From: Patrick Donnelly Date: Sun, 12 Jul 2026 16:55:19 +0000 (-0400) Subject: releng-audit: clear state labels and set pending status on comment triggers X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=01f53cc1a724ef28196cdca2e8eab6d6cf7b0a1f;p=ceph.git releng-audit: clear state labels and set pending status on comment triggers When /audit retest or /audit test-branch is invoked via an issue_comment event, GitHub Actions does not natively bind the execution to the PR's HEAD commit SHA. As a result, the check widget on the PR conversation tab remains in its previous state (often showing as failed), and any lingering releng-audit-fail or releng-audit-pass labels remain attached. This introduces a triggerAuditRun helper function to the workflow router that: - Removes any existing releng-audit-fail or releng-audit-pass labels from the pull request to reset the label state machine and prevent subsequent synchronize events from halting prematurely. - Explicitly creates a pending commit status on the PR's HEAD SHA via the GitHub REST API, ensuring visual consistency and feedback inside the PR UI while manual or test-branch audits execute in the background. Signed-off-by: Patrick Donnelly --- diff --git a/.github/workflows/releng-audit.yaml b/.github/workflows/releng-audit.yaml index 5875f4817e9..205e437b1b7 100644 --- a/.github/workflows/releng-audit.yaml +++ b/.github/workflows/releng-audit.yaml @@ -61,6 +61,30 @@ jobs: return authorized; } + async function triggerAuditRun(description) { + try { await github.rest.issues.removeLabel({ owner: context.repo.owner, repo: context.repo.repo, issue_number: context.issue.number, name: 'releng-audit-fail' }); } catch (e) {} + try { await github.rest.issues.removeLabel({ owner: context.repo.owner, repo: context.repo.repo, issue_number: context.issue.number, name: 'releng-audit-pass' }); } catch (e) {} + try { + const { data: pr } = await github.rest.pulls.get({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number + }); + await github.rest.repos.createCommitStatus({ + owner: context.repo.owner, + repo: context.repo.repo, + sha: pr.head.sha, + state: 'pending', + context: 'Backport Audit', + description: description + }); + core.info(`[Router] Set pending commit status on SHA: ${pr.head.sha}`); + } catch (e) { + core.info(`[Router] Failed to set commit status: ${e.message}`); + } + core.setOutput('run_audit', 'true'); + } + core.info(`[Router] Evaluating event: ${eventName}, action: ${payload.action || 'N/A'}`); // ========================================== @@ -78,7 +102,7 @@ jobs: if (commentBody.startsWith('/audit retest')) { core.info('[Router] Detected /audit retest command. Triggering audit.'); - core.setOutput('run_audit', 'true'); + await triggerAuditRun('Running backport audit retest...'); return; } else if (commentBody.startsWith('/audit test-branch')) { core.info(`[Router] Validating if user @${actor} is authorized to activate test branch.`); @@ -107,8 +131,8 @@ jobs: owner: context.repo.owner, repo: context.repo.repo, issue_number: context.issue.number, body: `🧪 **Audit Test Mode Activated** by @${actor}.\n\nExecuting audit using tooling checked out from branch \`${testBranch}\`.` }); - core.setOutput('run_audit', 'true'); core.setOutput('checkout_ref', testBranch); + await triggerAuditRun(`Running audit using branch ${testBranch}...`); } else { core.info(`[Router] User @${actor} NOT authorized to use test branches.`); core.setFailed(`User @${actor} is not authorized to invoke test branches.`);