mirror of
https://github.com/ivabus/pantry
synced 2024-11-30 04:05:06 +03:00
need to test for 'true'/'false'
This commit is contained in:
parent
c8b9e1d3dd
commit
8eb0f4778e
4 changed files with 91 additions and 26 deletions
9
.github/workflows/build.yml
vendored
9
.github/workflows/build.yml
vendored
|
@ -121,7 +121,7 @@ jobs:
|
||||||
- os: [self-hosted, linux, ARM64]
|
- os: [self-hosted, linux, ARM64]
|
||||||
name: linux+aarch64
|
name: linux+aarch64
|
||||||
outputs:
|
outputs:
|
||||||
HAS_SECRETS: ${{ secrets.AWS_S3_CACHE != '' }}
|
HAS_SECRETS: ${{ env.HAS_SECRETS }}
|
||||||
container: ${{ matrix.platform.container }}
|
container: ${{ matrix.platform.container }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
|
@ -154,10 +154,15 @@ jobs:
|
||||||
|
|
||||||
- run: tea.xyz/var/pantry/scripts/test.ts ${{ inputs.projects }}
|
- run: tea.xyz/var/pantry/scripts/test.ts ${{ inputs.projects }}
|
||||||
|
|
||||||
|
- run:
|
||||||
|
echo "HAS_SECRETS=$HAS_SECRETS" >>$GITHUB_ENV
|
||||||
|
env:
|
||||||
|
HAS_SECRETS: ${{ secrets.AWS_S3_CACHE != null }}
|
||||||
|
|
||||||
stage:
|
stage:
|
||||||
needs: [test]
|
needs: [test]
|
||||||
# this only works for PRs from our team to our repo (security! :( )
|
# this only works for PRs from our team to our repo (security! :( )
|
||||||
if: startsWith(github.ref, 'refs/pull/') && startsWith(github.repository, 'teaxyz/pantry.') && needs.test.outputs.HAS_SECRETS
|
if: startsWith(github.ref, 'refs/pull/') && startsWith(github.repository, 'teaxyz/pantry.') && needs.test.outputs.HAS_SECRETS == 'true'
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
strategy:
|
strategy:
|
||||||
matrix:
|
matrix:
|
||||||
|
|
14
.github/workflows/cd.yml
vendored
14
.github/workflows/cd.yml
vendored
|
@ -8,7 +8,7 @@ jobs:
|
||||||
cd:
|
cd:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
outputs:
|
outputs:
|
||||||
HAS_SECRETS: ${{ secrets.AWS_S3_CACHE != '' }}
|
HAS_ARTIFACTS: ${{ env.HAS_ARTIFACTS }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- run: >
|
- run: >
|
||||||
|
@ -17,16 +17,22 @@ jobs:
|
||||||
jq -sc . |
|
jq -sc . |
|
||||||
curl https://app.tea.xyz/api/receiveWatcherProjects --fail -X PUT \
|
curl https://app.tea.xyz/api/receiveWatcherProjects --fail -X PUT \
|
||||||
-H "content-type: application/json" -H "authorization: bearer ${{ secrets.TEA_API_TOKEN }}" -d @-
|
-H "content-type: application/json" -H "authorization: bearer ${{ secrets.TEA_API_TOKEN }}" -d @-
|
||||||
|
- run: ./scripts/has-artifacts.ts ${{ github.repository }} ${{ github.sha }} >>$GITHUB_ENV
|
||||||
|
env:
|
||||||
|
GITHUB_TOKEN: ${{github.token}}
|
||||||
|
AWS_S3_CACHE: ${{ secrets.AWS_S3_CACHE }}
|
||||||
|
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||||
|
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||||
|
|
||||||
bottle-pr:
|
bottle-pr:
|
||||||
needs: [cd]
|
needs: [cd]
|
||||||
#FIXME: will fail (harmlessly) on non-merge/non-new-version runs, and won't work on 3rd-party PRs
|
if: ${{ needs.cd.outputs.HAS_ARTIFACTS == 'true' }}
|
||||||
if: ${{ needs.cd.outputs.HAS_SECRETS }}
|
|
||||||
uses: ./.github/workflows/bottle.yml
|
uses: ./.github/workflows/bottle.yml
|
||||||
secrets: inherit
|
secrets: inherit
|
||||||
bottle-standalone:
|
bottle-standalone:
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
needs: [cd]
|
needs: [cd]
|
||||||
if: ${{ ! needs.cd.outputs.HAS_SECRETS }}
|
if: ${{ needs.cd.outputs.HAS_ARTIFACTS == 'false' }}
|
||||||
steps:
|
steps:
|
||||||
- uses: actions/checkout@v3
|
- uses: actions/checkout@v3
|
||||||
- uses: technote-space/get-diff-action@v6
|
- uses: technote-space/get-diff-action@v6
|
||||||
|
|
|
@ -13,40 +13,48 @@ args:
|
||||||
/// Test
|
/// Test
|
||||||
/// ./scripts/fetch-pr-artifacts.ts e582b03fe6efedde80f9569403555f4513dbec91
|
/// ./scripts/fetch-pr-artifacts.ts e582b03fe6efedde80f9569403555f4513dbec91
|
||||||
|
|
||||||
import { S3 } from "https://deno.land/x/s3@0.5.0/mod.ts";
|
import { S3 } from "s3";
|
||||||
import { panic, undent } from "utils/index.ts";
|
import { panic, undent } from "utils";
|
||||||
|
|
||||||
/// Main
|
/// Main
|
||||||
/// -------------------------------------------------------------------------------
|
/// -------------------------------------------------------------------------------
|
||||||
|
|
||||||
const usage = "usage: fetch-pr-artifacts.ts {REPO} {SHA} {platform+arch}"
|
if (import.meta.main) {
|
||||||
const repo = Deno.args[0] ?? panic(usage)
|
const usage = "usage: fetch-pr-artifacts.ts {REPO} {SHA} {platform+arch}"
|
||||||
const ref = Deno.args[1] ?? panic(usage)
|
const repo = Deno.args[0] ?? panic(usage)
|
||||||
const flavor = Deno.args[2] ?? panic(usage)
|
const ref = Deno.args[1] ?? panic(usage)
|
||||||
|
const flavor = Deno.args[2] ?? panic(usage)
|
||||||
|
|
||||||
const res = await queryGraphQL<CommitQuery>(prQuery(repo))
|
const pr = await find_pr(repo, ref)
|
||||||
|
|
||||||
const node = res.repository?.ref?.target?.history?.edges.find(n => n.node.oid === ref)
|
if (!pr) throw new Error(`No PR found for commit ${ref} in ${repo}`)
|
||||||
const pr = node?.node.associatedPullRequests.nodes[0].number
|
|
||||||
|
|
||||||
const s3 = new S3({
|
const s3 = new S3({
|
||||||
accessKeyID: Deno.env.get("AWS_ACCESS_KEY_ID")!,
|
accessKeyID: Deno.env.get("AWS_ACCESS_KEY_ID")!,
|
||||||
secretKey: Deno.env.get("AWS_SECRET_ACCESS_KEY")!,
|
secretKey: Deno.env.get("AWS_SECRET_ACCESS_KEY")!,
|
||||||
region: "us-east-1",
|
region: "us-east-1",
|
||||||
})
|
})
|
||||||
const bucket = s3.getBucket(Deno.env.get("AWS_S3_CACHE")!)
|
const bucket = s3.getBucket(Deno.env.get("AWS_S3_CACHE")!)
|
||||||
|
|
||||||
const key = `pull-request/${repo.split("/")[1]}/${pr}/${flavor}`
|
const key = `pull-request/${repo.split("/")[1]}/${pr}/${flavor}`
|
||||||
const artifacts = (await bucket.getObject(key)) ?? panic("No artifacts found")
|
const artifacts = (await bucket.getObject(key)) ?? panic("No artifacts found")
|
||||||
|
|
||||||
const file = await Deno.open("artifacts.tgz", { create: true, write: true })
|
const file = await Deno.open("artifacts.tgz", { create: true, write: true })
|
||||||
await artifacts.body.pipeTo(file.writable)
|
await artifacts.body.pipeTo(file.writable)
|
||||||
|
|
||||||
Deno.stdout.write(new TextEncoder().encode(`PR=${pr}`))
|
Deno.stdout.write(new TextEncoder().encode(`PR=${pr}`))
|
||||||
|
}
|
||||||
|
|
||||||
/// Functions
|
/// Functions
|
||||||
/// -------------------------------------------------------------------------------
|
/// -------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
export async function find_pr(repo: string, ref: string): Promise<number | undefined> {
|
||||||
|
const res = await queryGraphQL<CommitQuery>(prQuery(repo))
|
||||||
|
|
||||||
|
const node = res.repository?.ref?.target?.history?.edges.find(n => n.node.oid === ref)
|
||||||
|
return node?.node.associatedPullRequests.nodes[0].number
|
||||||
|
}
|
||||||
|
|
||||||
async function queryGraphQL<T>(query: string): Promise<T> {
|
async function queryGraphQL<T>(query: string): Promise<T> {
|
||||||
const headers: HeadersInit = {}
|
const headers: HeadersInit = {}
|
||||||
const token = Deno.env.get("GITHUB_TOKEN") ?? panic("GitHub GraphQL requires you set $GITHUB_TOKEN")
|
const token = Deno.env.get("GITHUB_TOKEN") ?? panic("GitHub GraphQL requires you set $GITHUB_TOKEN")
|
||||||
|
|
46
scripts/has-artifacts.ts
Executable file
46
scripts/has-artifacts.ts
Executable file
|
@ -0,0 +1,46 @@
|
||||||
|
#!/usr/bin/env -S tea -E
|
||||||
|
|
||||||
|
/*---
|
||||||
|
args:
|
||||||
|
- deno
|
||||||
|
- run
|
||||||
|
- --allow-net
|
||||||
|
- --allow-env
|
||||||
|
- --import-map={{ srcroot }}/import-map.json
|
||||||
|
---*/
|
||||||
|
|
||||||
|
/// Test
|
||||||
|
/// ./scripts/has-artifacts.ts e582b03fe6efedde80f9569403555f4513dbec91
|
||||||
|
|
||||||
|
import { S3 } from "s3";
|
||||||
|
import { panic } from "utils";
|
||||||
|
import { find_pr } from "./fetch-pr-artifacts.ts";
|
||||||
|
|
||||||
|
/// Main
|
||||||
|
/// -------------------------------------------------------------------------------
|
||||||
|
|
||||||
|
if (import.meta.main) {
|
||||||
|
const usage = "usage: has-artifacts.ts {REPO} {SHA}"
|
||||||
|
const repo = Deno.args[0] ?? panic(usage)
|
||||||
|
const ref = Deno.args[1] ?? panic(usage)
|
||||||
|
|
||||||
|
const pr = await find_pr(repo, ref)
|
||||||
|
|
||||||
|
if (!pr) {
|
||||||
|
Deno.stdout.write(new TextEncoder().encode("HAS_ARTIFACTS=false"))
|
||||||
|
Deno.exit(0)
|
||||||
|
}
|
||||||
|
|
||||||
|
const s3 = new S3({
|
||||||
|
accessKeyID: Deno.env.get("AWS_ACCESS_KEY_ID")!,
|
||||||
|
secretKey: Deno.env.get("AWS_SECRET_ACCESS_KEY")!,
|
||||||
|
region: "us-east-1",
|
||||||
|
})
|
||||||
|
const bucket = s3.getBucket(Deno.env.get("AWS_S3_CACHE")!)
|
||||||
|
|
||||||
|
const objects = await bucket.listObjects({ prefix: `pull-request/${repo.split("/")[1]}/${pr}/` })
|
||||||
|
|
||||||
|
const hasArtifacts = (objects?.contents?.length || 0) > 0
|
||||||
|
|
||||||
|
Deno.stdout.write(new TextEncoder().encode(`HAS_ARTIFACTS=${hasArtifacts ? "true" : "false"}`))
|
||||||
|
}
|
Loading…
Reference in a new issue