.user.login }} Container image not yet published for this PR. Please try again when build is complete.'; + github.rest.issues.createComment({ + issue_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, + owner: context.repo.owner, + repo: context.repo.repo, + body: errMsg + }); + core.setFailed(errMsg); + + - name: Fill in the new image ID in the Amazon ECS task definition + id: task-def + uses: aws-actions/amazon-ecs-render-task-definition@v1 + with: + task-definition: .github/workflows/ecs-task-definition.json + container-name: superset-ci + image: ${{ steps.login-ecr.outputs.registry }}/superset-ci:pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-ci + + - name: Update env vars in the Amazon ECS task definition + run: | + cat <<< "$(jq '.containerDefinitions[0].environment += ${{ needs.ephemeral-env-label.outputs.feature-flags }}' < ${{ steps.task-def.outputs.task-definition }})" > ${{ steps.task-def.outputs.task-definition }} + + - name: Describe ECS service + id: describe-services + run: | + echo "active=$(aws ecs describe-services --cluster superset-ci --services pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-service | jq '.services[] | select(.status == "ACTIVE") | any')" >> $GITHUB_OUTPUT + - name: Create ECS service + id: create-service + if: steps.describe-services.outputs.active != 'true' + env: + ECR_SUBNETS: subnet-0e15a5034b4121710,subnet-0e8efef4a72224974 + ECR_SECURITY_GROUP: sg-092ff3a6ae0574d91 + run: | + aws ecs create-service \ + --cluster superset-ci \ + --service-name pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-service \ + --task-definition superset-ci \ + --launch-type FARGATE \ + --desired-count 1 \ + --platform-version LATEST \ + --network-configuration "awsvpcConfiguration={subnets=[$ECR_SUBNETS],securityGroups=[$ECR_SECURITY_GROUP],assignPublicIp=ENABLED}" \ + --tags key=pr,value=${{ github.event.inputs.issue_number || github.event.issue.number }} key=github_user,value=${{ github.actor }} + - name: Deploy Amazon ECS task definition + id: deploy-task + uses: aws-actions/amazon-ecs-deploy-task-definition@v2 + with: + task-definition: ${{ steps.task-def.outputs.task-definition }} + service: pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-service + cluster: superset-ci + wait-for-service-stability: true + wait-for-minutes: 10 + + - name: List tasks + id: list-tasks + run: | + echo "task=$(aws ecs list-tasks --cluster superset-ci --service-name pr-${{ github.event.inputs.issue_number || github.event.issue.number }}-service | jq '.taskArns | first')" >> $GITHUB_OUTPUT + - name: Get network interface + id: get-eni + run: | + echo "eni=$(aws ecs describe-tasks --cluster superset-ci --tasks ${{ steps.list-tasks.outputs.task }} | jq '.tasks[0].attachments[0].details | map(select(.name==\"networkInterfaceId\"))[0].value')" >> $GITHUB_OUTPUT + - name: Get public IP + id: get-ip + run: | + echo "ip=$(aws ec2 describe-network-interfaces --network-interface-ids ${{ steps.get-eni.outputs.eni }} | jq -r '.NetworkInterfaces | first | .Association.PublicIp')" >> $GITHUB_OUTPUT + - name: Comment (success) + if: ${{ success() }} + uses: actions/github-script@v7 + with: + github-token: ${{github.token}} + script: | + github.rest.issues.createComment({ + issue_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, + owner: context.repo.owner, + repo: context.repo.repo, + body: '@${{ context.actor }} Ephemeral environment spinning up at http://${{ steps.get-ip.outputs.ip }}:8080. Credentials are `admin`/`admin`. Please allow several minutes for bootstrapping and startup.' + }) + - name: Comment (failure) + if: ${{ failure() }} + uses: actions/github-script@v7 + with: + github-token: ${{github.token}} + script: | + github.rest.issues.createComment({ + issue_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, + owner: context.repo.owner, + repo: context.repo.repo, + body: '@${{ github.event.inputs.user_login || github.event.comment.user.login }} Ephemeral environment creation failed. Please check the Actions logs for details.' + }) From ecd1182eea43bcd680d4e90c52cbcf67e537a41d Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 29 Jan 2025 11:11:52 +0000 Subject: [PATCH 5/9] fix --- .github/workflows/ephemeral-env.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index 1ec959a40ec9b..194507e5e4266 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -4,7 +4,7 @@ name: Ephemeral env workflow # gh workflow run ephemeral-env.yml --ref fix_ephemerals --field label_name="testenv-up" --field issue_number=666 on: - pull_request: + pull_request_target: types: - labeled workflow_dispatch: From f7971b9149411e94f892ee923b2e61ef654d4dc7 Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 29 Jan 2025 11:32:58 +0000 Subject: [PATCH 6/9] fix --- .github/workflows/ephemeral-env.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index 194507e5e4266..d184153b20c39 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -136,7 +136,7 @@ jobs: ephemeral-docker-build: concurrency: - group: ${{ github.workflow }}-${{ github.event.inputs.issue_number || github.event.issue.number || github.run_id }}-build + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }}-build cancel-in-progress: true needs: ephemeral-env-label if: needs.ephemeral-env-label.outputs.slash-command == 'up' From 8bc902fdc19aa60ec3ccf65a8d94d6898fe4a916 Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 29 Jan 2025 12:03:26 +0000 Subject: [PATCH 7/9] fix --- .github/workflows/ephemeral-env.yml | 11 ++--------- 1 file changed, 2 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index d184153b20c39..f722c091cbbcc 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -76,15 +76,8 @@ jobs: - name: Check if a commit was pushed after PR was labeled id: get-sha - env: - COMMENT_AT: ${{ github.event.pull_request.updated_at }} - PUSHED_AT: ${{ fromJSON(steps.get-pr-info.outputs.result).pushed_at }} run: | - if [[ $(date -d "$PUSHED_AT" +%s) -gt $(date -d "$COMMENT_AT" +%s) ]]; then - echo "Commit was pushed after the PR was updated." - exit 1 - fi - echo "sha=${{ fromJSON(steps.get-pr-info.outputs.result).head.sha }}" >> $GITHUB_OUTPUT + echo "sha=${{ github.event.pull_request.head.sha }}" >> $GITHUB_OUTPUT - name: Looking for feature flags in PR description uses: actions/github-script@v7 @@ -306,7 +299,7 @@ jobs: issue_number: ${{ github.event.inputs.issue_number || github.event.issue.number }}, owner: context.repo.owner, repo: context.repo.repo, - body: '@${{ context.actor }} Ephemeral environment spinning up at http://${{ steps.get-ip.outputs.ip }}:8080. Credentials are `admin`/`admin`. Please allow several minutes for bootstrapping and startup.' + body: '@${{ github.actor }} Ephemeral environment spinning up at http://${{ steps.get-ip.outputs.ip }}:8080. Credentials are `admin`/`admin`. Please allow several minutes for bootstrapping and startup.' }) - name: Comment (failure) if: ${{ failure() }} From f922c4e4ddb2d856dc5ccb9f97a74e93a4b6c808 Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 29 Jan 2025 12:07:39 +0000 Subject: [PATCH 8/9] remove unused step to get PR info --- .github/workflows/ephemeral-env.yml | 21 --------------------- 1 file changed, 21 deletions(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index f722c091cbbcc..7cdef1b467bb6 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -53,27 +53,6 @@ jobs: exit 1 fi - - name: Get PR Info - uses: actions/github-script@v7 - id: get-pr-info - with: - script: | - const pull_number = context.payload.pull_request - ? context.payload.pull_request.number - : context.payload.inputs.issue_number; - - if (!pull_number) { - throw new Error("Pull request number is not available."); - } - - const pr = await github.rest.pulls.get({ - owner: context.repo.owner, - repo: context.repo.repo, - pull_number, - }); - - return pr.data; - - name: Check if a commit was pushed after PR was labeled id: get-sha run: | From 447794dd2597cda8d9b712b3553a21ef0db3b0e1 Mon Sep 17 00:00:00 2001 From: Daniel Gaspar Date: Wed, 29 Jan 2025 12:14:52 +0000 Subject: [PATCH 9/9] fix name --- .github/workflows/ephemeral-env.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ephemeral-env.yml b/.github/workflows/ephemeral-env.yml index 7cdef1b467bb6..4c4747f5e2ce3 100644 --- a/.github/workflows/ephemeral-env.yml +++ b/.github/workflows/ephemeral-env.yml @@ -53,7 +53,7 @@ jobs: exit 1 fi - - name: Check if a commit was pushed after PR was labeled + - name: Get event SHA id: get-sha run: | echo "sha=${{ github.event.pull_request.head.sha }}" >> $GITHUB_OUTPUT