|
| 1 | +# GitHub Actions Workflows |
| 2 | + |
| 3 | +This directory contains the CI/CD workflows for the vscode-python extension. |
| 4 | + |
| 5 | +## Main Workflows |
| 6 | + |
| 7 | +### build.yml |
| 8 | +The main CI pipeline that runs on pushes to `main`, `release`, and `release/*` branches. This workflow: |
| 9 | +- Builds VSIX packages for multiple platforms |
| 10 | +- Runs linting and type checking |
| 11 | +- Executes Python and TypeScript tests |
| 12 | +- Performs smoke tests |
| 13 | +- **Automatically files issues when CI fails on main branch** |
| 14 | + |
| 15 | +#### Automatic Issue Filing on Failures |
| 16 | + |
| 17 | +When any job in the build workflow fails on the `main` branch, the `report-failure` job automatically: |
| 18 | + |
| 19 | +1. **Creates a GitHub issue** with: |
| 20 | + - List of failed jobs |
| 21 | + - Direct link to the failed workflow run |
| 22 | + - Commit information (SHA, message, author) |
| 23 | + - Labels: `ci-failure`, `bug`, `needs-triage` |
| 24 | + |
| 25 | +2. **Prevents duplicate issues** by: |
| 26 | + - Checking for existing open issues with the `ci-failure` label |
| 27 | + - Adding a comment to recent issues (within 24 hours) instead of creating duplicates |
| 28 | + |
| 29 | +3. **Provides actionable information** including: |
| 30 | + - Workflow run URL for detailed logs |
| 31 | + - Commit details for quick identification |
| 32 | + - Author mention for notification |
| 33 | + |
| 34 | +**Example Issue Title:** |
| 35 | +``` |
| 36 | +CI Failure on main: lint, tests |
| 37 | +``` |
| 38 | + |
| 39 | +**Example Issue Body:** |
| 40 | +```markdown |
| 41 | +## CI Failure Report |
| 42 | + |
| 43 | +The following jobs failed on the main branch: |
| 44 | +- **lint** |
| 45 | +- **tests** |
| 46 | + |
| 47 | +**Workflow Run:** https://github.com/microsoft/vscode-python/actions/runs/123456789 |
| 48 | +**Commit:** abc123def456 |
| 49 | +**Commit Message:** Fix test flakiness |
| 50 | +**Author:** @username |
| 51 | + |
| 52 | +Please investigate and fix the failure. |
| 53 | + |
| 54 | +--- |
| 55 | +*This issue was automatically created by the CI system.* |
| 56 | +``` |
| 57 | + |
| 58 | +#### Configuration |
| 59 | + |
| 60 | +The automatic issue filing is controlled by: |
| 61 | +- **Repository check:** Only runs for `microsoft/vscode-python` |
| 62 | +- **Branch check:** Only runs on `refs/heads/main` |
| 63 | +- **Permissions:** Requires `issues: write` permission |
| 64 | +- **Dependencies:** Runs after all test jobs complete using `needs` and `always()` |
| 65 | + |
| 66 | +### pr-check.yml |
| 67 | +Runs on pull requests and non-main branches. Similar to build.yml but does not include automatic issue filing. |
| 68 | + |
| 69 | +### Other Workflows |
| 70 | +- `info-needed-closer.yml`: Closes stale issues needing more information |
| 71 | +- `issue-labels.yml`: Manages issue labeling |
| 72 | +- `pr-labels.yml`: Manages pull request labeling |
| 73 | +- `lock-issues.yml`: Locks old issues |
| 74 | +- `codeql-analysis.yml`: Security scanning with CodeQL |
| 75 | + |
| 76 | +## Permissions |
| 77 | + |
| 78 | +Workflows use minimal permissions following the principle of least privilege: |
| 79 | +- Most workflows: No permissions (`permissions: {}`) |
| 80 | +- Issue management workflows: `issues: write` |
| 81 | +- Build workflow report-failure job: `issues: write` |
| 82 | + |
| 83 | +## Workflow Maintenance |
| 84 | + |
| 85 | +When modifying workflows: |
| 86 | +1. Test YAML syntax: `python3 -c "import yaml; yaml.safe_load(open('.github/workflows/<workflow>.yml'))"` |
| 87 | +2. Verify GitHub Actions syntax using the Actions tab |
| 88 | +3. Consider impact on both PRs and main branch |
| 89 | +4. Update this documentation if changing significant behavior |
0 commit comments