fix: do not update manifest on PRs without stack label #331
Conversation
| with: | ||
| filterOutClosed: true | ||
| filterOutDraft: false | ||
| - uses: chanzuckerberg/github-actions/.github/actions/argus-builder/build-prep@rzheng/stack-label |
There was a problem hiding this comment.
what is our versioning strategy? continue using a sha1? leave it pointing to a branch like this PR? maybe we can create a tag?
There was a problem hiding this comment.
we use release-please to propose releases based on our conventional commits and merging the release proposal PR creates the actual release/tag. the reason this uses a sha instead of one of those tags is that it allows us to make a single release with the update instead of first releasing build-prep and then coming back and updating the version of build-prep used in this file and making another release
| @@ -120,4 +134,5 @@ runs: | |||
| script: | | |||
| const branchMatched = `${{ steps.branch_filter.outputs.match }}` === 'true'; | |||
| const filesMatched = `${{ steps.file_filter.outputs.run_on }}` === 'true'; | |||
| core.setOutput('should_build', filesMatched && branchMatched); | |||
| const prHasStackLabel = `${{ steps.require_stack_label.outputs.has_label }}` === 'true'; | |||
| core.setOutput('should_build', filesMatched && branchMatched && prHasStackLabel); | |||
There was a problem hiding this comment.
note this also skips Update Manifest in manifest-update.
is that okay or should I modify the manifest-update action to only skip the step that adds the values.yaml change?
There was a problem hiding this comment.
oh wait that step only writes the values.yml changes so it's safe to skip
| labels: | ||
| description: 'Labels attached to an associated PR' | ||
| requred: false | ||
| default: '' |
There was a problem hiding this comment.
rename to something that indicates these are the labels currently attached to the PR. Then we need another input for the name of the label with the default value being "stack". I think we should allow for the name of the label to be configured, with a sane default
| with: | ||
| script: | | ||
| const labels = `${{ inputs.labels }}`; | ||
| let hasStackLabel = labels.split(',').includes("stack") |
There was a problem hiding this comment.
| let hasStackLabel = labels.split(',').includes("stack") | |
| let hasStackLabel = labels.split(',').includes("{{inputs.label}}") |
see comment above
wontonst
force-pushed
the
rzheng/stack-label
branch
8 times, most recently
from
b7a9dca to
280fc38
Compare
|
PR should be ready for review now.
Todo:
Side note I noticed that rerunning jobs via the Github UI when a values.yaml commit has been created always results in the manifest update step not getting executed. My guess is because the file filters thinks the base commit is the commit before the values.yaml file commit so it thinks there are no files matching the path filters. I think we can ignore this since most folks are probably pushing to their branch to trigger a build but good to know since I wasted time figuring out why steps were getting skipped. |
| core.setOutput('should_build', filesMatched && branchMatched); | ||
| const prHasStackLabel = `${{ steps.require_stack_label.outputs.has_trigger_label }}` === 'true'; | ||
| const shouldBuild = filesMatched && branchMatched && prHasStackLabel; | ||
| core.setOutput('should_build', shouldBuild); |
There was a problem hiding this comment.
it might be good to have the image still get built, the benefits of that would be even without making a stack a user would still be able to see whether their code introduced a bug that prevents the image from building. @jakeyheath what do you think?
There was a problem hiding this comment.
I think given that the main artifact for a build is often times an image, and given the low cost of building an image, we should just always build an image. what do we think about removing should_build from build-docker's if condition?
if: needs.prep.outputs.should_build == 'true' && needs.prep.outputs.images != '[]'
alternatively I can create a new output like shouldDeploy and use that to separately control Update manifest
There was a problem hiding this comment.
yea that would be more clear @wontonst . Let's go forward with that
wontonst
force-pushed
the
rzheng/stack-label
branch
from
280fc38 to
37be64d
Compare
| description: 'Labels attached to an associated PR' | ||
| required: false | ||
| default: '' | ||
| manifest_trigger_label: |
There was a problem hiding this comment.
I think this needs to allow multiple values, comma delimited
We don't have anyone with this setup right now but we've previously had people build a monorepo with multiple Argus apps that use independent labels to control stack creation. We have an example monorepo set up to work like that: https://github.com/chanzuckerberg/argus-example-monorepo
There was a problem hiding this comment.
hmm, this could get confusing. some folks might want it to mean "any of these labels should trigger a manifest update" and others "these labels must all be applied to trigger a manifest update"
what do you think about crossing that bridge when we come to it?
There was a problem hiding this comment.
I'm good with that, alternatively it could take a regex which would make it support the "any of these labels" case. Up to you
| with: | ||
| filterOutClosed: true | ||
| filterOutDraft: false | ||
| - uses: chanzuckerberg/github-actions/.github/actions/argus-builder/build-prep@rzheng/stack-label |
There was a problem hiding this comment.
Don't forget to change this in a follow up PR
wontonst
force-pushed
the
rzheng/stack-label
branch
2 times, most recently
from
a0a27c4 to
23a4c16
Compare
wontonst
force-pushed
the
rzheng/stack-label
branch
from
23a4c16 to
9721128
Compare
|
tested again at https://github.com/chanzuckerberg/core-platform-example-app/actions/runs/12956338859/job/36142386737?pr=112 https://github.com/chanzuckerberg/core-platform-example-app/actions/runs/12956387261/job/36142533059?pr=112 prep now outputs |
|
will defer upgrading other repos until https://czi.atlassian.net/browse/CCIE-3947 |
Attempts to address https://github.com/chanzuckerberg/argus/issues/655 by running
Update ArgoCD manifestsonly if a PR associated with a push has thestacklabel.Tested via https://github.com/chanzuckerberg/core-platform-example-app/pull/112 which is on 2.X of this action (hence the merge conflicts).
If we like this approach, what should I do? Maybe create 2.16.0 and 3.7.0? Do we care about supporting 2.X apps? It would be simpler to ask those app owners to use 3.X to gain this benefit. Prior to merging I will rebase on latest and test again on an app using 3.X.
Requires application owners to upgrade their argus-docker-build.yaml version target