Skip to content

Commit 47ac5cc

Browse files
authored
Prevent dependency resolution from running in an infinite loop (DataDog#23363)
* Prevent dependency resolution from running in an infinite loop Along the way update the triggers for that workflow to reflect its new use. Also add a crutch to keep disk usage measurement running. * remove reference to allium, it's confusing * fix permissions for measuring disk usage
1 parent 1917736 commit 47ac5cc

4 files changed

Lines changed: 82 additions & 118 deletions

File tree

Lines changed: 59 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,59 @@
1+
name: Measure Disk Usage (Master)
2+
run-name: "Measure Disk Usage (Master) [${{ github.sha }}]"
3+
4+
# Temporary crutch: emits master disk-usage telemetry on .deps/ changes.
5+
# The main measure-disk-usage.yml workflow subscribes to resolve-build-deps via
6+
# workflow_run, but resolve-build-deps no longer runs on master pushes. This
7+
# workflow restores the master telemetry path until measure-disk-usage.yml is
8+
# reworked to subscribe to .deps/ changes directly.
9+
10+
on:
11+
push:
12+
branches:
13+
- master
14+
paths:
15+
- .deps/**
16+
17+
env:
18+
PYTHON_VERSION: "3.13"
19+
20+
jobs:
21+
measure-disk-usage:
22+
runs-on: ubuntu-22.04
23+
permissions:
24+
contents: read
25+
actions: read
26+
id-token: write
27+
steps:
28+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
29+
with:
30+
fetch-depth: 0
31+
32+
- name: Set up Python ${{ env.PYTHON_VERSION }}
33+
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
34+
with:
35+
python-version: ${{ env.PYTHON_VERSION }}
36+
37+
- name: Get Datadog credentials
38+
id: dd-sts
39+
uses: DataDog/dd-sts-action@2e8187910199bd93129520183c093e19aa585c75 # v1.0.0
40+
with:
41+
policy: integrations-core-api-key
42+
43+
- name: Install ddev
44+
run: |
45+
pip install -e ./datadog_checks_dev[cli]
46+
pip install -e ./ddev
47+
48+
- name: Configure ddev
49+
run: ddev config override
50+
51+
- name: Measure disk usage (Uncompressed)
52+
env:
53+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
54+
run: ddev -v size status --commit "${{ github.sha }}" --format json --to-dd-key ${{ steps.dd-sts.outputs.api_key }}
55+
56+
- name: Measure disk usage (Compressed)
57+
env:
58+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
59+
run: ddev -v size status --commit "${{ github.sha }}" --format json --to-dd-key ${{ steps.dd-sts.outputs.api_key }} --compressed

.github/workflows/resolve-build-deps.yaml

Lines changed: 23 additions & 71 deletions
Original file line numberDiff line numberDiff line change
@@ -1,20 +1,18 @@
11
name: Resolve Dependencies and Build Wheels
22

33
on:
4-
workflow_dispatch:
54
pull_request:
65
branches:
76
- master
87
- 7.*.*
9-
10-
push:
11-
branches:
12-
- master
13-
- 7.*.*
8+
paths:
9+
- agent_requirements.in
10+
- .builders/**
11+
- .github/workflows/resolve-build-deps.yaml
1412

1513
concurrency:
16-
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
17-
cancel-in-progress: ${{ github.event_name == 'pull_request' && true || false }}
14+
group: ${{ github.workflow }}-${{ github.event.pull_request.number }}
15+
cancel-in-progress: true
1816

1917
defaults:
2018
run:
@@ -28,58 +26,9 @@ env:
2826
SOURCE_DATE_EPOCH: "1580601600"
2927

3028
jobs:
31-
# measure-disk-usage.yml depends on this workflow being triggered and completed,
32-
# so it can wait for the build to calculate dependency sizes.
33-
# The 'on' setting ensures it runs, but this job cancels it if no dependency changes are detected.
34-
35-
check-should-run:
36-
name: Check if build should run
37-
runs-on: ubuntu-22.04
38-
permissions:
39-
actions: write
40-
contents: read
41-
outputs:
42-
builder_changed: ${{ steps.dependency-check.outputs.builder_changed }}
43-
should_run_build: ${{ steps.dependency-check.outputs.should_run_build }}
44-
steps:
45-
- name: Checkout code
46-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
47-
48-
- name: Define diff commits
49-
id: set_sha
50-
if: github.event_name != 'workflow_dispatch'
51-
run: .github/workflows/scripts/resolve_deps_define_diff_commits.sh
52-
env:
53-
PR_BASE_SHA: ${{ github.event.pull_request.base.sha }}
54-
PR_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
55-
EVENT_BEFORE: ${{ github.event.before }}
56-
57-
- name: Get changed files
58-
id: changed-files
59-
if: github.event_name != 'workflow_dispatch'
60-
run: |
61-
REPO="${{ github.repository }}"
62-
63-
CHANGED_FILES=$(gh api "repos/$REPO/compare/${{ steps.set_sha.outputs.prev_sha }}...${{ steps.set_sha.outputs.curr_sha }}" --paginate | \
64-
jq -r 'select(.files != null) | .files | map(.filename) | join(" ")')
65-
66-
echo "files_changed=$CHANGED_FILES" >> $GITHUB_OUTPUT
67-
echo "files_changed=$CHANGED_FILES"
68-
env:
69-
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
70-
71-
- name: Check if build should run
72-
id: dependency-check
73-
run: .github/workflows/scripts/resolve_deps_check_should_run.sh
74-
env:
75-
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
76-
FILES_CHANGED: ${{ steps.changed-files.outputs.files_changed }}
77-
7829
test:
7930
name: Run tests
80-
needs:
81-
- check-should-run
82-
if: needs.check-should-run.outputs.should_run_build == 'true'
31+
if: github.event.pull_request.head.repo.fork == false
8332
runs-on: ubuntu-22.04
8433
steps:
8534
- name: Checkout code
@@ -107,9 +56,7 @@ jobs:
10756
pre-resolve:
10857
name: Pre-resolve dependency versions
10958
needs:
110-
- check-should-run
11159
- test
112-
if: needs.check-should-run.outputs.should_run_build == 'true'
11360
runs-on: ubuntu-22.04
11461
steps:
11562
- name: Checkout code
@@ -147,9 +94,7 @@ jobs:
14794
build:
14895
name: Target ${{ matrix.job.image }} on ${{ matrix.job.os }}
14996
needs:
150-
- check-should-run
15197
- pre-resolve
152-
if: needs.check-should-run.outputs.should_run_build == 'true'
15398
runs-on: ${{ matrix.job.os }}
15499
strategy:
155100
fail-fast: false
@@ -173,6 +118,17 @@ jobs:
173118
steps:
174119
- name: Checkout code
175120
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
121+
with:
122+
fetch-depth: 0
123+
124+
- name: Detect builder changes
125+
id: builder-check
126+
run: |
127+
if git diff --quiet "origin/${{ github.base_ref }}...HEAD" -- .builders/; then
128+
echo "builder_changed=false" >> "$GITHUB_OUTPUT"
129+
else
130+
echo "builder_changed=true" >> "$GITHUB_OUTPUT"
131+
fi
176132
177133
- name: Set up Python ${{ env.PYTHON_VERSION }}
178134
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
@@ -199,28 +155,28 @@ jobs:
199155
password: ${{ secrets.GITHUB_TOKEN }}
200156

201157
- name: Build image and wheels
202-
if: needs.check-should-run.outputs.builder_changed == 'true'
158+
if: steps.builder-check.outputs.builder_changed == 'true'
203159
run: python .builders/build.py ${{ matrix.job.image }} --python 3 ${{ env.OUT_DIR }}/py3 --constraints .constraints/constraints.txt
204160

205161
- name: Pull image and build wheels
206-
if: needs.check-should-run.outputs.builder_changed == 'false'
162+
if: steps.builder-check.outputs.builder_changed == 'false'
207163
run: |
208164
digest=$(jq -r '.["${{ matrix.job.image }}"]' .deps/image_digests.json)
209165
python .builders/build.py ${{ matrix.job.image }} --python 3 ${{ env.OUT_DIR }}/py3 --digest $digest --constraints .constraints/constraints.txt
210166
211167
- name: Publish image
212-
if: needs.check-should-run.outputs.builder_changed == 'true'
168+
if: steps.builder-check.outputs.builder_changed == 'true'
213169
run: ${DOCKER} push ${{ env.BUILDER_IMAGE }}
214170

215171
- name: Save new image digest
216-
if: needs.check-should-run.outputs.builder_changed == 'true'
172+
if: steps.builder-check.outputs.builder_changed == 'true'
217173
run: >-
218174
${DOCKER} inspect --format "{{index .RepoDigests 0}}" ${{ env.BUILDER_IMAGE }}
219175
| cut -d '@' -f 2
220176
> ${{ env.OUT_DIR }}/image_digest
221177
222178
- name: Persist current image digest
223-
if: needs.check-should-run.outputs.builder_changed == 'false'
179+
if: steps.builder-check.outputs.builder_changed == 'false'
224180
run: >-
225181
jq -r '.["${{ matrix.job.image }}"]' .deps/image_digests.json
226182
> ${{ env.OUT_DIR }}/image_digest
@@ -234,9 +190,7 @@ jobs:
234190
build-macos:
235191
name: Target macOS/${{ matrix.job.arch }} on ${{ matrix.job.os }}
236192
needs:
237-
- check-should-run
238193
- pre-resolve
239-
if: needs.check-should-run.outputs.should_run_build == 'true'
240194
runs-on: ${{ matrix.job.os }}
241195
strategy:
242196
fail-fast: false
@@ -323,11 +277,9 @@ jobs:
323277

324278
publish:
325279
name: Publish artifacts and commit lockfiles to branch
326-
if: needs.check-should-run.outputs.should_run_build == 'true' && github.event_name == 'pull_request' && !github.event.pull_request.head.repo.fork
327280
needs:
328281
- build
329282
- build-macos
330-
- check-should-run
331283
runs-on: ubuntu-latest
332284

333285
permissions:

.github/workflows/scripts/resolve_deps_check_should_run.sh

Lines changed: 0 additions & 32 deletions
This file was deleted.

.github/workflows/scripts/resolve_deps_define_diff_commits.sh

Lines changed: 0 additions & 15 deletions
This file was deleted.

0 commit comments

Comments
 (0)