Initial plan

tjprescott · tjprescott · commit a00ff45b0500 · 2026-06-08T14:17:39.000-07:00
diff --git a/scripts/api_md_workflow/sync_review_branches_plan.md b/scripts/api_md_workflow/sync_review_branches_plan.md
@@ -0,0 +1,215 @@
+# Sync API Review Branches on Working Branch Push
+
+## Goal
+
+When a commit is pushed to a working branch, detect whether the resulting API surface changed and, if so, update every associated API review branch with a consistent API surface. If the push does not affect any package API surface, the workflow should exit without touching review branches.
+
+The sync workflow must not blindly copy committed `api.md` or `api.metadata.yml` files from the working branch. Those files may be stale or incorrect, and the existing API.md consistency check may fail for the same commit. Review branches should only receive API artifacts that have either passed consistency validation or were regenerated by the sync workflow itself.
+
+The workflow must support one working branch having multiple associated review branches, for example when the same SDK PR has API review PRs for multiple packages or versions.
+
+## Current Branch Context
+
+The current API review prototype already has most of the branch mechanics in `scripts/api_md_workflow/create_api_review_pr.js`:
+
+- Review branches use `apireview/review_<package>_<version>` with suffixes such as `_a`, `_b`, etc. when multiple branches are needed.
+- Baseline branches use `apireview/base_<package>_<version>`.
+- Review branches are created from the selected base branch and then receive the generated target `api.md` and `api.metadata.yml` files.
+- Existing review branches can be reused when their API state matches the desired generated output and, for review branches, the base branch is an ancestor.
+- The generated review PR body records a human-readable working branch, working PR, or target tag reference.
+
+The missing piece is a durable, machine-readable association from a working branch or working PR to one or more review branches. The current PR body is useful for humans but is too brittle as the only lookup mechanism.
+
+## Proposed Design
+
+Add a new GitHub Actions workflow plus a small script layer under `scripts/api_md_workflow`.
+
+There are two viable strategies:
+
+1. **Gate on the consistency workflow.** Let the existing API.md consistency workflow prove that committed `api.md` and `api.metadata.yml` match regenerated output. Only after that check passes, copy the committed API files to associated review branches.
+2. **Regenerate in the sync workflow.** Detect packages affected by the push, regenerate `api.md` and `api.metadata.yml` from the pushed working commit, and push the regenerated artifacts to associated review branches when they differ from the review branch.
+
+The safer initial implementation is option 1 because it reuses the existing pass/fail gate and avoids introducing a second generation path with slightly different behavior. Option 2 is attractive later if we want review branches to update even when the working PR has not committed refreshed API files yet.
+
+The workflow should run on `push` events to non-review branches and use path filtering so it only starts when API surface files changed:
+
+```yaml
+on:
+  push:
+    branches-ignore:
+      - main
+      - apireview/**
+    paths:
+      - sdk/**/api.md
+      - sdk/**/api.metadata.yml
+```
+
+Inside the workflow, still compute the exact changed files from `github.event.before..github.sha`. The `paths` filter prevents most unnecessary runs, while the explicit diff keeps behavior correct for force-pushes, unusual event payloads, and future manual dispatch support.
+
+## Association Model
+
+When `create_api_review_pr.js` creates or reuses a review PR, it should write a hidden metadata block into the PR body. This keeps the association with the PR, avoids creating repo-wide state files, and allows multiple review PRs to point back to the same working branch.
+
+Suggested block:
+
+```markdown
+<!-- api-md-review-sync
+{
+  "schemaVersion": 1,
+  "repository": "Azure/azure-sdk-for-python",
+  "packageName": "azure-example",
+  "packageDir": "sdk/service/azure-example",
+  "baseBranch": "apireview/base_azure-example_1.0.0",
+  "reviewBranch": "apireview/review_azure-example_1.1.0",
+  "workingOwner": "Azure",
+  "workingBranch": "feature/api-change",
+  "workingPrNumber": 47203
+}
+-->
+```
+
+Use the `workingOwner` and `workingBranch` pair as the primary lookup key. `workingPrNumber` is helpful context but should not be required, since the sync workflow runs from a branch push and may not have a PR context.
+
+For review PRs already created before this metadata exists, the sync script can include a best-effort fallback that scans open API review PR bodies for the existing human-readable working branch or working PR line. That fallback should only be a migration bridge; new PRs should rely on the metadata block.
+
+## Workflow Steps: Gated Copy Strategy
+
+1. Checkout the pushed commit with enough history to compare `github.event.before` and `github.sha`.
+2. Build a list of committed API files changed in the pushed range:
+
+   ```bash
+   git diff --name-only "$BEFORE" "$SHA" -- 'sdk/**/api.md' 'sdk/**/api.metadata.yml'
+   ```
+
+3. If the changed-file list is empty, exit successfully.
+4. Wait for, or query, the API.md consistency check for the same commit. If the consistency check has not completed successfully, exit without updating review branches. This may be implemented as:
+   - a separate `workflow_run` trigger that runs only after `API.md Consistency` completes successfully, or
+   - a push-triggered workflow step that queries the check suite for `github.sha` and proceeds only when the consistency check conclusion is `success`.
+5. Map changed files to package directories. A package is syncable only when at least one of these files changed:
+   - `<packageDir>/api.md`
+   - `<packageDir>/api.metadata.yml`
+6. Discover associated review PRs by querying open PRs in `Azure/azure-sdk-for-python` and parsing the hidden metadata block.
+7. Filter to metadata where:
+   - `workingOwner` and `workingBranch` match the pushed branch.
+   - `packageDir` is in the changed package set.
+   - `reviewBranch` starts with `apireview/review_`.
+8. For each matched review branch, copy the now-validated API files from the pushed working commit onto the review branch and push the result.
+9. Summarize which review branches were updated, which changed packages had no associated review branch, and whether any update was skipped because consistency had not passed.
+
+## Alternative Workflow: Regenerated Output Strategy
+
+If we want review branches to update even when the working branch has stale committed API files, the sync workflow can regenerate API artifacts instead of copying them.
+
+1. Trigger on pushes under `sdk/**`, not only changes to committed API files, because source changes may alter generated API output before `api.md` is updated.
+2. Reuse the package detection logic from the consistency workflow to find affected packages from `github.event.before..github.sha`.
+3. For each affected package with associated review branches, overlay the pushed working commit and run the adapter generation command, equivalent to `azpysdk apistub --md --extract-metadata <package-name> --dest-dir .` for Python.
+4. Compare regenerated `api.md` and `api.metadata.yml` to the current review branch files.
+5. If there is no diff, skip the branch.
+6. If there is a diff, commit the regenerated files to each associated review branch and push with `--force-with-lease`.
+
+This avoids copying bad committed artifacts, but it is more expensive and means the review branch can show an API surface that the working branch has not committed yet. If we choose this path, the workflow summary should explicitly say when regenerated output differs from committed `api.md` so authors know the working PR still needs its consistency fix.
+
+## Branch Update Mechanics
+
+For each target review branch:
+
+1. Fetch the review branch and the pushed working commit.
+2. Create or reset a local branch to the remote review branch:
+
+   ```bash
+   git fetch origin "$REVIEW_BRANCH"
+   git checkout -B "$REVIEW_BRANCH" "origin/$REVIEW_BRANCH"
+   ```
+
+3. Copy only the package's API files from the pushed commit after consistency has passed:
+
+   ```bash
+   git checkout "$WORKING_SHA" -- "$PACKAGE_DIR/api.md" "$PACKAGE_DIR/api.metadata.yml"
+   ```
+
+4. If only one of the two files exists in the working commit, fail that branch update rather than producing a partial review branch. The existing consistency workflow treats `api.metadata.yml` as required alongside `api.md`, so the sync path should enforce the same invariant.
+5. If `git diff --quiet` shows no change on the review branch, skip the push.
+6. Otherwise commit and push with `--force-with-lease`:
+
+   ```bash
+   git add "$PACKAGE_DIR/api.md" "$PACKAGE_DIR/api.metadata.yml"
+   git commit -m "[API Review] Sync api.md for <package> from <working branch>"
+   git push --force-with-lease origin "$REVIEW_BRANCH"
+   ```
+
+This intentionally copies committed API artifacts only after the consistency workflow has proven they match source changes on the working PR. If the consistency check fails or is still pending, the sync workflow should leave the review branch unchanged.
+
+## Script Shape
+
+Add a new script such as `scripts/api_md_workflow/sync_review_branches.js` with these responsibilities:
+
+- Parse inputs from environment variables used by the workflow:
+  - `GITHUB_REPOSITORY`
+  - `GITHUB_REF_NAME`
+  - `GITHUB_SHA`
+  - `GITHUB_EVENT_BEFORE` or `github.event.before`
+- Detect changed API files and package directories.
+- Query open PRs through `gh pr list` or the REST API.
+- Parse the hidden `api-md-review-sync` metadata block.
+- Select all matching review branches, not just the first one.
+- Update each branch independently and continue processing other branches when one branch fails.
+- Return a non-zero exit code if any selected branch failed to update.
+
+The script should reuse helper functions where practical from `create_api_review_pr.js`, but the first implementation can duplicate a small amount of git/gh plumbing if exporting the existing helpers would make the change larger. A follow-up cleanup can extract shared git helpers into a common module.
+
+## Required Changes to PR Creation
+
+Update `create_api_review_pr.js` so every new API review PR body includes the metadata block. For reused review PRs, update the body if the metadata block is missing or stale.
+
+When the target is a tag, do not include sync metadata and do not associate the review PR with a working branch. Tag-to-tag review PRs are static and should not be updated by branch push events.
+
+When the target is `owner:branch`, set `workingOwner` to `owner` and `workingBranch` to `branch`. When the target is an origin branch, set `workingOwner` to `Azure` and `workingBranch` to that branch. When no target is supplied and the script defaults to `main`, omit sync metadata because `main` should not drive synthetic review updates.
+
+## Permissions and Safety
+
+The workflow needs `contents: write` to push review branches and `pull-requests: read` to discover review PR metadata. If it updates missing metadata on review PRs, it also needs `pull-requests: write`.
+
+Safety checks should include:
+
+- Ignore pushes to `main` and `apireview/**`.
+- Only update branches whose metadata points to the pushed branch.
+- Only copy `api.md` and `api.metadata.yml` under the recorded package directory.
+- Require both API files to exist at the pushed commit.
+- Use `--force-with-lease`, never a plain force push.
+- Log and skip closed review PRs.
+- Avoid creating new review branches from this sync workflow. Branch creation remains the job of `create_api_review_pr.js`.
+
+## Testing Plan
+
+Add Node unit tests for the new script helpers:
+
+- Changed-file detection ignores non-API files.
+- Changed-file detection groups `api.md` and `api.metadata.yml` by package directory.
+- Metadata parser accepts exactly one valid hidden block.
+- Metadata parser ignores malformed or unrelated comments.
+- Review branch selection returns multiple branches for one working branch when packages differ.
+- Tag-target review PRs are not selected.
+
+Add tests around `create_api_review_pr.js` body generation:
+
+- Branch targets include the hidden sync metadata.
+- Fork targets include the fork owner and branch.
+- Tag targets omit sync metadata.
+- Default `main` target omits sync metadata.
+
+If practical, add a lightweight integration-style test with stubbed git and gh runners that verifies a review branch update copies only the two API files and skips the push when there is no diff.
+
+## Open Questions
+
+- Should the sync workflow update review PR bodies when metadata is absent, or should migration be handled only when `create_api_review_pr.js` is rerun?
+- Should a review branch be updated when `api.md` changed but `api.metadata.yml` did not, or should the workflow require both files in the same pushed range? The safer implementation is to require both files to exist at the pushed commit, not necessarily both changed in the same commit range.
+- Should branch updates be serialized with a concurrency group per review branch to avoid two rapid pushes racing each other?
+
+## Recommended Implementation Order
+
+1. Add metadata block generation to `create_api_review_pr.js` for branch and fork targets.
+2. Add tests for metadata generation and parsing.
+3. Add `sync_review_branches.js` with dry-run logging first.
+4. Add the push-triggered workflow with `contents: write` and `pull-requests: read`.
+5. Enable real pushes after dry-run output confirms the correct review branches are selected.
+6. Add fallback discovery for existing metadata-less review PRs if needed.
