From ae8133adc7cb9d3f3c3b126c736841898b9d0a87 Mon Sep 17 00:00:00 2001 From: pulpbot Date: Sun, 22 Sep 2024 02:06:08 +0000 Subject: [PATCH] Update CI files --- .ci/ansible/Containerfile.j2 | 4 +- .ci/assets/ci_constraints.txt | 5 ++ .ci/scripts/collect_changes.py | 2 +- .ci/scripts/pr_labels.py | 60 +++++++++++++++++++++ .ci/scripts/validate_commit_message.py | 19 +------ .github/template_gitref | 2 +- .github/workflows/ci.yml | 1 + .github/workflows/create-branch.yml | 17 +++--- .github/workflows/docs.yml | 54 +++++++++++++++++++ .github/workflows/pr_checks.yml | 55 ++++++++++--------- .github/workflows/scripts/before_install.sh | 2 +- .github/workflows/scripts/install.sh | 9 +--- .github/workflows/scripts/script.sh | 18 ++----- .github/workflows/test.yml | 2 +- .github/workflows/update_ci.yml | 13 +---- doc_requirements.txt | 18 +++---- functest_requirements.txt | 2 + template_config.yml | 7 +-- 18 files changed, 185 insertions(+), 105 deletions(-) create mode 100755 .ci/scripts/pr_labels.py create mode 100644 .github/workflows/docs.yml diff --git a/.ci/ansible/Containerfile.j2 b/.ci/ansible/Containerfile.j2 index afe0b118..e4b86333 100644 --- a/.ci/ansible/Containerfile.j2 +++ b/.ci/ansible/Containerfile.j2 @@ -9,6 +9,7 @@ ADD ./{{ item.name }} ./{{ item.name }} # S3 botocore needs to be patched to handle responses from minio during 0-byte uploads # Hacking botocore (https://github.com/boto/botocore/pull/1990) +# This MUST be the ONLY call to pip install in inside the container. RUN pip3 install --upgrade pip setuptools wheel && \ rm -rf /root/.cache/pip && \ pip3 install @@ -27,7 +28,8 @@ RUN pip3 install --upgrade pip setuptools wheel && \ {{ " " }}-r ./{{ item.name }}/ci_requirements.txt {%- endif -%} {%- endfor %} -{{ " " }}-c ./{{ plugins[0].name }}/.ci/assets/ci_constraints.txt && \ +{{ " " }}-c ./{{ plugins[0].name }}/.ci/assets/ci_constraints.txt \ + pipdeptree && \ rm -rf /root/.cache/pip {% if pulp_env is defined and pulp_env %} diff --git a/.ci/assets/ci_constraints.txt b/.ci/assets/ci_constraints.txt index 2617a408..14b51596 100644 --- a/.ci/assets/ci_constraints.txt +++ b/.ci/assets/ci_constraints.txt @@ -5,3 +5,8 @@ pulpcore>=3.21.30,!=3.23.*,!=3.24.*,!=3.25.*,!=3.26.*,!=3.27.*,!=3.29.*,!=3.30.* tablib!=3.6.0 # 3.6.0: This release introduced a regression removing the "html" optional dependency. + + + +# Newer version seem to have a conflict around packaging, that pip fails to resolve in time. Remove this when this starts to impose an issue. +pipdeptree<=3.23.1 diff --git a/.ci/scripts/collect_changes.py b/.ci/scripts/collect_changes.py index d6c6b536..0c4f1c82 100755 --- a/.ci/scripts/collect_changes.py +++ b/.ci/scripts/collect_changes.py @@ -103,7 +103,7 @@ def main(): for change in main_changes: fp.write(change[1]) - repo.git.commit("-m", "Update Changelog", "-m" "[noissue]", CHANGELOG_FILE) + repo.git.commit("-m", "Update Changelog", CHANGELOG_FILE) if __name__ == "__main__": diff --git a/.ci/scripts/pr_labels.py b/.ci/scripts/pr_labels.py new file mode 100755 index 00000000..24edc732 --- /dev/null +++ b/.ci/scripts/pr_labels.py @@ -0,0 +1,60 @@ +#!/bin/env python3 + +# This script is running with elevated privileges from the main branch against pull requests. + +import re +import sys +import tomllib +from pathlib import Path + +from git import Repo + + +def main(): + assert len(sys.argv) == 3 + + with open("pyproject.toml", "rb") as fp: + PYPROJECT_TOML = tomllib.load(fp) + BLOCKING_REGEX = re.compile(r"DRAFT|WIP|NO\s*MERGE|DO\s*NOT\s*MERGE|EXPERIMENT") + ISSUE_REGEX = re.compile(r"(?:fixes|closes)[\s:]+#(\d+)") + CHERRY_PICK_REGEX = re.compile(r"^\s*\(cherry picked from commit [0-9a-f]*\)\s*$") + try: + CHANGELOG_EXTS = { + f".{item['directory']}" for item in PYPROJECT_TOML["tool"]["towncrier"]["type"] + } + except KeyError: + CHANGELOG_EXTS = {"feature", "bugfix", "doc", "removal", "misc"} + + repo = Repo(".") + + base_commit = repo.commit(sys.argv[1]) + head_commit = repo.commit(sys.argv[2]) + + pr_commits = list(repo.iter_commits(f"{base_commit}..{head_commit}")) + + labels = { + "multi-commit": len(pr_commits) > 1, + "cherry-pick": False, + "no-issue": False, + "no-changelog": False, + "wip": False, + } + for commit in pr_commits: + labels["wip"] |= BLOCKING_REGEX.search(commit.summary) is not None + no_issue = ISSUE_REGEX.search(commit.message, re.IGNORECASE) is None + labels["no-issue"] |= no_issue + cherry_pick = CHERRY_PICK_REGEX.search(commit.message) is not None + labels["cherry-pick"] |= cherry_pick + changelog_snippets = [ + k + for k in commit.stats.files + if k.startswith("CHANGES/") and Path(k).suffix in CHANGELOG_EXTS + ] + labels["no-changelog"] |= not changelog_snippets + + print("ADD_LABELS=" + ",".join((k for k, v in labels.items() if v))) + print("REMOVE_LABELS=" + ",".join((k for k, v in labels.items() if not v))) + + +if __name__ == "__main__": + main() diff --git a/.ci/scripts/validate_commit_message.py b/.ci/scripts/validate_commit_message.py index 32a85b2d..18f349f4 100755 --- a/.ci/scripts/validate_commit_message.py +++ b/.ci/scripts/validate_commit_message.py @@ -9,21 +9,16 @@ import sys from pathlib import Path import subprocess - - import os import warnings from github import Github - -NO_ISSUE = "[noissue]" CHANGELOG_EXTS = [".feature", ".bugfix", ".doc", ".removal", ".misc", ".deprecation"] +KEYWORDS = ["fixes", "closes"] + sha = sys.argv[1] message = subprocess.check_output(["git", "log", "--format=%B", "-n 1", sha]).decode("utf-8") - -KEYWORDS = ["fixes", "closes"] - g = Github(os.environ.get("GITHUB_TOKEN")) repo = g.get_repo("pulp/pulp-certguard") @@ -64,15 +59,5 @@ def __check_changelog(issue): for issue in pattern.findall(message): __check_status(issue) __check_changelog(issue) -else: - if NO_ISSUE in message: - print("Commit {sha} has no issues but is tagged {tag}.".format(sha=sha[0:7], tag=NO_ISSUE)) - elif "Merge" in message and "cherry picked from commit" in message: - pass - else: - sys.exit( - "Error: no attached issues found for {sha}. If this was intentional, add " - " '{tag}' to the commit message.".format(sha=sha[0:7], tag=NO_ISSUE) - ) print("Commit message for {sha} passed.".format(sha=sha[0:7])) diff --git a/.github/template_gitref b/.github/template_gitref index 9e5cdc02..1691300c 100644 --- a/.github/template_gitref +++ b/.github/template_gitref @@ -1 +1 @@ -2021.08.26-364-g6f9579c +2021.08.26-383-gc4cd2b8 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 945012d4..d154d244 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -84,6 +84,7 @@ jobs: - "check-commits" - "lint" - "test" + - "docs" if: "always()" steps: - name: "Collect needed jobs results" diff --git a/.github/workflows/create-branch.yml b/.github/workflows/create-branch.yml index 1fdedc86..fea117d6 100644 --- a/.github/workflows/create-branch.yml +++ b/.github/workflows/create-branch.yml @@ -26,6 +26,12 @@ jobs: fetch-depth: 0 path: "pulp-certguard" + - uses: "actions/checkout@v4" + with: + fetch-depth: 1 + repository: "pulp/plugin_template" + path: "plugin_template" + - uses: "actions/setup-python@v5" with: python-version: "3.11" @@ -33,7 +39,7 @@ jobs: - name: "Install python dependencies" run: | echo ::group::PYDEPS - pip install bump2version jinja2 pyyaml packaging + pip install bump2version packaging -r plugin_template/requirements.txt echo ::endgroup:: - name: "Setting secrets" @@ -71,13 +77,6 @@ jobs: run: | find CHANGES -type f -regex ".*\.\(bugfix\|doc\|feature\|misc\|deprecation\|removal\)" -exec git rm {} + - - name: Checkout plugin template - uses: actions/checkout@v4 - with: - repository: pulp/plugin_template - path: plugin_template - fetch-depth: 0 - - name: Update CI branches in template_config working-directory: plugin_template run: | @@ -94,10 +93,8 @@ jobs: branch: minor-version-bump base: main title: Bump minor version - body: '[noissue]' commit-message: | Bump minor version - [noissue] delete-branch: true - name: Push release branch diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml new file mode 100644 index 00000000..30e22173 --- /dev/null +++ b/.github/workflows/docs.yml @@ -0,0 +1,54 @@ +# WARNING: DO NOT EDIT! +# +# This file was generated by plugin_template, and is managed by it. Please use +# './plugin-template --github pulp_certguard' to update this file. +# +# For more info visit https://github.com/pulp/plugin_template + +--- +name: "Docs" +on: + workflow_call: + +jobs: + test: + if: "endsWith(github.base_ref, 'main')" + runs-on: "ubuntu-20.04" + defaults: + run: + working-directory: "pulp-certguard" + steps: + - uses: "actions/checkout@v4" + with: + fetch-depth: 1 + path: "pulp-certguard" + - uses: "actions/setup-python@v5" + with: + python-version: "3.11" + - name: "Setup cache key" + run: | + git ls-remote https://github.com/pulp/pulp-docs main | tee pulp-docs-main-sha + - uses: "actions/cache@v4" + with: + path: "~/.cache/pip" + key: ${{ runner.os }}-pip-${{ hashFiles('pulp-docs-main-sha') }} + restore-keys: | + ${{ runner.os }}-pip- + - name: "Install python dependencies" + run: | + echo ::group::PYDEPS + pip install -r doc_requirements.txt + echo ::endgroup:: + - name: "Build changelog" + run: | + towncrier build --yes --version 4.0.0.ci + - name: "Build docs" + run: | + pulp-docs build + + no-test: + if: "!endsWith(github.base_ref, 'main')" + runs-on: "ubuntu-20.04" + steps: + - run: | + echo "Skip docs testing on non-main branches." diff --git a/.github/workflows/pr_checks.yml b/.github/workflows/pr_checks.yml index 65e1c48b..4aca1bd7 100644 --- a/.github/workflows/pr_checks.yml +++ b/.github/workflows/pr_checks.yml @@ -6,57 +6,62 @@ # For more info visit https://github.com/pulp/plugin_template --- -name: Certguard PR static checks +name: "Certguard PR static checks" on: pull_request_target: - types: [opened, synchronize, reopened] + types: ["opened", "synchronize", "reopened"] # This workflow runs with elevated permissions. # Do not even think about running a single bit of code from the PR. # Static analysis should be fine however. concurrency: - group: ${{ github.event.pull_request.number }}-${{ github.workflow }} + group: "${{ github.event.pull_request.number }}-${{ github.workflow }}" cancel-in-progress: true jobs: - single_commit: - runs-on: ubuntu-latest - name: Label multiple commit PR + apply_labels: + runs-on: "ubuntu-latest" + name: "Label PR" permissions: - pull-requests: write + pull-requests: "write" steps: - uses: "actions/checkout@v4" with: fetch-depth: 0 - - name: Commit Count Check + - uses: "actions/setup-python@v5" + with: + python-version: "3.11" + - name: "Determine PR labels" run: | + pip install GitPython==3.1.42 git fetch origin ${{ github.event.pull_request.head.sha }} - echo "COMMIT_COUNT=$(git log --oneline --no-merges origin/${{ github.base_ref }}..${{ github.event.pull_request.head.sha }} | wc -l)" >> "$GITHUB_ENV" - - uses: actions/github-script@v7 + python .ci/scripts/pr_labels.py "origin/${{ github.base_ref }}" "${{ github.event.pull_request.head.sha }}" >> "$GITHUB_ENV" + - uses: "actions/github-script@v7" + name: "Apply PR Labels" with: script: | - const labelName = "multi-commit"; - const { COMMIT_COUNT } = process.env; + const { ADD_LABELS, REMOVE_LABELS } = process.env; - if (COMMIT_COUNT == 1) - { - try { - await github.rest.issues.removeLabel({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - name: labelName, - }); - } catch(err) { + if (REMOVE_LABELS.length) { + for await (const labelName of REMOVE_LABELS.split(",")) { + try { + await github.rest.issues.removeLabel({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + name: labelName, + }); + } catch(err) { + } } } - else - { + if (ADD_LABELS.length) { await github.rest.issues.addLabels({ issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - labels: [labelName], + labels: ADD_LABELS.split(","), }); } +... diff --git a/.github/workflows/scripts/before_install.sh b/.github/workflows/scripts/before_install.sh index a2974606..24247b11 100755 --- a/.github/workflows/scripts/before_install.sh +++ b/.github/workflows/scripts/before_install.sh @@ -57,7 +57,7 @@ fi for i in {1..3} do - ansible-galaxy collection install "amazon.aws:1.5.0" && s=0 && break || s=$? && sleep 3 + ansible-galaxy collection install "amazon.aws:8.1.0" && s=0 && break || s=$? && sleep 3 done if [[ $s -gt 0 ]] then diff --git a/.github/workflows/scripts/install.sh b/.github/workflows/scripts/install.sh index baeee6e3..b3fd44ae 100755 --- a/.github/workflows/scripts/install.sh +++ b/.github/workflows/scripts/install.sh @@ -21,13 +21,8 @@ PLUGIN_SOURCE="./pulp-certguard/dist/pulp_certguard-${PLUGIN_VERSION}-py3-none-a export PULP_API_ROOT="/pulp/" PIP_REQUIREMENTS=("pulp-cli") -if [[ "$TEST" = "docs" || "$TEST" = "publish" ]] -then - PIP_REQUIREMENTS+=("-r" "doc_requirements.txt") - git clone https://github.com/pulp/pulpcore.git ../pulpcore - PIP_REQUIREMENTS+=("psycopg2-binary" "-r" "../pulpcore/doc_requirements.txt") -fi +# This must be the **only** call to "pip install" on the test runner. pip install ${PIP_REQUIREMENTS[*]} @@ -157,5 +152,5 @@ if [[ "$TEST" = "azure" ]]; then fi echo ::group::PIP_LIST -cmd_prefix bash -c "pip3 list && pip3 install pipdeptree && pipdeptree" +cmd_prefix bash -c "pip3 list && pipdeptree" echo ::endgroup:: diff --git a/.github/workflows/scripts/script.sh b/.github/workflows/scripts/script.sh index 15b59189..f3ae7c8a 100755 --- a/.github/workflows/scripts/script.sh +++ b/.github/workflows/scripts/script.sh @@ -18,7 +18,7 @@ source .github/workflows/scripts/utils.sh export POST_SCRIPT=$PWD/.github/workflows/scripts/post_script.sh export FUNC_TEST_SCRIPT=$PWD/.github/workflows/scripts/func_test_script.sh -# Needed for both starting the service and building the docs. +# Needed for starting the service # Gets set in .github/settings.yml, but doesn't seem to inherited by # this script. export DJANGO_SETTINGS_MODULE=pulpcore.app.settings @@ -26,14 +26,6 @@ export PULP_SETTINGS=$PWD/.ci/ansible/settings/settings.py export PULP_URL="https://pulp" -if [[ "$TEST" = "docs" ]]; then - if [[ "$GITHUB_WORKFLOW" == "Certguard CI" ]]; then - towncrier build --yes --version 4.0.0.ci - fi - pulp-docs build - exit -fi - REPORTED_STATUS="$(pulp status)" echo "machine pulp @@ -136,11 +128,11 @@ if [ -f "$FUNC_TEST_SCRIPT" ]; then else if [[ "$GITHUB_WORKFLOW" =~ "Nightly" ]] then - cmd_user_prefix bash -c "pytest -v -r sx --color=yes --suppress-no-test-exit-code --pyargs pulp_certguard.tests.functional -m parallel -n 8 --nightly" - cmd_user_prefix bash -c "pytest -v -r sx --color=yes --suppress-no-test-exit-code --pyargs pulp_certguard.tests.functional -m 'not parallel' --nightly" + cmd_user_prefix bash -c "pytest -v --timeout=300 -r sx --color=yes --suppress-no-test-exit-code --pyargs pulp_certguard.tests.functional -m parallel -n 8 --nightly" + cmd_user_prefix bash -c "pytest -v --timeout=300 -r sx --color=yes --suppress-no-test-exit-code --pyargs pulp_certguard.tests.functional -m 'not parallel' --nightly" else - cmd_user_prefix bash -c "pytest -v -r sx --color=yes --suppress-no-test-exit-code --pyargs pulp_certguard.tests.functional -m parallel -n 8" - cmd_user_prefix bash -c "pytest -v -r sx --color=yes --suppress-no-test-exit-code --pyargs pulp_certguard.tests.functional -m 'not parallel'" + cmd_user_prefix bash -c "pytest -v --timeout=300 -r sx --color=yes --suppress-no-test-exit-code --pyargs pulp_certguard.tests.functional -m parallel -n 8" + cmd_user_prefix bash -c "pytest -v --timeout=300 -r sx --color=yes --suppress-no-test-exit-code --pyargs pulp_certguard.tests.functional -m 'not parallel'" fi fi diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 56e32ae8..1718434d 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -71,7 +71,7 @@ jobs: - name: "Install python dependencies" run: | echo ::group::PYDEPS - pip install towncrier twine wheel httpie docker netaddr boto3 ansible mkdocs jq jsonpatch + pip install towncrier twine wheel httpie docker netaddr boto3 'ansible~=10.3.0' mkdocs jq jsonpatch echo "HTTPIE_CONFIG_DIR=$GITHUB_WORKSPACE/pulp-certguard/.ci/assets/httpie/" >> $GITHUB_ENV echo ::endgroup:: diff --git a/.github/workflows/update_ci.yml b/.github/workflows/update_ci.yml index 528b0d68..f4380cd1 100644 --- a/.github/workflows/update_ci.yml +++ b/.github/workflows/update_ci.yml @@ -36,7 +36,7 @@ jobs: - name: "Install python dependencies" run: | echo ::group::PYDEPS - pip install gitpython requests packaging jinja2 pyyaml + pip install gitpython packaging -r plugin_template/requirements.txt echo ::endgroup:: - name: "Configure Git with pulpbot name and email" @@ -62,13 +62,8 @@ jobs: committer: "pulpbot " author: "pulpbot " title: "Update CI files for branch main" - body: "" branch: "update-ci/main" base: "main" - commit-message: | - Update CI files - - [noissue] delete-branch: true - uses: "actions/checkout@v4" with: @@ -89,11 +84,7 @@ jobs: committer: "pulpbot " author: "pulpbot " title: "Update CI files for branch 1.5" - body: "" branch: "update-ci/1.5" base: "1.5" - commit-message: | - Update CI files - - [noissue] delete-branch: true +... diff --git a/doc_requirements.txt b/doc_requirements.txt index b2091951..9757c73f 100644 --- a/doc_requirements.txt +++ b/doc_requirements.txt @@ -1,12 +1,8 @@ -coreapi -django -djangorestframework -django-filter -drf-nested-routers -plantuml -pyyaml -sphinx -sphinx-rtd-theme -sphinxcontrib-openapi +# WARNING: DO NOT EDIT! +# +# This file was generated by plugin_template, and is managed by it. Please use +# './plugin-template --github pulp_certguard' to update this file. +# +# For more info visit https://github.com/pulp/plugin_template towncrier -mistune<2.0.0 +pulp-docs @ git+https://github.com/pulp/pulp-docs@main diff --git a/functest_requirements.txt b/functest_requirements.txt index 9b6ab449..1b96dc00 100644 --- a/functest_requirements.txt +++ b/functest_requirements.txt @@ -1,2 +1,4 @@ git+https://github.com/PulpQE/pulp-smash.git#egg=pulp-smash pytest<8 +pytest-xdist +pytest-timeout diff --git a/template_config.yml b/template_config.yml index ad2d7721..1269a972 100644 --- a/template_config.yml +++ b/template_config.yml @@ -1,7 +1,7 @@ # This config represents the latest values used when running the plugin-template. Any settings that # were not present before running plugin-template have been added with their default values. -# generated with plugin_template@2021.08.26-364-g6f9579c +# generated with plugin_template@2021.08.26-383-gc4cd2b8 api_root: /pulp/ black: true @@ -12,7 +12,6 @@ check_stray_pulpcore_imports: true ci_base_image: ghcr.io/pulp/pulp-ci-centos9 ci_env: {} ci_trigger: '{pull_request: {branches: [''*'']}}' -ci_update_docs: false cli_package: pulp-cli cli_repo: https://github.com/pulp/pulp-cli.git core_import_allowed: [] @@ -20,16 +19,12 @@ deploy_client_to_pypi: true deploy_client_to_rubygems: true deploy_to_pypi: true disabled_redis_runners: [] -doc_requirements_from_pulpcore: true docker_fixtures: false -docs_test: false flake8: true flake8_ignore: [] github_org: pulp -issue_tracker: github latest_release_branch: null lint_requirements: true -noissue_marker: '[noissue]' os_required_packages: [] parallel_test_workers: 8 plugin_app_label: certguard