Added missing workflow files

Signed-off-by: Shlomi Noach <[email protected]>
vitessio · Dec 31, 2024 · 815a42f · 815a42f
1 parent 4093857
commit 815a42f
Show file tree

Hide file tree

Showing 41 changed files with 5,401 additions and 0 deletions.
diff --git a/.github/workflows/assign_milestone.yml b/.github/workflows/assign_milestone.yml
@@ -0,0 +1,30 @@
+name: Assign Milestone
+
+on:
+  pull_request_target:
+    types: [opened]
+
+permissions: read-all
+
+env:
+  GH_TOKEN: ${{ github.token }}
+
+jobs:
+  build:
+    name: Assign Milestone
+    runs-on: ubuntu-24.04
+    permissions:
+      pull-requests: write
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+      - name: Set up Go
+        uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+        with:
+          go-version-file: go.mod
+
+      - name: Assign Milestone
+        run: |
+          gh pr edit ${{ github.event.number }} --milestone "v$(sed -n 's/.*versionName.*\"\([[:digit:]\.]*\).*\"/\1/p' ./go/vt/servenv/version.go)"
diff --git a/.github/workflows/auto_approve_pr.yml b/.github/workflows/auto_approve_pr.yml
@@ -0,0 +1,29 @@
+name: Auto Approval of Bot Pull Requests
+on:
+  pull_request:
+    types: [opened, reopened]
+
+permissions:
+  contents: read
+
+jobs:
+  auto_approve:
+    name: Auto Approve Pull Request
+    runs-on: ubuntu-24.04
+
+    permissions:
+      pull-requests: write  # only given on local PRs, forks run with `read` access
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - name: Auto Approve Pull Request
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          # here we are checking that the PR has been created by the vitess-bot[bot] account and that it is not a draft
+          # if there is a merge conflict in the backport, the PR will always be created as a draft, meaning we can rely
+          # on checking whether or not the PR is a draft
+          if [[ "${{github.event.pull_request.user.login}}" ==  "vitess-bot[bot]" ]] && [[ "${{github.event.pull_request.draft}}" == "false" ]]; then
+            gh pr review ${{ github.event.pull_request.number }} --approve
+          fi
diff --git a/.github/workflows/check_label.yml b/.github/workflows/check_label.yml
@@ -0,0 +1,80 @@
+name: Check Pull Request labels
+on:
+  pull_request:
+    types: [opened, labeled, unlabeled, synchronize]
+
+permissions: read-all
+
+jobs:
+  check_pull_request_labels:
+    name: Check Pull Request labels
+    timeout-minutes: 10
+    runs-on: ubuntu-24.04
+    if: github.repository == 'vitessio/vitess'
+    steps:
+      - name: Release Notes label
+        run: |
+          if [[ "${{contains( github.event.pull_request.labels.*.name, 'release notes (needs details)')}}" == "true" ]]; then
+            echo The "release notes (needs details)" label is set. The changes made in this Pull Request need to be documented in the release notes summary "('./changelog/17.0/17.0.0/summary.md')". Once documented, the "release notes (needs details)" label can be removed.
+            exit 1
+          fi
+
+      - name: Check type and component labels
+        env:
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: |
+          LABELS_JSON="/tmp/labels.json"
+          # Get labels for this pull request
+          curl -s \
+            -H 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
+            -H "Accept: application/vnd.github.v3+json" \
+            -H "Content-type: application/json" \
+            "https://api.github.com/repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" \
+            > "$LABELS_JSON"
+          if ! cat ${LABELS_JSON} | jq -r '.[].name ' | grep -q 'Component:' ; then
+            echo "Expecting PR to have label 'Component: ...'"
+            exit 1
+          fi
+          if ! cat ${LABELS_JSON} | jq -r '.[].name ' | grep -q 'Type:' ; then
+            echo "Expecting PR to have label 'Type: ...'"
+            exit 1
+          fi
+
+      - name: Check all Needs labels are off
+        env:
+          PR_NUMBER: ${{ github.event.pull_request.number }}
+        run: |
+          LABELS_JSON="/tmp/labels.json"
+          # Get labels for this pull request
+          curl -s \
+            -H 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \
+            -H "Accept: application/vnd.github.v3+json" \
+            -H "Content-type: application/json" \
+            "https://api.github.com/repos/${GITHUB_REPOSITORY}/issues/${PR_NUMBER}/labels" \
+            > "$LABELS_JSON"
+          if cat ${LABELS_JSON} | jq -r '.[].name ' | grep -q 'NeedsDescriptionUpdate' ; then
+            echo "Expecting PR to not have the NeedsDescriptionUpdate label, please update the PR's description and remove the label."
+            exit 1
+          fi
+          if cat ${LABELS_JSON} | jq -r '.[].name ' | grep -q 'NeedsWebsiteDocsUpdate' ; then
+            echo "Expecting PR to not have the NeedsWebsiteDocsUpdate label, please update the documentation and remove the label."
+            exit 1
+          fi
+          if cat ${LABELS_JSON} | jq -r '.[].name ' | grep -q 'NeedsIssue' ; then
+            echo "Expecting PR to not have the NeedsIssue label; please create a linked issue and remove the label."
+            exit 1
+          fi
+          if cat ${LABELS_JSON} | jq -r '.[].name ' | grep -q 'NeedsBackportReason' ; then
+            if cat ${LABELS_JSON} | jq -r '.[].name ' | grep -q 'Backport to:'; then
+              echo "Expecting PR to not have the NeedsBackportReason label; please add your justification to the PR description and remove the label."
+              exit 1
+            fi
+          fi
+          
+
+      - name: Do Not Merge label
+        run: |
+          if [[ "${{contains( github.event.pull_request.labels.*.name, 'Do Not Merge')}}" == "true" ]]; then
+            echo "This PR should not be merged. The 'Do Not Merge' label is set. Please unset it if you wish to merge this PR."
+            exit 1
+          fi
diff --git a/.github/workflows/check_make_vtadmin_authz_testgen.yml b/.github/workflows/check_make_vtadmin_authz_testgen.yml
@@ -0,0 +1,77 @@
+name: check_make_vtadmin_authz_testgen
+on: [push, pull_request]
+
+permissions: read-all
+
+jobs:
+  build:
+    name: Check Make vtadmin_authz_testgen
+    runs-on: ubuntu-24.04
+    steps:
+    - name: Skip CI
+      run: |
+        if [[ "${{contains( github.event.pull_request.labels.*.name, 'Skip CI')}}" == "true" ]]; then
+          echo "skipping CI due to the 'Skip CI' label"
+          exit 1
+        fi
+
+    - name: Check if workflow needs to be skipped
+      id: skip-workflow
+      run: |
+        skip='false'
+        if [[ "${{github.event.pull_request}}" ==  "" ]] && [[ "${{github.ref}}" != "refs/heads/main" ]] && [[ ! "${{github.ref}}" =~ ^refs/heads/release-[0-9]+\.[0-9]$ ]] && [[ ! "${{github.ref}}" =~ "refs/tags/.*" ]]; then
+          skip='true'
+        fi
+        echo Skip ${skip}
+        echo "skip-workflow=${skip}" >> $GITHUB_OUTPUT
+
+    - name: Check out code
+      if: steps.skip-workflow.outputs.skip-workflow == 'false'
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+    - name: Check for changes in relevant files
+      if: steps.skip-workflow.outputs.skip-workflow == 'false'
+      uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a # v3.0.1
+      id: changes
+      with:
+        token: ''
+        filters: |
+          vtadmin_changes:
+            - 'bootstrap.sh'
+            - 'tools/**'
+            - 'build.env'
+            - 'go.sum'
+            - 'go.mod'
+            - 'Makefile'
+            - 'go/vt/vtadmin/**'
+            - '.github/workflows/check_make_vtadmin_authz_testgen.yml'
+
+    - name: Set up Go
+      uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.vtadmin_changes == 'true'
+      with:
+        go-version-file: go.mod
+
+    - name: Tune the OS
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.vtadmin_changes == 'true'
+      run: |
+        sudo sysctl -w net.ipv4.ip_local_port_range="22768 65535"
+
+    - name: Get dependencies
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.vtadmin_changes == 'true'
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y make unzip g++ etcd-client etcd-server curl git wget
+        sudo service etcd stop
+        go mod download
+        go install golang.org/x/tools/cmd/goimports@latest
+
+    - name: Run make minimaltools
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.vtadmin_changes == 'true'
+      run: |
+        make minimaltools
+
+    - name: check_make_vtadmin_authz_testgen
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.vtadmin_changes == 'true'
+      run: |
+        tools/check_make_vtadmin_authz_testgen.sh
diff --git a/.github/workflows/check_make_vtadmin_web_proto.yml b/.github/workflows/check_make_vtadmin_web_proto.yml
@@ -0,0 +1,72 @@
+name: check_make_vtadmin_web_proto
+on: [push, pull_request]
+
+permissions: read-all
+
+jobs:
+  build:
+    name: Check Make VTAdmin Web Proto
+    runs-on: ubuntu-24.04
+    steps:
+    - name: Skip CI
+      run: |
+        if [[ "${{contains( github.event.pull_request.labels.*.name, 'Skip CI')}}" == "true" ]]; then
+          echo "skipping CI due to the 'Skip CI' label"
+          exit 1
+        fi
+
+    - name: Check if workflow needs to be skipped
+      id: skip-workflow
+      run: |
+        skip='false'
+        if [[ "${{github.event.pull_request}}" ==  "" ]] && [[ "${{github.ref}}" != "refs/heads/main" ]] && [[ ! "${{github.ref}}" =~ ^refs/heads/release-[0-9]+\.[0-9]$ ]] && [[ ! "${{github.ref}}" =~ "refs/tags/.*" ]]; then
+          skip='true'
+        fi
+        echo Skip ${skip}
+        echo "skip-workflow=${skip}" >> $GITHUB_OUTPUT
+
+    - name: Check out code
+      if: steps.skip-workflow.outputs.skip-workflow == 'false'
+      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+
+    - name: Check for changes in relevant files
+      if: steps.skip-workflow.outputs.skip-workflow == 'false'
+      uses: dorny/paths-filter@ebc4d7e9ebcb0b1eb21480bb8f43113e996ac77a # v3.0.1
+      id: changes
+      with:
+        token: ''
+        filters: |
+          proto_changes:
+            - 'bootstrap.sh'
+            - 'tools/**'
+            - 'build.env'
+            - 'go.sum'
+            - 'go.mod'
+            - 'Makefile'
+            - 'go/vt/proto/**'
+            - 'proto/*.proto'
+            - 'web/vtadmin/src/proto/**'
+            - '.github/workflows/check_make_vtadmin_web_proto.yml'
+
+    - name: Set up Go
+      uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.proto_changes == 'true'
+      with:
+        go-version-file: go.mod
+
+    - name: Setup Node
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.proto_changes == 'true'
+      uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+      with:
+        # node-version should match package.json
+        node-version: '20.12.2'
+
+    - name: Install npm dependencies
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.proto_changes == 'true'
+      run: npm ci
+      working-directory: ./web/vtadmin
+
+    - name: check_make_vtadmin_web_proto
+      if: steps.skip-workflow.outputs.skip-workflow == 'false' && steps.changes.outputs.proto_changes == 'true'
+      run: |
+        tools/check_make_vtadmin_web_proto.sh
diff --git a/.github/workflows/close_stale_pull_requests.yml b/.github/workflows/close_stale_pull_requests.yml
@@ -0,0 +1,34 @@
+name: close_stale_pull_requests
+on:
+  schedule:
+    - cron: '0 1 * * *'
+
+  workflow_dispatch: {}
+
+permissions: read-all
+
+jobs:
+  close_stale_pull_requests:
+    runs-on: ubuntu-24.04
+    permissions:
+      pull-requests: write
+
+    steps:
+      - uses: actions/stale@f7176fd3007623b69d27091f9b9d4ab7995f0a06 # v5.2.1
+        with:
+          days-before-stale: 30
+          # Do not handle issues at all. We only want to handle PRs.
+          days-before-issue-stale: -1
+
+          stale-pr-message: |
+            This PR is being marked as stale because it has been open for 30 days with no activity. To rectify, you may do any of the following:
+
+            - Push additional commits to the associated branch.
+            - Remove the stale label.
+            - Add a comment indicating why it is not stale.
+
+            If no action is taken within 7 days, this PR will be closed.
+          close-pr-message: "This PR was closed because it has been stale for 7 days with no activity."
+
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
diff --git a/.github/workflows/code_freeze.yml b/.github/workflows/code_freeze.yml
@@ -0,0 +1,14 @@
+name: Code Freeze
+on:
+  pull_request:
+
+permissions: read-all
+
+jobs:
+  build:
+    name: Code Freeze
+    runs-on: ubuntu-24.04
+    steps:
+    - name: Fail if Code Freeze is enabled
+      run: |
+        exit 0