Skip to content

Commit

Permalink
Update codebuild-ci.yml
Browse files Browse the repository at this point in the history
  • Loading branch information
0marperez authored Apr 29, 2024
1 parent e4b703d commit 996bca2
Showing 1 changed file with 146 additions and 6 deletions.
152 changes: 146 additions & 6 deletions .github/workflows/codebuild-ci.yml
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
name: AWS CodeBuild CI

on:
release:
types: [ published ]
pull_request:
branches:
- main
types: [ opened, synchronize, reopened, labeled, unlabeled ]
branches: [ main ]
workflow_dispatch:
inputs:
aws-sdk-kotlin-pr:
Expand All @@ -27,6 +29,7 @@ env:
permissions:
id-token: write
contents: read
pull-requests: write

# Allow one instance of this workflow per pull request, and cancel older runs when new changes are pushed
concurrency:
Expand All @@ -35,6 +38,7 @@ concurrency:

jobs:
e2e-tests:
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
steps:
- name: Verify PRs are not running malicious code
Expand Down Expand Up @@ -63,7 +67,8 @@ jobs:
aws codebuild stop-build --id $BUILD_ID
fi
service-check-batch:
service-check-batch-and-artifact-size-metrics:
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch'
runs-on: ubuntu-latest
steps:
- name: Verify PRs are not running malicious code
Expand All @@ -78,14 +83,143 @@ jobs:
with:
role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }}
aws-region: us-west-2
- name: Run Service Check Batch
- name: Run Service Check Batch and Calculate Artifact Size Metrics
id: svc-check-batch
run: |
REPOSITORY=$(echo ${{ github.repository }} | cut -d '/' -f 2)
PULL_REQUEST=""
INTERNAL=${{ github.event.number }}
EXTERNAL=${{ inputs.aws-sdk-kotlin-pr }}
if [ ! -z "$INTERNAL" ]; then
PULL_REQUEST=${{ github.event.number }}
echo "Identified this an internal pull request build: $PULL_REQUEST"
elif [ ! -z "$EXTERNAL" ]; then
PULL_REQUEST=${{ inputs.aws-sdk-kotlin-pr }}
echo "Identified this as an external pull request build: $PULL_REQUEST"
else
echo "Couldn't identify this as an internal or external pull request"
exit 1
fi
.github/scripts/run-codebuild-batch-job.sh \
--project gh-aws-sdk-kotlin-svc-check-batch \
--source ${{ github.event.pull_request.head.sha }} \
--pr-number $PULL_REQUEST \
--repository $REPOSITORY \
--external-contributor-sdk-pr-number ${{ inputs.aws-sdk-kotlin-pr }} \
--external-contributor-smithy-pr-number ${{ inputs.smithy-kotlin-pr }}
- name: Cancel build
if: ${{ cancelled() }}
env:
BUILD_ID: ${{ steps.svc-check-batch.outputs.aws-build-id }}
run: |
if [ ! -z "$BUILD_ID" ]; then
echo "cancelling in-progress batch build: id=$BUILD_ID"
aws codebuild stop-build --id $BUILD_ID
fi
- name: Collect Artifact Size Metrics
run: |
PULL_REQUEST=""
INTERNAL=${{ github.event.number }}
EXTERNAL=${{ inputs.aws-sdk-kotlin-pr }}
if [ ! -z "$INTERNAL" ]; then
PULL_REQUEST=${{ github.event.number }}
echo "Identified this an internal pull request build: $PULL_REQUEST"
elif [ ! -z "$EXTERNAL" ]; then
PULL_REQUEST=${{ inputs.aws-sdk-kotlin-pr }}
echo "Identified this as an external pull request build: $PULL_REQUEST"
else
echo "Couldn't identify this as an internal or external pull request"
exit 1
fi
./gradlew collectDelegatedArtifactSizeMetrics -PpullRequest=$PULL_REQUEST
- name: Analyze Artifact Size Metrics
run: ./gradlew analyzeArtifactSizeMetrics
- name: Show Results
uses: actions/github-script@v7
with:
script: |
const getComments =
`query {
repository(owner:"${context.repo.owner}", name:"${context.repo.repo}"){
pullRequest(number: ${context.issue.number}) {
id
comments(last:100) {
nodes {
id
body
author {
login
}
isMinimized
}
}
}
}
}`
const response = await github.graphql(getComments)
const comments = response.repository.pullRequest.comments.nodes
const mutations = comments
.filter(comment => comment.author.login == 'github-actions' && !comment.isMinimized && comment.body.startsWith('Affected Artifacts'))
.map(comment =>
github.graphql(
`mutation {
minimizeComment(input:{subjectId:"${comment.id}", classifier:OUTDATED}){
clientMutationId
}
}`
)
)
await Promise.all(mutations)
const fs = require('node:fs')
const comment = fs.readFileSync('build/reports/metrics/artifact-analysis.md', 'utf8')
const writeComment =
`mutation {
addComment(input:{body:"""${comment}""", subjectId:"${response.repository.pullRequest.id}"}){
clientMutationId
}
}`
await github.graphql(writeComment)
- name: Evaluate Result
if: ${{ !contains(github.event.pull_request.labels.*.name, 'acknowledge-artifact-size-increase') }}
run: |
cd build/reports/metrics
cat has-significant-change.txt | grep false || {
echo An artifact increased in size by more than allowed or a new artifact was created.
echo If this is expected please add the 'acknowledge-artifact-size-increase' label to this pull request.
exit 1
}
release-artifact-size-metrics:
if: github.event_name == 'release'
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: actions/checkout@v2
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }}
aws-region: us-west-2
- name: Calculate Artifact Size Metrics
id: svc-check-batch
run: |
REPOSITORY=$(echo ${{ github.repository }} | cut -d '/' -f 2)
.github/scripts/run-codebuild-batch-job.sh \
--project gh-aws-sdk-kotlin-svc-check-batch \
--source ${{ github.event.pull_request.head.sha }} \
--sdk-pr ${{ inputs.aws-sdk-kotlin-pr }} \
--smithy-pr ${{ inputs.smithy-kotlin-pr }}
--repository $REPOSITORY \
--release ${{ github.event.release.tag_name }}
- name: Cancel build
if: ${{ cancelled() }}
env:
Expand All @@ -95,3 +229,9 @@ jobs:
echo "cancelling in-progress batch build: id=$BUILD_ID"
aws codebuild stop-build --id $BUILD_ID
fi
- name: Collect Artifact Size Metrics
run: ./gradlew collectDelegatedArtifactSizeMetrics -Prelease=${{ github.event.release.tag_name }}
- name: Save Artifact Size Metrics
run: ./gradlew saveArtifactSizeMetrics
- name: Put Artifact Size Metrics in CloudWatch
run: ./gradlew putArtifactSizeMetricsInCloudWatch -Prelease=${{ github.event.release.tag_name }}

0 comments on commit 996bca2

Please sign in to comment.