Skip to content
Python Instrumentation PR Build

feat: add self-validating workflow gate jobs #84

Sign in to view logs

feat: add self-validating workflow gate jobs

feat: add self-validating workflow gate jobs #84

Workflow file for this run

.github/workflows/pr-build.yml at 52f02d6
name: Python Instrumentation PR Build
on:
pull_request:
types:
- opened
- reopened
- synchronize
- labeled
- unlabeled
branches:
- main
- "release/v*"
permissions:
id-token: write
contents: read
jobs:
static-code-checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #5.0.0
with:
fetch-depth: 0
- name: Check CHANGELOG
if: always()
run: |
# Check if PR is from workflows bot or dependabot
if [[ "${{ github.event.pull_request.user.login }}" == "aws-application-signals-bot" ]]; then
echo "Skipping check: PR from aws-application-signals-bot"
exit 0
fi
if [[ "${{ github.event.pull_request.user.login }}" == "dependabot[bot]" ]]; then
echo "Skipping check: PR from dependabot"
exit 0
fi
# Check for skip changelog label
if echo '${{ toJSON(github.event.pull_request.labels.*.name) }}' | jq -r '.[]' | grep -q "skip changelog"; then
echo "Skipping check: skip changelog label found"
exit 0
fi
# Fetch base branch and check for CHANGELOG modifications
git fetch origin ${{ github.base_ref }}
if git diff --name-only origin/${{ github.base_ref }}..HEAD | grep -q "CHANGELOG.md"; then
echo "CHANGELOG.md entry found - check passed"
exit 0
fi
echo "It looks like you didn't add an entry to CHANGELOG.md. If this change affects the SDK behavior, please update CHANGELOG.md and link this PR in your entry. If this PR does not need a CHANGELOG entry, you can add the 'Skip Changelog' label to this PR."
exit 1
- name: Check for versioned GitHub actions
if: always()
run: |
# Get changed GitHub workflow/action files
CHANGED_FILES=$(git diff --name-only origin/${{ github.base_ref }}..HEAD | grep -E "^\.github/(workflows|actions)/.*\.ya?ml$" || true)
if [ -n "$CHANGED_FILES" ]; then
# Check for any versioned actions, excluding comments and this validation script
VIOLATIONS=$(grep -Hn "uses:.*@v" $CHANGED_FILES | grep -v "grep.*uses:.*@v" | grep -v "#.*@v" || true)
if [ -n "$VIOLATIONS" ]; then
echo "Found versioned GitHub actions. Use commit SHAs instead:"
echo "$VIOLATIONS"
exit 1
fi
fi
echo "No versioned actions found in changed files"
# build:
# runs-on: ubuntu-latest
# strategy:
# fail-fast: false # ensures the entire test matrix is run, even if one permutation fails
# matrix:
# python-version: ["3.9", "3.10", "3.11", "3.12", "3.13"]
# steps:
# - name: Checkout Repo @ SHA - ${{ github.sha }}
# uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #5.0.0
# - name: Build Wheel and Image Files
# uses: ./.github/actions/artifacts_build
# with:
# image_uri_with_tag: pr-build/${{ matrix.python-version }}
# push_image: false
# load_image: true
# python_version: ${{ matrix.python-version }}
# package_name: aws-opentelemetry-distro
# os: ubuntu-latest
# - name: Set up and run contract tests with pytest
# run: |
# bash scripts/set-up-contract-tests.sh
# pip install pytest
# pytest contract-tests/tests
# build-lambda:
# runs-on: ubuntu-latest
# steps:
# - name: Checkout Repo @ SHA - ${{ github.sha }}
# uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #5.0.0
# - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c #v6.0.0
# if: ${{ matrix.language == 'python' }}
# with:
# python-version: '3.x'
# - name: Build sample lambda function
# working-directory: lambda-layer/sample-apps
# run: ./package-lambda-function.sh
# - name: Build layers
# working-directory: lambda-layer/src
# run: |
# ./build-lambda-layer.sh
# pip install tox
# tox
lint:
runs-on: ubuntu-latest
strategy:
fail-fast: false # ensures the entire test matrix is run, even if one permutation fails
matrix:
tox-environment: ["spellcheck", "lint"]
steps:
- name: Checkout Repo @ SHA - ${{ github.sha }}
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #5.0.0
- name: Install libsnappy-dev
if: ${{ matrix.tox-environment == 'lint' }}
run: sudo apt-get update && sudo apt-get install -y libsnappy-dev
- name: Set up
uses: ./.github/actions/set_up
with:
python_version: 3.11
package_name: aws-opentelemetry-distro
os: ubuntu-latest
run_unit_tests: false
- name: Run ${{ matrix.tox-environment }} with tox
run: |
if [[ "${{ matrix.tox-environment }}" == "spellcheck" ]]; then
echo "Intentionally failing spellcheck to test gate job"
exit 1
fi
tox -e ${{ matrix.tox-environment }}
spotless:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo @ SHA - ${{ github.sha }}
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #5.0.0
- name: Gradle validation
uses: gradle/actions/wrapper-validation@ed408507eac070d1f99cc633dbcf757c94c7933a #4.4.3
- name: Set up Java
uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 #v5.0.0
with:
java-version: 17
distribution: temurin
- name: Setup Gradle
uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a #4.4.3
- name: Build with Gradle
run: cd performance-tests; ./gradlew spotlessCheck
all-pr-checks-pass:
runs-on: ubuntu-latest
needs: [static-code-checks, lint, spotless]
if: always()
steps:
- name: Check all jobs succeeded
run: |
results='${{ toJSON(needs) }}'
if echo "$results" | jq -r '.[] | .result' | grep -v success; then
echo "Some jobs failed"
exit 1
fi
echo "All checks passed!"