Question: Does this action support alerts on pull requests? #56
Comments
|
hi @ColinEberhardt Anyway, I would suggest to not set |
|
jFYI, running on |
|
@embano1 Did you find a fix for using |
Nope, AFAIK since the security model around PRs hasn't change (which is good), Github Actions are still limited in those cases and there's no secure workaround available. |
|
@ktrz Thanks for the new feature. It seems the actions.yml was not updated with the new field. We are getting an unexpected field error |
|
@ColinEberhardt your original issue is because you forgot to set this: I was able to get this action to publish a comment with the benchmarks on every PR: miparnisari/benchtest@05de567#commitcomment-130473327 How it works: on every push to What I don't know: how do I get it to publish a comment on the PR and not on every commit in the PR? |
Just to be clear, this does not work on PRs against forks. |
|
Oh. I didn't try that scenario 😅 |
|
@ktrz @embano1 Seems the Is there really no way of using this Action in a Pull Request? I'm not even using a fork, it's a branch in the repo. This is my config: on:
push:
branches:
- master
- main
paths-ignore:
- "**/*.md"
pull_request:
paths-ignore:
- "**/*.md"
permissions:
# deployments permission to deploy GitHub pages website
deployments: write
# contents permission to update benchmark contents in gh-pages branch
contents: write
name: Benchmark
jobs:
Compare:
runs-on: ubuntu-latest
steps:
- name: Fetch Repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # to be able to retrieve the last commit in main
- name: Install Go
uses: actions/setup-go@v5
with:
# NOTE: Keep this in sync with the version from go.mod
go-version: "1.21.x"
- name: Run Benchmark
run: set -o pipefail; go test ./... -benchmem -run=^$ -bench . | tee output.txt
- name: Get GitHub Runner System Information
uses: kenchan0130/[email protected]
id: system-info
- name: Get Main branch SHA
id: get-main-branch-sha
run: |
SHA=$(git rev-parse origin/main)
echo "sha=$SHA" >> $GITHUB_OUTPUT
- name: Get Benchmark Results from main branch
id: cache
uses: actions/cache/restore@v4
with:
path: ./cache
key: ${{ steps.get-main-branch-sha.outputs.sha }}-${{ runner.os }}-${{ steps.system-info.outputs.cpu-model }}-benchmark
# This will only run if we have Benchmark Results from main branch
- name: Compare PR Benchmark Results with main branch
uses: benchmark-action/[email protected]
if: steps.cache.outputs.cache-hit == 'true'
with:
tool: 'go'
output-file-path: output.txt
external-data-json-path: ./cache/benchmark-data.json
# Do not save the data (This allows comparing benchmarks)
save-data-file: false
fail-on-alert: true
comment-on-alert: false
github-token: ${{ secrets.GITHUB_TOKEN }}
summary-always: true
alert-threshold: "150%"Output:
The summary table is never created for PR's, regardless of user/token permissions. Other actions like the one from permissions:
# Required: allow read access to the content for analysis.
contents: read
# Optional: allow read access to pull request. Use with `only-new-issues` option.
pull-requests: read
# Optional: Allow write access to checks to allow the action to annotate code in the PR.
checks: write |
|
@gaby if you have a PR from a branch in the same repo it should work without an issue. Summary doesn't need any permission AFAIK Could you provide a link to a workflow run? |
|
I had to set |
|
I will investigate the summary that is not rendering properly after I get back from holidays at the end of this week. Making a comment requires |
|
@ktrz Adding the permission and enabling Will this work for a PR created from a fork? Even if we give it the permissions? Thanks! |
|
@gaby PRs from a fork are restricted to have max permission of read for pull request so the comment won't work unfortunately in that case. |
|
@ktrz I was able to get around that using a new variable that was added by GitHub. With this field I can enable comments for our branches, and auto-disable them for forks. Thanks for your help! 💪 comment-on-alert: ${{ github.event.pull_request.head.repo.fork == false }}This is my full workflow for reference, combining practices seen in multiple projects: on:
push:
branches:
- main
paths-ignore:
- "**/*.md"
pull_request:
paths-ignore:
- "**/*.md"
permissions:
# deployments permission to deploy GitHub pages website
deployments: write
# contents permission to update benchmark contents in gh-pages branch
contents: write
# allow posting comments to pull request
pull-requests: write
name: Benchmark
jobs:
Compare:
runs-on: ubuntu-latest
steps:
- name: Fetch Repository
uses: actions/checkout@v4
with:
fetch-depth: 0 # to be able to retrieve the last commit in main
- name: Install Go
uses: actions/setup-go@v5
with:
# NOTE: Keep this in sync with the version from go.mod
go-version: "1.21.x"
- name: Run Benchmark
run: set -o pipefail; go test ./... -benchmem -run=^$ -bench . | tee output.txt
# NOTE: Benchmarks could change with different CPU types
- name: Get GitHub Runner System Information
uses: kenchan0130/[email protected]
id: system-info
- name: Get Main branch SHA
id: get-main-branch-sha
run: |
SHA=$(git rev-parse origin/main)
echo "sha=$SHA" >> $GITHUB_OUTPUT
- name: Get Benchmark Results from main branch
id: cache
uses: actions/cache/restore@v4
with:
path: ./cache
key: ${{ steps.get-main-branch-sha.outputs.sha }}-${{ runner.os }}-${{ steps.system-info.outputs.cpu-model }}-benchmark
# This will only run if we have Benchmark Results from main branch
- name: Compare PR Benchmark Results with main branch
uses: benchmark-action/[email protected]
if: steps.cache.outputs.cache-hit == 'true'
with:
tool: 'go'
output-file-path: output.txt
external-data-json-path: ./cache/benchmark-data.json
# Do not save the data (This allows comparing benchmarks)
save-data-file: false
fail-on-alert: true
# Comment on the PR if the branch is not a fork
comment-on-alert: ${{ github.event.pull_request.head.repo.fork == false }}
github-token: ${{ secrets.GITHUB_TOKEN }}
summary-always: true
alert-threshold: "150%"
- name: Store Benchmark Results for main branch
uses: benchmark-action/[email protected]
if: ${{ github.ref_name == 'main' }}
with:
tool: 'go'
output-file-path: output.txt
external-data-json-path: ./cache/benchmark-data.json
# Save the data to external file (cache)
save-data-file: true
fail-on-alert: false
github-token: ${{ secrets.GITHUB_TOKEN }}
summary-always: true
alert-threshold: "150%"
- name: Update Benchmark Results cache
uses: actions/cache/save@v4
if: ${{ github.ref_name == 'main' }}
with:
path: ./cache
key: ${{ steps.get-main-branch-sha.outputs.sha }}-${{ runner.os }}-${{ steps.system-info.outputs.cpu-model }}-benchmark |
|
@gaby that's cool! I will try to use this within the action to give more meaningful error messages if someone tries to use it on the fork |
So if a change brings any performane regressions, we can catch them early on. I originally wanted to run this workflow on PRs but seems that's not only not possible from forked repos[1] but also a security hole[2]. Oh well, at least we can catch the regressions on the main repo. [1]: benchmark-action/github-action-benchmark#56 [2]: https://github.com/benchmark-action/github-action-benchmark?tab=readme-ov-file#run-only-on-your-branches
I've successfully configured this action and everything is running very nicely on the
mainbranch. I'm keen to also run this action on pull requests and receive alerts when there are benchmark regressions.I updated my action config to run on PRs, however, it fails as follows:
/see ColinEberhardt/assemblyscript-regex#21
Any ideas?
The text was updated successfully, but these errors were encountered: