build: auto start Jenkins CI via PR labels #34089
Conversation
nodejs-github-bot
added
meta
| ncu-config set username ${{ secrets.JENKINS_USER }} | ||
| ncu-config set token none | ||
| ncu-config set jenkins_token ${{ secrets.JENKINS_TOKEN }} | ||
| ncu-config set owner ${{ env.OWNER }} | ||
| ncu-config set repo ${{ env.REPOSITORY }} |
There was a problem hiding this comment.
We probably should provide a way to set ncu configs via environment variables, so we don't have to worry about writing to disk here.
| query: | | ||
| query prs($owner:String!, $repo:String!) { | ||
| repository(owner:$owner, name:$repo) { | ||
| pullRequests(labels: ["request-ci"], states: OPEN, last: 100) { |
There was a problem hiding this comment.
If we're worried about the number of concurrent Jenkins jobs running, we could reduce this to 5 and increase the scheduler to 15-30 minutes.
|
If we add something like this, shouldn't we just get rid of the "CERTIFY_SAFE" checkbox in CI then, since there is no way to make such a confirmation explicit when applying the new label to a PR? |
|
That's a good question. We could consider that adding the label means the collaborator is certifying that this PR is safe (same could be said about starting a CI though) |
|
We could also have two labels, but that seems unnecessary |
|
@nodejs/build |
|
Not sure who I should ping to get consensus on adding the secrets to the repo (or if I need to do it) and to create the labels. @nodejs/tsc maybe? Also don't know who has access to the github-bot account to create a Jenkins token for it. |
mmarchini
force-pushed
the
auto-start-ci-via-label
branch
from
f1c9444
to
a1121fa
Compare
|
Ok, figured out the github-bot bits, will create the tokens on the repository before landing it. Removed the (I'd like to land this before the commit queue since both use a similar approach, but this action won't make changes to our main branch) |
mmarchini
force-pushed
the
auto-start-ci-via-label
branch
from
a1121fa
to
9a4ae9c
Compare
|
@nodejs/build @nodejs/tsc any other reviews/comments/suggestions/objections before I land this tomorrow? (I thought about pinging collaborators but that might be too much :) ) |
Add an Action that will find every PR with the `request-ci` label and will start a Jenkins CI for each of these Pull Requests. The scheduler event is used to circumvent GitHub Actions limitations on Pull Requests from forks (where secrets are not accessible and the GITHUB_TOKEN is read-only). If the Action fails to start a CI, it will add a `request-ci-failed` label and will leave a comment with the error message from NCU. Fixes: nodejs/github-bot#234
mmarchini
force-pushed
the
auto-start-ci-via-label
branch
from
9a4ae9c
to
84de5d9
Compare
|
Labels created: |
Add an Action that will find every PR with the `request-ci` label and will start a Jenkins CI for each of these Pull Requests. The scheduler event is used to circumvent GitHub Actions limitations on Pull Requests from forks (where secrets are not accessible and the GITHUB_TOKEN is read-only). If the Action fails to start a CI, it will add a `request-ci-failed` label and will leave a comment with the error message from NCU. Fixes: nodejs/github-bot#234 PR-URL: #34089 Reviewed-By: Christian Clauss <cclauss@me.com>
|
Landed in 6cab3b0 |
Add an Action that will find every PR with the `request-ci` label and will start a Jenkins CI for each of these Pull Requests. The scheduler event is used to circumvent GitHub Actions limitations on Pull Requests from forks (where secrets are not accessible and the GITHUB_TOKEN is read-only). If the Action fails to start a CI, it will add a `request-ci-failed` label and will leave a comment with the error message from NCU. Fixes: nodejs/github-bot#234 PR-URL: #34089 Reviewed-By: Christian Clauss <cclauss@me.com>
Add an Action that will find every PR with the `request-ci` label and will start a Jenkins CI for each of these Pull Requests. The scheduler event is used to circumvent GitHub Actions limitations on Pull Requests from forks (where secrets are not accessible and the GITHUB_TOKEN is read-only). If the Action fails to start a CI, it will add a `request-ci-failed` label and will leave a comment with the error message from NCU. Fixes: nodejs/github-bot#234 PR-URL: #34089 Reviewed-By: Christian Clauss <cclauss@me.com>
Add an Action that will find every PR with the `request-ci` label and will start a Jenkins CI for each of these Pull Requests. The scheduler event is used to circumvent GitHub Actions limitations on Pull Requests from forks (where secrets are not accessible and the GITHUB_TOKEN is read-only). If the Action fails to start a CI, it will add a `request-ci-failed` label and will leave a comment with the error message from NCU. Fixes: nodejs/github-bot#234 PR-URL: #34089 Reviewed-By: Christian Clauss <cclauss@me.com>
Add an Action that will find every PR with the
request-cilabel andwill start a Jenkins CI for each of these Pull Requests. The scheduler
event is used to circumvent GitHub Actions limitations on Pull Requests
from forks (where secrets are not accessible and the GITHUB_TOKEN is
read-only).
If the Action fails to start a CI, it will add a
request-ci-failedlabel and will leave a comment with the error message from NCU.
Requirements to land
JENKINS_USERandJENKINS_TOKENsecrets to this repository (or to the entire org, if we want this to work on forks such as quic and node-auto-test as well)request-ciandrequest-ci-failedlabels in this repositoryChecklist
make -j4 test(UNIX), orvcbuild test(Windows) passes