Skip to content

rpc,tenantcapabilities: allow cross tenant reads in shared service #24817

rpc,tenantcapabilities: allow cross tenant reads in shared service

rpc,tenantcapabilities: allow cross tenant reads in shared service #24817

Workflow file for this run

name: PR code coverage (generate)
on:
pull_request:
types: [ opened, reopened, synchronize ]
branches: [ master ]
jobs:
code-cover-gen:
runs-on: ubuntu-latest
env:
PR: ${{ github.event.pull_request.number }}
HEAD_SHA: ${{ github.event.pull_request.head.sha }}
GH_TOKEN: ${{ github.token }}
FETCH_DEPTH: 15
steps:
- uses: actions/checkout@v3
with:
# By default, checkout merges the PR into the current master.
# Instead, we want to check out the PR as is.
ref: ${{ github.event.pull_request.head.sha }}
# Fetching the entire history is much slower; we only fetch the last
# 15 commits. As such, we don't support PRs with 15 commits or more
# (we cannot get to the "base" commit).
fetch-depth: ${{ env.FETCH_DEPTH }}
- name: Set up Bazel cache
uses: actions/cache@v3
with:
path: |
~/.cache/bazel
key: ${{ runner.os }}-bazel-${{ hashFiles('.bazelversion', '.bazelrc', 'WORKSPACE', 'WORKSPACE.bazel', 'MODULE.bazel') }}
restore-keys: |
${{ runner.os }}-bazel-
- name: Get list of changed packages
continue-on-error: true
shell: bash
run: |
set -euxo pipefail
MAX_CHANGED_PKGS=20
FETCH_DEPTH=${{ env.FETCH_DEPTH }}
mkdir -p artifacts
skip() {
echo "Skipping code coverage on PR #$PR: $1"
# Generate the json files with an error (which will show up in Reviewable).
msg="$1; see $GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID."
jq -n --arg err "$msg" '{error: $err}' > artifacts/cover-${PR}-${HEAD_SHA}.json
if [ -n "${BASE_SHA:-}" ]; then
jq -n --arg err "$msg" '{error: $err}' > artifacts/cover-${PR}-${BASE_SHA}.json
fi
echo "SKIP=true" >> "${GITHUB_ENV}"
exit 1
}
# To get the base commit, we get the number of commits in the PR.
# Note that github.event.pull_request.base.sha is not what we want,
# that is the tip of master and not necessarily the PR fork point.
NUM_COMMITS=$(gh pr view $PR --json commits --jq '.commits | length')
# The number of commits bust be below the checkout fetch-depth.
if [ ${NUM_COMMITS} -ge ${FETCH_DEPTH} ]; then
echo "ERROR=too many commits (${NUM_COMMITS})" >> ${GITHUB_ENV}
exit 1
fi
BASE_SHA=$(git rev-parse HEAD~${NUM_COMMITS})
CHANGED_PKGS=$(build/ghactions/changed-go-pkgs.sh ${BASE_SHA} ${HEAD_SHA})
NUM_CHANGED_PKGS=$(echo "${CHANGED_PKGS}" | wc -w)
if [ ${NUM_CHANGED_PKGS} -gt ${MAX_CHANGED_PKGS} ]; then
echo "ERROR=too many changed packages (${NUM_CHANGED_PKGS})" >> ${GITHUB_ENV}
exit 1
fi
echo "BASE_SHA=${BASE_SHA}" >> "${GITHUB_ENV}"
echo "CHANGED_PKGS=${CHANGED_PKGS}" >> "${GITHUB_ENV}"
- name: Run "after" test coverage
if: env.ERROR == ''
continue-on-error: true
shell: bash
run: |
set -euxo pipefail
CHANGED_PKGS='${{ env.CHANGED_PKGS }}'
# Make a copy of the script so that the "before" run below uses the
# same version.
cp build/ghactions/pr-codecov-run-tests.sh ${RUNNER_TEMP}/
if ! ${RUNNER_TEMP}/pr-codecov-run-tests.sh artifacts/cover-${PR}-${HEAD_SHA}.json "${CHANGED_PKGS}"; then
echo "ERROR=tests failed" >> ${GITHUB_ENV}
exit 1
fi
- name: Run "before" test coverage
if: env.ERROR == ''
continue-on-error: true
shell: bash
run: |
set -euxo pipefail
BASE_SHA='${{ env.BASE_SHA }}'
CHANGED_PKGS='${{ env.CHANGED_PKGS }}'
git checkout -f ${BASE_SHA}
if ! ${RUNNER_TEMP}/pr-codecov-run-tests.sh artifacts/cover-${PR}-${BASE_SHA}.json "${CHANGED_PKGS}"; then
echo "ERROR=tests failed on base branch" >> ${GITHUB_ENV}
exit 1
fi
- name: Finalize
shell: bash
run: |
ERROR='${{ env.ERROR }}'
if [ -n "$ERROR" ]; then
# Generate the json files with an error (which will show up in Reviewable).
msg="$ERROR; see [run]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID)."
jq -n --arg err "$msg" '{error: $err}' > artifacts/cover-${PR}-${HEAD_SHA}.json
BASE_SHA=${{ env.BASE_SHA }}
if [ -n "$BASE_SHA" ]; then
jq -n --arg err "$msg" '{error: $err}' > artifacts/cover-${PR}-${BASE_SHA}.json
fi
fi
- name: Upload artifacts
uses: actions/upload-artifact@v3
with:
name: cover
path: artifacts/cover-*.json