@@ -18,14 +18,14 @@ jobs:
1818 outputs :
1919 has_token : ${{ steps.set-token-status.outputs.has_token }}
2020 steps :
21- - name : Check if DECO_WORKFLOW_TRIGGER_APP_ID is set
21+ - name : Check if required secrets are set
2222 id : set-token-status
2323 run : |
24- if [ -z "${{ secrets.DECO_WORKFLOW_TRIGGER_APP_ID }}" ]; then
25- echo "DECO_WORKFLOW_TRIGGER_APP_ID is empty . User has no access to secrets."
24+ if [ -z "${{ secrets.DECO_WORKFLOW_TRIGGER_APP_ID }}" ] || [ -z "${{ secrets.DECO_TEST_APPROVAL_APP_ID }}" ] ; then
25+ echo "Required secrets are missing . User has no access to secrets."
2626 echo "::set-output name=has_token::false"
2727 else
28- echo "DECO_WORKFLOW_TRIGGER_APP_ID is set. User has access to secrets."
28+ echo "All required secrets are set. User has access to secrets."
2929 echo "::set-output name=has_token::true"
3030 fi
3131
@@ -39,10 +39,35 @@ jobs:
3939 needs : check-token
4040 if : github.event_name == 'pull_request' && needs.check-token.outputs.has_token == 'true'
4141 environment : " test-trigger-is"
42+
4243 steps :
4344 - uses : actions/checkout@v3
4445
45- - name : Generate GitHub App Token
46+ - name : Generate GitHub App Token for Check Updates
47+ id : generate-check-token
48+ uses : actions/create-github-app-token@v1
49+ with :
50+ app-id : ${{ secrets.DECO_TEST_APPROVAL_APP_ID }}
51+ private-key : ${{ secrets.DECO_TEST_APPROVAL_PRIVATE_KEY }}
52+ owner : databricks
53+
54+ - name : Create Check Run
55+ id : create-check
56+ env :
57+ GH_TOKEN : ${{ steps.generate-check-token.outputs.token }}
58+ run : |
59+ response=$(gh api -X POST \
60+ /repos/${{ github.repository }}/check-runs \
61+ -f name="Integration Tests" \
62+ -f head_sha="${{ github.event.pull_request.head.sha }}" \
63+ -f status="queued" \
64+ -f output[title]="Integration Tests" \
65+ -f output[summary]="Tests queued and will be triggered shortly...")
66+
67+ check_run_id=$(echo "$response" | jq -r .id)
68+ echo "check_run_id=$check_run_id" >> $GITHUB_OUTPUT
69+
70+ name : Generate GitHub App Token for Workflow Trigger
4671 id : generate-token
4772 uses : actions/create-github-app-token@v1
4873 with :
5883 gh workflow run sdk-java-isolated-pr.yml -R ${{ secrets.ORG_NAME }}/${{secrets.REPO_NAME}} \
5984 --ref main \
6085 -f pull_request_number=${{ github.event.pull_request.number }} \
61- -f commit_sha=${{ github.event.pull_request.head.sha }}
86+ -f commit_sha=${{ github.event.pull_request.head.sha }} \
87+ -f check_run_id=${{ steps.create-check.outputs.check_run_id }}
6288
6389# Statuses and checks apply to specific commits (by hash).
6490 # Enforcement of required checks is done both at the PR level and the merge queue level.
@@ -74,14 +100,24 @@ jobs:
74100 group : databricks-deco-testing-runner-group
75101 labels : ubuntu-latest-deco
76102
103+ permissions :
104+ checks : write
105+ contents : read
106+
77107 steps :
78- - name : Mark Check
79- env :
80- GH_TOKEN : ${{ secrets.GITHUB_TOKEN }}
81- shell : bash
82- run : |
83- gh api -X POST -H "Accept: application/vnd.github+json" \
84- -H "X-GitHub-Api-Version: 2022-11-28" \
85- /repos/${{ github.repository }}/statuses/${{ github.sha }} \
86- -f 'state=success' \
87- -f 'context=Integration Tests Check'
108+ - name : Auto-approve Check for Merge Queue
109+ uses : actions/github-script@v7
110+ with :
111+ script : |
112+ await github.rest.checks.create({
113+ owner: context.repo.owner,
114+ repo: context.repo.repo,
115+ name: 'Integration Tests',
116+ head_sha: context.sha,
117+ status: 'completed',
118+ conclusion: 'success',
119+ output: {
120+ title: 'Integration Tests',
121+ summary: 'Auto-approved for merge queue (tests already passed on PR)'
122+ }
123+ });
0 commit comments