From b68a4da75b7f0cf11ca58315a151ccfd04b36d9c Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos Date: Mon, 29 Jul 2024 23:50:57 -0700 Subject: [PATCH 1/2] Manually run extra tests & emit metric if token expired --- .github/workflows/codebuild-ci.yml | 22 +++++++++++--- .github/workflows/run-local-mode-tests.yml | 35 ++++++++++++++++++++++ .github/workflows/run-slow-tests.yml | 35 ++++++++++++++++++++++ 3 files changed, 88 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/run-local-mode-tests.yml create mode 100644 .github/workflows/run-slow-tests.yml diff --git a/.github/workflows/codebuild-ci.yml b/.github/workflows/codebuild-ci.yml index 8c6bd6b337..1d62cb6b47 100644 --- a/.github/workflows/codebuild-ci.yml +++ b/.github/workflows/codebuild-ci.yml @@ -17,24 +17,38 @@ jobs: outputs: approval-env: ${{ steps.collab-check.outputs.result }} steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.MONITORING_AWS_ROLE_ARN }} + aws-region: us-west-2 - name: Collaborator Check uses: actions/github-script@v7 id: collab-check + env: + PR_USER_LOGIN: ${{ github.event.pull_request.user.login }} with: github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} result-encoding: string script: | + const user = JSON.stringify(process.env.PR_USER_LOGIN); try { const res = await github.rest.repos.checkCollaborator({ owner: context.repo.owner, repo: context.repo.repo, - username: "${{ github.event.pull_request.user.login }}", + username: user, }); - console.log("Verifed ${{ github.event.pull_request.user.login }} is a repo collaborator. Auto Approving PR Checks.") + console.log("Verifed ${user} is a repo collaborator. Auto Approving PR Checks.") return res.status == "204" ? "auto-approve" : "manual-approval" } catch (error) { - console.log("${{ github.event.pull_request.user.login }} is not a collaborator. Requiring Manual Approval to run PR Checks.") - return "manual-approval" + if (error.message == "Bad credentials") { + console.log("Token Expired. Please update the COLLAB_CHECK_TOKEN secret. Requiring Manual Approval to run PR Checks becuase the collaborator status could not be verified.") + const { execSync } = require('child_process') + execSync('aws cloudwatch put-metric-data --namespace "GitHubActions" --metric-name "BadCredentials" --value 1') + } else { + console.log("${user} is not a collaborator. Requiring Manual Approval to run PR Checks.") + } + return "manual-approval" } wait-for-approval: runs-on: ubuntu-latest diff --git a/.github/workflows/run-local-mode-tests.yml b/.github/workflows/run-local-mode-tests.yml new file mode 100644 index 0000000000..79073e3948 --- /dev/null +++ b/.github/workflows/run-local-mode-tests.yml @@ -0,0 +1,35 @@ +name: Run Local Mode Tests + +on: + workflow_dispatch: + inputs: + prNumber: + description: 'Pull Request Number' + required: true + commitSha: + description: 'Commit SHA' + required: true + +concurrency: + group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + local-mode-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Slow Tests + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.event.repository.name }}-ci-localmode-tests + source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' + diff --git a/.github/workflows/run-slow-tests.yml b/.github/workflows/run-slow-tests.yml new file mode 100644 index 0000000000..bb31a04ed6 --- /dev/null +++ b/.github/workflows/run-slow-tests.yml @@ -0,0 +1,35 @@ +name: Run Slow Tests + +on: + workflow_dispatch: + inputs: + prNumber: + description: 'Pull Request Number' + required: true + commitSha: + description: 'Commit SHA' + required: true + +concurrency: + group: ${{ github.workflow }}-${{ github.event.inputs.prNumber }} + cancel-in-progress: true + +permissions: + id-token: write # This is required for requesting the JWT + +jobs: + slow-tests: + runs-on: ubuntu-latest + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Slow Tests + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.event.repository.name }}-ci-slow-tests + source-version-override: 'refs/pull/${{ github.event.inputs.prNumber}}/head^{${{ github.event.inputs.commitSha }}}' + From 83d920a1dd525d5eb25c174c8e6c88e7a234a9af Mon Sep 17 00:00:00 2001 From: Erick Benitez-Ramos <141277478+benieric@users.noreply.github.com> Date: Tue, 30 Jul 2024 00:11:49 -0700 Subject: [PATCH 2/2] Update auto_ml_utils.py --- tests/integ/auto_ml_utils.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/integ/auto_ml_utils.py b/tests/integ/auto_ml_utils.py index 536f3bcf14..1975dd6152 100644 --- a/tests/integ/auto_ml_utils.py +++ b/tests/integ/auto_ml_utils.py @@ -29,6 +29,7 @@ def create_auto_ml_job_if_not_exist(sagemaker_session, auto_ml_job_name): try: sagemaker_session.describe_auto_ml_job(job_name=auto_ml_job_name) except Exception as e: # noqa: F841 + # Random Test auto_ml = AutoML( role=ROLE, target_attribute_name=TARGET_ATTRIBUTE_NAME,