Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add automation action for plugin_cache.json #819

Merged
merged 1 commit into from
Aug 14, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
83 changes: 83 additions & 0 deletions .github/workflows/maintain_cache.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
name: Garak maintain cache

on:
push:
branches:
- 'main'
paths-ignore:
- 'garak/resources/plugin_cache.json'
workflow_dispatch:

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
# forcing full checkout for reflog access
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: "3.12"
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Build a local cache
run: |
export TZ=UTC
git ls-files garak/ -z | xargs -0 -I{} -- git log -1 --date=iso-local --format="%ad {}" {} | while read -r udate utime utz ufile ; do
touch -d "$udate $utime" $ufile
done
python -m garak --list_probes
- name: Commit updated plugin cache if modified
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
FILE_TO_COMMIT: garak/resources/plugin_cache.json
DESTINATION_BRANCH: ${{ github.ref_name }}
COMMIT_RESULT: ${{ endsWith(github.ref, '/main')}}
run: |
if [ -f $HOME/.cache/garak/resources/plugin_cache.json ]; then
echo "File updated from user cache"
cp $HOME/.cache/garak/resources/plugin_cache.json $FILE_TO_COMMIT
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Are user caches something that replaces the package cache rather than augmenting it?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The package cache is a baseline that is immutable on disk to ensure the user does not need write permissions to the install location. The user file is updated from this baseline when it is newer than the user file and augmented with any updates since the package cache was created. This pattern will allow for custom user local items to be added to the cache when that support is added to the project. The user file is utilized exclusively during runtime. It is much less complex to maintain consistency of single cache file than to merge and override sections.

This automation simply forces the user cache file to be built and checks if it is different from the baseline. If it is those change are what needs to be added to the tree since the build is based on the latest commit to the branch.

fi
set +e
git diff --exit-code $FILE_TO_COMMIT > /dev/null
if [ $? -ne 0 ]; then
set -e
echo "Plugin cache updates exist"
if [ "$COMMIT_RESULT" = true ]; then
export MESSAGE="automatic $FILE_TO_COMMIT update"
export SHA=$( git rev-parse $DESTINATION_BRANCH:$FILE_TO_COMMIT )
cat <<- EOF > write_request.py
#!python
import json
import os
import base64
with open("$FILE_TO_COMMIT", 'rb') as f:
content = base64.b64encode(f.read()).decode()
request = {
"message": os.environ["MESSAGE"],
"content": content,
"encoding": "base64",
"branch": os.environ["DESTINATION_BRANCH"],
"sha": os.environ["SHA"],
}
with open("request.json", "w", encoding="utf-8") as f:
json.dump(request, f, indent=4)
EOF
chmod +x write_request.py
python write_request.py
gh api --method PUT /repos/:owner/:repo/contents/$FILE_TO_COMMIT --input request.json
echo "Update committed to repo"
else
echo "Branch is not 'main' exit without commit"
fi
else
echo "No Plugin cache updates exit without commit"
fi
5 changes: 3 additions & 2 deletions garak/_plugins.py
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,8 @@ def _valid_loaded_cache(self, local_cache, user_time):
for plugin_type in PLUGIN_TYPES:
validated_plugin_filenames = set()
prev_mod = None
for k in local_cache[plugin_type]:
plugins = local_cache.get(plugin_type, {})
for k in plugins:
category, module, klass = k.split(".")
if module != prev_mod:
prev_mod = module
Expand All @@ -125,7 +126,7 @@ def _valid_loaded_cache(self, local_cache, user_time):

# if all known are up-to-date check filesystem for missing
found_filenames = set()
plugin_path = _config.transient.package_dir / category
plugin_path = _config.transient.package_dir / plugin_type
for module_filename in sorted(os.listdir(plugin_path)):
if not module_filename.endswith(".py"):
continue
Expand Down
Loading