Skip to content

Commit

Permalink
Add Test Env Require Approval Action (#3005) (#3016)
Browse files Browse the repository at this point in the history
* Add require approval stage so only maintainers can start CI stage without approval

Signed-off-by: Peter Zhu <[email protected]>

* Add more

Signed-off-by: Peter Zhu <[email protected]>

* Add more

Signed-off-by: Peter Zhu <[email protected]>

* Add old files

Signed-off-by: Peter Zhu <[email protected]>

* Update require-approval.yml

Signed-off-by: Peter Zhu <[email protected]>

---------

Signed-off-by: Peter Zhu <[email protected]>
(cherry picked from commit 9de2d23)

Co-authored-by: Peter Zhu <[email protected]>
  • Loading branch information
1 parent 670e461 commit a364f14
Show file tree
Hide file tree
Showing 2 changed files with 45 additions and 5 deletions.
14 changes: 9 additions & 5 deletions .github/workflows/CI-workflow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,16 @@ permissions:
contents: read

jobs:
Get-Require-Approval:
uses: ./.github/workflows/require-approval.yml

Get-CI-Image-Tag:
uses: opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main
with:
product: opensearch

Build-ml-linux:
needs: Get-CI-Image-Tag
needs: [Get-Require-Approval, Get-CI-Image-Tag]
strategy:
matrix:
java: [11, 17, 21]
Expand All @@ -29,7 +32,7 @@ jobs:

name: Build and Test MLCommons Plugin on linux
if: github.repository == 'opensearch-project/ml-commons'
environment: ml-commons-cicd-env
environment: ${{ needs.Get-Require-Approval.outputs.is-require-approval }}
outputs:
build-test-linux: ${{ steps.step-build-test-linux.outputs.build-test-linux }}
runs-on: ubuntu-latest
Expand Down Expand Up @@ -87,14 +90,14 @@ jobs:


Test-ml-linux-docker:
needs: Build-ml-linux
needs: [Get-Require-Approval, Build-ml-linux]
strategy:
matrix:
java: [11, 17, 21]

name: Test MLCommons Plugin on linux docker
if: github.repository == 'opensearch-project/ml-commons'
environment: ml-commons-cicd-env
environment: ${{ needs.Get-Require-Approval.outputs.is-require-approval }}
runs-on: ubuntu-latest

steps:
Expand Down Expand Up @@ -184,7 +187,8 @@ jobs:
java: [11, 17, 21]
name: Build and Test MLCommons Plugin on Windows
if: github.repository == 'opensearch-project/ml-commons'
environment: ml-commons-cicd-env
needs: [Get-Require-Approval]
environment: ${{ needs.Get-Require-Approval.outputs.is-require-approval }}
runs-on: windows-latest

steps:
Expand Down
36 changes: 36 additions & 0 deletions .github/workflows/require-approval.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
---
name: Check if the workflow require approval
on:
workflow_call:
outputs:
is-require-approval:
description: The ci image version for linux build
value: ${{ jobs.Require-Approval.outputs.output-is-require-approval }}

jobs:
Require-Approval:
runs-on: ubuntu-latest
outputs:
output-is-require-approval: ${{ steps.step-is-require-approval.outputs.is-require-approval }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.base.sha }}
- name: Get CodeOwner List
id: step-is-require-approval
run: |
github_event=${{ github.event_name }}
if [[ "$github_event" = "push" ]]; then
echo "Push event does not need approval"
echo "is-require-approval=ml-commons-cicd-env" >> $GITHUB_OUTPUT
else
approvers=$(cat .github/CODEOWNERS | grep @ | tr -d '* ' | sed 's/@/,/g' | sed 's/,//1')
author=${{ github.event.pull_request.user.login }}
if [[ "$approvers" =~ "$author" ]]; then
echo "$author is in the approval list"
echo "is-require-approval=ml-commons-cicd-env" >> $GITHUB_OUTPUT
else
echo "$author is not in the approval list"
echo "is-require-approval=ml-commons-cicd-env-require-approval" >> $GITHUB_OUTPUT
fi
fi

0 comments on commit a364f14

Please sign in to comment.