[2.19] update workflow

.github/workflows/add-remove-labels.yml

@@ -3,15 +3,8 @@ on:
   pull_request_target:
     types: [synchronize]
 
-  pull_request_review:
-
   issue_comment:
     types: [created, edited, deleted]
-    if: |
-      contains(github.event.comment.body, '/wip') ||
-      contains(github.event.comment.body, '/verified') ||
-      contains(github.event.comment.body, '/lgtm') ||
-      contains(github.event.comment.body, '/hold')
 
 
 permissions:
@@ -20,7 +13,14 @@ permissions:
   issues: write
 
 jobs:
-  add-remove-labels:
+  add-remove-labels-reactions:
+    if: |
+      contains(github.event.comment.body, '/wip') ||
+      contains(github.event.comment.body, '/verified') ||
+      contains(github.event.comment.body, '/lgtm') ||
+      contains(github.event.comment.body, '/hold') ||
+      contains(github.event.comment.body, '/cherry-pick') ||
+      contains(github.event.comment.body, '/build-push-pr-image')
     runs-on: ubuntu-latest
 
     steps:
@@ -31,10 +31,14 @@ jobs:
           comment-id: ${{ github.event.comment.id }}
           reactions: '+1'
 
+  add-remove-labels:
+    runs-on: ubuntu-latest
+
+    steps:
       - uses: actions/checkout@v4
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v5
+        uses: astral-sh/setup-uv@v6
 
       - name: Run add remove labels
         env:
@@ -44,6 +48,7 @@ jobs:
           GITHUB_EVENT_REVIEW_STATE: ${{ github.event.review.state }}
           GITHUB_EVENT_NAME: ${{ github.event_name }}
           COMMENT_BODY: ${{ github.event.comment.body }}
+          REVIEW_COMMENT_BODY: ${{ github.event.review.body }}
           GITHUB_USER_LOGIN: ${{ github.event.sender.login }}
           ACTION: "add-remove-labels"
         run: uv run python .github/workflows/scripts/pr_workflow.py

.github/workflows/cherry-pick-comment.yml

@@ -0,0 +1,25 @@
+name: Cherry Pick On Comment
+on:
+  issue_comment:
+    types: [created]
+jobs:
+  cherry-pick:
+    name: Cherry Pick
+    if: |
+      github.event.issue.pull_request != '' &&
+      contains(github.event.comment.body, '/cherry-pick') &&
+      ((github.event.pull_request.author_association != 'NONE') &&
+      (github.event.pull_request.author_association != 'MANNEQUIN') &&
+      (github.event.pull_request.author_association != 'FIRST_TIMER') &&
+      (github.event.pull_request.author_association != 'FIRST_TIME_CONTRIBUTOR'))
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout the latest code
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.RHODS_CI_BOT_PAT }}
+          fetch-depth: 0 # otherwise, you will fail to push refs to dest repo
+      - name: Automatic Cherry Pick
+        uses:  dbasunag/cherry-pick-pr@master
+        env:
+          GITHUB_TOKEN: ${{ secrets.RHODS_CI_BOT_PAT }}

.github/workflows/delete-image-tag.yml

@@ -0,0 +1,4 @@
+name: delete-image-tag.yml
+on:
+
+jobs:

.github/workflows/on-review-add-label.yml

@@ -0,0 +1,90 @@
+name: Run Label Action on PR Review Event
+on:
+  workflow_run:
+    workflows: ["Dummy Workflow on review"]
+    types:
+      - completed
+permissions:
+  pull-requests: write
+  contents: write
+  issues: write
+
+jobs:
+  run_on_workflow_a_success:
+    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Run this on Dummy workflow success
+        run: echo "Dummy Workflow on review completes successfully"
+  download_context_artifact:
+    needs:
+      - run_on_workflow_a_success
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Download artifact'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               run_id: context.payload.workflow_run.id,
+            });
+
+            let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
+              return artifact.name == "context.json"
+            })[0];
+
+            let download = await github.rest.actions.downloadArtifact({
+               owner: context.repo.owner,
+               repo: context.repo.repo,
+               artifact_id: matchArtifact.id,
+               archive_format: 'zip',
+            });
+
+            let fs = require('fs');
+            fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/context.zip`, Buffer.from(download.data));
+
+      - name: 'Unzip artifact'
+        run: unzip context.zip
+      - name: 'Return Parsed JSON'
+        uses: actions/github-script@v7
+        id: return-parsed-json
+        with:
+          script: |
+            let fs = require('fs');
+            let data = fs.readFileSync('./context.json');
+            return JSON.parse(data);
+    outputs:
+      pr_num: ${{fromJSON(steps.return-parsed-json.outputs.result).pr_num}}
+      event_action: ${{fromJSON(steps.return-parsed-json.outputs.result).event_action}}
+      review_state: ${{fromJSON(steps.return-parsed-json.outputs.result).review_state}}
+      event_name: ${{fromJSON(steps.return-parsed-json.outputs.result).event_name}}
+      comment_body: ${{fromJSON(steps.return-parsed-json.outputs.result).comment_body}}
+      review_comment_body: ${{fromJSON(steps.return-parsed-json.outputs.result).review_comment_body}}
+      user_login: ${{fromJSON(steps.return-parsed-json.outputs.result).user_login}}
+      action: ${{fromJSON(steps.return-parsed-json.outputs.result).action}}
+  log_context_values:
+    needs:
+      - download_context_artifact
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Set all Env Variable'
+        run: |
+          echo "GITHUB_PR_NUMBER=${{ needs.download_context_artifact.outputs.pr_num }}" >> "$GITHUB_ENV"
+          echo "GITHUB_EVENT_ACTION=${{ needs.download_context_artifact.outputs.event_action }}"  >> "$GITHUB_ENV"
+          echo "GITHUB_EVENT_REVIEW_STATE=${{ needs.download_context_artifact.outputs.review_state }}"  >> "$GITHUB_ENV"
+          echo "GITHUB_EVENT_NAME=${{ needs.download_context_artifact.outputs.event_name }}"  >> "$GITHUB_ENV"
+          echo "COMMENT_BODY=${{ needs.download_context_artifact.outputs.comment_body }}"  >> "$GITHUB_ENV"
+          echo "REVIEW_COMMENT_BODY=${{ needs.download_context_artifact.outputs.review_comment_body }}"  >> "$GITHUB_ENV"
+          echo "GITHUB_USER_LOGIN=${{ needs.download_context_artifact.outputs.user_login }}"  >> "$GITHUB_ENV"
+          echo "ACTION=${{ needs.download_context_artifact.outputs.action }}"  >> "$GITHUB_ENV"
+      - uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
+      - name: 'Run add-remove-labels action'
+        env:
+          GITHUB_TOKEN: ${{ secrets.RHODS_CI_BOT_PAT }}
+          GITHUB_EVENT_NAME: ${{ needs.download_context_artifact.outputs.event_name }}
+        run: uv run python .github/workflows/scripts/pr_workflow.py

.github/workflows/push-container-on-comment.yml

@@ -0,0 +1,68 @@
+name: Push Container Image On PR Comment
+
+on:
+  issue_comment:
+    types: [created]
+
+permissions:
+  pull-requests: write
+  contents: write
+  issues: write
+
+jobs:
+  push-container-on-comment:
+    if: contains(github.event.comment.body, '/build-push-pr-image')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout pull request
+        uses: actions/checkout@v4
+        with:
+          ref: refs/pull/${{ github.event.issue.number }}/head
+      - name: Install uv
+        uses: astral-sh/setup-uv@v6
+
+      - name: Check if the user is authorized
+        env:
+          GITHUB_TOKEN: ${{ secrets.RHODS_CI_BOT_PAT }}
+          GITHUB_PR_NUMBER: ${{ github.event.issue.number }}
+          GITHUB_EVENT_ACTION: ${{ github.event.action }}
+          GITHUB_EVENT_REVIEW_STATE: ${{ github.event.review.state }}
+          GITHUB_EVENT_NAME: ${{ github.event_name }}
+          COMMENT_BODY: ${{ github.event.comment.body }}
+          REVIEW_COMMENT_BODY: ${{ github.event.review.body }}
+          GITHUB_USER_LOGIN: ${{ github.event.sender.login }}
+          ACTION: "push-container-on-comment"
+        run: uv run python .github/workflows/scripts/pr_workflow.py
+      - name: Set env TAG for image
+        run: |
+          echo "TAG=pr-${{ github.event.issue.number }}" >> "$GITHUB_ENV"
+      - name: Build Image to push
+        id: build-image
+        uses: redhat-actions/buildah-build@v2
+        with:
+          image: opendatahub-tests
+          tags: ${{ env.TAG }}
+          containerfiles: |
+            ./Dockerfile
+      - name: Push To Image Registry
+        id: push-to-registry
+        uses: redhat-actions/push-to-registry@v2
+        with:
+          image: ${{ steps.build-image.outputs.image }}
+          tags: ${{ steps.build-image.outputs.tags }}
+          registry: quay.io/opendatahub
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_PASSWORD }}
+
+      - name: Add comment to PR
+        if: always()
+        env:
+          URL: ${{ github.event.issue.comments_url }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          curl \
+            -X POST \
+            $URL \
+            -H "Content-Type: application/json" \
+            -H "Authorization: token $GITHUB_TOKEN" \
+            --data '{ "body": "Status of building tag ${{ env.TAG }}: ${{ steps.build-image.outcome }}. \nStatus of pushing tag ${{ env.TAG }} to image registry: ${{ steps.push-to-registry.outcome }}." }'

.github/workflows/scripts/constants.py

@@ -11,12 +11,15 @@
 SUCCESS_STR: str = "success"
 FAILURE_STR: str = "failure"
 QUEUED_STR: str = "queued"
+APPROVED: str = "approved"
 
 SUPPORTED_LABELS: set[str] = {
     f"{LABEL_PREFIX}{WIP_LABEL_STR}",
     f"{LABEL_PREFIX}{LGTM_LABEL_STR}",
     f"{LABEL_PREFIX}{VERIFIED_LABEL_STR}",
     f"{LABEL_PREFIX}{HOLD_LABEL_STR}",
+    f"{LABEL_PREFIX}build-push-pr-image",
+    f"{LABEL_PREFIX}cherry-pick",
 }
 
 CANCEL_ACTION: str = "cancel"
@@ -26,6 +29,7 @@
  * Run [pre-commit](https://pre-commit.ci/)
  * Run [tox](https://tox.wiki/)
  * Add PR author as the PR assignee
+ * Build image based on the PR
 
 Available user actions:
  * To mark a PR as `WIP`, add `/wip` in a comment. To remove it from the PR comment `/wip cancel` to the PR.
@@ -34,6 +38,10 @@
         `lgtm` label removed on each new commit push.
  * To mark PR as verified comment `/verified` to the PR, to un-verify comment `/verified cancel` to the PR.
         `verified` label removed on each new commit push.
+ * To Cherry-pick a merged PR `/cherry-pick <target_branch_name>` to the PR. If <target_branch_name> is valid,
+         and the current PR is merged, a cherry-picked PR would be created and linked to the current PR.
+ * To build and push image to quay, add `/build-push-pr-image` in a comment. This would create an image with tag
+ pr-<pr_number> to quay repository. This image tag, however would be deleted on PR merge or close action.
 
 <details>
 <summary>Supported labels</summary>