forked from kubeflow/pipelines
-
Notifications
You must be signed in to change notification settings - Fork 11
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: Ricardo M. Oliveira <[email protected]>
- Loading branch information
Showing
4 changed files
with
161 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
name: Unit Tests | ||
on: | ||
pull_request: | ||
types: | ||
- opened | ||
- reopened | ||
- closed | ||
- synchronize | ||
workflow_dispatch: | ||
env: | ||
RESOURCES_DIR: ${{ github.workspace }}/.github/resources | ||
jobs: | ||
commit_checker: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- uses: actions/checkout@v4 | ||
with: | ||
fetch-depth: 0 | ||
- name: Get Commits | ||
id: get-commits | ||
run: | | ||
master_commit=$(cat .git/refs/remotes/origin/master) | ||
echo "master_commit_hash=$master_commit" >> $GITHUB_OUTPUT | ||
last_commit=$(cat .git/refs/remotes/pull/36/merge) | ||
echo "last_commit_hash=$last_commit" >> $GITHUB_OUTPUT | ||
- name: Run Commit Checker | ||
continue-on-error: true | ||
run: | | ||
echo "::group::Commit Checker results" | ||
echo "::warning ::==== These are the results of the commit checker scans ====" | ||
echo "::warning ::==== If these are not commits from upstream kfp, then ====" | ||
echo "::warning ::==== please ensure you adhere to the commit checker formatting ====" | ||
podman run -q -v ${{ github.workspace }}:/src/app-root quay.io/rmartine/commitchecker:latest --start ${{ steps.get-commits.outputs.master_commit_hash }} --end ${{ steps.get-commits.outputs.last_commit_hash }} | ||
echo "::endgroup::" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
# PIPELINE DEFINITION | ||
# Name: pipeline-secret-env | ||
components: | ||
comp-comp: | ||
executorLabel: exec-comp | ||
deploymentSpec: | ||
executors: | ||
exec-comp: | ||
container: | ||
args: | ||
- --executor_input | ||
- '{{$}}' | ||
- --function_to_execute | ||
- comp | ||
command: | ||
- sh | ||
- -c | ||
- "\nif ! [ -x \"$(command -v pip)\" ]; then\n python3 -m ensurepip ||\ | ||
\ python3 -m ensurepip --user || apt-get install python3-pip\nfi\n\nPIP_DISABLE_PIP_VERSION_CHECK=1\ | ||
\ python3 -m pip install --quiet --no-warn-script-location 'kfp==2.7.0'\ | ||
\ '--no-deps' 'typing-extensions>=3.7.4,<5; python_version<\"3.9\"' && \"\ | ||
$0\" \"$@\"\n" | ||
- sh | ||
- -ec | ||
- 'program_path=$(mktemp -d) | ||
printf "%s" "$0" > "$program_path/ephemeral_component.py" | ||
_KFP_RUNTIME=true python3 -m kfp.dsl.executor_main --component_module_path "$program_path/ephemeral_component.py" "$@" | ||
' | ||
- "\nimport kfp\nfrom kfp import dsl\nfrom kfp.dsl import *\nfrom typing import\ | ||
\ *\n\ndef comp():\n import os\n import sys\n if os.environ['SECRET_VAR']\ | ||
\ == \"service_account\":\n print(\"Success\")\n return 0\n\ | ||
\ else:\n print(os.environ['SECRET_VAR'] + \" is not service_account\"\ | ||
)\n sys.exit(\"Failure: cannot access secret as env variable\")\n\ | ||
\n" | ||
image: python:3.7 | ||
pipelineInfo: | ||
name: pipeline-secret-env | ||
root: | ||
dag: | ||
tasks: | ||
comp: | ||
cachingOptions: | ||
enableCache: true | ||
componentRef: | ||
name: comp-comp | ||
taskInfo: | ||
name: comp | ||
schemaVersion: 2.1.0 | ||
sdkVersion: kfp-2.7.0 | ||
--- | ||
platforms: | ||
kubernetes: | ||
deploymentSpec: | ||
executors: | ||
exec-comp: | ||
secretAsEnv: | ||
- keyToEnv: | ||
- envVar: SECRET_VAR | ||
secretKey: type | ||
secretName: user-gcp-sa |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,28 @@ | ||
FROM registry.access.redhat.com/ubi8/go-toolset:1.20 as builder | ||
|
||
WORKDIR /tmp | ||
RUN git clone https://github.com/openshift/build-machinery-go.git && \ | ||
cd /tmp/build-machinery-go/commitchecker && \ | ||
go build | ||
|
||
FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9 | ||
|
||
WORKDIR /bin | ||
|
||
COPY --from=builder /tmp/build-machinery-go/commitchecker/commitchecker /bin/commitchecker | ||
RUN microdnf install git && \ | ||
chmod +x /bin/commitchecker && \ | ||
mkdir -p /src/app-root | ||
|
||
WORKDIR /src/app-root | ||
ENTRYPOINT ["commitchecker"] | ||
|
||
VOLUME ["/src/app-root"] | ||
|
||
LABEL name="Commit Checker tool" \ | ||
summary="commitchecker validates a range of commits in a git repository and ensures they meet specific requirements: \ | ||
1. The author's email address does not start with "root@". \ | ||
2. The message starts with one of: \ | ||
i. UPSTREAM: <PR number|carry|drop>: description \ | ||
ii. UPSTREAM: revert: \ | ||
This is useful for repositories that are downstream forks of upstream repositories." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,35 @@ | ||
#!/bin/bash | ||
|
||
start=$1 | ||
end=$2 | ||
config=$3 | ||
fetch_mode=$4 | ||
|
||
print_usage() { | ||
printf "Usage: validate_pr_commits.sh START [END [CONFIG [FETCH_MODE]]]\n" | ||
printf " START = Commit hash to start\n" | ||
printf " END = Last commit hash to check\n" | ||
printf " CONFIG = Pass a config file\n" | ||
printf " FETCH_MODE = Git fetch mode (default: https)\n" | ||
} | ||
|
||
run_commit_checker() { | ||
args="--start $start" | ||
if [ ! -z "$end" ]; then | ||
args="${args} --end $end" | ||
fi | ||
if [ ! -z "$config" ]; then | ||
args="${args} --config $config" | ||
fi | ||
if [ ! -z "$fetch_mode" ]; then | ||
args="${args} --fech-mode $fetch_mode" | ||
fi | ||
podman run -v $(pwd):/src/app-root quay.io/rmartine/commitchecker:latest $args | ||
} | ||
|
||
if [ $# -eq 0 ]; then | ||
print_usage | ||
exit 0 | ||
fi | ||
|
||
run_commit_checker |