From 5e7a7803857a7920ec08cd249be0a3c18668ddb3 Mon Sep 17 00:00:00 2001 From: Zoran Regvart Date: Fri, 29 Nov 2024 15:41:29 +0100 Subject: [PATCH 1/2] Bit more verbose output from the switchboard task Makes it easier to debug eventual issues and makes it easier to fine tune expressions. --- .tekton/tasks/task-switchboard.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.tekton/tasks/task-switchboard.yaml b/.tekton/tasks/task-switchboard.yaml index 1ad0d93ae8..b4cb4a2495 100644 --- a/.tekton/tasks/task-switchboard.yaml +++ b/.tekton/tasks/task-switchboard.yaml @@ -46,10 +46,15 @@ spec: ec opa check --v1-compatible "${rules}" - pr_number=$(gh search prs --repo konflux-ci/build-definitions "$(params.revision)" --json number --jq '.[].number') + pr_number="$(gh search prs --repo konflux-ci/build-definitions "$(params.revision)" --json number --jq '.[].number')" - ec opa eval --v1-compatible --data "${rules}" --input \ - <(gh pr view "https://github.com/konflux-ci/build-definitions/pull/${pr_number}" --json files --jq '[.files.[].path']) \ + echo "Determined pull request number ${pr_number}" + + changed="$(gh pr view "https://github.com/konflux-ci/build-definitions/pull/${pr_number}" --json files --jq '[.files.[].path'])" + echo Changed files: + echo "${changed}" | jq -r '.[]' + + echo "${changed}" | ec opa eval --v1-compatible --data "${rules}" --stdin-input \ 'data[_]' \ | jq '[.result.[].expressions.[].value | to_entries | .[] | select(.value == true) | .key]' \ | tee "$(results.bindings.path)" From 728b6f927c5ba87c6484b4194123e5fa4d7e2ee0 Mon Sep 17 00:00:00 2001 From: Zoran Regvart Date: Mon, 2 Dec 2024 15:52:58 +0100 Subject: [PATCH 2/2] Handle multiple pull requests with same revision Due to rebasing the same revision that triggered the pipeline for one pull request can occur in other pull requests. With this not only the first result from `gh search prs` is used, changes from all of them are considered. This means that some Tasks that might not need to run are still ran, this should be acceptable given it guarantees that all Tasks that need to run have ran. --- .tekton/tasks/task-switchboard.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/.tekton/tasks/task-switchboard.yaml b/.tekton/tasks/task-switchboard.yaml index b4cb4a2495..4c496b9266 100644 --- a/.tekton/tasks/task-switchboard.yaml +++ b/.tekton/tasks/task-switchboard.yaml @@ -46,15 +46,18 @@ spec: ec opa check --v1-compatible "${rules}" - pr_number="$(gh search prs --repo konflux-ci/build-definitions "$(params.revision)" --json number --jq '.[].number')" + rev="$(params.revision)" + changed_files=() + for pr_number in $(gh search prs --repo konflux-ci/build-definitions "${rev}" --json number --jq '.[].number'); do + echo "Found revision ${rev} in pull request number ${pr_number}" - echo "Determined pull request number ${pr_number}" - - changed="$(gh pr view "https://github.com/konflux-ci/build-definitions/pull/${pr_number}" --json files --jq '[.files.[].path'])" - echo Changed files: - echo "${changed}" | jq -r '.[]' + changed="$(gh pr view "https://github.com/konflux-ci/build-definitions/pull/${pr_number}" --json files --jq '[.files.[].path'])" + echo Changed files: + echo "${changed}" | jq -r '.[]' + changed_files+=("${changed}") + done - echo "${changed}" | ec opa eval --v1-compatible --data "${rules}" --stdin-input \ + echo "${changed_files[@]}" | jq -s 'add | unique' | ec opa eval --v1-compatible --data "${rules}" --stdin-input \ 'data[_]' \ | jq '[.result.[].expressions.[].value | to_entries | .[] | select(.value == true) | .key]' \ | tee "$(results.bindings.path)"