From d7b1a4dafa292bda28d6d1e376a394d2b5d9adf0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Mart=C3=AD?= <mvdan@mvdan.cc>
Date: Wed, 1 Nov 2023 15:53:25 +0000
Subject: [PATCH] testing
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Daniel Martí <mvdan@mvdan.cc>
Change-Id: I7f687dc31010bc0e0005d3385c8388c6657d5362
---
 .github/workflows/trybot.yml  | 78 ++++++-----------------------------
 internal/ci/github/trybot.cue | 46 +++++++++++++++------
 2 files changed, 46 insertions(+), 78 deletions(-)

diff --git a/.github/workflows/trybot.yml b/.github/workflows/trybot.yml
index b815e617ebbd..120c97935ad5 100644
--- a/.github/workflows/trybot.yml
+++ b/.github/workflows/trybot.yml
@@ -110,78 +110,24 @@ jobs:
           github.repository == 'cue-lang/cue' && (((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
           Dispatch-Trailer: {"type":"')))) || github.ref == 'refs/heads/ci/test')
         run: go clean -testcache
-      - if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
-        name: Early git and code sanity checks
-        run: |-
-          # Ensure the recent commit messages have Signed-off-by headers. We
-          # only need to check the HEAD commit because all commits are tested
-          # in CI. Unclear why git log outputs blank lines when parsing trailers
-          # in this way, but we remove those blank lines so as not to skew the
-          # count of the trailers we are searching for.
-          #
-          # TODO: Remove once this is enforced for admins too;
-          # see https://bugs.chromium.org/p/gerrit/issues/detail?id=15229
-          if [[ "$(git log -1 --pretty='%(trailers:key=Signed-off-by)' | sed '/^\s*$/d' | wc -l)" -eq 0 ]]; then
-          	echo -e "\nRecent commit is lacking Signed-off-by:\n"
-          	git show --quiet
-          	exit 1
-          fi
-
-          # Ensure that commit messages have a blank second line.
-          # We know that a commit message must be longer than a single
-          # line because each commit must be signed-off.
-          if git log --format=%B -n 1 HEAD | sed -n '2{/^$/{q1}}'; then
-          	echo "second line of commit message must be blank"
-          	exit 1
-          fi
-
-          # Ensure that the commit author is the same as the signed-off-by.  This
-          # is a basic requirement of DCO. It is enforced by Gerrit (although
-          # noting that in Gerrit the author name does not have to match, only
-          # the email address), but _not_ by the DCO GitHub app:
-          #
-          #   https://github.com/dcoapp/app/issues/201
-          #
-          # Provide a sanity check as part of GitHub workflows that should enforce
-          # this, e.g. trybot workflows.
-          #
-          # We do so by comparing the commit author and "Signed-off-by" trailer for
-          # strict equality. Whilst this is more strict than Gerrit, it should
-          # generally be the case, and we can always relax this when presented with
-          # specific situations where it is is a problem.
-
-          # commit author email address
-          commitauthor="$(git log -1 --pretty="%ae")"
-
-          # signed-off-by trailer email address. There is no way to parse just the
-          # email address from the trailer in the same way as git log, so instead
-          # grab the relevant trailer and then take the last whitespace-delimited
-          # part as the "<>" contained email address.
-          # Getting the Signed-off-by trailer in this way causes blank
-          # lines for some reason. Use awk to remove them.
-          commitsigner="$(git log -1 --pretty='%(trailers:key=Signed-off-by,valueonly)' | sed -ne 's/.* <\(.*\)>/\1/p')"
-
-          if [[ "$commitauthor" != "$commitsigner" ]]; then
-          	echo "commit author email address does not match signed-off-by trailer"
-          	exit 1
-          fi
       - if: |-
           ((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
           Dispatch-Trailer: {"type":"')))) || (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
         run: echo CUE_LONG=true >> $GITHUB_ENV
       - if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
-        name: Generate
-        run: go generate ./...
-      - if: |-
-          ((github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/heads/release-branch.')) && (! (contains(github.event.head_commit.message, '
-          Dispatch-Trailer: {"type":"')))) || !(matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
-        name: Test
-        run: go test ./...
-      - if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
-        name: Test with -race
-        run: go test -race ./...
+        name: End-to-end test
+        run: |-
+          echo ${GITHUB_TOKEN}
+          echo ${E2E_GITHUB_TOKEN}
+          if [[ $GITHUB_TOKEN == $E2E_GITHUB_TOKEN ]]; then
+          	echo same
+          else
+          	echo different
+          fi
+          cd internal/e2e
+          GITHUB_TOKEN=${E2E_GITHUB_TOKEN} go test
         env:
-          GORACE: atexit_sleep_ms=10
+          E2E_GITHUB_TOKEN: ${{ secrets.E2E_GITHUB_TOKEN }}
       - if: (matrix.go-version == '1.21.x' && matrix.runner == 'ubuntu-22.04')
         name: Check
         run: go vet ./...
diff --git a/internal/ci/github/trybot.cue b/internal/ci/github/trybot.cue
index f6f712f91133..c6076b2e6746 100644
--- a/internal/ci/github/trybot.cue
+++ b/internal/ci/github/trybot.cue
@@ -59,22 +59,23 @@ workflows: trybot: _repo.bashWorkflow & {
 				// are established by running each tool.
 				for v in _setupGoActionsCaches {v},
 
-				_repo.earlyChecks & {
-					// These checks don't vary based on the Go version or OS,
-					// so we only need to run them on one of the matrix jobs.
-					if: _isLatestLinux
-				},
+				// _repo.earlyChecks & {
+				// 	// These checks don't vary based on the Go version or OS,
+				// 	// so we only need to run them on one of the matrix jobs.
+				// 	if: _isLatestLinux
+				// },
 				json.#step & {
 					if:  "\(_repo.isProtectedBranch) || \(_isLatestLinux)"
 					run: "echo CUE_LONG=true >> $GITHUB_ENV"
 				},
-				_goGenerate,
-				_goTest & {
-					if: "\(_repo.isProtectedBranch) || !\(_isLatestLinux)"
-				},
-				_goTestRace & {
-					if: _isLatestLinux
-				},
+				// _goGenerate,
+				// _goTest & {
+				// 	if: "\(_repo.isProtectedBranch) || !\(_isLatestLinux)"
+				// },
+				// _goTestRace & {
+				// 	if: _isLatestLinux
+				// },
+				_e2eTest,
 				_goCheck,
 				_repo.checkGitClean,
 			]
@@ -114,6 +115,27 @@ workflows: trybot: _repo.bashWorkflow & {
 		run:  "go test ./..."
 	}
 
+	_e2eTest: json.#step & {
+		name: "End-to-end test"
+		// The end-to-end tests require the GITHUB_TOKEN secret and are a bit slow,
+		// so we only run them on pushes to protected branches and on one environment.
+		if: "\(_isLatestLinux)"
+		// Note that Actions runs with a default GITHUB_TOKEN, which we override here.
+		// env: GITHUB_TOKEN: "${{ secrets.E2E_GITHUB_TOKEN }}"
+		env: E2E_GITHUB_TOKEN: "${{ secrets.E2E_GITHUB_TOKEN }}"
+		run:  """
+			echo ${GITHUB_TOKEN}
+			echo ${E2E_GITHUB_TOKEN}
+			if [[ $GITHUB_TOKEN == $E2E_GITHUB_TOKEN ]]; then
+				echo same
+			else
+				echo different
+			fi
+			cd internal/e2e
+			GITHUB_TOKEN=${E2E_GITHUB_TOKEN} go test
+			"""
+	}
+
 	_goCheck: json.#step & {
 		// These checks can vary between platforms, as different code can be built
 		// based on GOOS and GOARCH build tags.