From 0f0822d53f37ea9da8bf838e5b3c62b05afe2f10 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Thu, 13 Dec 2018 16:33:02 -0800 Subject: WIP: Utilize the GitHub Check Feature --- tools/run_tests/python_utils/check_on_pr.py | 98 +++++++++++++++++++++++++++++ 1 file changed, 98 insertions(+) create mode 100644 tools/run_tests/python_utils/check_on_pr.py (limited to 'tools/run_tests') diff --git a/tools/run_tests/python_utils/check_on_pr.py b/tools/run_tests/python_utils/check_on_pr.py new file mode 100644 index 0000000000..96418bf2d3 --- /dev/null +++ b/tools/run_tests/python_utils/check_on_pr.py @@ -0,0 +1,98 @@ +# Copyright 2018 The gRPC Authors +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import print_function +import os +import json +import time +import datetime + +import requests +import jwt + +_GITHUB_API_PREFIX = 'https://api.github.com' +_GITHUB_REPO = 'lidizheng/grpc' +_GITHUB_APP_ID = 22288 +_INSTALLATION_ID = 516307 +_GITHUB_APP_KEY = open(os.environ['HOME'] + '/.ssh/google-grpc-checker.2018-12-13.private-key.pem', 'r').read() + +_ACCESS_TOKEN_CACHE = None + +def _jwt_token(): + return jwt.encode({ + 'iat': int(time.time()), + 'exp': int(time.time() + 60 * 10), # expire in 10 minutes + 'iss': _GITHUB_APP_ID, + }, _GITHUB_APP_KEY, algorithm='RS256') + +def _access_token(): + global _ACCESS_TOKEN_CACHE + if _ACCESS_TOKEN_CACHE == None or _ACCESS_TOKEN_CACHE['exp'] < time.time(): + resp = requests.post( + url='https://api.github.com/app/installations/%s/access_tokens' % _INSTALLATION_ID, + headers={ + 'Authorization': 'Bearer %s' % _jwt_token().decode('ASCII'), + 'Accept': 'application/vnd.github.machine-man-preview+json', + } + ) + _ACCESS_TOKEN_CACHE = {'token': resp.json()['token'], 'exp': time.time()+60} + return _ACCESS_TOKEN_CACHE['token'] + +def _call(url, method='GET', json=None): + if not url.startswith('https://'): + url = _GITHUB_API_PREFIX + url + headers={ + 'Authorization': 'Bearer %s' % _access_token(), + 'Accept': 'application/vnd.github.antiope-preview+json', + } + return requests.request( + method=method, + url=url, + headers=headers, + json=json) + +def _latest_commit(): + resp = _call('/repos/%s/pulls/%s/commits' % (_GITHUB_REPO, os.environ['ghprbPullId'])) + return resp.json()[-1] + +def check_on_pr(name, summary, success=True): + """Create/Update a check on current pull request. + + The check runs are aggregated by their name, so newer check will update the + older check with the same name. + + Requires environment variable 'ghprbPullId' to indicate which pull request + should be updated. + + Args: + name: The name of the check. + summary: A str in Markdown to be used as the detail information of the check. + success: A bool indicates whether the check is succeed or not. + """ + if 'ghprbPullId' not in os.environ: + print('Missing ghprbPullId env var: not commenting') + return + commit = _latest_commit() + resp = _call('/repos/%s/check-runs' % _GITHUB_REPO, method='POST', json={ + 'name': name, + 'head_sha': commit['sha'], + 'status': 'completed', + 'completed_at': '%sZ' % datetime.datetime.utcnow().replace(microsecond=0).isoformat(), + 'conclusion': 'success' if success else 'failure', + 'output': { + 'title': name, + 'summary': summary, + } + }) + print('Result of Creating/Updating Check on PR:', json.dumps(resp.json(), indent=2)) -- cgit v1.2.3 From 5a38d1956fb7007108a310e0280df58c9c824cec Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Fri, 14 Dec 2018 10:08:22 -0800 Subject: Make yapf happy --- tools/run_tests/python_utils/check_on_pr.py | 78 ++++++++++++++++++----------- 1 file changed, 49 insertions(+), 29 deletions(-) (limited to 'tools/run_tests') diff --git a/tools/run_tests/python_utils/check_on_pr.py b/tools/run_tests/python_utils/check_on_pr.py index 96418bf2d3..935d59713e 100644 --- a/tools/run_tests/python_utils/check_on_pr.py +++ b/tools/run_tests/python_utils/check_on_pr.py @@ -25,47 +25,57 @@ _GITHUB_API_PREFIX = 'https://api.github.com' _GITHUB_REPO = 'lidizheng/grpc' _GITHUB_APP_ID = 22288 _INSTALLATION_ID = 516307 -_GITHUB_APP_KEY = open(os.environ['HOME'] + '/.ssh/google-grpc-checker.2018-12-13.private-key.pem', 'r').read() +_GITHUB_APP_KEY = open( + os.environ['HOME'] + '/.ssh/google-grpc-checker.2018-12-13.private-key.pem', + 'r').read() _ACCESS_TOKEN_CACHE = None + def _jwt_token(): - return jwt.encode({ - 'iat': int(time.time()), - 'exp': int(time.time() + 60 * 10), # expire in 10 minutes - 'iss': _GITHUB_APP_ID, - }, _GITHUB_APP_KEY, algorithm='RS256') + return jwt.encode( + { + 'iat': int(time.time()), + 'exp': int(time.time() + 60 * 10), # expire in 10 minutes + 'iss': _GITHUB_APP_ID, + }, + _GITHUB_APP_KEY, + algorithm='RS256') + def _access_token(): global _ACCESS_TOKEN_CACHE if _ACCESS_TOKEN_CACHE == None or _ACCESS_TOKEN_CACHE['exp'] < time.time(): resp = requests.post( - url='https://api.github.com/app/installations/%s/access_tokens' % _INSTALLATION_ID, + url='https://api.github.com/app/installations/%s/access_tokens' % + _INSTALLATION_ID, headers={ 'Authorization': 'Bearer %s' % _jwt_token().decode('ASCII'), 'Accept': 'application/vnd.github.machine-man-preview+json', - } - ) - _ACCESS_TOKEN_CACHE = {'token': resp.json()['token'], 'exp': time.time()+60} + }) + _ACCESS_TOKEN_CACHE = { + 'token': resp.json()['token'], + 'exp': time.time() + 60 + } return _ACCESS_TOKEN_CACHE['token'] + def _call(url, method='GET', json=None): if not url.startswith('https://'): url = _GITHUB_API_PREFIX + url - headers={ + headers = { 'Authorization': 'Bearer %s' % _access_token(), 'Accept': 'application/vnd.github.antiope-preview+json', } - return requests.request( - method=method, - url=url, - headers=headers, - json=json) + return requests.request(method=method, url=url, headers=headers, json=json) + def _latest_commit(): - resp = _call('/repos/%s/pulls/%s/commits' % (_GITHUB_REPO, os.environ['ghprbPullId'])) + resp = _call('/repos/%s/pulls/%s/commits' % (_GITHUB_REPO, + os.environ['ghprbPullId'])) return resp.json()[-1] + def check_on_pr(name, summary, success=True): """Create/Update a check on current pull request. @@ -84,15 +94,25 @@ def check_on_pr(name, summary, success=True): print('Missing ghprbPullId env var: not commenting') return commit = _latest_commit() - resp = _call('/repos/%s/check-runs' % _GITHUB_REPO, method='POST', json={ - 'name': name, - 'head_sha': commit['sha'], - 'status': 'completed', - 'completed_at': '%sZ' % datetime.datetime.utcnow().replace(microsecond=0).isoformat(), - 'conclusion': 'success' if success else 'failure', - 'output': { - 'title': name, - 'summary': summary, - } - }) - print('Result of Creating/Updating Check on PR:', json.dumps(resp.json(), indent=2)) + resp = _call( + '/repos/%s/check-runs' % _GITHUB_REPO, + method='POST', + json={ + 'name': + name, + 'head_sha': + commit['sha'], + 'status': + 'completed', + 'completed_at': + '%sZ' % + datetime.datetime.utcnow().replace(microsecond=0).isoformat(), + 'conclusion': + 'success' if success else 'failure', + 'output': { + 'title': name, + 'summary': summary, + } + }) + print('Result of Creating/Updating Check on PR:', + json.dumps(resp.json(), indent=2)) -- cgit v1.2.3 From a744221a2c5b93d8bd90c266ffea68de34c44acd Mon Sep 17 00:00:00 2001 From: Nicolas Noble Date: Fri, 14 Dec 2018 14:14:46 -0800 Subject: Editing appid and installation id Created these from the grpc-bot account. --- tools/run_tests/python_utils/check_on_pr.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'tools/run_tests') diff --git a/tools/run_tests/python_utils/check_on_pr.py b/tools/run_tests/python_utils/check_on_pr.py index 935d59713e..f756e4bdaa 100644 --- a/tools/run_tests/python_utils/check_on_pr.py +++ b/tools/run_tests/python_utils/check_on_pr.py @@ -22,9 +22,9 @@ import requests import jwt _GITHUB_API_PREFIX = 'https://api.github.com' -_GITHUB_REPO = 'lidizheng/grpc' -_GITHUB_APP_ID = 22288 -_INSTALLATION_ID = 516307 +_GITHUB_REPO = 'grpc/grpc' +_GITHUB_APP_ID = 22338 +_INSTALLATION_ID = 519109 _GITHUB_APP_KEY = open( os.environ['HOME'] + '/.ssh/google-grpc-checker.2018-12-13.private-key.pem', 'r').read() -- cgit v1.2.3 From 6692429f31dc715e55fe37d95837b773494fcd99 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Mon, 17 Dec 2018 16:25:25 -0800 Subject: Download private key from KeyStore --- tools/internal_ci/linux/pull_request/grpc_microbenchmark_diff.cfg | 8 ++++++++ tools/internal_ci/linux/pull_request/grpc_trickle_diff.cfg | 8 ++++++++ tools/internal_ci/macos/pull_request/grpc_ios_binary_size.cfg | 8 ++++++++ tools/run_tests/python_utils/check_on_pr.py | 4 ++-- 4 files changed, 26 insertions(+), 2 deletions(-) (limited to 'tools/run_tests') diff --git a/tools/internal_ci/linux/pull_request/grpc_microbenchmark_diff.cfg b/tools/internal_ci/linux/pull_request/grpc_microbenchmark_diff.cfg index 47301d6141..3c62401cc3 100644 --- a/tools/internal_ci/linux/pull_request/grpc_microbenchmark_diff.cfg +++ b/tools/internal_ci/linux/pull_request/grpc_microbenchmark_diff.cfg @@ -17,6 +17,14 @@ # Location of the continuous shell script in repository. build_file: "grpc/tools/internal_ci/linux/grpc_microbenchmark_diff.sh" timeout_mins: 120 +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73836 + keyname: "grpc_checks_private_key" + } + } +} action { define_artifacts { regex: "**/*sponge_log.*" diff --git a/tools/internal_ci/linux/pull_request/grpc_trickle_diff.cfg b/tools/internal_ci/linux/pull_request/grpc_trickle_diff.cfg index 78358eac28..69e4427662 100644 --- a/tools/internal_ci/linux/pull_request/grpc_trickle_diff.cfg +++ b/tools/internal_ci/linux/pull_request/grpc_trickle_diff.cfg @@ -17,6 +17,14 @@ # Location of the continuous shell script in repository. build_file: "grpc/tools/internal_ci/linux/grpc_trickle_diff.sh" timeout_mins: 120 +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73836 + keyname: "grpc_checks_private_key" + } + } +} action { define_artifacts { regex: "**/*sponge_log.*" diff --git a/tools/internal_ci/macos/pull_request/grpc_ios_binary_size.cfg b/tools/internal_ci/macos/pull_request/grpc_ios_binary_size.cfg index fb215bdf99..1c4f7b2310 100644 --- a/tools/internal_ci/macos/pull_request/grpc_ios_binary_size.cfg +++ b/tools/internal_ci/macos/pull_request/grpc_ios_binary_size.cfg @@ -18,6 +18,14 @@ build_file: "grpc/tools/internal_ci/macos/grpc_ios_binary_size.sh" timeout_mins: 60 gfile_resources: "/bigstore/grpc-testing-secrets/github_credentials/oauth_token.txt" +before_action { + fetch_keystore { + keystore_resource { + keystore_config_id: 73836 + keyname: "grpc_checks_private_key" + } + } +} action { define_artifacts { regex: "**/*sponge_log.*" diff --git a/tools/run_tests/python_utils/check_on_pr.py b/tools/run_tests/python_utils/check_on_pr.py index f756e4bdaa..78f1dca817 100644 --- a/tools/run_tests/python_utils/check_on_pr.py +++ b/tools/run_tests/python_utils/check_on_pr.py @@ -26,8 +26,8 @@ _GITHUB_REPO = 'grpc/grpc' _GITHUB_APP_ID = 22338 _INSTALLATION_ID = 519109 _GITHUB_APP_KEY = open( - os.environ['HOME'] + '/.ssh/google-grpc-checker.2018-12-13.private-key.pem', - 'r').read() + os.path.join(os.environ['KOKORO_KEYSTORE_DIR'], '73836_grpc_checks_private_key'), + 'rb').read() _ACCESS_TOKEN_CACHE = None -- cgit v1.2.3 From eafb1d527d8fc1f367215429fde9421aac876ef2 Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Mon, 17 Dec 2018 18:14:58 -0800 Subject: Reorgnize dependencies and variables --- .../helper_scripts/prepare_build_linux_perf_rc | 5 ++++ .../helper_scripts/prepare_build_macos_rc | 4 ++- tools/run_tests/python_utils/check_on_pr.py | 35 +++++++++++----------- 3 files changed, 26 insertions(+), 18 deletions(-) (limited to 'tools/run_tests') diff --git a/tools/internal_ci/helper_scripts/prepare_build_linux_perf_rc b/tools/internal_ci/helper_scripts/prepare_build_linux_perf_rc index dc3c75a6a1..8223e03abd 100644 --- a/tools/internal_ci/helper_scripts/prepare_build_linux_perf_rc +++ b/tools/internal_ci/helper_scripts/prepare_build_linux_perf_rc @@ -34,4 +34,9 @@ fi sudo pip install tabulate +# Python dependencies for tools/run_tests/python_utils/check_on_pr.py +sudo -H pip install pyjwt cryptography requests + +ls -al "${KOKORO_KEYSTORE_DIR}/73836_grpc_checks_private_key" + git submodule update --init diff --git a/tools/internal_ci/helper_scripts/prepare_build_macos_rc b/tools/internal_ci/helper_scripts/prepare_build_macos_rc index bafe0d98c1..b770808db9 100644 --- a/tools/internal_ci/helper_scripts/prepare_build_macos_rc +++ b/tools/internal_ci/helper_scripts/prepare_build_macos_rc @@ -31,6 +31,8 @@ date pip install google-api-python-client oauth2client --user python export GOOGLE_APPLICATION_CREDENTIALS=${KOKORO_GFILE_DIR}/GrpcTesting-d0eeee2db331.json +ls -al "${KOKORO_KEYSTORE_DIR}/73836_grpc_checks_private_key" + # If this is a PR using RUN_TESTS_FLAGS var, then add flags to filter tests if [ -n "$KOKORO_GITHUB_PULL_REQUEST_NUMBER" ]; then set +x @@ -63,7 +65,7 @@ time pod repo update # needed by python # python time pip install virtualenv --user python -time pip install -U Mako six tox setuptools twisted pyyaml --user python +time pip install -U Mako six tox setuptools twisted pyyaml pyjwt cryptography requests --user python export PYTHONPATH=/Library/Python/3.4/site-packages # Install Python 3.7 diff --git a/tools/run_tests/python_utils/check_on_pr.py b/tools/run_tests/python_utils/check_on_pr.py index 78f1dca817..d59f99b252 100644 --- a/tools/run_tests/python_utils/check_on_pr.py +++ b/tools/run_tests/python_utils/check_on_pr.py @@ -25,21 +25,21 @@ _GITHUB_API_PREFIX = 'https://api.github.com' _GITHUB_REPO = 'grpc/grpc' _GITHUB_APP_ID = 22338 _INSTALLATION_ID = 519109 -_GITHUB_APP_KEY = open( - os.path.join(os.environ['KOKORO_KEYSTORE_DIR'], '73836_grpc_checks_private_key'), - 'rb').read() _ACCESS_TOKEN_CACHE = None def _jwt_token(): + github_app_key = open( + os.path.join(os.environ['KOKORO_KEYSTORE_DIR'], + '73836_grpc_checks_private_key'), 'rb').read() return jwt.encode( { 'iat': int(time.time()), 'exp': int(time.time() + 60 * 10), # expire in 10 minutes 'iss': _GITHUB_APP_ID, }, - _GITHUB_APP_KEY, + github_app_key, algorithm='RS256') @@ -90,25 +90,26 @@ def check_on_pr(name, summary, success=True): summary: A str in Markdown to be used as the detail information of the check. success: A bool indicates whether the check is succeed or not. """ + if 'KOKORO_GIT_COMMIT' not in os.environ: + print('Missing KOKORO_GIT_COMMIT env var: not checking') + return + if 'KOKORO_KEYSTORE_DIR' not in os.environ: + print('Missing KOKORO_KEYSTORE_DIR env var: not checking') + return if 'ghprbPullId' not in os.environ: - print('Missing ghprbPullId env var: not commenting') + print('Missing ghprbPullId env var: not checking') return - commit = _latest_commit() + completion_time = str( + datetime.datetime.utcnow().replace(microsecond=0).isoformat()) + 'Z' resp = _call( '/repos/%s/check-runs' % _GITHUB_REPO, method='POST', json={ - 'name': - name, - 'head_sha': - commit['sha'], - 'status': - 'completed', - 'completed_at': - '%sZ' % - datetime.datetime.utcnow().replace(microsecond=0).isoformat(), - 'conclusion': - 'success' if success else 'failure', + 'name': name, + 'head_sha': os.environ['KOKORO_GIT_COMMIT'], + 'status': 'completed', + 'completed_at': completion_time, + 'conclusion': 'success' if success else 'failure', 'output': { 'title': name, 'summary': summary, -- cgit v1.2.3 From 886a932a1a09a567bd790ea949d9ccc9df86cdba Mon Sep 17 00:00:00 2001 From: Lidi Zheng Date: Tue, 18 Dec 2018 14:24:58 -0800 Subject: Use KOKORO_GITHUB_PULL_REQUEST_NUMBER instead of ghprbPullId --- tools/run_tests/python_utils/check_on_pr.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'tools/run_tests') diff --git a/tools/run_tests/python_utils/check_on_pr.py b/tools/run_tests/python_utils/check_on_pr.py index d59f99b252..3f335c8ea9 100644 --- a/tools/run_tests/python_utils/check_on_pr.py +++ b/tools/run_tests/python_utils/check_on_pr.py @@ -71,8 +71,9 @@ def _call(url, method='GET', json=None): def _latest_commit(): - resp = _call('/repos/%s/pulls/%s/commits' % (_GITHUB_REPO, - os.environ['ghprbPullId'])) + resp = _call('/repos/%s/pulls/%s/commits' % + (_GITHUB_REPO, + os.environ['KOKORO_GITHUB_PULL_REQUEST_NUMBER'])) return resp.json()[-1] @@ -82,7 +83,7 @@ def check_on_pr(name, summary, success=True): The check runs are aggregated by their name, so newer check will update the older check with the same name. - Requires environment variable 'ghprbPullId' to indicate which pull request + Requires environment variable 'KOKORO_GITHUB_PULL_REQUEST_NUMBER' to indicate which pull request should be updated. Args: @@ -96,8 +97,8 @@ def check_on_pr(name, summary, success=True): if 'KOKORO_KEYSTORE_DIR' not in os.environ: print('Missing KOKORO_KEYSTORE_DIR env var: not checking') return - if 'ghprbPullId' not in os.environ: - print('Missing ghprbPullId env var: not checking') + if 'KOKORO_GITHUB_PULL_REQUEST_NUMBER' not in os.environ: + print('Missing KOKORO_GITHUB_PULL_REQUEST_NUMBER env var: not checking') return completion_time = str( datetime.datetime.utcnow().replace(microsecond=0).isoformat()) + 'Z' -- cgit v1.2.3