v1.2.33 #1181
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: AWS CodeBuild CI | |
on: | |
release: | |
types: [ published ] | |
pull_request: | |
types: [ opened, synchronize, reopened, labeled, unlabeled ] | |
branches: [ main ] | |
workflow_dispatch: | |
inputs: | |
aws-sdk-kotlin-pr: | |
description: aws-sdk-kotlin PR number (optional) | |
type: number | |
required: false | |
smithy-kotlin-pr: | |
description: smithy-kotlin PR number (optional) | |
type: number | |
required: false | |
check-pr: | |
description: I verified that the PRs are not running any malicious code (If running for an external contributor) | |
required: true | |
type: boolean | |
default: false | |
env: | |
SDK_PR: ${{ inputs.aws-sdk-kotlin-pr }} | |
SMITHY_PR: ${{ inputs.smithy-kotlin-pr }} | |
permissions: | |
id-token: write | |
contents: read | |
pull-requests: write | |
# Allow one instance of this workflow per pull request, and cancel older runs when new changes are pushed | |
concurrency: | |
group: ci-codebuild-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
e2e-tests: | |
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Verify PRs are not running malicious code | |
if: ${{ (inputs.aws-sdk-kotlin-pr != '' || inputs.smithy-kotlin-pr != '') && inputs.check-pr == false }} | |
run: | | |
echo Please verify the PRs are not running any malicious code and mark the checkbox true when running the workflow | |
exit 1 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} | |
aws-region: us-west-2 | |
- name: Run E2E Tests | |
id: e2e-tests | |
uses: aws-actions/aws-codebuild-run-build@v1 | |
with: | |
project-name: gh-aws-sdk-kotlin-e2e-tests | |
env-vars-for-codebuild: SDK_PR, SMITHY_PR | |
- name: Cancel build | |
if: ${{ cancelled() }} | |
env: | |
BUILD_ID: ${{ steps.e2e-tests.outputs.aws-build-id }} | |
run: | | |
if [ ! -z "$BUILD_ID"]; then | |
echo "cancelling in-progress build: id=$BUILD_ID" | |
aws codebuild stop-build --id $BUILD_ID | |
fi | |
service-check-batch-and-artifact-size-metrics: | |
if: github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Verify PRs are not running malicious code | |
if: ${{ (inputs.aws-sdk-kotlin-pr != '' || inputs.smithy-kotlin-pr != '') && inputs.check-pr == false }} | |
run: | | |
echo Please verify the PRs are not running any malicious code and mark the checkbox true when running the workflow | |
exit 1 | |
- name: Checkout sources | |
uses: actions/checkout@v2 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} | |
aws-region: us-west-2 | |
- name: Run Service Check Batch and Calculate Artifact Size Metrics | |
id: svc-check-batch | |
run: | | |
REPOSITORY=$(echo ${{ github.repository }} | cut -d '/' -f 2) | |
PULL_REQUEST="" | |
INTERNAL=${{ github.event.number }} | |
EXTERNAL=${{ inputs.aws-sdk-kotlin-pr }} | |
if [ ! -z "$INTERNAL" ]; then | |
PULL_REQUEST=${{ github.event.number }} | |
echo "Identified this an internal pull request build: $PULL_REQUEST" | |
elif [ ! -z "$EXTERNAL" ]; then | |
PULL_REQUEST=${{ inputs.aws-sdk-kotlin-pr }} | |
echo "Identified this as an external pull request build: $PULL_REQUEST" | |
else | |
echo "Couldn't identify this as an internal or external pull request" | |
exit 1 | |
fi | |
.github/scripts/run-codebuild-batch-job.sh \ | |
--project gh-aws-sdk-kotlin-svc-check-batch \ | |
--source ${{ github.event.pull_request.head.sha }} \ | |
--pr-number $PULL_REQUEST \ | |
--repository $REPOSITORY \ | |
--external-contributor-sdk-pr-number ${{ inputs.aws-sdk-kotlin-pr }} \ | |
--external-contributor-smithy-pr-number ${{ inputs.smithy-kotlin-pr }} | |
- name: Cancel build | |
if: ${{ cancelled() }} | |
env: | |
BUILD_ID: ${{ steps.svc-check-batch.outputs.aws-build-id }} | |
run: | | |
if [ ! -z "$BUILD_ID" ]; then | |
echo "cancelling in-progress batch build: id=$BUILD_ID" | |
aws codebuild stop-build --id $BUILD_ID | |
fi | |
- name: Collect Artifact Size Metrics | |
run: | | |
PULL_REQUEST="" | |
INTERNAL=${{ github.event.number }} | |
EXTERNAL=${{ inputs.aws-sdk-kotlin-pr }} | |
if [ ! -z "$INTERNAL" ]; then | |
PULL_REQUEST=${{ github.event.number }} | |
echo "Identified this an internal pull request build: $PULL_REQUEST" | |
elif [ ! -z "$EXTERNAL" ]; then | |
PULL_REQUEST=${{ inputs.aws-sdk-kotlin-pr }} | |
echo "Identified this as an external pull request build: $PULL_REQUEST" | |
else | |
echo "Couldn't identify this as an internal or external pull request" | |
exit 1 | |
fi | |
./gradlew collectDelegatedArtifactSizeMetrics -PpullRequest=$PULL_REQUEST | |
- name: Analyze Artifact Size Metrics | |
run: ./gradlew analyzeArtifactSizeMetrics | |
- name: Show Results | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
const getComments = | |
`query { | |
repository(owner:"${context.repo.owner}", name:"${context.repo.repo}"){ | |
pullRequest(number: ${context.issue.number ?? process.env.SDK_PR}) { | |
id | |
comments(last:100) { | |
nodes { | |
id | |
body | |
author { | |
login | |
} | |
isMinimized | |
} | |
} | |
} | |
} | |
}` | |
const response = await github.graphql(getComments) | |
const comments = response.repository.pullRequest.comments.nodes | |
const mutations = comments | |
.filter(comment => comment.author.login == 'github-actions' && !comment.isMinimized && comment.body.startsWith('Affected Artifacts')) | |
.map(comment => | |
github.graphql( | |
`mutation { | |
minimizeComment(input:{subjectId:"${comment.id}", classifier:OUTDATED}){ | |
clientMutationId | |
} | |
}` | |
) | |
) | |
await Promise.all(mutations) | |
const fs = require('node:fs') | |
const comment = fs.readFileSync('build/reports/metrics/artifact-analysis.md', 'utf8') | |
const writeComment = | |
`mutation { | |
addComment(input:{body:"""${comment}""", subjectId:"${response.repository.pullRequest.id}"}){ | |
clientMutationId | |
} | |
}` | |
await github.graphql(writeComment) | |
- name: Evaluate Result | |
if: ${{ !contains(github.event.pull_request.labels.*.name, 'acknowledge-artifact-size-increase') }} | |
run: | | |
cd build/reports/metrics | |
cat has-significant-change.txt | grep false || { | |
echo An artifact increased in size by more than allowed or a new artifact was created. | |
echo If this is expected please add the 'acknowledge-artifact-size-increase' label to this pull request. | |
exit 1 | |
} | |
release-artifact-size-metrics: | |
if: github.event_name == 'release' | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout sources | |
uses: actions/checkout@v2 | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} | |
aws-region: us-west-2 | |
- name: Calculate Artifact Size Metrics | |
id: svc-check-batch | |
run: | | |
REPOSITORY=$(echo ${{ github.repository }} | cut -d '/' -f 2) | |
.github/scripts/run-codebuild-batch-job.sh \ | |
--project gh-aws-sdk-kotlin-svc-check-batch \ | |
--source ${{ github.event.pull_request.head.sha }} \ | |
--repository $REPOSITORY \ | |
--release ${{ github.event.release.tag_name }} | |
- name: Cancel build | |
if: ${{ cancelled() }} | |
env: | |
BUILD_ID: ${{ steps.svc-check-batch.outputs.aws-build-id }} | |
run: | | |
if [ ! -z "$BUILD_ID" ]; then | |
echo "cancelling in-progress batch build: id=$BUILD_ID" | |
aws codebuild stop-build --id $BUILD_ID | |
fi | |
- name: Collect Artifact Size Metrics | |
run: ./gradlew collectDelegatedArtifactSizeMetrics -Prelease=${{ github.event.release.tag_name }} | |
- name: Save Artifact Size Metrics | |
run: ./gradlew saveArtifactSizeMetrics -Prelease=${{ github.event.release.tag_name }} | |
- name: Put Artifact Size Metrics in CloudWatch | |
run: ./gradlew putArtifactSizeMetricsInCloudWatch -Prelease=${{ github.event.release.tag_name }} |