Add workflow_dispatch github event handling and upgrade rpc v2 (#84)

* Add workflow_dispatch github event handling * Update repo-policy-compliance package on charm upgrade * Improve the pre-job.j2 GH event not supported message * Always upgrade repo-policy-compliance package * Use new PR endpoint instead of legacy in pre-job.j2 * Log common env vars once in pre-job.j2 * Use prepared curl auth args in pre-job.j2 * Clarify environment handling in charm.py * Add curl timeout to pre-job.j2 * Fix curl argument expansion in pre-job.j2
canonical · Jul 12, 2023 · 6a71186 · 6a71186
1 parent a5e002e
commit 6a71186
Show file tree

Hide file tree

Showing 3 changed files with 70 additions and 14 deletions.
diff --git a/.github/workflows/workflow_dispatch_test.yaml b/.github/workflows/workflow_dispatch_test.yaml
@@ -0,0 +1,15 @@
+name: Workflow Dispatch Tests
+
+on:
+  # Manually dispatched workflow action
+  workflow_dispatch:
+    inputs:
+      runner:
+        description: 'Self hosted gh runner'
+        required: true
+jobs:
+  workflow-dispatch-tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run a one-line script
+        run: echo Hello, world of workflow dispatches!
diff --git a/src/charm.py b/src/charm.py
@@ -576,7 +576,15 @@ def _install_deps(self) -> None:
         """Install dependencies."""
         logger.info("Installing charm dependencies.")
 
+        # Snap and Apt will use any proxies configured in the Juju model.
         # Binding for snap, apt, and lxd init commands are not available so subprocess.run used.
+        execute_command(["/usr/bin/apt-get", "update"])
+        # install dependencies used by repo-policy-compliance and the firewall
+        execute_command(
+            ["/usr/bin/apt-get", "install", "-qy", "gunicorn", "python3-pip", "nftables"]
+        )
+
+        # Prepare environment for pip subprocess
         env = {}
         if "http" in self.proxies:
             env["HTTP_PROXY"] = self.proxies["http"]
@@ -588,15 +596,12 @@ def _install_deps(self) -> None:
             env["NO_PROXY"] = self.proxies["no_proxy"]
             env["no_proxy"] = self.proxies["no_proxy"]
 
-        execute_command(["/usr/bin/apt-get", "update"])
-        # install dependencies used by repo-policy-compliance and the firewall
-        execute_command(
-            ["/usr/bin/apt-get", "install", "-qy", "gunicorn", "python3-pip", "nftables"]
-        )
+        # Install repo-policy-compliance package
         execute_command(
             [
                 "/usr/bin/pip",
                 "install",
+                "--upgrade",
                 "git+https://github.com/canonical/repo-policy-compliance@main",
             ],
             env=env,

diff --git a/templates/pre-job.j2 b/templates/pre-job.j2
@@ -1,11 +1,47 @@
 #!/usr/bin/env bash
 
-GITHUB_SOURCE_REPOSITORY=$(cat "${GITHUB_EVENT_PATH}" | jq -r '.pull_request.head.repo.full_name')
-
-# Request repo-policy-compliance service check.
-curl --noproxy '*' \
-    --fail-with-body \
-    -H 'Authorization: Bearer {{one_time_token}}' \
-    -H 'Content-Type: application/json' \
-    -d "{\"repository_name\": \"${GITHUB_REPOSITORY}\", \"source_repository_name\": \"${GITHUB_SOURCE_REPOSITORY}\", \"target_branch_name\": \"${GITHUB_BASE_REF}\", \"source_branch_name\": \"${GITHUB_HEAD_REF}\", \"commit_sha\": \"${GITHUB_SHA}\"}" \
-    http://{{host_ip}}:8080/check-run
+# Log common env variables.
+logger -s "GITHUB_EVENT_NAME: ${GITHUB_EVENT_NAME}, \
+  GITHUB_REPOSITORY: ${GITHUB_REPOSITORY}, \
+  GITHUB_SHA: ${GITHUB_SHA}"
+
+# Prepare curl arguments
+CURL_ARGS=(
+  --max-time 60
+  --noproxy '*'
+  --fail-with-body
+  -H 'Authorization: Bearer {{one_time_token}}'
+  -H 'Content-Type: application/json'
+)
+
+# Workflow dispatch - Request repo-policy-compliance service check:
+if [[ "${GITHUB_EVENT_NAME}" == "workflow_dispatch" ]]; then
+
+  logger -s "GITHUB_REF_NAME: ${GITHUB_REF_NAME}"
+
+  curl "${CURL_ARGS[@]}" \
+      -d "{\"repository_name\": \"${GITHUB_REPOSITORY}\", \"branch_name\": \"${GITHUB_REF_NAME}\", \"commit_sha\": \"${GITHUB_SHA}\"}" \
+      http://{{host_ip}}:8080/workflow_dispatch/check-run
+
+# Pull request - Request repo-policy-compliance service check:
+elif [[ "${GITHUB_EVENT_NAME}" ==  "pull_request" ]]; then
+
+  GITHUB_SOURCE_REPOSITORY=$(cat "${GITHUB_EVENT_PATH}" | jq -r '.pull_request.head.repo.full_name')
+
+  logger -s " \
+  GITHUB_SOURCE_REPOSITORY: ${GITHUB_SOURCE_REPOSITORY}, \
+  GITHUB_SOURCE_REPOSITORY: ${GITHUB_SOURCE_REPOSITORY} \
+  GITHUB_BASE_REF: ${GITHUB_BASE_REF}, \
+  GITHUB_HEAD_REF: ${GITHUB_HEAD_REF}"
+
+  curl "${CURL_ARGS[@]}" \
+      -d "{\"repository_name\": \"${GITHUB_REPOSITORY}\", \"source_repository_name\": \"${GITHUB_SOURCE_REPOSITORY}\", \"target_branch_name\": \"${GITHUB_BASE_REF}\", \"source_branch_name\": \"${GITHUB_HEAD_REF}\", \"commit_sha\": \"${GITHUB_SHA}\"}" \
+      http://{{host_ip}}:8080/pull_request/check-run
+
+else
+
+  logger -p user.error -s "${GITHUB_EVENT_NAME} is not supported yet. Please request it to be added on https://github.com/canonical/github-runner-operator/issues/new/choose"
+
+  return 1
+
+fi