Merge remote-tracking branch 'upstream/main' into guard_xds_fallback_…

…to_primary Signed-off-by: Adi Suissa-Peleg <[email protected]>
adisuissa · Oct 1, 2024 · 2cc00f6 · 2cc00f6
2 parents e4c7986 + ce17605
commit 2cc00f6
Show file tree

Hide file tree

Showing 64 changed files with 1,250 additions and 291 deletions.
diff --git a/.github/workflows/_cache.yml b/.github/workflows/_cache.yml
@@ -48,29 +48,29 @@ jobs:
   docker:
     runs-on: ${{ inputs.runs-on || 'ubuntu-24.04' }}
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: appauth
       name: Appauth (mutex lock)
       with:
         app_id: ${{ secrets.app-id }}
         key: ${{ secrets.app-key }}
-    - uses: envoyproxy/toolshed/gh-actions/docker/cache/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/docker/cache/[email protected].36
       id: docker
       name: Prime Docker cache (${{ inputs.image-tag }}${{ inputs.cache-suffix }})
       with:
         image-tag: ${{ inputs.image-tag }}
         key-suffix: ${{ inputs.cache-suffix }}
         lock-token: ${{ steps.appauth.outputs.token }}
         lock-repository: ${{ inputs.lock-repository }}
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: data
       name: Cache data
       with:
         input-format: yaml
         input: |
           cached: ${{ steps.docker.outputs.cached }}
           key: ${{ inputs.image-tag }}${{ inputs.cache-suffix }}
-    - uses: envoyproxy/toolshed/gh-actions/json/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/json/[email protected].36
       name: Summary
       with:
         json: ${{ steps.data.outputs.value }}

diff --git a/.github/workflows/_check_coverage.yml b/.github/workflows/_check_coverage.yml
@@ -34,6 +34,7 @@ jobs:
       # bazel-extra: '--config=remote-envoy-engflow'
       cache-build-image: ${{ fromJSON(inputs.request).request.build-image.default }}
       concurrency-suffix: -${{ matrix.target }}
+      diskspace-hack: ${{ matrix.diskspace-hack || false }}
       error-match: |
         ERROR
         error:
@@ -50,5 +51,6 @@ jobs:
         include:
         - target: coverage
           name: Coverage
+          diskspace-hack: true
         - target: fuzz_coverage
           name: Fuzz coverage
diff --git a/.github/workflows/_finish.yml b/.github/workflows/_finish.yml
@@ -36,7 +36,7 @@ jobs:
       actions: read
       contents: read
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       name: Incoming data
       id: needs
       with:
@@ -87,21 +87,21 @@ jobs:
                    summary: "Check has finished",
                    text: $text}}}}
 
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       name: Print summary
       with:
         input: ${{ toJSON(steps.needs.outputs.value).summary-title }}
         filter: |
           "## \(.)"
         options: -Rr
         output-path: GITHUB_STEP_SUMMARY
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       name: Appauth
       id: appauth
       with:
         app_id: ${{ secrets.app-id }}
         key: ${{ secrets.app-key }}
-    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].36
       name: Update check
       with:
         action: update

diff --git a/.github/workflows/_load.yml b/.github/workflows/_load.yml
@@ -107,7 +107,7 @@ jobs:
     # Handle any failure in triggering job
     # Remove any `checks` we dont care about
     # Prepare a check request
-    - uses: envoyproxy/toolshed/gh-actions/github/env/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/github/env/[email protected].36
       name: Load env
       id: data
       with:
@@ -118,21 +118,21 @@ jobs:
         GH_TOKEN: ${{ github.token }}
 
     #  Update the check
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       name: Appauth
       id: appauth
       with:
         app_id: ${{ secrets.app-id }}
         key: ${{ secrets.app-key }}
-    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].36
       name: Update check
       if: ${{ fromJSON(steps.data.outputs.data).data.check.action == 'RUN' }}
       with:
         action: update
         checks: ${{ toJSON(fromJSON(steps.data.outputs.data).checks) }}
         token: ${{ steps.appauth.outputs.token }}
 
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       name: Print request summary
       with:
         input: |
@@ -152,7 +152,7 @@ jobs:
           | $summary.summary as $summary
           | "${{ inputs.template-request-summary }}"
 
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: request-output
       name: Load request
       with:

diff --git a/.github/workflows/_load_env.yml b/.github/workflows/_load_env.yml
@@ -63,18 +63,18 @@ jobs:
       request: ${{ steps.env.outputs.data }}
       trusted: true
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: started
       name: Create timestamp
       with:
         options: -r
         filter: |
           now
-    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].36
       id: checkout
       name: Checkout Envoy repository
     - name: Generate environment variables
-      uses: envoyproxy/toolshed/gh-actions/envoy/ci/[email protected].35
+      uses: envoyproxy/toolshed/gh-actions/envoy/ci/[email protected].36
       id: env
       with:
         branch-name: ${{ inputs.branch-name }}
@@ -86,7 +86,7 @@ jobs:
 
     - name: Request summary
       id: summary
-      uses: envoyproxy/toolshed/gh-actions/github/env/[email protected].35
+      uses: envoyproxy/toolshed/gh-actions/github/env/[email protected].36
       with:
         actor: ${{ toJSON(fromJSON(steps.env.outputs.data).request.actor) }}
         base-sha: ${{ fromJSON(steps.env.outputs.data).request.base-sha }}

diff --git a/.github/workflows/_precheck_publish.yml b/.github/workflows/_precheck_publish.yml
@@ -39,17 +39,20 @@ jobs:
         error:
         Error:
       target: ${{ matrix.target }}
+      target-suffix: ${{ matrix.target-suffix }}
       trusted: ${{ inputs.trusted }}
     strategy:
       fail-fast: false
       matrix:
         include:
         - target: release.test_only
           name: Release (x64)
+          target-suffix: x64
           arch: x64
           rbe: true
         - target: release.test_only
           name: Release (arm64)
+          target-suffix: arm64
           arch: arm64
           bazel-extra: >-
             --config=common-envoy-engflow

diff --git a/.github/workflows/_publish_build.yml b/.github/workflows/_publish_build.yml
@@ -41,6 +41,7 @@ jobs:
     with:
       bazel-extra: ${{ matrix.bazel-extra }}
       target: ${{ matrix.target }}
+      target-suffix: ${{ matrix.arch }}
       cache-build-image: ${{ fromJSON(inputs.request).request.build-image.default }}
       cache-build-image-key-suffix: ${{ matrix.arch == 'arm64' && format('-{0}', matrix.arch) || '' }}
       concurrency-suffix: -${{ matrix.arch }}
@@ -91,6 +92,7 @@ jobs:
       downloads: |
         release.${{ matrix.arch }}: release/${{ matrix.arch }}/bin/
       target: ${{ matrix.target }}
+      target-suffix: ${{ matrix.arch }}
       cache-build-image: ${{ fromJSON(inputs.request).request.build-image.default }}
       cache-build-image-key-suffix: ${{ matrix.cache-build-image-key-suffix }}
       concurrency-suffix: -${{ matrix.arch }}

diff --git a/.github/workflows/_publish_publish.yml b/.github/workflows/_publish_publish.yml
@@ -71,12 +71,12 @@ jobs:
     needs:
     - publish
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: appauth
       with:
         app_id: ${{ secrets.ENVOY_CI_SYNC_APP_ID }}
         key: ${{ secrets.ENVOY_CI_SYNC_APP_KEY }}
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       with:
         ref: main
         repository: ${{ fromJSON(inputs.request).request.version.dev && 'envoyproxy/envoy-website' || 'envoyproxy/archive' }}

diff --git a/.github/workflows/_publish_verify.yml b/.github/workflows/_publish_verify.yml
@@ -99,10 +99,11 @@ jobs:
         export NO_BUILD_SETUP=1
         export ENVOY_DOCKER_IN_DOCKER=1
       target: ${{ matrix.target }}
+      target-suffix: ${{ matrix.arch }}
       trusted: ${{ inputs.trusted }}
       steps-pre: |
         - run: |
-            echo ARCH=${{ matrix.arch || 'x64' }} >> $GITHUB_ENV
+            echo ARCH=${{ matrix.arch }} >> $GITHUB_ENV
             echo DEB_ARCH=${{ matrix.arch == 'arm64' && 'arm64' || 'amd64' }} >> $GITHUB_ENV
           shell: bash
         - run: |
@@ -124,6 +125,7 @@ jobs:
 
         - name: verify_distro_x64
           target: verify_distro
+          arch: x64
           rbe: true
 
         - name: verify_distro_arm64

diff --git a/.github/workflows/_request.yml b/.github/workflows/_request.yml
@@ -40,14 +40,14 @@ jobs:
       env: ${{ steps.data.outputs.value }}
       config: ${{ steps.config.outputs.config }}
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: started
       name: Create timestamp
       with:
         options: -r
         filter: |
           now
-    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].36
       id: checkout
       name: Checkout Envoy repository
       with:
@@ -60,7 +60,7 @@ jobs:
     # *ALL* variables collected should be treated as untrusted and should be sanitized before
     # use
     - name: Generate environment variables from commit
-      uses: envoyproxy/toolshed/gh-actions/envoy/ci/[email protected].35
+      uses: envoyproxy/toolshed/gh-actions/envoy/ci/[email protected].36
       id: env
       with:
         branch-name: ${{ steps.checkout.outputs.branch-name }}
@@ -71,7 +71,7 @@ jobs:
         vars: ${{ toJSON(vars) }}
     - name: Request summary
       id: summary
-      uses: envoyproxy/toolshed/gh-actions/github/env/[email protected].35
+      uses: envoyproxy/toolshed/gh-actions/github/env/[email protected].36
       with:
         actor: ${{ toJSON(fromJSON(steps.env.outputs.data).request.actor) }}
         base-sha: ${{ fromJSON(steps.env.outputs.data).request.base-sha }}
@@ -87,7 +87,7 @@ jobs:
         target-branch: ${{ fromJSON(steps.env.outputs.data).request.target-branch }}
 
     - name: Environment data
-      uses: envoyproxy/toolshed/gh-actions/[email protected].35
+      uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: data
       with:
         input: |

diff --git a/.github/workflows/_run.yml b/.github/workflows/_run.yml
@@ -90,15 +90,16 @@ on:
         type: string
         default: |
           - run: |
-              echo "disk space at beginning of build:"
-              df -h
+              # disk space at beginning of build
+              df -h > "${TMP_REPORT}/df-pre"
             shell: bash
       report-post:
         type: string
         default: |
           - run: |
-              echo "disk space at end of build:"
-              df -h
+              # disk space at end of build
+              df -h > "${TMP_REPORT}/df-post"
+              (du -ch "%{{ inputs.temp-dir || runner.temp }}" | grep -E "[0-9]{2,}M|[0-9]G" || :) > "${TMP_REPORT}/du-post"
             shell: bash
       request:
         type: string
@@ -123,15 +124,15 @@ on:
         type: string
       steps-post:
         type: string
-        default: |
-          - run: |
-              du -ch "%{{ inputs.temp-dir || runner.temp }}" | grep -E "[0-9]{2,}M|[0-9]G" || :
-            shell: bash
       steps-post-name:
         type: string
       target:
         type: string
         required: true
+      target-name:
+        type: string
+      target-suffix:
+        type: string
       temp-dir:
         type: string
       timeout-minutes:
@@ -173,18 +174,18 @@ jobs:
       packages: read
     if: ${{ ! inputs.skip }}
     runs-on: ${{ inputs.runs-on || fromJSON(inputs.request).config.ci.agent-ubuntu }}
-    name: ${{ inputs.command }} ${{ inputs.target }}
+    name: ${{ inputs.target-suffix && format('[{0}] ', inputs.target-suffix) || '' }}${{ inputs.command }} ${{ inputs.target }}
     timeout-minutes: ${{ inputs.timeout-minutes }}
     steps:
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: started
       name: Create timestamp
       with:
         options: -r
         filter: |
           now
     # This controls which input vars are exposed to the run action (and related steps)
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       name: Context
       id: context
       with:
@@ -205,12 +206,12 @@ jobs:
           | . * {$config, $check}
     - if: ${{ inputs.cache-build-image }}
       name: Restore Docker cache ${{ inputs.cache-build-image && format('({0})', inputs.cache-build-image) || '' }}
-      uses: envoyproxy/toolshed/gh-actions/docker/cache/[email protected].35
+      uses: envoyproxy/toolshed/gh-actions/docker/cache/[email protected].36
       with:
         image_tag: ${{ inputs.cache-build-image }}
         key-suffix: ${{ inputs.cache-build-image-key-suffix }}
 
-    - uses: envoyproxy/toolshed/gh-actions/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/[email protected].36
       id: appauth
       name: Appauth
       if: ${{ inputs.trusted }}
@@ -221,7 +222,7 @@ jobs:
         # - the workaround is to allow the token to be passed through.
         token: ${{ github.token }}
         token-ok: true
-    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].36
       id: checkout
       name: Checkout Envoy repository
       with:
@@ -238,7 +239,7 @@ jobs:
         token: ${{ inputs.trusted && steps.appauth.outputs.token || github.token }}
 
     # This is currently only use by mobile-docs and can be removed once they are updated to the newer website
-    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].36
       id: checkout-extra
       name: Checkout extra repository (for publishing)
       if: ${{ inputs.checkout-extra }}
@@ -247,7 +248,7 @@ jobs:
         ssh-key: ${{ inputs.trusted && inputs.ssh-key-extra || '' }}
 
     - name: Import GPG key
-      uses: envoyproxy/toolshed/gh-actions/gpg/[email protected].35
+      uses: envoyproxy/toolshed/gh-actions/gpg/[email protected].36
       if: ${{ inputs.import-gpg }}
       with:
         key: ${{ secrets.gpg-key }}
@@ -280,7 +281,7 @@ jobs:
         echo "BAZEL_BUILD_EXTRA_OPTIONS=${BAZEL_BUILD_EXTRA_OPTIONS}" >> "$GITHUB_ENV"
         echo "GCP_SERVICE_ACCOUNT_KEY_PATH=${GCP_SERVICE_ACCOUNT_KEY_PATH}" >> "$GITHUB_ENV"
 
-    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].35
+    - uses: envoyproxy/toolshed/gh-actions/github/[email protected].36
       name: Run CI ${{ inputs.command }} ${{ inputs.target }}
       with:
         args: ${{ inputs.args != '--' && inputs.args || inputs.target }}
@@ -297,6 +298,11 @@ jobs:
         fail-match: ${{ inputs.fail-match }}
         notice-match: ${{ inputs.notice-match }}
         output-path: ${{ inputs.output-path }}
+        report-name: >-
+          ci-report-${{
+            inputs.target-suffix
+            && format('{0}-', inputs.target-suffix)
+            || '' }}${{ inputs.target-name || inputs.target }}.json
         report-pre: ${{ inputs.report-pre }}
         report-post: ${{ inputs.report-post }}
         source: ${{ inputs.source }}