Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build: auto start Jenkins CI via PR labels #34089

Open
wants to merge 1 commit into
base: master
from

Conversation

@mmarchini
Copy link
Member

mmarchini commented Jun 27, 2020

Add an Action that will find every PR with the request-ci label and
will start a Jenkins CI for each of these Pull Requests. The scheduler
event is used to circumvent GitHub Actions limitations on Pull Requests
from forks (where secrets are not accessible and the GITHUB_TOKEN is
read-only).

If the Action fails to start a CI, it will add a request-ci-failed
label and will leave a comment with the error message from NCU.

Requirements to land

  • Create a Jenkins token for @nodejs-github-bot
  • Add JENKINS_USER and JENKINS_TOKEN secrets to this repository (or to the entire org, if we want this to work on forks such as quic and node-auto-test as well)
  • Land nodejs/node-core-utils#445 and wait for the next NCU release
  • Test more extensively on node-auto-test before landing
  • Create request-ci and request-ci-failed labels in this repository
Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Add an Action that will find every PR with the `request-ci` label and
will start a Jenkins CI for each of these Pull Requests. The scheduler
event is used to circumvent GitHub Actions limitations on Pull Requests
from forks (where secrets are not accessible and the GITHUB_TOKEN is
read-only).

If the Action fails to start a CI, it will add a `request-ci-failed`
label and will leave a comment with the error message from NCU.
ncu-config set username ${{ secrets.JENKINS_USER }}
ncu-config set token none
ncu-config set jenkins_token ${{ secrets.JENKINS_TOKEN }}
ncu-config set owner ${{ env.OWNER }}
ncu-config set repo ${{ env.REPOSITORY }}
Comment on lines +55 to +59

This comment has been minimized.

Copy link
@mmarchini

mmarchini Jun 27, 2020

Author Member

We probably should provide a way to set ncu configs via environment variables, so we don't have to worry about writing to disk here.

query: |
query prs($owner:String!, $repo:String!) {
repository(owner:$owner, name:$repo) {
pullRequests(labels: ["request-ci"], states: OPEN, last: 100) {

This comment has been minimized.

Copy link
@mmarchini

mmarchini Jun 27, 2020

Author Member

If we're worried about the number of concurrent Jenkins jobs running, we could reduce this to 5 and increase the scheduler to 15-30 minutes.

@mscdex
Copy link
Contributor

mscdex commented Jun 27, 2020

If we add something like this, shouldn't we just get rid of the "CERTIFY_SAFE" checkbox in CI then, since there is no way to make such a confirmation explicit when applying the new label to a PR?

@mmarchini
Copy link
Member Author

mmarchini commented Jun 27, 2020

That's a good question. We could consider that adding the label means the collaborator is certifying that this PR is safe (same could be said about starting a CI though)

@mmarchini
Copy link
Member Author

mmarchini commented Jun 27, 2020

We could also have two labels, but that seems unnecessary

@Trott
Copy link
Member

Trott commented Jun 28, 2020

@mmarchini
Copy link
Member Author

mmarchini commented Jun 28, 2020

Not sure who I should ping to get consensus on adding the secrets to the repo (or if I need to do it) and to create the labels. @nodejs/tsc maybe?

Also don't know who has access to the github-bot account to create a Jenkins token for it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

5 participants
You can’t perform that action at this time.