diff --git a/app.cfg.example b/app.cfg.example index 59a6dc50..82f7b196 100644 --- a/app.cfg.example +++ b/app.cfg.example @@ -76,6 +76,7 @@ submit_command = /usr/bin/sbatch # if value is left/empty everyone can trigger the build # value can be a space delimited list of GH accounts build_permission = Hafsa-Naeem +no_build_permission_comment = Label `bot:build` has been set by user `{build_labeler}`, but this person does not have permission to trigger builds [deploycfg] # script for uploading built software packages @@ -108,6 +109,7 @@ upload_policy = once # if value is left/empty everyone can trigger the deployment # value can be a space delimited list of GH accounts deploy_permission = trz42 +no_deploy_permission_comment = Label `bot:deploy` has been set by user `{deploy_labeler}`, but this person does not have permission to trigger deployments [architecturetargets] @@ -158,4 +160,4 @@ slurm_out = Found slurm output `{slurm_out}` in job dir missing_modules = Slurm output lacks message "No missing modules!". no_tarball_message = Slurm output lacks message about created tarball. no_matching_tarball = No tarball matching `{tarball_pattern}` found in job dir. -multiple_tarballs = Found {num_tarballs} tarballs in job dir - only 1 matching `{tarball_pattern}` expected. \ No newline at end of file +multiple_tarballs = Found {num_tarballs} tarballs in job dir - only 1 matching `{tarball_pattern}` expected. diff --git a/eessi_bot_event_handler.py b/eessi_bot_event_handler.py index 14e30179..45bbc69d 100644 --- a/eessi_bot_event_handler.py +++ b/eessi_bot_event_handler.py @@ -16,6 +16,7 @@ import waitress import sys import tasks.build as build +import tasks.deploy as deploy from connections import github from tools import config @@ -164,7 +165,9 @@ def main(): opts = event_handler_parse() required_config = { - build.SUBMITTED_JOB_COMMENTS: [build.INITIAL_COMMENT, build.AWAITS_RELEASE] + build.SUBMITTED_JOB_COMMENTS: [build.INITIAL_COMMENT, build.AWAITS_RELEASE], + build.BUILDENV: [build.NO_BUILD_PERMISSION_COMMENT], + deploy.DEPLOYCFG: [deploy.NO_DEPLOY_PERMISSION_COMMENT] } # config is read and checked for settings to raise an exception early when the event_handler starts. config.check_required_cfg_settings(required_config) diff --git a/tasks/build.py b/tasks/build.py index 0e1b9788..bcd7e1c9 100644 --- a/tasks/build.py +++ b/tasks/build.py @@ -22,7 +22,7 @@ from datetime import datetime, timezone from pyghee.utils import log, error from retry.api import retry_call -from tools import config, run_cmd +from tools import config, run_cmd, pr_comments AWAITS_RELEASE = "awaits_release" BUILDENV = "buildenv" @@ -40,6 +40,7 @@ SUBMITTED_JOB_COMMENTS = "submitted_job_comments" SUBMIT_COMMAND = "submit_command" BUILD_PERMISSION = "build_permission" +NO_BUILD_PERMISSION_COMMENT = "no_build_permission_comment" ARCHITECTURE_TARGETS = "architecturetargets" REPO_TARGETS = "repo_targets" REPO_TARGET_MAP = "repo_target_map" @@ -654,7 +655,11 @@ def check_build_permission(pr, event_info): build_labeler = event_info['raw_request_body']['sender']['login'] if build_labeler not in build_permission.split(): log(f"{funcname}(): GH account '{build_labeler}' is not authorized to build") - # TODO update PR comments for this bot instance? + no_build_permission_comment = buildenv.get(NO_BUILD_PERMISSION_COMMENT) + repo_name = event_info["raw_request_body"]["repository"]["full_name"] + pr_comments.create_comment(repo_name, + pr.number, + no_build_permission_comment.format(build_labeler=build_labeler)) return False else: log(f"{funcname}(): GH account '{build_labeler}' is authorized to build") diff --git a/tasks/deploy.py b/tasks/deploy.py index 459f14c3..120ae306 100644 --- a/tasks/deploy.py +++ b/tasks/deploy.py @@ -5,6 +5,7 @@ # EESSI software layer, see https://github.com/EESSI/software-layer # # author: Thomas Roeblitz (@trz42) +# author: Jonas Qvigstad (@jonas-lq) # # license: GPLv2 # @@ -17,7 +18,7 @@ from datetime import datetime, timezone from pyghee.utils import log from tasks.build import get_build_env_cfg -from tools import config, run_cmd +from tools import config, run_cmd, pr_comments JOBS_BASE_DIR = "jobs_base_dir" DEPLOYCFG = "deploycfg" @@ -26,6 +27,7 @@ BUCKET_NAME = "bucket_name" UPLOAD_POLICY = "upload_policy" DEPLOY_PERMISSION = "deploy_permission" +NO_DEPLOY_PERMISSION_COMMENT = "no_deploy_permission_comment" def determine_job_dirs(pr_number): @@ -405,7 +407,11 @@ def deploy_built_artefacts(pr, event_info): # permission to trigger the deployment if labeler not in deploy_permission.split(): log(f"{funcname}(): GH account '{labeler}' is not authorized to deploy") - # TODO update PR comments for this bot instance? + no_deploy_permission_comment = deploy_cfg.get(NO_DEPLOY_PERMISSION_COMMENT) + repo_name = event_info["raw_request_body"]["repository"]["full_name"] + pr_comments.create_comment(repo_name, + pr.number, + no_deploy_permission_comment.format(deploy_labeler=labeler)) return else: log(f"{funcname}(): GH account '{labeler}' is authorized to deploy") diff --git a/tools/pr_comments.py b/tools/pr_comments.py index 86cf30a9..a95eb3ba 100644 --- a/tools/pr_comments.py +++ b/tools/pr_comments.py @@ -8,11 +8,13 @@ # author: Bob Droege (@bedroge) # author: Hafsa Naeem (@hafsa-naeem) # author: Thomas Roeblitz (@trz42) +# author: Jonas Qvigstad (@jonas-lq) # # license: GPLv2 # import re +from connections import github from pyghee.utils import log from retry import retry from retry.api import retry_call @@ -77,3 +79,17 @@ def update_comment(cmnt_id, pr, update, log_file=None): else: log(f"no comment with id {cmnt_id}, skipping update '{update}'", log_file=log_file) + + +def create_comment(repo_name, pr_number, comment): + """create a comment on a pr + + Args: + repo_name (str): name of the repo with the pr + pr_number (int): number of the pr within the repo + comment (string): new comment + """ + gh = github.get_instance() + repo = gh.get_repo(repo_name) + pull_request = repo.get_pull(pr_number) + pull_request.create_issue_comment(comment)