From bf51e8bdc0a3aba955e5c903867e23f7ed7414dd Mon Sep 17 00:00:00 2001 From: Ruslan Rotaru Date: Fri, 7 Nov 2025 15:51:56 +0000 Subject: [PATCH 1/2] fix: update amp-private trigger deploy pipeline path to build.yaml workflow --- .github/workflows/trigger-deploy.yml | 189 +++++++++++++++++---------- 1 file changed, 117 insertions(+), 72 deletions(-) diff --git a/.github/workflows/trigger-deploy.yml b/.github/workflows/trigger-deploy.yml index 7d50ab09e..98eb9becf 100644 --- a/.github/workflows/trigger-deploy.yml +++ b/.github/workflows/trigger-deploy.yml @@ -1,77 +1,122 @@ name: Trigger AMP Deploy on: - workflow_dispatch: - push: - tags: ["v*"] + workflow_dispatch: + push: + tags: ["v*"] + +permissions: + contents: read + actions: read jobs: - trigger-deploy: - runs-on: ubuntu-latest - steps: - - name: Verify containerize jobs and trigger deploy - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd - with: - github-token: ${{ secrets.AMP_INFRA_DISPATCH_TOKEN }} - script: | - // Find the Build workflow run - match by ref if triggered by push, otherwise get most recent - const currentRef = context.ref; - const isTagPush = context.eventName === 'push' && currentRef.startsWith('refs/tags/'); - - const runs = await github.request('GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs', { - owner: context.repo.owner, - repo: context.repo.repo, - workflow_id: 'build.yml', - status: 'success', - per_page: isTagPush ? 10 : 1 - }); - - if (runs.data.total_count === 0) { - core.setFailed('No successful Build workflow run found. Please run the Build workflow first.'); - } - - // If triggered by tag push, find the build run for this specific tag - let latestRun; - if (isTagPush) { - const buildRun = runs.data.workflow_runs.find(run => run.head_branch === currentRef.replace('refs/tags/', '') || run.head_ref === currentRef); - if (!buildRun) { - core.setFailed(`No successful Build workflow run found for tag ${currentRef}. Please ensure the Build workflow completed for this tag.`); - } - latestRun = buildRun; - } else { - latestRun = runs.data.workflow_runs[0]; - } - - // Get jobs for this workflow run - const jobs = await github.request('GET /repos/{owner}/{repo}/actions/runs/{run_id}/jobs', { - owner: context.repo.owner, - repo: context.repo.repo, - run_id: latestRun.id - }); - - // Check if all containerize jobs completed successfully - const containerizeJobs = jobs.data.jobs.filter(job => job.name.startsWith('Containerize')); - - if (containerizeJobs.length === 0) { - core.setFailed('Containerize jobs not found in the Build workflow run. Please ensure the containerize jobs have completed.'); - } - - const failedJobs = containerizeJobs.filter(job => job.conclusion !== 'success'); - if (failedJobs.length > 0) { - const failedJobNames = failedJobs.map(job => `${job.name} (${job.conclusion})`).join(', '); - core.setFailed(`Some containerize jobs did not complete successfully: ${failedJobNames}`); - } - - // All containerize jobs succeeded - trigger deploy - await github.rest.repos.createDispatchEvent({ - owner: 'edgeandnode', - repo: 'amp-infra', - event_type: 'build-completed', - client_payload: { - ref: latestRun.head_branch || latestRun.head_ref, - sha: latestRun.head_sha, - workflow_run_id: latestRun.id, - build_status: 'success', - repository: context.repo.repo - } - }); + trigger-deploy: + runs-on: ubuntu-latest + steps: + - name: Verify containerize jobs and trigger deploy + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + with: + github-token: ${{ secrets.AMP_INFRA_DISPATCH_TOKEN }} + script: | + // Find the Build workflow run - match by ref if triggered by push, otherwise get most recent + const currentRef = context.ref; + const currentSha = context.sha; + const isTagPush = context.eventName === 'push' && currentRef.startsWith('refs/tags/'); + const tagName = isTagPush ? currentRef.replace('refs/tags/', '') : null; + + try { + // First, get the workflow ID by listing workflows + const workflows = await github.request('GET /repos/{owner}/{repo}/actions/workflows', { + owner: context.repo.owner, + repo: context.repo.repo + }); + + const buildWorkflow = workflows.data.workflows.find(w => w.name === 'Build' || w.path === '.github/workflows/build.yml'); + if (!buildWorkflow) { + core.setFailed('Build workflow not found. Please ensure the build.yml workflow exists.'); + return; + } + + // Fetch workflow runs - get more for tag pushes to find the matching one + const runs = await github.request('GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs', { + owner: context.repo.owner, + repo: context.repo.repo, + workflow_id: buildWorkflow.id, + status: 'success', + per_page: isTagPush ? 30 : 10 + }); + + if (runs.data.total_count === 0) { + core.setFailed('No successful Build workflow run found. Please run the Build workflow first.'); + return; + } + + // If triggered by tag push, find the build run for this specific tag + // For tag runs, head_branch is null and head_ref contains the tag name + let latestRun; + if (isTagPush) { + const buildRun = runs.data.workflow_runs.find(run => { + // Match by tag name in head_ref (most reliable for tag runs) + // head_ref contains the tag name for tag-triggered runs + return run.head_ref === tagName || run.head_sha === currentSha; + }); + if (!buildRun) { + core.setFailed(`No successful Build workflow run found for tag ${tagName} (${currentRef}). Please ensure the Build workflow completed for this tag.`); + return; + } + latestRun = buildRun; + } else { + // For workflow_dispatch, try to match by SHA first, then use most recent + const matchingRun = runs.data.workflow_runs.find(run => run.head_sha === currentSha); + latestRun = matchingRun || runs.data.workflow_runs[0]; + } + + // Get jobs for this workflow run + const jobs = await github.request('GET /repos/{owner}/{repo}/actions/runs/{run_id}/jobs', { + owner: context.repo.owner, + repo: context.repo.repo, + run_id: latestRun.id + }); + + // Check if all containerize jobs completed successfully + const containerizeJobs = jobs.data.jobs.filter(job => job.name.startsWith('Containerize')); + + if (containerizeJobs.length === 0) { + core.setFailed('Containerize jobs not found in the Build workflow run. Please ensure the containerize jobs have completed.'); + return; + } + + // Filter out skipped jobs (they're fine) and check for actual failures + const failedJobs = containerizeJobs.filter(job => { + // Only consider jobs that actually ran (not skipped) + return job.conclusion !== 'success' && job.conclusion !== 'skipped'; + }); + + if (failedJobs.length > 0) { + const failedJobNames = failedJobs.map(job => `${job.name} (${job.conclusion})`).join(', '); + core.setFailed(`Some containerize jobs did not complete successfully: ${failedJobNames}`); + return; + } + + // Determine the ref to use - prefer head_ref for tags, fallback to head_branch or currentRef + const deployRef = latestRun.head_ref || latestRun.head_branch || currentRef; + + // All containerize jobs succeeded - trigger deploy + await github.rest.repos.createDispatchEvent({ + owner: 'edgeandnode', + repo: 'amp-infra', + event_type: 'build-completed', + client_payload: { + ref: deployRef, + sha: latestRun.head_sha, + workflow_run_id: latestRun.id, + build_status: 'success', + repository: context.repo.repo + } + }); + + core.info(`Successfully triggered deploy for ${deployRef} (${latestRun.head_sha})`); + } catch (error) { + core.setFailed(`Failed to trigger deploy: ${error.message}`); + throw error; + } From a304f58a30b0cadc399b3eecbf11d5350e265ca4 Mon Sep 17 00:00:00 2001 From: Ruslan Rotaru Date: Fri, 7 Nov 2025 15:55:08 +0000 Subject: [PATCH 2/2] change trigger-deploy to work from a feature branch --- .github/workflows/trigger-deploy.yml | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/.github/workflows/trigger-deploy.yml b/.github/workflows/trigger-deploy.yml index 98eb9becf..db4572f89 100644 --- a/.github/workflows/trigger-deploy.yml +++ b/.github/workflows/trigger-deploy.yml @@ -66,9 +66,27 @@ jobs: } latestRun = buildRun; } else { - // For workflow_dispatch, try to match by SHA first, then use most recent - const matchingRun = runs.data.workflow_runs.find(run => run.head_sha === currentSha); + // For workflow_dispatch, try to match by SHA first, then by branch/ref, then use most recent + // Extract branch name from ref (e.g., "refs/heads/feature-branch" -> "feature-branch") + const currentBranch = currentRef.startsWith('refs/heads/') + ? currentRef.replace('refs/heads/', '') + : null; + + let matchingRun = runs.data.workflow_runs.find(run => run.head_sha === currentSha); + + // If no SHA match and we have a branch, try matching by branch + if (!matchingRun && currentBranch) { + matchingRun = runs.data.workflow_runs.find(run => + run.head_branch === currentBranch || run.head_ref === currentBranch + ); + } + latestRun = matchingRun || runs.data.workflow_runs[0]; + + // Warn if we're using a fallback that might not match the current branch + if (!matchingRun && currentBranch && latestRun.head_branch !== currentBranch) { + core.warning(`No build run found for current branch "${currentBranch}" (${currentSha}). Using most recent build from "${latestRun.head_branch || latestRun.head_ref || 'unknown'}" branch.`); + } } // Get jobs for this workflow run