mirror of
https://github.com/meta-llama/llama-stack.git
synced 2025-12-17 00:42:36 +00:00
7308c8aef1
Some checks failed
SqlStore Integration Tests / test-postgres (3.12) (push) Failing after 0s
SqlStore Integration Tests / test-postgres (3.13) (push) Failing after 0s
Integration Auth Tests / test-matrix (oauth2_token) (push) Failing after 2s
Test External Providers Installed via Module / test-external-providers-from-module (venv) (push) Has been skipped
Integration Tests (Replay) / generate-matrix (push) Successful in 3s
API Conformance Tests / check-schema-compatibility (push) Successful in 12s
Python Package Build Test / build (3.12) (push) Successful in 15s
Python Package Build Test / build (3.13) (push) Successful in 17s
Test External API and Providers / test-external (venv) (push) Failing after 30s
Vector IO Integration Tests / test-matrix (push) Failing after 48s
UI Tests / ui-tests (22) (push) Successful in 1m36s
Unit Tests / unit-tests (3.13) (push) Failing after 1m43s
Unit Tests / unit-tests (3.12) (push) Failing after 1m54s
Integration Tests (Replay) / Integration Tests (, , , client=, ) (push) Failing after 3m24s
Pre-commit / pre-commit (22) (push) Successful in 4m22s
# What does this PR do? Currently impossible to test workflow changes (pull_request_target uses base branch definition) or manually trigger SDK builds. This adds both capabilities. - Add workflow_dispatch with pr_number input for manual testing - Add workflow file to path triggers for automatic testing - Fetch PR details via gh CLI for manual runs - Update jobs to use computed PR data for both trigger types ## Test Plan impossible to test until it merges unfortunately. I am doing this in a smaller PR so that I can use it immediately in a follow up. Signed-off-by: Charlie Doern <cdoern@redhat.com>
189 lines
8 KiB
YAML
189 lines
8 KiB
YAML
name: Stainless SDK Builds
|
|
run-name: Build Stainless SDK from OpenAPI spec changes
|
|
|
|
# This workflow uses pull_request_target, which allows it to run on pull requests
|
|
# from forks with access to secrets. This is safe because the workflow definition
|
|
# comes from the base branch (trusted), and the action only reads OpenAPI spec
|
|
# files without executing any code from the PR.
|
|
|
|
on:
|
|
pull_request_target:
|
|
types:
|
|
- opened
|
|
- synchronize
|
|
- reopened
|
|
- closed
|
|
paths:
|
|
- "client-sdks/stainless/**"
|
|
- ".github/workflows/stainless-builds.yml" # this workflow
|
|
workflow_dispatch:
|
|
inputs:
|
|
pr_number:
|
|
description: 'PR number to run Stainless build for'
|
|
required: true
|
|
type: number
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.event.pull_request.number || inputs.pr_number || github.run_id }}
|
|
cancel-in-progress: true
|
|
|
|
env:
|
|
# Stainless organization name.
|
|
STAINLESS_ORG: llamastack
|
|
|
|
# Stainless project name.
|
|
STAINLESS_PROJECT: llama-stack-client
|
|
|
|
# Path to your OpenAPI spec.
|
|
OAS_PATH: ./client-sdks/stainless/openapi.yml
|
|
|
|
# Path to your Stainless config. Optional; only provide this if you prefer
|
|
# to maintain the ground truth Stainless config in your own repo.
|
|
CONFIG_PATH: ./client-sdks/stainless/config.yml
|
|
|
|
# When to fail the job based on build conclusion.
|
|
# Options: "never" | "note" | "warning" | "error" | "fatal".
|
|
FAIL_ON: error
|
|
|
|
# In your repo secrets, configure:
|
|
# - STAINLESS_API_KEY: a Stainless API key, which you can generate on the
|
|
# Stainless organization dashboard
|
|
|
|
jobs:
|
|
compute-branch:
|
|
runs-on: ubuntu-latest
|
|
outputs:
|
|
preview_branch: ${{ steps.compute.outputs.preview_branch }}
|
|
base_branch: ${{ steps.compute.outputs.base_branch }}
|
|
merge_branch: ${{ steps.compute.outputs.merge_branch }}
|
|
pr_head_repo: ${{ steps.compute.outputs.pr_head_repo }}
|
|
pr_head_ref: ${{ steps.compute.outputs.pr_head_ref }}
|
|
pr_head_sha: ${{ steps.compute.outputs.pr_head_sha }}
|
|
pr_base_sha: ${{ steps.compute.outputs.pr_base_sha }}
|
|
pr_base_ref: ${{ steps.compute.outputs.pr_base_ref }}
|
|
steps:
|
|
- name: Fetch PR details for workflow_dispatch
|
|
if: github.event_name == 'workflow_dispatch'
|
|
id: fetch-pr
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
run: |
|
|
PR_DATA=$(gh pr view ${{ inputs.pr_number }} --repo ${{ github.repository }} --json headRefName,headRepository,headRefOid,baseRefName,baseRefOid,headRepositoryOwner)
|
|
echo "pr_data=$PR_DATA" >> $GITHUB_OUTPUT
|
|
|
|
- name: Compute branch names
|
|
id: compute
|
|
run: |
|
|
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
|
|
# Extract from fetched PR data
|
|
PR_DATA='${{ steps.fetch-pr.outputs.pr_data }}'
|
|
FORK_OWNER=$(echo "$PR_DATA" | jq -r '.headRepositoryOwner.login')
|
|
REPO_NAME=$(echo "$PR_DATA" | jq -r '.headRepository.name')
|
|
HEAD_REPO="${FORK_OWNER}/${REPO_NAME}"
|
|
BRANCH_NAME=$(echo "$PR_DATA" | jq -r '.headRefName')
|
|
HEAD_SHA=$(echo "$PR_DATA" | jq -r '.headRefOid')
|
|
BASE_SHA=$(echo "$PR_DATA" | jq -r '.baseRefOid')
|
|
BASE_REF=$(echo "$PR_DATA" | jq -r '.baseRefName')
|
|
else
|
|
# Use pull_request_target event data
|
|
HEAD_REPO="${{ github.event.pull_request.head.repo.full_name }}"
|
|
BRANCH_NAME="${{ github.event.pull_request.head.ref }}"
|
|
FORK_OWNER="${{ github.event.pull_request.head.repo.owner.login }}"
|
|
HEAD_SHA="${{ github.event.pull_request.head.sha }}"
|
|
BASE_SHA="${{ github.event.pull_request.base.sha }}"
|
|
BASE_REF="${{ github.event.pull_request.base.ref }}"
|
|
fi
|
|
|
|
BASE_REPO="${{ github.repository }}"
|
|
|
|
if [ "$HEAD_REPO" != "$BASE_REPO" ]; then
|
|
# Fork PR: prefix with fork owner for isolation
|
|
if [ -z "$FORK_OWNER" ]; then
|
|
echo "Error: Fork PR detected but fork owner is empty" >&2
|
|
exit 1
|
|
fi
|
|
PREVIEW_BRANCH="preview/${FORK_OWNER}/${BRANCH_NAME}"
|
|
BASE_BRANCH="preview/base/${FORK_OWNER}/${BRANCH_NAME}"
|
|
else
|
|
# Same-repo PR
|
|
PREVIEW_BRANCH="preview/${BRANCH_NAME}"
|
|
BASE_BRANCH="preview/base/${BRANCH_NAME}"
|
|
fi
|
|
|
|
echo "preview_branch=${PREVIEW_BRANCH}" >> $GITHUB_OUTPUT
|
|
echo "base_branch=${BASE_BRANCH}" >> $GITHUB_OUTPUT
|
|
echo "merge_branch=${PREVIEW_BRANCH}" >> $GITHUB_OUTPUT
|
|
echo "pr_head_repo=${HEAD_REPO}" >> $GITHUB_OUTPUT
|
|
echo "pr_head_ref=${BRANCH_NAME}" >> $GITHUB_OUTPUT
|
|
echo "pr_head_sha=${HEAD_SHA}" >> $GITHUB_OUTPUT
|
|
echo "pr_base_sha=${BASE_SHA}" >> $GITHUB_OUTPUT
|
|
echo "pr_base_ref=${BASE_REF}" >> $GITHUB_OUTPUT
|
|
|
|
preview:
|
|
needs: compute-branch
|
|
if: github.event_name == 'workflow_dispatch' || github.event.action != 'closed'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
pull-requests: write
|
|
steps:
|
|
# Checkout the PR's code to access the OpenAPI spec and config files.
|
|
# This is necessary to read the spec/config from the PR (including from forks).
|
|
- name: Checkout repository
|
|
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
|
with:
|
|
repository: ${{ needs.compute-branch.outputs.pr_head_repo }}
|
|
ref: ${{ needs.compute-branch.outputs.pr_head_sha }}
|
|
fetch-depth: 2
|
|
|
|
- name: Run preview builds
|
|
uses: stainless-api/upload-openapi-spec-action/preview@a4d631c1e9ef9130430c1df7d25fba1ff6bddafd # 1.7.1
|
|
with:
|
|
stainless_api_key: ${{ secrets.STAINLESS_API_KEY }}
|
|
org: ${{ env.STAINLESS_ORG }}
|
|
project: ${{ env.STAINLESS_PROJECT }}
|
|
oas_path: ${{ env.OAS_PATH }}
|
|
config_path: ${{ env.CONFIG_PATH }}
|
|
fail_on: ${{ env.FAIL_ON }}
|
|
base_sha: ${{ needs.compute-branch.outputs.pr_base_sha }}
|
|
base_ref: ${{ needs.compute-branch.outputs.pr_base_ref }}
|
|
head_sha: ${{ needs.compute-branch.outputs.pr_head_sha }}
|
|
branch: ${{ needs.compute-branch.outputs.preview_branch }}
|
|
base_branch: ${{ needs.compute-branch.outputs.base_branch }}
|
|
|
|
merge:
|
|
needs: compute-branch
|
|
if: github.event_name == 'pull_request_target' && github.event.action == 'closed' && github.event.pull_request.merged == true
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
pull-requests: write
|
|
steps:
|
|
# Checkout the PR's code to access the OpenAPI spec and config files.
|
|
# This is necessary to read the spec/config from the PR (including from forks).
|
|
- name: Checkout repository
|
|
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
|
|
with:
|
|
repository: ${{ needs.compute-branch.outputs.pr_head_repo }}
|
|
ref: ${{ needs.compute-branch.outputs.pr_head_sha }}
|
|
fetch-depth: 2
|
|
|
|
# Note that this only merges in changes that happened on the last build on
|
|
# the computed preview branch. It's possible that there are OAS/config
|
|
# changes that haven't been built, if the preview job didn't finish
|
|
# before this step starts. In theory we want to wait for all builds
|
|
# against the preview branch to complete, but assuming that
|
|
# the preview job happens before the PR merge, it should be fine.
|
|
- name: Run merge build
|
|
uses: stainless-api/upload-openapi-spec-action/merge@a4d631c1e9ef9130430c1df7d25fba1ff6bddafd # 1.7.1
|
|
with:
|
|
stainless_api_key: ${{ secrets.STAINLESS_API_KEY }}
|
|
org: ${{ env.STAINLESS_ORG }}
|
|
project: ${{ env.STAINLESS_PROJECT }}
|
|
oas_path: ${{ env.OAS_PATH }}
|
|
config_path: ${{ env.CONFIG_PATH }}
|
|
fail_on: ${{ env.FAIL_ON }}
|
|
base_sha: ${{ needs.compute-branch.outputs.pr_base_sha }}
|
|
base_ref: ${{ needs.compute-branch.outputs.pr_base_ref }}
|
|
head_sha: ${{ needs.compute-branch.outputs.pr_head_sha }}
|
|
merge_branch: ${{ needs.compute-branch.outputs.merge_branch }}
|