OAPE-752 | CI-Monitor Phase 1#61
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: neha037 The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
There was a problem hiding this comment.
Perhaps we should reuse the OpenShift Prow CI here, instead of having to reinvent this with GitHub Actions altogether. Using GitHub Actions would cost us more (atleast in terms of setup and reusability, if not direct $$) than using Prow from https://github.com/openshift/release.
IIUC, to get this into action you need periodic jobs which Prow can provide us for this use case.
|
|
||
| | Aspect | HyperShift | OAPE PR Agent | | ||
| | ----------------- | --------------------------------------- | -------------------------------------------------------------------------------------------------- | | ||
| | CI platform | GitHub Actions | GitHub Actions | |
There was a problem hiding this comment.
| | CI platform | GitHub Actions | GitHub Actions | | |
| | CI platform | OpenShift Prow CI | GitHub Actions | |
| | On-demand trigger | `/test address-review-comments` | Target repo trigger (`check_run`/`status` failure → `repository_dispatch`), or `workflow_dispatch` | | ||
| | PR scope | `app/hypershift-jira-solve-ci` PRs only | All open PRs in allowed repos (`team-repos.csv`) | | ||
| | Max items per run | 10 PRs (review agent) | 4 PRs (configurable via `PR_AGENT_MAX_PRS`) | | ||
| | Max budget per PR | $5.00 per PR | $5.00 per PR (configurable via `MAX_BUDGET_PER_PR`, passed to `--max-budget-usd`) | |
There was a problem hiding this comment.
Not sure, https://hypershift.pages.dev/how-to/ci/ai-assisted-ci-jobs/#review-agent but looks like Max Budget and Max Agentic Turns per PR are different?
We should prefer the cost budgeting approach tho.
| types: [opened, synchronize] | ||
| workflow_dispatch: | ||
| inputs: | ||
| pr_url: |
There was a problem hiding this comment.
QQ: where does the input for the pr_url populate from?
| - name: Authenticate to GCP (Workload Identity Federation) | ||
| uses: google-github-actions/auth@v2 | ||
| with: | ||
| workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }} |
There was a problem hiding this comment.
An eg. pitfall for Prow vs GH Actions is the challenge of sharing secrets over GitHub repos securely for multiple team members (our org perhaps restricts direct repo access to all members for security reasons - which can quickly turn into a problem for you).
This is something the OpenShift CI natively solves, might want to look at https://docs.ci.openshift.org/how-tos/adding-a-new-secret-to-ci/.
No description provided.