Envoy incremental check workflow #15
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Check Envoy commits for non-trivial merges" | |
| on: | |
| pull_request: | |
| schedule: | |
| - cron: "0 */4 * * *" | |
| workflow_dispatch: {} | |
| jobs: | |
| check-envoy-commits: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: "Checkout Nighthawk" | |
| uses: actions/checkout@v4 | |
| with: | |
| path: nighthawk | |
| - name: "Checkout Envoy" | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: envoyproxy/envoy | |
| path: envoy | |
| fetch-depth: 1000 | |
| - name: "Get Nighthawk's current Envoy commit" | |
| id: get_current_envoy_commit | |
| run: | | |
| CURRENT_ENVOY_COMMIT=$(cat ./nighthawk/bazel/repositories.bzl | sed -nE 's/^ENVOY_COMMIT = "(.*)"$/\1/p') | |
| echo "CURRENT_ENVOY_COMMIT=${CURRENT_ENVOY_COMMIT}" | |
| echo "CURRENT_ENVOY_COMMIT=${CURRENT_ENVOY_COMMIT}" >> $GITHUB_ENV | |
| - name: "Get the latest Envoy commit" | |
| id: get_latest_envoy_commit | |
| run: | | |
| LATEST_ENVOY_COMMIT=$(git -C ./envoy rev-parse main) | |
| echo "LATEST_ENVOY_COMMIT=${LATEST_ENVOY_COMMIT}" | |
| echo "LATEST_ENVOY_COMMIT=${LATEST_ENVOY_COMMIT}" >> $GITHUB_ENV | |
| - name: "Check for existing issues generated by check-envoy-commits workflow and close obsolete issues" | |
| id: check_open_issues | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| echo "decision=proceed" >> $GITHUB_OUTPUT | |
| # Get all open issues created by this automation. | |
| # DO NOT SUBMIT - rely on a workflow-unique "check-envoy-commits" label | |
| OPEN_ISSUES_JSON=$( | |
| gh issue list --repo ${{ github.repository }} \ | |
| --label "github_actions" --state open --json number,title) | |
| if [[ -z "$OPEN_ISSUES_JSON" || "$OPEN_ISSUES_JSON" == "[]" ]]; then | |
| echo "No known open issues found. Proceeding with analysis." | |
| exit 0 | |
| fi | |
| echo "Found open issues. Checking for resolution..." | |
| SKIP_RUN="false" | |
| echo "$OPEN_ISSUES_JSON" | jq -c '.[]' | while read -r issue; do | |
| ISSUE_NUMBER=$(echo "$issue" | jq -r '.number') | |
| ENVOY_ISSUE_COMMIT=$(echo "$issue" | jq -r '.title' | grep -oP '(?<=`)\w+(?=`)') | |
| if [[ -z "$ENVOY_ISSUE_COMMIT" ]]; then | |
| continue | |
| fi | |
| # Use the local Envoy checkout to check if the breaking commit is an ancestor. | |
| if git -C ./envoy merge-base --is-ancestor "$ENVOY_ISSUE_COMMIT" "${{ env.CURRENT_ENVOY_COMMIT }}"; then | |
| echo "Issue from Envoy commit ${ENVOY_ISSUE_COMMIT} (issue #${ISSUE_NUMBER}) is resolved." | |
| BODY_PARTS=( | |
| "The Nighthawk dependency on Envoy has been updated past the issue commit ${ENVOY_ISSUE_COMMIT} to ${{ env.CURRENT_ENVOY_COMMIT }}." | |
| ) | |
| # DO NOT SUBMIT - we must enable Github Actions to open, comment, and close issues | |
| echo "$(printf "%s\n" "${BODY_PARTS[@]}")" | |
| # gh issue comment "$ISSUE_NUMBER" --body "$(printf "%s\n" "${BODY_PARTS[@]}")" | |
| # gh issue close "$ISSUE_NUMBER" | |
| echo "$(printf "%s\n" "${BODY_PARTS[@]}")" | |
| else | |
| echo "Nighthawk's dependency has NOT moved past the known issue at ${ENVOY_ISSUE_COMMIT} (issue #${ISSUE_NUMBER})." | |
| SKIP_RUN="true" | |
| fi | |
| done | |
| if [[ "$SKIP_RUN" == "true" ]]; then | |
| echo "Skipping this run due to unresolved issues." | |
| echo "decision=skip" >> $GITHUB_OUTPUT | |
| else | |
| echo "All known issues have been resolved or closed. Proceeding with new analysis." | |
| fi | |
| - name: "Check for modifications to shared files" | |
| if: steps.check_open_issues.outputs.decision == 'proceed' | |
| id: check_shared_files | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| echo "manual_merge_required=false" >> $GITHUB_OUTPUT | |
| # Find commits in the current range to modify shared files. | |
| SHARED_FILES=( | |
| .bazelrc | |
| .bazelversion | |
| ci/run_envoy_docker.sh | |
| tools/gen_compilation_database.py | |
| tools/code_format/config.yaml | |
| ) | |
| ENVOY_MODIFIED_COMMITS=$(git -C ./envoy log --reverse --pretty=%H ${{ env.CURRENT_ENVOY_COMMIT }}..HEAD -- ${SHARED_FILES[@]}) | |
| if [[ -z "$ENVOY_MODIFIED_COMMITS" ]]; then | |
| echo "No commits found modifying shared files." | |
| else | |
| for commit in ${ENVOY_MODIFIED_COMMITS[@]}; do | |
| SHARED_MODIFIED="$(git -C ./envoy show ${commit} --name-only --pretty="" -- ${SHARED_FILES[@]})" | |
| BODY_PARTS=( | |
| "An Envoy commit between the current Nighthawk dependency and latest has modified a shared file." | |
| "**Envoy Commit:** https://github.com/envoyproxy/envoy/commit/${commit}" | |
| "**Shared files modified:** " | |
| "${SHARED_MODIFIED[@]}" | |
| ) | |
| # DO NOT SUBMIT - we must enable Github Actions to open, comment, and close issues | |
| echo "$(printf "%s\n" "${BODY_PARTS[@]}")" | |
| # DO NOT SUBMIT - add a workflow-unique "check-envoy-commits" label | |
| # gh issue create --repo ${{ github.repository }} \ | |
| # --title "Non-trivial Envoy commit increment: ${commit} modifies shared files" \ | |
| # --body "$(printf "%s\n" "${BODY_PARTS[@]}")" \ | |
| # --label "dependencies,github_actions" | |
| done | |
| fi | |
| - name: "Set up Bazel" | |
| if: steps.check_open_issues.outputs.decision == 'proceed' | |
| uses: bazel-contrib/[email protected] | |
| - name: "Initial build check with latest Envoy" | |
| if: steps.check_open_issues.outputs.decision == 'proceed' | |
| id: build_with_latest_commit | |
| run: | | |
| NIGHTHAWK_DIR=$(pwd)/nighthawk | |
| echo "NIGHTHAWK_DIR: ${NIGHTHAWK_DIR}" | |
| echo "" | |
| echo "$(ls ${NIGHTHAWK_DIR})" | |
| echo "" | |
| echo "$(ls ./nighthawk)" | |
| chmod +x ${NIGHTHAWK_DIR}/tools/bisect-envoy.sh | |
| ${NIGHTHAWK_DIR}/tools/bisect-envoy.sh ${{ env.LATEST_ENVOY_COMMIT }} ${NIGHTHAWK_DIR} > build_with_latest_commit.log 2>&1 | |
| continue-on-error: true | |
| - name: "Bisect to find the first Envoy commit that causes the break" | |
| if: steps.check_open_issues.outputs.decision == 'proceed' && steps.build_with_latest_commit.outcome == 'failure' | |
| id: bisect | |
| run: | | |
| echo "Initial build failed. Starting bisection..." | |
| NIGHTHAWK_DIR=$(pwd)/nighthawk | |
| echo "NIGHTHAWK_DIR: ${NIGHTHAWK_DIR}" | |
| echo "" | |
| echo "$(ls ${NIGHTHAWK_DIR})" | |
| echo "" | |
| echo "$(ls ./nighthawk)" | |
| git -C ./envoy bisect start ${{ env.LATEST_ENVOY_COMMIT }} ${{ env.CURRENT_ENVOY_COMMIT }} | |
| BISECT_LOG_FILE=$(mktemp) | |
| git -C ./envoy bisect run ${NIGHTHAWK_DIR}/tools/bisect-envoy.sh ${NIGHTHAWK_DIR} | tee ${BISECT_LOG_FILE} | |
| ENVOY_BREAK_COMMIT=$(grep -oP '^\w+(?=\s+is the first bad commit)' ${BISECT_LOG_FILE} || echo "NOT_FOUND") | |
| echo "ENVOY_BREAK_COMMIT=${ENVOY_BREAK_COMMIT}" >> $GITHUB_ENV | |
| echo "BISECT_LOG<<EOF" >> $GITHUB_OUTPUT | |
| cat ${BISECT_LOG_FILE} >> $GITHUB_OUTPUT | |
| echo "EOF" >> $GITHUB_OUTPUT | |
| - name: "Create Envoy commit increment issue" | |
| if: steps.bisect.outcome == 'success' | |
| id: create_issue | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| ENVOY_BREAK_COMMIT: ${{ env.ENVOY_BREAK_COMMIT }} | |
| BISECT_LOG: ${{ steps.bisect.outputs.BISECT_LOG }} | |
| run: | | |
| BODY_PARTS=( | |
| "Automated bisection identified Envoy commit ${ENVOY_BREAK_COMMIT} as the first commit to break the Nighthawk build." | |
| "**Bisection Log:**" | |
| "${BISECT_LOG}" | |
| ) | |
| # DO NOT SUBMIT - we must enable Github Actions to open, comment, and close issues | |
| echo "$(printf "%s\n" "${BODY_PARTS[@]}")" | |
| # DO NOT SUBMIT - add a workflow-unique "check-envoy-commits" label | |
| # gh issue create --repo "${{ github.repository }}" \ | |
| # --title "Non-trivial Envoy commit increment: ${ENVOY_BREAK_COMMIT} fails tests" \ | |
| # --body "$(printf "%s\n" "${BODY_PARTS[@]}")" \ | |
| # --label "dependencies,github_actions" |