Envoy incremental check workflow #7
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Check Envoy commits for non-trivial merges" | |
| on: | |
| pull_request: | |
| schedule: | |
| - cron: "0 */4 * * *" | |
| workflow_dispatch: {} | |
| jobs: | |
| check-envoy-commits: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: "Checkout Nighthawk" | |
| uses: actions/checkout@v4 | |
| with: | |
| path: nighthawk | |
| - name: "Checkout Envoy" | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: envoyproxy/envoy | |
| path: envoy | |
| - name: "Get Nighthawk's current Envoy commit" | |
| id: get_current_envoy_commit | |
| run: | | |
| CURRENT_ENVOY_COMMIT=$(cat ./nighthawk/bazel/repositories.bzl | sed -nE 's/^ENVOY_COMMIT = "(.*)"$/\1/p') | |
| echo "CURRENT_ENVOY_COMMIT=${CURRENT_ENVOY_COMMIT}" | |
| echo "CURRENT_ENVOY_COMMIT=${CURRENT_ENVOY_COMMIT}" >> $GITHUB_ENV | |
| - name: "Get the latest Envoy commit" | |
| id: get_latest_envoy_commit | |
| run: | | |
| LATEST_ENVOY_COMMIT=$(git -C ./envoy rev-parse main) | |
| echo "LATEST_ENVOY_COMMIT=${LATEST_ENVOY_COMMIT}" | |
| echo "LATEST_ENVOY_COMMIT=${LATEST_ENVOY_COMMIT}" >> $GITHUB_ENV | |
| - name: "Check for existing issues generated by check-envoy-commits workflow and close obsolete issues" | |
| id: check_open_issues | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| echo "decision=proceed" >> $GITHUB_OUTPUT | |
| # Get all open issues created by this automation. | |
| OPEN_ISSUES_JSON=$(gh issue list --repo ${{ github.repository }} --label "check-envoy-commits" --state open --json number,title) | |
| if [[ -z "$OPEN_ISSUES_JSON" || "$OPEN_ISSUES_JSON" == "[]" ]]; then | |
| echo "No known open issues found. Proceeding with analysis." | |
| exit 0 | |
| fi | |
| echo "Found open issues. Checking for resolution..." | |
| SKIP_RUN="false" | |
| echo "$OPEN_ISSUES_JSON" | jq -c '.[]' | while read -r issue; do | |
| ISSUE_NUMBER=$(echo "$issue" | jq -r '.number') | |
| ENVOY_ISSUE_COMMIT=$(echo "$issue" | jq -r '.title' | grep -oP '(?<=`)\w+(?=`)') | |
| if [[ -z "$ENVOY_ISSUE_COMMIT" ]]; then | |
| continue | |
| fi | |
| # Use the local Envoy checkout to check if the breaking commit is an ancestor. | |
| if git -C ./envoy merge-base --is-ancestor "$ENVOY_ISSUE_COMMIT" "${{ env.CURRENT_ENVOY_COMMIT }}"; then | |
| echo "Issue from Envoy commit ${ENVOY_ISSUE_COMMIT} (issue #${ISSUE_NUMBER}) is resolved." | |
| gh issue comment "$ISSUE_NUMBER" --body "The Nighthawk dependency on Envoy has been updated to \`${{ env.CURRENT_ENVOY_COMMIT }}\`, which is past the issue commit \`${ENVOY_ISSUE_COMMIT}\`." | |
| gh issue close "$ISSUE_NUMBER" | |
| else | |
| echo "Nighthawk's dependency has NOT moved past the known issue at ${ENVOY_ISSUE_COMMIT} (issue #${ISSUE_NUMBER})." | |
| SKIP_RUN="true" | |
| fi | |
| done | |
| if [[ "$SKIP_RUN" == "true" ]]; then | |
| echo "Skipping this run due to unresolved issues." | |
| echo "decision=skip" >> $GITHUB_OUTPUT | |
| else | |
| echo "All known issues have been resolved or closed. Proceeding with new analysis." | |
| fi | |
| - name: "Check for modifications to shared files" | |
| id: check_shared_files | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| echo "manual_merge_required=false" >> $GITHUB_OUTPUT | |
| # Find commits in the current range to modify shared files. | |
| SHARED_FILES=( | |
| .bazelrc | |
| .bazelversion | |
| ci/run_envoy_docker.sh | |
| tools/gen_compilation_database.py | |
| tools/code_format/config.yaml); | |
| ENVOY_MODIFIED_COMMITS=$(git -C ./envoy log --reverse --pretty=%H ${{ env.CURRENT_ENVOY_COMMIT }}..HEAD -- ${SHARED_FILES[@]}) | |
| if [[ -z "$ENVOY_MODIFIED_COMMITS" ]]; then | |
| echo "No commits found modifying shared files." | |
| else | |
| echo "Commits found modifying shared files:" | |
| echo " ${ENVOY_MODIFIED_COMMITS[@]}" | |
| echo "ENVOY_MODIFIED_COMMITS=(${ENVOY_MODIFIED_COMMITS[@]})" >> $GITHUB_ENV | |
| echo "manual_merge_required=true" >> $GITHUB_OUTPUT | |
| fi | |
| - name: "Create Github issues for Envoy commits with changes to shared files" | |
| if: steps.check_open_issues.outputs.decision == 'proceed' && steps.check_shared_files.outputs.manual_merge_required == 'true' | |
| id: create_shared_file_issues | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| uses: actions/github-script@v6 | |
| with: | |
| script: | | |
| const { ENVOY_MODIFIED_COMMITS } = process.env; | |
| const logBody = `${{ steps.bisect.outputs.BISECT_LOG }}`; | |
| for commit in ${ENVOY_MODIFIED_COMMITS[@]}; do | |
| SHARED_MODIFIED="$(git -C ~/github/envoy show ${commit} --name-only --pretty="" -- ${SHARED_FILES[@]})" | |
| github.rest.issues.create({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| title: "Non-trivial Envoy commit increment: ${commit} modifies shared files", | |
| labels: ["bug", "automation", "check-envoy-commits"], | |
| body: "An Envoy commit between the current Nighthawk dependency and latest has modified a shared file.\n\n**Envoy Commit:** ${commit}\n\n\n\n**Shared files modified:** ${SHARED_MODIFIED}\n\nA human is required to review and merge the changes from this file into Nighthawk's copy.\n\nThis workflow will be blocked until this file is updated and the corresponding Nighthawk dependency on Envoy is updated past this commit." | |
| }); | |
| done | |
| - name: "Set up Bazel" | |
| if: steps.check_open_issues.outputs.decision == 'proceed' | |
| uses: bazel-contrib/[email protected] | |
| - name: "Initial build check with latest Envoy" | |
| if: steps.check_open_issues.outputs.decision == 'proceed' | |
| id: build_with_latest_commit | |
| run: | | |
| chmod +x ./nighthawk/tools/bisect-envoy.sh | |
| ./nighthawk/tools/bisect-envoy.sh ${{ env.LATEST_ENVOY_COMMIT }} "$(pwd)/nighthawk" > build_with_latest_commit.log 2>&1 | |
| continue-on-error: true | |
| - name: "Bisect to find the first Envoy commit that causes the break" | |
| if: steps.check_open_issues.outputs.decision == 'proceed' && steps.build_with_latest_commit.outcome == 'failure' | |
| id: bisect | |
| run: | | |
| echo "Initial build failed. Starting bisection..." | |
| git -C ./envoy bisect start ${{ env.LATEST_ENVOY_COMMIT }} ${{ env.CURRENT_ENVOY_COMMIT }} | |
| BISECT_LOG_FILE=$(mktemp) | |
| git -C ./envoy bisect run ./nighthawk/tools/bisect-envoy.sh "$(pwd)/nighthawk" | tee ${BISECT_LOG_FILE} | |
| ENVOY_BREAK_COMMIT=$(grep -oP '^\w+(?=\s+is the first bad commit)' ${BISECT_LOG_FILE} || echo "NOT_FOUND") | |
| echo "ENVOY_BREAK_COMMIT=${ENVOY_BREAK_COMMIT}" >> $GITHUB_ENV | |
| echo "BISECT_LOG<<EOF" >> $GITHUB_OUTPUT | |
| cat ${BISECT_LOG_FILE} >> $GITHUB_OUTPUT | |
| echo "EOF" >> $GITHUB_OUTPUT | |
| - name: "Create Envoy commit increment issue" | |
| if: steps.bisect.outcome == 'success' | |
| id: create_issue | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| uses: actions/github-script@v6 | |
| with: | |
| script: | | |
| const { ENVOY_BREAK_COMMIT } = process.env; | |
| const logBody = `${{ steps.bisect.outputs.BISECT_LOG }}`; | |
| github.rest.issues.create({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| title: "Non-trivial Envoy commit increment: ${ENVOY_BREAK_COMMIT} fails tests", | |
| labels: ["bug", "automation", "check-envoy-commits"], | |
| body: `Automated bisection identified Envoy commit \`${ENVOY_BREAK_COMMIT}\` as the first commit to break the Nighthawk build.\n\n**Bisection Log:**\n\`\`\`\n${logBody}\n\`\`\`` | |
| }); |