diff --git a/.github/workflows/pr-checks-master-v2.yml b/.github/workflows/pr-checks-master-v2.yml new file mode 100644 index 0000000000..2004af5ea5 --- /dev/null +++ b/.github/workflows/pr-checks-master-v2.yml @@ -0,0 +1,97 @@ +name: Sagemaker PR Checks (Master-v2) +on: + pull_request_target: + branches: + - "master-v2" + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.head_ref }} + cancel-in-progress: true + +permissions: + id-token: write + +jobs: + collab-check: + runs-on: ubuntu-latest + outputs: + approval-env: ${{ steps.collab-check.outputs.result }} + steps: + - name: Collaborator Check + uses: actions/github-script@v7 + id: collab-check + with: + github-token: ${{ secrets.COLLAB_CHECK_TOKEN }} + result-encoding: string + script: | + try { + const res = await github.rest.repos.checkCollaborator({ + owner: context.repo.owner, + repo: context.repo.repo, + username: "${{ github.event.pull_request.user.login }}", + }); + console.log("Verifed ${{ github.event.pull_request.user.login }} is a repo collaborator. Auto Approving PR Checks.") + return res.status == "204" ? "auto-approve" : "manual-approval" + } catch (error) { + console.log("${{ github.event.pull_request.user.login }} is not a collaborator. Requiring Manual Approval to run PR Checks.") + return "manual-approval" + } + wait-for-approval: + runs-on: ubuntu-latest + needs: [collab-check] + environment: ${{ needs.collab-check.outputs.approval-env }} + steps: + - run: echo "Workflow Approved! Starting PR Checks." + codestyle-doc-tests: + runs-on: ubuntu-latest + needs: [wait-for-approval] + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Codestyle & Doc Tests + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.event.repository.name }}-ci-codestyle-doc-tests + source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' + unit-tests: + runs-on: ubuntu-latest + needs: [wait-for-approval] + strategy: + fail-fast: false + matrix: + python-version: ["py39","py310","py311","py312"] + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Unit Tests + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.event.repository.name }}-ci-unit-tests + source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' + env-vars-for-codebuild: | + PY_VERSION + env: + PY_VERSION: ${{ matrix.python-version }} + integ-tests: + runs-on: ubuntu-latest + needs: [wait-for-approval] + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} + aws-region: us-west-2 + role-duration-seconds: 10800 + - name: Run Integ Tests + uses: aws-actions/aws-codebuild-run-build@v1 + with: + project-name: ${{ github.event.repository.name }}-ci-integ-tests + source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks-master.yml similarity index 68% rename from .github/workflows/pr-checks.yml rename to .github/workflows/pr-checks-master.yml index 5bcffb6031..12ed361742 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks-master.yml @@ -1,8 +1,13 @@ -name: Sagemaker PR Checks +name: Sagemaker PR Checks (Master) on: pull_request_target: branches: - - "master*" + - "master" + paths: + - 'sagemaker-train/**' + - 'sagemaker-serve/**' + - 'sagemaker-mlops/**' + - 'sagemaker-core/**' concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.head_ref }} @@ -45,26 +50,24 @@ jobs: detect-changes: runs-on: ubuntu-latest needs: [wait-for-approval] - if: github.event.pull_request.base.ref != 'master-v2' outputs: submodules: ${{ steps.check-changes.outputs.submodules }} steps: - uses: actions/checkout@v3 with: fetch-depth: 0 - token: ${{ secrets.GH_PAT }} # or use appropriate token - ref: ${{ github.event.pull_request.base.ref }} # Target branch (master-v3) + token: ${{ secrets.GH_PAT }} + ref: ${{ github.event.pull_request.base.ref }} - name: Detect Changes id: check-changes run: | - set -e # Exit on error + set -e - # Debug information echo "Target Branch: ${{ github.event.pull_request.base.ref }}" echo "Current Target SHA: $(git rev-parse HEAD)" echo "PR Number: ${{ github.event.pull_request.number }}" echo "PR Latest SHA: ${{ github.event.pull_request.head.sha }}" - # Fetch PR without creating a branch + git fetch origin pull/${{ github.event.pull_request.number }}/head CHANGES=$(git diff --name-only HEAD FETCH_HEAD) @@ -122,23 +125,6 @@ jobs: project-name: ${{ github.event.repository.name }}-ci-${{ matrix.submodule }}-codestyle-doc-tests source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' - codestyle-doc-tests-v2: - runs-on: ubuntu-latest - needs: [wait-for-approval] - if: github.event.pull_request.base.ref == 'master-v2' - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Codestyle & Doc Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-codestyle-doc-tests - source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' - unit-tests: runs-on: ubuntu-latest needs: [detect-changes] @@ -161,31 +147,6 @@ jobs: project-name: ${{ github.event.repository.name }}-ci-${{ matrix.submodule }}-unit-tests source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' - unit-tests-v2: - runs-on: ubuntu-latest - needs: [wait-for-approval] - if: github.event.pull_request.base.ref == 'master-v2' - strategy: - fail-fast: false - matrix: - python-version: ["py39","py310","py311","py312"] - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Unit Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-unit-tests - source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' - env-vars-for-codebuild: | - PY_VERSION - env: - PY_VERSION: ${{ matrix.python-version }} - integ-tests: runs-on: ubuntu-latest needs: [detect-changes] @@ -207,20 +168,3 @@ jobs: with: project-name: ${{ github.event.repository.name }}-ci-${{ matrix.submodule }}-integ-tests source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}' - - integ-tests-v2: - runs-on: ubuntu-latest - needs: [wait-for-approval] - if: github.event.pull_request.base.ref == 'master-v2' - steps: - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: ${{ secrets.CI_AWS_ROLE_ARN }} - aws-region: us-west-2 - role-duration-seconds: 10800 - - name: Run Integ Tests - uses: aws-actions/aws-codebuild-run-build@v1 - with: - project-name: ${{ github.event.repository.name }}-ci-integ-tests - source-version-override: 'refs/pull/${{ github.event.pull_request.number }}/head^{${{ github.event.pull_request.head.sha }}}'