root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 50 Packages Projects Releases Wiki Activity
grafana/.github/workflows/detect-breaking-changes-lev...

412 lines
14 KiB
YAML
Raw Permalink Blame History

# Only runs if anything under the packages/ directory changes.
---
name: Levitate / Detect breaking changes in PR
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
permissions: {}
on:
pull_request:
paths:
- 'packages/**'
- '.nvmrc'
- '.github/workflows/detect-breaking-changes-levitate.yml'
branches:
- 'main'
jobs:
buildPR:
name: Build PR packages artifacts
runs-on: ubuntu-latest
defaults:
run:
working-directory: './pr'
permissions:
contents: read
id-token: write
steps:
- uses: actions/checkout@v5
with:
path: './pr'
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version-file: './pr/.nvmrc'
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "dir=$(yarn config get cacheFolder)" >> "$GITHUB_OUTPUT"
- name: Restore yarn cache
uses: actions/cache@v4
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: yarn-cache-folder-${{ hashFiles('**/yarn.lock', '.yarnrc.yml') }}
restore-keys: |
yarn-cache-folder-
- name: Install dependencies
run: yarn install --immutable
- name: Build packages
run: yarn packages:build
- name: Pack packages
run: yarn packages:pack --out ./%s.tgz
- name: Zip built tarballed packages
run: zip -r ./pr_built_packages.zip ./packages/**/*.tgz
- name: Upload build output as artifact
uses: actions/upload-artifact@v4
with:
name: buildPr
path: './pr/pr_built_packages.zip'
buildBase:
name: Build Base packages artifacts
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
defaults:
run:
working-directory: './base'
steps:
- uses: actions/checkout@v5
with:
path: './base'
ref: ${{ github.event.pull_request.base.ref }}
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version-file: './base/.nvmrc'
- name: Get yarn cache directory path
id: yarn-cache-dir-path
run: echo "dir=$(yarn config get cacheFolder)" >> "$GITHUB_OUTPUT"
- name: Restore yarn cache
uses: actions/cache@v4
id: yarn-cache
with:
path: ${{ steps.yarn-cache-dir-path.outputs.dir }}
key: yarn-cache-folder-${{ hashFiles('**/yarn.lock', '.yarnrc.yml') }}
restore-keys: |
yarn-cache-folder-
- name: Install dependencies
run: yarn install --immutable
- name: Build packages
run: yarn packages:build
- name: Pack packages
run: yarn packages:pack --out ./%s.tgz
- name: Zip built tarballed packages
run: zip -r ./base_built_packages.zip ./packages/**/*.tgz
- name: Upload build output as artifact
uses: actions/upload-artifact@v4
with:
name: buildBase
path: './base/base_built_packages.zip'
Detect:
name: Detect breaking changes between PR and base
runs-on: ubuntu-latest
needs: ['buildPR', 'buildBase']
env:
GITHUB_STEP_NUMBER: 8
permissions:
contents: 'read'
id-token: 'write'
steps:
- uses: actions/checkout@v5
with:
persist-credentials: false
- uses: actions/setup-node@v4
with:
node-version-file: '.nvmrc'
- name: Get built packages from pr
uses: actions/download-artifact@v4
with:
name: buildPr
- name: Get built packages from base
uses: actions/download-artifact@v4
with:
name: buildBase
- name: Unzip artifact from pr
run: unzip -j pr_built_packages.zip -d ./pr && rm pr_built_packages.zip
- name: Unzip artifact from base
run: unzip -j base_built_packages.zip -d ./base && rm base_built_packages.zip
- id: 'auth'
uses: 'google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f'
if: github.event.pull_request.head.repo.full_name == github.repository
with:
workload_identity_provider: projects/304398677251/locations/global/workloadIdentityPools/github/providers/github-provider
service_account: github-plugins-data-levitate@grafanalabs-workload-identity.iam.gserviceaccount.com
project_id: 'grafanalabs-global'
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db'
if: github.event.pull_request.head.repo.full_name == github.repository
with:
version: '>= 363.0.0'
project_id: 'grafanalabs-global'
install_components: 'bq'
- name: Detect breaking changes
id: breaking-changes
run: ./scripts/check-breaking-changes.sh
env:
FORCE_COLOR: 3
IS_FORK: ${{ github.event.pull_request.head.repo.full_name != github.repository }} # used in check-breaking-changes.sh and levitate-parse-json-report.js
- name: Persisting the check output
run: |
mkdir -p ./levitate
echo "{ \"exit_code\": ${IS_BREAKING}, \"message\": \"${MESSAGE}\", \"pr_number\": \"${PR_NUMBER}\" }" > ./levitate/result.json
env:
IS_BREAKING: ${{ steps.breaking-changes.outputs.is_breaking }}
MESSAGE: ${{ steps.breaking-changes.outputs.message }}
PR_NUMBER: ${{ github.event.pull_request.number }}
- name: Upload check output as artifact
uses: actions/upload-artifact@v4
with:
name: levitate
path: levitate/
Report:
name: Report breaking changes in PR comment
runs-on: ubuntu-latest
needs: ['Detect']
permissions:
contents: read
id-token: write
if: github.event.pull_request.head.repo.full_name == github.repository
steps:
- id: get-secrets
uses: grafana/shared-workflows/actions/get-vault-secrets@28361cdb22223e5f1e34358c86c20908e7248760 # get-vault-secrets-v1.1.0
with:
# Secrets placed in the ci/repo/grafana/grafana in vault
repo_secrets: |
GITHUB_APP_ID=grafana_pr_automation_app:app_id
GITHUB_APP_PRIVATE_KEY=grafana_pr_automation_app:app_pem
- name: Generate token
id: generate_token
uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2
with:
app-id: ${{ env.GITHUB_APP_ID }}
private-key: ${{ env.GITHUB_APP_PRIVATE_KEY }}
- uses: actions/checkout@v5
with:
persist-credentials: false
- name: 'Download artifact'
uses: actions/download-artifact@v4
with:
name: levitate
- name: Parsing levitate result
uses: actions/github-script@v7
id: levitate-run
with:
script: |
const filePath = 'result.json';
const script = require('./.github/workflows/scripts/json-file-to-job-output.js');
await script({ core, filePath });
# Check if label exists
- name: Check if "levitate breaking change" label exists
id: does-label-exist
uses: actions/github-script@v7
env:
PR_NUMBER: ${{ github.event.pull_request.number }}
with:
script: |
const { data: labels } = await github.rest.issues.listLabelsOnIssue({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
});
return labels.some(label => label.name === 'levitate breaking change') ? 1 : 0
# put the markdown into a variable
- name: Levitate Markdown
id: levitate-markdown
run: |
if [ -f "levitate.md" ]; then
{
echo 'levitate_markdown<<EOF'
cat levitate.md
echo EOF
} >> "$GITHUB_OUTPUT"
else
echo "levitate_markdown=No breaking changes detected" >> "$GITHUB_OUTPUT"
fi
# Comment on the PR
- name: Comment on PR
if: steps.levitate-run.outputs.exit_code == 1
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405
with:
header: levitate-breaking-change-comment
number: ${{ github.event.pull_request.number }}
message: |
⚠️ &nbsp;&nbsp;**Possible breaking changes (md version)**&nbsp;&nbsp; ⚠️
${{ steps.levitate-markdown.outputs.levitate_markdown }}
[Read our guideline](https://github.com/grafana/grafana/blob/main/contribute/breaking-changes-guide/breaking-changes-guide.md)
* Your pull request merge won't be blocked.
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
# Remove comment from the PR (no more breaking changes)
- name: Remove comment from PR
if: steps.levitate-run.outputs.exit_code == 0
uses: marocchino/sticky-pull-request-comment@773744901bac0e8cbb5a0dc842800d45e9b2b405
with:
header: levitate-breaking-change-comment
number: ${{ github.event.pull_request.number }}
delete: true
GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }}
- name: Send Slack Message via Payload
id: slack
if: steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0 && github.repository == 'grafana/grafana'
uses: grafana/shared-workflows/actions/send-slack-message@7b628e7352c2dea057c565cc4fcd5564d5f396c0 #v1.0.0
with:
channel-id: "C031SLFH6G0"
payload: |
{
"channel": "C031SLFH6G0",
"text": ":warning: Possible breaking changes detected in *PR:* <${{ github.event.pull_request.html_url }}|#${{ github.event.pull_request.number }} :warning:",
"icon_emoji": ":grot:",
"username": "Levitate Bot",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "*grafana/grafana* repository has possible breaking changes"
}
},
{
"type": "section",
"fields": [
{
"type": "mrkdwn",
"text": "*PR:* <${{ github.event.pull_request.html_url }}|#${{ github.event.pull_request.number }}>\n\nAuthor: ${{ github.event.pull_request.user.login }}"
},
{
"type": "mrkdwn",
"text": "*Job:* <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Job>"
}
]
}
]
}
# Add the label
- name: Add "levitate breaking change" label
if: steps.levitate-run.outputs.exit_code == 1 && steps.does-label-exist.outputs.result == 0
uses: actions/github-script@v7
env:
PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
with:
github-token: ${{ steps.generate_token.outputs.token }}
script: |
await github.rest.issues.addLabels({
issue_number: process.env.PR_NUMBER,
owner: context.repo.owner,
repo: context.repo.repo,
labels: ['levitate breaking change']
})
# Remove label (no more breaking changes)
- name: Remove "levitate breaking change" label
if: steps.levitate-run.outputs.exit_code == 0 && steps.does-label-exist.outputs.result == 1
uses: actions/github-script@v7
env:
PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
with:
github-token: ${{ steps.generate_token.outputs.token }}
script: |
await github.rest.issues.removeLabel({
issue_number: process.env.PR_NUMBER,
owner: context.repo.owner,
repo: context.repo.repo,
name: 'levitate breaking change'
})
# Add reviewers
# This is very weird, the actual request goes through (comes back with a 201), but does not assign the team.
# Related issue: https://github.com/renovatebot/renovate/issues/1908
- name: Add "grafana/plugins-platform-frontend" as a reviewer
if: steps.levitate-run.outputs.exit_code == 1
uses: actions/github-script@v7
env:
PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
with:
github-token: ${{ steps.generate_token.outputs.token }}
script: |
await github.rest.pulls.requestReviewers({
pull_number: process.env.PR_NUMBER,
owner: context.repo.owner,
repo: context.repo.repo,
reviewers: [],
team_reviewers: ['plugins-platform-frontend']
});
# Remove reviewers (no more breaking changes)
- name: Remove "grafana/plugins-platform-frontend" from the list of reviewers
if: steps.levitate-run.outputs.exit_code == 0
uses: actions/github-script@v7
env:
PR_NUMBER: ${{ steps.levitate-run.outputs.pr_number }}
with:
github-token: ${{ steps.generate_token.outputs.token }}
script: |
await github.rest.pulls.removeRequestedReviewers({
pull_number: process.env.PR_NUMBER,
owner: context.repo.owner,
repo: context.repo.repo,
reviewers: [],
team_reviewers: ['plugins-platform-frontend']
});
- name: Exit
run: |
if [ "${LV_EXIT_CODE}" -ne 0 ]; then
echo "Breaking changes detected. Please check the levitate report in your pull request. This workflow won't block merging."
fi
exit "${LV_EXIT_CODE}"
shell: bash
env:
LV_EXIT_CODE: ${{ steps.levitate-run.outputs.exit_code }}
Reference in New Issue View Git Blame Copy Permalink