jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-30 12:02:01 -05:00
Code Issues Projects Releases Wiki Activity

Remove the concept of "undeployment" as a part of the PR deployment lifecycle (#23731)

Browse Source 
* Update remove-stale-staging-resources workflow to completely replace undeploy workflow
* Delete the staging-undeploy-pr workflow file
* Delete all undeployment scripts and logic
* Remove all references to the automated-block-deploy label used for undeployment
* Simplify staging cross-workflow concurrency needs
This commit is contained in:
James M. Greene
2022-01-06 10:27:48 -06:00
committed by GitHub
parent 00fc5553f6
commit be4249b57c
10 changed files with 67 additions and 423 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
.github/actions-scripts/staging-undeploy.js vendored
View File

@@ -1,50 +0,0 @@
#!/usr/bin/env node
import parsePrUrl from '../../script/deployment/parse-pr-url.js'
import getOctokit from '../../script/helpers/github.js'
import undeployFromStaging from '../../script/deployment/undeploy-from-staging.js'
const { GITHUB_TOKEN, HEROKU_API_TOKEN } = process.env
// Exit if GitHub Actions PAT is not found
if (!GITHUB_TOKEN) {
throw new Error('You must supply a GITHUB_TOKEN environment variable!')
}
// Exit if Heroku API token is not found
if (!HEROKU_API_TOKEN) {
throw new Error('You must supply a HEROKU_API_TOKEN environment variable!')
}
// This helper uses the `GITHUB_TOKEN` implicitly!
// We're using our usual version of Octokit vs. the provided `github`
// instance to avoid versioning discrepancies.
const octokit = getOctokit()
const { RUN_ID, PR_URL } = process.env
if (!RUN_ID) {
throw new Error('$RUN_ID not set')
}
if (!PR_URL) {
throw new Error('$PR_URL not set')
}
const { owner, repo, pullNumber } = parsePrUrl(PR_URL)
if (!owner || !repo || !pullNumber) {
throw new Error(
`'pullRequestUrl' input must match URL format 'https://github.com/github/(docs|docs-internal)/pull/123' but was '${PR_URL}'`
)
}
const { data: pullRequest } = await octokit.pulls.get({
owner,
repo,
pull_number: pullNumber,
})
await undeployFromStaging({
octokit,
pullRequest: pullRequest,
runId: RUN_ID,
})

12
.github/workflows/remove-stale-staging-resources.yml vendored
View File

@@ -4,8 +4,9 @@ name: Remove stale staging resources
# This cleans up any rogue staging applications and environments that outlasted
# the closure of their corresponding pull requests.
# **Why we have it**:
# Staging applications and environments sometimes fail to be destroyed when
# their corresponding pull request is closed or merged.
# Staging applications and environments should be destroyed after their
# corresponding pull request is closed or merged, especially to save money spent
# on Heroku App staging deployments for closed PRs.
# **Who does it impact**:
# Anyone with a closed, spammy, or deleted pull request in docs or docs-internal.
@@ -15,7 +16,8 @@ on:
permissions:
contents: read
pull-requests: read
deployments: write
pull-requests: write
jobs:
remove_stale_staging_apps:
@@ -60,5 +62,7 @@ jobs:
- name: Run script
run: script/remove-stale-staging-envs.js
env:
GITHUB_TOKEN: ${{ secrets.DOCS_BOT_FR }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
ELEVATED_TOKEN: ${{ secrets.DOCS_BOT_FR }}
REPO: ${{ github.repository }}
RUN_ID: ${{ github.run_id }}

18
.github/workflows/staging-build-and-deploy-pr.yml vendored
View File

@@ -25,9 +25,6 @@ permissions:
statuses: write
# This allows a subsequently queued workflow run to interrupt previous runs
# These are different from the concurrency in that here it checks if the
# whole workflow runs again. The "inner concurrency" is used for
# undeployments to cleaning up resources.
concurrency:
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true
@@ -44,11 +41,7 @@ jobs:
runs-on: self-hosted
timeout-minutes: 5
# This interrupts Build, Deploy, and pre-write Undeploy workflow runs in
# progress for this PR branch.
concurrency:
group: 'PR Staging @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true
steps:
- name: Check out repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
@@ -85,15 +78,6 @@ jobs:
DOCUBOT_REPO_PAT: ${{ secrets.DOCUBOT_REPO_PAT }}
GIT_BRANCH: ${{ github.event.pull_request.head.sha }}
- name: Check that the PR isn't blocking deploys
# We can't use ${{...}} on this if statement because of this bug
# https://github.com/cschleiden/actions-linter/issues/114
if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'automated-block-deploy')
run: |
echo "The PR appears to have the label 'automated-block-deploy'"
echo "Will not proceed to deploy the PR."
exit 2
- name: Create a Heroku build source
id: build-source
uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d

3
.github/workflows/staging-build-pr.yml vendored
View File

@@ -27,8 +27,7 @@ jobs:
runs-on: ${{ fromJSON('["ubuntu-latest", "self-hosted"]')[github.repository == 'github/docs-internal'] }}
timeout-minutes: 5
# This interrupts Build, Deploy, and pre-write Undeploy workflow runs in
# progress for this PR branch.
# This interrupts Build and Deploy workflow runs in progress for this PR branch.
concurrency:
group: 'PR Staging @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true

68
.github/workflows/staging-deploy-pr.yml vendored
View File

@@ -198,68 +198,12 @@ jobs:
color: failure
text: Staging build failed for PR ${{ needs.pr-metadata.outputs.url }} at commit ${{ needs.pr-metadata.outputs.head_sha }}. See ${{ env.BUILD_ACTIONS_RUN_LOG }}. This run was ${{ env.ACTIONS_RUN_LOG }}.
check-pr-before-prepare:
needs: pr-metadata
if: >-
${{
needs.pr-metadata.outputs.number != '0' &&
github.event.workflow_run.conclusion == 'success'
}}
runs-on: ubuntu-latest
# This timeout should match or exceed the value of the timeout for Undeploy
timeout-minutes: 5
# This interrupts Build, Deploy, and pre-write Undeploy workflow runs in
# progress for this PR branch.
concurrency:
group: 'PR Staging @ ${{ needs.pr-metadata.outputs.head_label }}'
cancel-in-progress: true
outputs:
pull_request_state: ${{ steps.check-pr.outputs.state }}
steps:
- name: Check pull request state
id: check-pr
uses: actions/github-script@2b34a689ec86a68d8ab9478298f91d5401337b7d
env:
PR_NUMBER: ${{ needs.pr-metadata.outputs.number }}
with:
script: |
// Equivalent of the 'await-sleep' module without the install
const sleep = ms => new Promise(resolve => setTimeout(resolve, ms))
const blockingLabel = 'automated-block-deploy'
const { owner, repo } = context.repo
const startTime = Date.now()
let pullRequest = {}
let blocked = true
// Keep polling the PR until the blocking label has been removed
while (blocked) {
const { data: pr } = await github.pulls.get({
owner,
repo,
pull_number: process.env.PR_NUMBER
})
blocked = pr.labels.some(({ name }) => name === blockingLabel)
if (blocked) {
console.warn(`WARNING! PR currently has blocking label "${blockingLabel}" (after ${Date.now() - startTime} ms). Will check again soon...`)
await sleep(15000) // Wait 15 seconds and check again
} else {
console.log(`PR was unblocked (after ${Date.now() - startTime} ms)!`)
pullRequest = pr
}
}
core.setOutput('state', pullRequest.state)
prepare-for-deploy:
needs: [pr-metadata, check-pr-before-prepare]
if: ${{ needs.check-pr-before-prepare.outputs.pull_request_state == 'open' }}
needs: pr-metadata
if: ${{ needs.pr-metadata.outputs.state == 'open' }}
runs-on: ubuntu-latest
timeout-minutes: 5
# This interrupts Build, Deploy, and pre-write Undeploy workflow runs in
# progress for this PR branch.
# This interrupts Build and Deploy workflow runs in progress for this PR branch.
concurrency:
group: 'PR Staging @ ${{ needs.pr-metadata.outputs.head_label }}'
cancel-in-progress: true
@@ -395,8 +339,7 @@ jobs:
needs: [pr-metadata, prepare-for-deploy]
runs-on: ubuntu-latest
timeout-minutes: 1
# This interrupts Build, Deploy, and pre-write Undeploy workflow runs in
# progress for this PR branch.
# This interrupts Build and Deploy workflow runs in progress for this PR branch.
concurrency:
group: 'PR Staging @ ${{ needs.pr-metadata.outputs.head_label }}'
cancel-in-progress: true
@@ -423,8 +366,7 @@ jobs:
if: ${{ needs.check-pr-before-deploy.outputs.pull_request_state == 'open' }}
runs-on: ubuntu-latest
timeout-minutes: 10
# This interrupts Build, Deploy, and pre-write Undeploy workflow runs in
# progress for this PR branch.
# This interrupts Build and Deploy workflow runs in progress for this PR branch.
concurrency:
group: 'PR Staging @ ${{ needs.pr-metadata.outputs.head_label }}'
cancel-in-progress: true

94
.github/workflows/staging-undeploy-pr.yml vendored
View File

@@ -1,94 +0,0 @@
name: Staging - Undeploy PR
# **What it does**: To undeploy PRs from a Heroku staging environment, i.e. destroy the Heroku App.
# **Why we have it**: To save money spent on deployments for closed PRs.
# **Who does it impact**: All contributors.
on:
pull_request_target:
types:
- closed
permissions:
contents: read
deployments: write
pull-requests: write
# This allows a subsequently queued workflow run to take priority over
# previously queued runs but NOT interrupt currently executing runs
concurrency:
group: '${{ github.workflow }} @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: false
jobs:
debug:
runs-on: ubuntu-latest
steps:
- name: Dump full context for debugging
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: echo "$GITHUB_CONTEXT"
cancel-jobs-before-undeploy:
if: ${{ github.repository == 'github/docs-internal' || github.repository == 'github/docs' }}
runs-on: ubuntu-latest
# This interrupts Build and Deploy workflow runs in progress for this PR
# branch. However, it does so with an intentionally short, independent job
# so that the following `undeploy` job cannot be cancelled once started!
concurrency:
group: 'PR Staging @ ${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true
steps:
- name: Cancelling other deployments via concurrency configuration
run: |
echo 'Cancelling other deployment runs (if any)...'
undeploy:
needs: cancel-jobs-before-undeploy
if: ${{ github.repository == 'github/docs-internal' || github.repository == 'github/docs' }}
runs-on: ubuntu-latest
timeout-minutes: 5
# IMPORTANT: Intentionally OMIT a `concurrency` configuration from this job!
steps:
- name: Add a label to the PR to block deployment during undeployment
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
with:
add-labels: 'automated-block-deploy'
- name: Check out repo's default branch
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
with:
# For enhanced security: https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
persist-credentials: 'false'
- name: Setup node
uses: actions/setup-node@04c56d2f954f1e4c69436aa54cfef261a018f458
with:
node-version: 16.13.x
cache: npm
- name: Install dependencies
run: npm ci
- name: Undeploy
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
HEROKU_API_TOKEN: ${{ secrets.HEROKU_API_TOKEN }}
RUN_ID: ${{ github.run_id }}
PR_URL: ${{ github.event.pull_request.html_url }}
run: .github/actions-scripts/staging-undeploy.js
- if: ${{ always() }}
name: Remove the label from the PR to unblock deployment
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90
with:
remove-labels: 'automated-block-deploy'
- name: Send Slack notification if workflow failed
uses: someimportantcompany/github-actions-slack-message@f8d28715e7b8a4717047d23f48c39827cacad340
if: ${{ failure() }}
with:
channel: ${{ secrets.DOCS_STAGING_DEPLOYMENT_FAILURES_SLACK_CHANNEL_ID }}
bot-token: ${{ secrets.SLACK_DOCS_BOT_TOKEN }}
color: failure
text: Staging undeployment failed for PR ${{ github.event.pull_request.html_url }} at commit ${{ github.head_sha }}. See https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}.