From ea8d68e93080b8050a7220dc5e87e670b99b89a9 Mon Sep 17 00:00:00 2001 From: Brad White Date: Tue, 5 Aug 2025 23:48:35 -0600 Subject: [PATCH] [CI] Reapply Renovate helper scripts (#228664) ## Summary Reapply #225345 Closes #213293 The original PR had issues parsing the `if` statement which were not surfaced in testing, see [logs](https://buildkite.com/elastic/kibana-renovate-helper/builds/16#01980f2f-ab1a-4c6c-afe6-5b8e73972353/196-201). This was addressed by removing the outer quotes on the `if` in [47f8d53](https://github.com/elastic/kibana/pull/228664/commits/47f8d53008c9b26710cfbb4e1533a93736008486), and is the only change from the original PR. ### Testing Renovate PR opened or comment group: https://buildkite.com/elastic/kibana-renovate-helper/builds/28 Renovate PR updated group: https://buildkite.com/elastic/kibana-renovate-helper/builds/29 (cherry picked from commit b5968e4e8fdbeaa4963f65e4e0d70f98e2a837bc) # Conflicts: # .buildkite/pipelines/renovate_helper.yml # .buildkite/pull_requests.json # .buildkite/scripts/steps/renovate/renovate_helper.sh # .buildkite/scripts/steps/renovate/trigger_pr.sh --- .buildkite/pipelines/renovate_helper.yml | 42 +++++++++++ .buildkite/pull_requests.json | 75 ++++++++++++++++--- .../scripts/steps/renovate/renovate_helper.sh | 18 +++++ .../scripts/steps/renovate/trigger_pr.sh | 14 ++++ .buildkite/scripts/steps/trigger_pipeline.ts | 7 ++ 5 files changed, 144 insertions(+), 12 deletions(-) create mode 100644 .buildkite/pipelines/renovate_helper.yml create mode 100755 .buildkite/scripts/steps/renovate/renovate_helper.sh create mode 100755 .buildkite/scripts/steps/renovate/trigger_pr.sh diff --git a/.buildkite/pipelines/renovate_helper.yml b/.buildkite/pipelines/renovate_helper.yml new file mode 100644 index 0000000000000..1c51c7197254d --- /dev/null +++ b/.buildkite/pipelines/renovate_helper.yml @@ -0,0 +1,42 @@ +agents: + provider: gcp + image: family/kibana-ubuntu-2004 + imageProject: elastic-images-prod + machineType: n2-standard-2 +steps: + - group: 'Renovate PR opened or comment' + if: build.env('GITHUB_PR_USER') == 'elastic-renovate-prod[bot]' && ((build.env('GITHUB_PR_EVENT_TYPE') == 'pull_request' && build.env('GITHUB_PR_EVENT_ACTION') == 'opened') || (build.env('GITHUB_PR_EVENT_TYPE') == 'issue_comment' && build.env('GITHUB_PR_EVENT_ACTION') == 'created')) + + steps: + - command: .buildkite/scripts/steps/renovate/renovate_helper.sh + label: 'Run Renovate helper' + key: renovate_helper + timeout_in_minutes: 20 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - wait: ~ + + - command: .buildkite/scripts/steps/renovate/trigger_pr.sh + label: 'Trigger Kibana PR pipeline' + key: trigger_pr_opened + timeout_in_minutes: 10 + retry: + automatic: + - exit_status: '*' + limit: 1 + + - group: 'Renovate PR updated' + # GITHUB_PR_USER is the PR author and GITHUB_PR_TRIGGER_USER is the commit author + if: build.env('GITHUB_PR_USER') == 'elastic-renovate-prod[bot]' && build.env('GITHUB_PR_TRIGGER_USER') != 'elastic-renovate-prod[bot]' && build.env('GITHUB_PR_EVENT_TYPE') == 'pull_request' && build.env('GITHUB_PR_EVENT_ACTION') == 'synchronize' + steps: + - command: .buildkite/scripts/steps/renovate/trigger_pr.sh + label: 'Trigger Kibana PR pipeline' + key: trigger_pr_updated + timeout_in_minutes: 10 + retry: + automatic: + - exit_status: '*' + limit: 1 diff --git a/.buildkite/pull_requests.json b/.buildkite/pull_requests.json index d0d8e8a561b3f..1825ba4f8b364 100644 --- a/.buildkite/pull_requests.json +++ b/.buildkite/pull_requests.json @@ -4,11 +4,15 @@ "repoOwner": "elastic", "repoName": "kibana", "pipelineSlug": "kibana-pull-request", - "enabled": true, "allow_org_users": true, - "allowed_repo_permissions": ["admin", "write"], - "allowed_list": ["elastic-vault-github-plugin-prod[bot]"], + "allowed_repo_permissions": [ + "admin", + "write" + ], + "allowed_list": [ + "elastic-vault-github-plugin-prod[bot]" + ], "set_commit_status": true, "commit_status_context": "kibana-ci", "build_on_commit": true, @@ -17,8 +21,14 @@ "build_on_ready": true, "trigger_comment_regex": "^(?:(?:buildkite\\W+)?(?:build|test)\\W+(?:this|it))|^\\/ci$", "always_trigger_comment_regex": "^(?:(?:buildkite\\W+)?(?:build|test)\\W+(?:this|it))|^\\/ci$", - "skip_ci_labels": ["skip-ci"], - "skip_target_branches": ["6.8", "7.11", "7.12"], + "skip_ci_labels": [ + "skip-ci" + ], + "skip_target_branches": [ + "6.8", + "7.11", + "7.12" + ], "enable_skippable_commits": true, "skip_ci_on_only_changed": [ "^docs/", @@ -38,7 +48,10 @@ ], "kibana_versions_check": true, "kibana_build_reuse": true, - "kibana_build_reuse_pipeline_slugs": ["kibana-pull-request", "kibana-on-merge"], + "kibana_build_reuse_pipeline_slugs": [ + "kibana-pull-request", + "kibana-on-merge" + ], "kibana_build_reuse_regexes": [ "^test/", "^x-pack/test/", @@ -53,8 +66,13 @@ "skip_ci_labels": [], "enabled": true, "allow_org_users": true, - "allowed_repo_permissions": ["admin", "write"], - "allowed_list": ["elastic-vault-github-plugin-prod[bot]"], + "allowed_repo_permissions": [ + "admin", + "write" + ], + "allowed_list": [ + "elastic-vault-github-plugin-prod[bot]" + ], "set_commit_status": true, "commit_status_context": "kibana-deploy-project-from-pr", "build_on_commit": false, @@ -63,7 +81,11 @@ "trigger_comment_regex": "^(?:(?:buildkite\\W+)?(?:deploy)\\W+(?:project))$", "kibana_versions_check": true, "kibana_build_reuse": true, - "kibana_build_reuse_pipeline_slugs": ["kibana-pull-request", "kibana-on-merge", "kibana-deploy-project-from-pr"], + "kibana_build_reuse_pipeline_slugs": [ + "kibana-pull-request", + "kibana-on-merge", + "kibana-deploy-project-from-pr" + ], "kibana_build_reuse_regexes": [ "^test/", "^x-pack/test/", @@ -78,8 +100,13 @@ "skip_ci_labels": [], "enabled": true, "allow_org_users": true, - "allowed_repo_permissions": ["admin", "write"], - "allowed_list": ["elastic-vault-github-plugin-prod[bot]"], + "allowed_repo_permissions": [ + "admin", + "write" + ], + "allowed_list": [ + "elastic-vault-github-plugin-prod[bot]" + ], "set_commit_status": true, "commit_status_context": "kibana-deploy-cloud-from-pr", "build_on_commit": false, @@ -88,13 +115,37 @@ "trigger_comment_regex": "^(?:(?:buildkite\\W+)?(?:deploy)\\W+(?:cloud))$", "kibana_versions_check": true, "kibana_build_reuse": true, - "kibana_build_reuse_pipeline_slugs": ["kibana-pull-request", "kibana-on-merge", "kibana-deploy-cloud-from-pr"], + "kibana_build_reuse_pipeline_slugs": [ + "kibana-pull-request", + "kibana-on-merge", + "kibana-deploy-cloud-from-pr" + ], "kibana_build_reuse_regexes": [ "^test/", "^x-pack/test/", "/__snapshots__/", "\\.test\\.(ts|tsx|js|jsx)" ] + }, + { + "repoOwner": "elastic", + "repoName": "kibana", + "pipelineSlug": "kibana-renovate-helper", + "skip_ci_labels": [], + "enabled": true, + "allow_org_users": true, + "allowed_repo_permissions": [ + "admin", + "write" + ], + "allowed_list": [ + "elastic-vault-github-plugin-prod[bot]" + ], + "build_on_commit": true, + "build_on_comment": true, + "build_drafts": false, + "trigger_comment_regex": "^(?:(?:buildkite\\W+)?(?:run)\\W+(?:renovate)\\W+(?:helper))$", + "kibana_versions_check": true } ] } diff --git a/.buildkite/scripts/steps/renovate/renovate_helper.sh b/.buildkite/scripts/steps/renovate/renovate_helper.sh new file mode 100755 index 0000000000000..93314271876a0 --- /dev/null +++ b/.buildkite/scripts/steps/renovate/renovate_helper.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +set -euo pipefail + +source .buildkite/scripts/common/util.sh +.buildkite/scripts/bootstrap.sh + +echo --- Deduplicate yarn.lock +cmd="node scripts/yarn_deduplicate.js && yarn kbn bootstrap && node scripts/yarn_deduplicate.js" +eval "$cmd" +check_for_changed_files "$cmd" true + +echo --- Additional helpers +# We only want the deploy label on the main branch instead of all branches in the Renovate group +if [ "$GITHUB_PR_BRANCH" = "renovate/main-chainguard" ] && ! is_pr_with_label "ci:cloud-deploy"; then + echo "Adding deploy label to main chainguard PR" + gh api "repos/elastic/kibana/issues/${GITHUB_PR_NUMBER}/labels" --method POST -f "labels[]=ci:cloud-deploy" >/dev/null +fi diff --git a/.buildkite/scripts/steps/renovate/trigger_pr.sh b/.buildkite/scripts/steps/renovate/trigger_pr.sh new file mode 100755 index 0000000000000..63f2d4dfbdcf0 --- /dev/null +++ b/.buildkite/scripts/steps/renovate/trigger_pr.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +set -euo pipefail + +echo --- Triggering Kibana Pull Request Pipeline + +# The Github env vars need to be passed along manually +# GITHUB_PR_* is used to avoid any sensitive vars being passed along +GITHUB_ENV_VARS=() +for var in $(env | grep ^GITHUB_PR_ | cut -d= -f1); do + GITHUB_ENV_VARS+=("$var=${!var}") +done + +ts-node .buildkite/scripts/steps/trigger_pipeline.ts kibana-pull-request "$BUILDKITE_BRANCH" "$BUILDKITE_COMMIT" "" "${GITHUB_ENV_VARS[*]}" diff --git a/.buildkite/scripts/steps/trigger_pipeline.ts b/.buildkite/scripts/steps/trigger_pipeline.ts index a9c478b3a02b9..629611ce7d1a9 100644 --- a/.buildkite/scripts/steps/trigger_pipeline.ts +++ b/.buildkite/scripts/steps/trigger_pipeline.ts @@ -13,6 +13,8 @@ const pipelineSlug = process.argv[2]; const branch = process.argv[3] || 'main'; const commit = process.argv[4] || 'HEAD'; const kibanaBuildId = process.argv[5] || ''; +// key=value pairs in space separated string +const extraEnvVariables = process.argv[6] || ''; (async () => { try { @@ -22,6 +24,11 @@ const kibanaBuildId = process.argv[5] || ''; branch, env: { ...(kibanaBuildId && { KIBANA_BUILD_ID: kibanaBuildId }), + ...extraEnvVariables.split(' ').reduce>((acc, varString) => { + const [key, value] = varString.split('='); + acc[key] = value; + return acc; + }, {}), }, ignore_pipeline_branch_filters: true, // Required because of a Buildkite bug });