Skip to content

Update README.md

Update README.md #8

Workflow file for this run

name: AWS CodeBuild CI
on:
release:
types: [ published ]
pull_request:
types: [ opened, synchronize, reopened, labeled, unlabeled ]
branches: [ main ]
workflow_dispatch:
inputs:
aws-sdk-kotlin-pr:
description: aws-sdk-kotlin PR number (optional)
type: number
required: false
smithy-kotlin-pr:
description: smithy-kotlin PR number (optional)
type: number
required: false
check-pr:
description: I verified that the PRs are not running any malicious code (If running for an external contributor)
required: true
type: boolean
default: false
env:
SDK_PR: ${{ inputs.aws-sdk-kotlin-pr }}
SMITHY_PR: ${{ inputs.smithy-kotlin-pr }}
permissions:
id-token: write
contents: read
# Allow one instance of this workflow per pull request, and cancel older runs when new changes are pushed
concurrency:
group: ci-codebuild-${{ github.ref }}
cancel-in-progress: true
jobs:
e2e-tests:
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
steps:
- name: Verify PRs are not running malicious code
if: ${{ (inputs.aws-sdk-kotlin-pr != '' || inputs.smithy-kotlin-pr != '') && inputs.check-pr == false }}
run: |
echo Please verify the PRs are not running any malicious code and mark the checkbox true when running the workflow
exit 1
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }}
aws-region: us-west-2
- name: Run E2E Tests
id: e2e-tests
uses: aws-actions/aws-codebuild-run-build@v1
with:
project-name: gh-aws-sdk-kotlin-e2e-tests
env-vars-for-codebuild: SDK_PR, SMITHY_PR
- name: Cancel build
if: ${{ cancelled() }}
env:
BUILD_ID: ${{ steps.e2e-tests.outputs.aws-build-id }}
run: |
if [ ! -z "$BUILD_ID"]; then
echo "cancelling in-progress build: id=$BUILD_ID"
aws codebuild stop-build --id $BUILD_ID
fi
service-check-batch-and-artifact-size-metrics:
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
steps:
- name: Verify PRs are not running malicious code
if: ${{ (inputs.aws-sdk-kotlin-pr != '' || inputs.smithy-kotlin-pr != '') && inputs.check-pr == false }}
run: |
echo Please verify the PRs are not running any malicious code and mark the checkbox true when running the workflow
exit 1
- name: Checkout sources
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }}
aws-region: us-west-2
- name: Run Service Check Batch and Calculate Artifact Size Metrics
id: svc-check-batch
run: |
REPOSITORY=$(echo ${{ github.repository }} | cut -d '/' -f 2) # Remove repo owner from name
.github/scripts/run-codebuild-batch-job.sh \
--project gh-aws-sdk-kotlin-svc-check-batch \
--source ${{ github.event.pull_request.head.sha }} \
--pr-number ${{ github.event.number }} \
--repository $REPOSITORY \
--external-contributor-sdk-pr-number ${{ inputs.aws-sdk-kotlin-pr }} \
--external-contributor-smithy-pr-number ${{ inputs.smithy-kotlin-pr }}
- name: Cancel build
if: ${{ cancelled() }}
env:
BUILD_ID: ${{ steps.svc-check-batch.outputs.aws-build-id }}
run: |
if [ ! -z "$BUILD_ID" ]; then
echo "cancelling in-progress batch build: id=$BUILD_ID"
aws codebuild stop-build --id $BUILD_ID
fi
- name: Collect Artifact Size Metrics
run: ./gradlew collectDelegatedArtifactSizeMetrics -PpullRequest=${{ github.event.number }}
- name: Analyze Artifact Size Metrics
run: ./gradlew analyzeArtifactSizeMetrics
- name: Show Results
uses: actions/github-script@v7
with:
script: |
const getComments =
`query {
repository(owner:"${context.repo.owner}", name:"${context.repo.repo}"){
pullRequest(number: ${context.issue.number}) {
id
comments(last:100) {
nodes {
id
body
author {
login
}
isMinimized
}
}
}
}
}`
const response = await github.graphql(getComments)
const comments = response.repository.pullRequest.comments.nodes
for (const i in comments) {
if (comments[i].author.login == 'github-actions' && !comments[i].isMinimized && comments[i].body.startsWith('Affected Artifacts')) {
const hideComment =
`mutation {
minimizeComment(input:{subjectId:"${comments[i].id}", classifier:OUTDATED}){
clientMutationId
}
}`
await github.graphql(hideComment)
}
}
const fs = require('node:fs')
const comment = fs.readFileSync('./build/reports/metrics/artifact-analysis.csv', 'utf8')
const writeComment =
`mutation {
addComment(input:{body:"""${comment}""", subjectId:"${response.repository.pullRequest.id}"}){
clientMutationId
}
}`
await github.graphql(writeComment)
- name: Evaluate Result
if: ${{ !contains(github.event.pull_request.labels.*.name, 'acknowledge-artifact-size-increase') }}
run: |
cd build/reports/metrics
cat has-significant-change.txt | grep false || {
echo An artifact increased in size by more than allowed or a new artifact was created.
exit 1
}
release-artifact-size-metrics:
if: github.event_name == 'release'
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }}
aws-region: us-west-2
- name: Calculate Artifact Size Metrics
id: svc-check-batch
run: |
REPOSITORY=$(echo ${{ github.repository }} | cut -d '/' -f 2)
.github/scripts/run-codebuild-batch-job.sh \
--project gh-aws-sdk-kotlin-svc-check-batch \
--source ${{ github.event.pull_request.head.sha }} \
--repository $REPOSITORY \
--release ${{ github.event.release.tag_name }}
- name: Cancel build
if: ${{ cancelled() }}
env:
BUILD_ID: ${{ steps.svc-check-batch.outputs.aws-build-id }}
run: |
if [ ! -z "$BUILD_ID" ]; then
echo "cancelling in-progress batch build: id=$BUILD_ID"
aws codebuild stop-build --id $BUILD_ID
fi
- name: Collect Artifact Size Metrics
run: ./gradlew collectDelegatedArtifactSizeMetrics -Prelease=${{ github.event.release.tag_name }}
- name: Save Artifact Size Metrics
run: |
cd build/reports/metrics/
REPOSITORY=$(echo ${{ github.repository }} | cut -d '/' -f 2) # Remove repo owner from name
aws s3 cp artifact-size-metrics.csv s3://${{ secrets.ARTIFACT_METRICS_BUCKET }}/$REPOSITORY-${{ github.event.release.tag_name }}-release.csv
aws s3 cp artifact-size-metrics.csv s3://${{ secrets.ARTIFACT_METRICS_BUCKET }}/$REPOSITORY-latest-release.csv
- name: Put Artifact Size Metrics in CloudWatch
run: ./gradlew putArtifactSizeMetricsInCloudWatch -Prelease=${{ github.event.release.tag_name }}