🦾 Automated workflows for config updates and config validation#154
Conversation
JGreenlee
force-pushed
the
config-update-and-validation-workflows
branch
from
24e8959 to
a3f395a
Compare
|
@JGreenlee it is not worth changing it now, but for the record, GitHub actions don't have to be in python; they can also be in javascript; you should be able to use the typescript schema directly for validation! |
JGreenlee
force-pushed
the
config-update-and-validation-workflows
branch
from
a3f395a to
59f8609
Compare
JGreenlee
moved this from Ready for review by Shankari
to Issues being worked on
in OpenPATH Tasks Overview
JGreenlee
force-pushed
the
config-update-and-validation-workflows
branch
from
59f8609 to
6bafa2a
Compare
index.d.ts is based on appConfigTypes.ts from e-mission-phone https://github.com/e-mission/e-mission-phone/blob/30e4b78ff64596b20cea811000f6d5b11a6b6cae/www/js/types/appConfigTypes.ts, moved here to be the source of truth for supported config options. Added package.json so this functions as a minimal npm package and the types can be used downstream on e-mission-phone In a workflow, we can generate JSON schema from the typescript declarations and validate all the configs accordingly. This will help us catch mistakes in config creation or edits and will allow us to set up auto-merge for trusted PRs Adding this validation exposed several inconsistencies in the config, which I have also fixed in this commit: e-mission/op-admin-dashboard#167 (comment)
The config-update workflow runs one of the scripts in bin/config_update, commits and PRs the config changes if there are any, and auto-merges that PR if it passes checks. The workflow can be triggered from op-admin-dashboard given that it has credentials to trigger workflows (which are provided through a Github app: https://github.com/settings/apps/op-config-updates) Currently, this works to add/remove admin users from the admin_access list: e-mission/op-admin-dashboard#167 (comment) Tested end-to-end from admin dash: e-mission/op-admin-dashboard#168
When the config-update workflow runs, it performs json.dump which causes whitespace changes if the config wasn't already in that format. To minimize this, and because it's a nice idea anyway, let's reformat them to the standard format. (From what I can tell, JavaScript JSON.stringify and python json.dump are pretty much aligned, so it doesn't matter which one we use) New configs generated by issue-to-json will now use 4 spaces instead of 2
- update README - remove /docs (all current docs are either in this repo's README or in e-mission-docs) - remove qr_code_images
We added the validate-configs workflow which runs automatically as a check on open PRs. But we also have the automation process for new deployments, which opens PRs when a New Project Configuration issue is opened. It uses the default token so the PR authored by the Actions bot, which causes the checks to not run. https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#triggering-further-workflow-runs We already have the op-config-updates Github app (i.e. bot). If it authors the PR the checks will run; we just need to provide its credentials as repo Secrets. While doing this I switched away from using peter-evans/create-pull-request to just using gh CLI commands because: i) it wouldn't work without granting the bot more permissions than are actually needed, ii) gh CLI is what I used in the config-update workflow, iii) I would argue the gh CLI is more idiomatic anyway because it is general knowledge not specific to GH actions I also made the commit and PR messages more descriptive by passing in the abbreviated name of the deployment and not just the issue number, and I included the keyword "close #<issue number>" which will make the issue automatically close when the PR is merged https://docs.github.com/en/get-started/writing-on-github/working-with-advanced-formatting/using-keywords-in-issues-and-pull-requests#linking-a-pull-request-to-an-issue Testing done on my fork: #37 This PR was generated from an New Project Configuration issue, authored by @op-config-updates, checks ran and passed
JGreenlee
force-pushed
the
config-update-and-validation-workflows
branch
from
6bafa2a to
10c38f6
Compare
JGreenlee
moved this from Issues being worked on
to Ready for review by Shankari
in OpenPATH Tasks Overview
shankari
left a comment
shankari
left a comment
There was a problem hiding this comment.
This is related to the config editing feature, and I don't want to hold up the reformat, so I am going to merge this and sort out the action launch later.
| - name: Commit and PR changes | ||
| env: | ||
| GITHUB_TOKEN: ${{ steps.generate_token.outputs.token }} |
There was a problem hiding this comment.
Just for my understanding, we changed from using peter-evans/create-pull-request to generating the token using tibdex/github-app-token@v2 and then manually committing and creating the PR so that the PR would be "authorized" and would merge as soon as the tests passed, right?
github-project-automation
bot
moved this from Ready for review by Shankari
to Tasks completed
in OpenPATH Tasks Overview
|
Rebased and merged since apparently this repo is set to disallow merge commits. |
|
I merged this and then made a small change to #157 but it failed due to Also, the email authentication/admin access from https://github.com/e-mission/nrel-openpath-deploy-configs/actions/runs/15939180723 failed because of |
|
To fix the
I do see it in "Third Party Access"; not sure how to register it so I can also see it in the developer settings |
|
The second issue was just because there really wasn't an After that, both validate configs and the welcome email passed!! |
|
but the issue conversion still fails when I rerun the action for #157 with the error |
|
@JGreenlee remaining tasks for this PR:
|
|
In total there are 3 env vars we will need: Sent them to you privately |
|
There are several configs (about 20 of them) that don't have "admin_access" defined, which is why it isn't currently marked as a required field We should either update all of these or have the |
2 participants
add validate-configs workflow
add config-update workflow and update_admin_access script
format all configs with 4 spaces
remove unused files, update README