action #67810
closedtrigger OBS builds of openQA github pull requests
Description
Motivation¶
Test OBS package builds and tests before merging pull requests
Situation¶
Previously we had each github pull request trigger OBS builds of the corresponding fork and branch based on an undocumented solution configured by coolo but nobody else knows how it was done. Probably based on https://github.com/vpereira/pull_request_builder running on a custom instance somewhere. This broke sometime around 2020-05 to 2020-06 . We should repair this, bring it up properly and at best cover os-autoinst as well.
Further details¶
Maybe just follow https://github.com/openSUSE/obs-pullrequest-builder#development ?
Files
Updated by tinita over 4 years ago
Dan Cermak suggested to write a GitHub Action using https://github.com/SUSE/open-build-service-api/
Updated by tinita over 4 years ago
Here is my experiment with Github Action: https://github.com/perlpunk/action-open-build-service-pr/tree/dev
Updated by tinita over 4 years ago
And here is the related Github issue: https://github.com/openSUSE/open-build-service/issues/8703
Updated by tinita over 4 years ago
- File obs-action-success.png obs-action-success.png added
A first version is ready to test: https://github.com/perlpunk/action-open-build-service-pr
Here is a Proof of Concept for os-autoinst:
https://github.com/perlpunk/os-autoinst/runs/773334868
Attached a screenshot
Updated by okurz about 4 years ago
- Status changed from New to Feedback
- Assignee changed from okurz to tinita
- Target version set to Ready
coolo enabled the old approach again after fixing problems after the account originally used was migrated using IDP. So we have good checks back which is making any other solution still helpful but with lower priority.
@tinita would be cool if you can provide your last status in written here
Updated by tinita about 4 years ago
I think it would be not that useful due to the way Github Actions secrets are working.
One disadvantage is that people pushing to their own fork have to create login secrets for OBS.
Then it is working.
BUT as soon as they make PR, the build is running in the context of the original repo, and then it doesn't use a secret at all. Of course the origin secrets cannot be used for security, but also the secrets of the fork aren't used in that case.
So it's only useful to explicitly check if a feature branch builds correctly, either in a fork or the origin. But for a PR it's useless (one could link to the build of the fork though).
Updated by okurz about 4 years ago
- Status changed from Feedback to Resolved
alright. So something learned :) I guess we can live with the current situation for now. Any next time when the existing service stops working again we could just start the pull request builder elsewhere.