ci: Use pointer workflows to preserve run date #1468
Conversation
|
CLA Assistant Lite bot All contributors have signed the CLA ✍️ ✅ |
|
Timestamp: 2021-01-07 13:22:51 |
pawelpasterz
force-pushed
the
add-workflow-pointers
branch
from
2c4cebc to
ebb23c9
Compare
|
recheck |
pawelpasterz
requested review from
Sloox,
piotradamczyk5,
adamfilipow92,
zuziaka and
jan-goral
| runs-on: ubuntu-latest | ||
| steps: | ||
| - run: | | ||
| echo "Integration tests pointer updated: $(date +'%Y-%m-%d')" |
There was a problem hiding this comment.
how is it exactly preserving the date via an echo?
There was a problem hiding this comment.
Hm... I thought the description is just enough. Maybe I should add additional info...
Long story short, let's say we have workflow described in a.yml. During a run we want to fetch some data about previous a runs (like a time when it was previously finished). We use https://docs.github.com/en/free-pro-team@latest/rest/reference/actions#list-workflow-runs. Due to limitations, we get an empty array as a response.
But we can use the same endpoint to get info about another workflow (so inside a workflow we can get info about b). Those pointers are "just to be triggered" meaning they do nothing like preserves (by being triggered) timestamp, date etc.
For dependency update workflow looks like:
- start dependency update workflow
- proceed with all the jobs/steps but in parallel trigger (with repository dispatch) event "pointer" workflow
- next time dependency update will be launched it will look for the latest date of "pointer" workflow (because it can not fetch data about itself)
how is it exactly preserving the date via an echo?
Echo is just for debugging purposes. It could be nothing there actually
| id: generate-token | ||
| with: | ||
| app_id: ${{ secrets.FLANK_RELEASE_APP_ID }} | ||
| private_key: ${{ secrets.FLANK_RELEASE_PRIVATE_KEY }} |
There was a problem hiding this comment.
I truly get nervous about sharing private keys with opensource repositories.
Are we sure its trusted.
There was a problem hiding this comment.
The alternative is to create PAT and add it to secret. We use this logic in a couple of places inside the project. Actually, @piotradamczyk5 has configured this app and may has more detailed info
There was a problem hiding this comment.
This is the most popular workflow for this purpose and this is secure.
Github apps are better to manage than PAT, so that's the reason why we use them
| runs-on: ubuntu-latest | ||
| steps: | ||
| - run: | | ||
| echo "Dependencies pointer updated: $(date +'%Y-%m-%d')" |
There was a problem hiding this comment.
Really need an explanation here 🤔
There was a problem hiding this comment.
| @@ -28,7 +28,7 @@ shadowJar.apply { | |||
| } | |||
| } | |||
| // <breaking change>.<feature added>.<fix/minor change> | |||
| version = "1.3.2" | |||
| version = "1.3.3" | |||
There was a problem hiding this comment.
hmmm check if this is not the same on develop
There was a problem hiding this comment.
Yup, it wasn't but the master is changing all the time, will update it
There was a problem hiding this comment.
Hm...master is still having 1.3.2 (for now at least)
good point maybe let's create ticket for it |
Due to GH API limitation workflow is unable to fetch info about itself. Dates of previous runs are used in scripts. An empty array is returned instead.
As a workaround to overcome those limitations two new workflows are introduced.
Their intention is "just to be triggered" and therefore preserve the date which is used in dependencies and IT workflows.
Test Plan
There is no easy way to test the implementation. This PR introduced 2 new workflows which can be triggered after the merge to master.