We have a Jenkins CI job, where we will run a job when a pull request is raised. If that job fails in any case, we should not allow the user to merge the pull request. Is there any way we can do using github actions?
You could:
enable to branch protection policy "Require status checks to pass before merging"
Follow the "Creating CI tests with the Checks API" guide, which does not require a GitHub Action, and can create "Check runs and requested actions".
Using checks (as I mentioned here) would be a good way to prevent any merge while the PR has any check with an associated "failed" status.
The OP Ramanichandran confirms in the comments it is working:
For each failure stage in jenkins, we call this github api
sh('curl "https://api.github.com/repos/reponame/statuses/$GIT_COMMIT?access_token=xxx" \
-H "Content-Type: application/json" \
-X POST \
-d "{\\\"state\\\": \\\"failure\\\", \\\"target_url\\\": \\\"https://jenkinsurl/job/foldername/job/jobname/$BUILD_NUMBER/console\\\", \\\"description\\\": \\\"Jenkins-CI-pre-merge-job-sonarscan-failure\\\", \\\"context\\\": \\\"Jenkins-CI-pre-merge-job-sonarscan-failure\\\"}"') } –
Related
I have a workflow on CircleCi that builds and deploys a branch to AWS when a pull request is open from that branch.
I have a second workflow that tears down the deployed environment when the pull request is merged.
NOW: When a branch is deleted from Github, it is also deleted from CircleCi. And most of the times, when the developers in my team merge their pull request, they delete the branch.
When this happens, CircleCi tries to teardown the previously deployed environment. The problem now is that since the branch was deleted from Github and thus automatically deleted from CircleCi, the request to start the teardown workflow fails with "branch not found" error.
The question now is, how can I make circleCi retain the branch that was deleted on Github so that this request will run? I can make the teardown job then delete the branch from CircleCi after the teardown is done.
The request to CircleCi to start the teardown workflow looks like this...
curl -X POST 'https://circleci.com/api/v2/project/github/<organization>/<project_name>/pipeline' \
-H 'Circle-Token: ${{env.CIRCLECI_TOKEN}}' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d "{\"branch\":\"${{env.CIRCLECI_BRANCH}}\",\"parameters\":{\"pull_request_closed\":true}}"
I think the actual issue here is this:
\"branch\":\"${{env.CIRCLECI_BRANCH}}\"
This syntax to reference a CircleCI environment variable is incorrect.
Try this instead:
\"branch\": \"${CIRCLE_BRANCH}\"
Also, this statement:
When a branch is deleted from Github, it is also deleted from CircleCI
is not completely true.
Although the related branch might be deleted from the "Filter Branches" list, any build that ran on the now-deleted branch will still be present and visible in CircleCI.
You can access them either by:
Constructing a URL for the branch in question
https://app.circleci.com/pipelines/github/your_org_name/your_project_name?branch=your_deleted_branch_name
Scrolling through the "Pipelines" page to find a build that ran on that branch, then by clicking the branch name you'll see all builds that previously ran on the branch.
Background:
In Github, we have a shared project which can be updated by all the teams. In this project we have a lot of files belong to one or multiple teams. We can identify a file belong to which team by checking the files(.py) header, like:
# protected-by: teamA, teamB
Now, I am working on protecting the file by adding the teamA and teamB as must reviewers when anyone send a PR having updates on the file.
Problem
So far, I can use CircleCI to detect the changed files, extract the protectors list and set them as reviewers by using Github API like this:
curl --location --request POST -u $GH_USER:$GH_TOKEN \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/OWNER/PROJECT/pulls/${pr_number}/requested_reviewers \
-d "{\"team_reviewers\":[$reviewers]}"
The problem is the reviewers I added are not must reviewers like CODEOWNER, users still could be able to merge without protectors' review. So I am thinking is there anyway to make PR must be reviewed by some reviewers, otherwise can not be merged by using Github API or other methods?
Is it possible to get email or Slack notifications for Workflow scheduled Cron jobs?
You could use a custom app in Slack, with an incoming webhook, and add a step to your workflow to post a JSON message to that webhook URL.
In Slack
Start by creating a new Slack app, at https://api.slack.com/apps?new_app=1
Activate the Incoming Webhooks feature
Add a new webhook URL, which may need to be approved by an administrator of your workspace
Add a new webhook to your workspace, selecting a channel for the post to be sent to
Copy the webhook URL
In GitHub
Go to your repository settings, and add an Actions secret named SLACK_WEBHOOK_URL with the value being the URL copied from Slack
In the Actions workflow
Add a new step to your workflow:
-
name: Notify Slack
run: |
curl -X POST -H 'Content-type: application/json' --data \
'{"username": "GitHub Actions robot", "icon_emoji": ":robot_face:", "text": "GitHub Actions workflow completed"}' \
${SLACK_WEBHOOK_URL}
I want to trigger the GitHub Actions using Jenkins Pipeline or Jenkins Job and send some build parameters as input for the GitHub Actions. I am doing this since there is no option of dropdown list for the GitHub Action Input parameters.
This is only half a solution. But there is an option to specify an input params list for GitHub actions.
See workflow_dispatch event type on GitHub actions. The current url is here: https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_dispatch (If this stops working just google workflow_dispatch)
The other half (Jenkins triggering a GHA build), I am actually searching for myself too! I can find ones working in reverse. GHA triggering jenkins.
We can trigger Github action with rest api (POST) or curl requests.
All you need to do create with workflow with dispatch trigger (repository_dispatch or workflow_dispatch)
on:
workflow_dispatch:
inputs:
InputKey:
type: string
required: true
next trigger this workflow by one of the below methods
1.
POST https://api.github.com/repos///dispatches
Authorization: Bearer
{"event_type": "hello"}
curl --request POST
--url 'https://api.github.com/repos///dispatches'
--header 'authorization: Bearer '
--data '{"event_type": "hello"}'
Also specify the inputs in requests with --data '{"event_type": "<workflow name>","client_payload":{"<input_key>":"<input_value>"}}'
All you need to do now is put this request in your job (scripted pipeline is preferred) with appropriate values.
When creating a Pull Request on GitHub, the page refuses to load and I am instead shown a unicorn error message:
This page is taking too long to load.
Sorry about that. Please try refreshing and contact us if the problem persists.
This repo's default branch is set to master, which is well behind the development branch we merge into. This error is likely a result of there being too many commits or the resulting PR being "too big".
Is there another URL or method to create a PR without calculating the full diff of the default branch?
If you push a branch, GitHub will helpfully show a Compare & pull request button as a shortcut to creating a PR for that branch:
That button is useful in most circumstances, but does automatically compare against the default branch using this URL:
https://github.com/user/repo/compare/branch?expand=1
If the resulting diff is too big or complicated, the unicorn error message will be shown.
Instead, press the New pull request button. The subsequent page will allow you to select the PR's base and compare branches prior to generating the diff.
https://github.com/user/repo/compare
The diff into your development branch will be simpler, and you should no longer get the error.
I managed to solve by creating the PR via the GitHub API e.g.
gh api \
--method POST \
-H "Accept: application/vnd.github+json" \
/repos/OWNER/REPO/pulls \
-f title='Amazing new feature' \
-f body='Please pull these awesome changes in!' \
-f head='octocat:new-feature' \
-f base='master'
https://docs.github.com/en/rest/pulls/pulls#create-a-pull-request