Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[ci] improve experience with optional GitHub workflows #3740

Merged
merged 19 commits into from
Jan 13, 2021
Merged

Conversation

StrikerRUS
Copy link
Collaborator

@StrikerRUS StrikerRUS commented Jan 8, 2021

This PR was created by the inspiration of idea to require optional workflows such as R valgrind tests (those which takes a lot of time and we run them from time to time) #3439 (comment) either not be run at all or be completed successfully.

Unfortunately, it is impossible as of my knowledge. Two main reasons are:

  • GitHub Actions doesn't allow to pass secret values (we need PAT for the most REST API calls) to forks from public repo (1, 2).
  • GitHub actions doesn't allow to rerun successfully completed workflow (1, 2). I hope this feature request will be implemented in the near future and we will be able to make some improvements.

OK, probably it is possible, but will require switching to GitHub Checks from GitHub Statuses and creating own GitHub App. But I think this is an overkill for us.

Due to the limitations described above this PR tries to implement desired behavior as close as possible but there are two cases when maintainer can merge a PR with actually failing option workflow. So please DO NOT do the following scenarios.

  • Due to big queue or long container initialisation phase workflow run was not able to send initial status to the PR from which it was triggered right after a triggering comment. So there is a time delta between triggering comment and initial responce from CI in which maintainer can click Merge button. Please after triggering a workflow be patient and allow it to send initial feedback.
  • As optional workflows are not marked as Required (if they were, it is impossible to implement a case when we do not want to start a particular workflow for a given PR) the first reported status should be checked manually. I believe it is not a very big deal because merge button it case of failure of optional workflow will be grey not green and statuses section will be uncollapsed (see pic. below). But this is applicable only for the first reported status, all further statuses will be counted by Optional checks Required workflow so that any failures will prevent merging.
    image

Also, of course there can happen any network issues that prevent a workflow to send a feedback. But this problem is common to any CI service.

In addition, now optional workflows will be triggered by ordinary comments in PRs, not a review ones. This change is required due to secret values limitation described above. GitHub emits runs triggered by review comments associated with a fork PR made from, and runs "belong" to upstream repo in case of issue comment.

Here are some screens from my fork to show how it will look like:

image

image

image

image

Unfortunately, I'm afraid that reviewers are not able to test this PR properly, because workflow configs should be in master branch to start working. So, please perform real tests of new chatOps functionality in a follow-up fake PR. Just propose any change from a personal fork (it is important because of secrets issue described above) and try to trigger optional workflows.

I have been struggling with this for three months, so for sure this my initial description is lacking some details you want to know about. So feel free to ask, I'll recollect them in memory 🙂 .

submodules: false
- name: Check that all tests succeeded
run: |
workflows=("R valgrind tests")
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here we should add optional workflows which failures should block PR merging.

run: |
$GITHUB_WORKSPACE/.ci/append_comment.sh \
"${{ github.event.client_payload.comment_number }}" \
"Status: ${{ job.status }}."
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, I know that direct link for artifact downloading will be more useful. But unfortunately, it is impossible:

Gets a redirect URL to download an archive for a repository. This URL expires after 1 minute.
https://docs.github.com/en/free-pro-team@latest/rest/reference/actions#download-an-artifact

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ha it's ok, we don't use this job that often and it's only one or two more clicks to get to the artifact

Copy link
Collaborator

@jameslamb jameslamb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a great! Thanks for all the hard work. I think this will be really useful.

I read through all the scripts and the docs on repository_dispatch events and I think I understand what's going on here. Left some very minor comments, but after those are addressed I'm +1 on merging this and testing it out.

.ci/append_comment.sh Outdated Show resolved Hide resolved
.ci/append_comment.sh Outdated Show resolved Hide resolved
Comment on lines +7 to +10
try:
from urllib import request
except ImportError:
import urllib2 as request
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why was this necessary? I have a lot more experience with requests than urllib, so I haven't seen this pattern

Copy link
Collaborator Author

@StrikerRUS StrikerRUS Jan 9, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is for Python 2/3 compatibility. For the same reason I'm not using with ... statement but manually close connection. I know we dropped Python 2 support some time ago. But default installed Python version in ubuntu-latest container we run our actions in is 2. I really don't want to install conda/new Python version/additional packages because I want to keep Optional checks workflow where this script is used as lightweight as possible with the aim of the fastest execution time. So this Python-agnostic and dependency-free solution will work fine on any default Python version that can be installed in container.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok I see, thanks. Fine with me

Copy link
Collaborator

@jameslamb jameslamb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks great, thanks! Let's merge it and try it out 🚀

@github-actions
Copy link

This pull request has been automatically locked since there has not been any recent activity since it was closed. To start a new related discussion, open a new issue at https://github.com/microsoft/LightGBM/issues including a reference to this.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 24, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants