Merge pull request #1055 from Altinity/25.6_update_s3_paths

25.6 update s3 paths

Author: MyroTk

.github/actions/create_workflow_report/ci_run_report.html.jinja

@@ -5,6 +5,9 @@
   <meta http-equiv="content-type" content="text/html; charset=UTF-8">
   <meta charset="UTF-8">
   <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  {%- if is_preview %}
+  <meta http-equiv="Cache-Control" content="max-age=300">
+  {%- endif %}
   <style>
     /* Base colors for Altinity */
     :root {

.github/actions/create_workflow_report/create_workflow_report.py

@@ -386,7 +386,7 @@ def get_cached_job(job_name: str) -> dict:
     return workflow_config["cache_jobs"].get(job_name, {})
 
 
-def get_cves(pr_number, commit_sha):
+def get_cves(pr_number, commit_sha, branch):
     """
     Fetch Grype results from S3.
 
@@ -395,19 +395,33 @@ def get_cves(pr_number, commit_sha):
     s3_client = boto3.client("s3", endpoint_url=os.getenv("S3_URL"))
     prefixes_to_check = set()
 
+    def format_prefix(pr_number, commit_sha, branch):
+        if pr_number == 0:
+            return f"REFs/{branch}/{commit_sha}/grype/"
+        else:
+            return f"PRs/{pr_number}/{commit_sha}/grype/"
+
     cached_server_job = get_cached_job("Docker server image")
     if cached_server_job:
         prefixes_to_check.add(
-            f"{cached_server_job['pr_number']}/{cached_server_job['sha']}/grype/"
+            format_prefix(
+                cached_server_job["pr_number"],
+                cached_server_job["sha"],
+                cached_server_job["branch"],
+            )
         )
     cached_keeper_job = get_cached_job("Docker keeper image")
     if cached_keeper_job:
         prefixes_to_check.add(
-            f"{cached_keeper_job['pr_number']}/{cached_keeper_job['sha']}/grype/"
+            format_prefix(
+                cached_keeper_job["pr_number"],
+                cached_keeper_job["sha"],
+                cached_keeper_job["branch"],
+            )
         )
 
     if not prefixes_to_check:
-        prefixes_to_check = {f"{pr_number}/{commit_sha}/grype/"}
+        prefixes_to_check = {format_prefix(pr_number, commit_sha, branch)}
 
     grype_result_dirs = []
     for s3_prefix in prefixes_to_check:
@@ -690,7 +704,7 @@ def create_workflow_report(
         "checks_errors": get_checks_errors(db_client, commit_sha, branch_name),
         "regression_fails": get_regression_fails(db_client, actions_run_url),
         "docker_images_cves": (
-            [] if not check_cves else get_cves(pr_number, commit_sha)
+            [] if not check_cves else get_cves(pr_number, commit_sha, branch_name)
         ),
     }
 
@@ -809,7 +823,10 @@ def create_workflow_report(
         print(f"Report saved to {report_path}")
         exit(0)
 
-    report_destination_key = f"{pr_number}/{commit_sha}/{report_name}"
+    if pr_number == 0:
+        report_destination_key = f"REFs/{branch_name}/{commit_sha}/{report_name}"
+    else:
+        report_destination_key = f"PRs/{pr_number}/{commit_sha}/{report_name}"
 
     # Upload the report to S3
     s3_client = boto3.client("s3", endpoint_url=os.getenv("S3_URL"))

.github/grype/transform_and_upload_results_s3.sh

@@ -1,11 +1,18 @@
 DOCKER_IMAGE=$(echo "$DOCKER_IMAGE" | sed 's/[\/:]/_/g')
 
-S3_PATH="s3://$S3_BUCKET/$PR_NUMBER/$COMMIT_SHA/grype/$DOCKER_IMAGE"
-HTTPS_S3_PATH="https://s3.amazonaws.com/$S3_BUCKET/$PR_NUMBER/$COMMIT_SHA/grype/$DOCKER_IMAGE"
-echo "https_s3_path=$HTTPS_S3_PATH" >> $GITHUB_OUTPUT
+if [ "$PR_NUMBER" -eq 0 ]; then
+    PREFIX="REFs/$GITHUB_REF_NAME/$COMMIT_SHA/grype/$DOCKER_IMAGE"
+else
+    PREFIX="PRs/$PR_NUMBER/$COMMIT_SHA/grype/$DOCKER_IMAGE"
+fi
+
+S3_PATH="s3://$S3_BUCKET/$PREFIX"
+HTTPS_RESULTS_PATH="https://$S3_BUCKET.s3.amazonaws.com/index.html#$PREFIX/"
+HTTPS_REPORT_PATH="https://s3.amazonaws.com/$S3_BUCKET/$PREFIX/results.html"
+echo "https_report_path=$HTTPS_REPORT_PATH" >> $GITHUB_OUTPUT
 
 tfs --no-colors transform nice raw.log nice.log.txt
-tfs --no-colors report results -a $HTTPS_S3_PATH raw.log - --copyright "Altinity LTD" | tfs --no-colors document convert > results.html
+tfs --no-colors report results -a $HTTPS_RESULTS_PATH raw.log - --copyright "Altinity LTD" | tfs --no-colors document convert > results.html
 
 aws s3 cp --no-progress nice.log.txt $S3_PATH/nice.log.txt --content-type "text/plain; charset=utf-8" || echo "nice log file not found".
 aws s3 cp --no-progress results.html $S3_PATH/results.html || echo "results file not found".

.github/workflows/backport_branches.yml

@@ -63,7 +63,12 @@ jobs:
           PR_NUMBER: ${{ github.event.pull_request.number || 0 }}
           COMMIT_SHA: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
         run: |
-          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PR_NUMBER/$COMMIT_SHA/ci_run_report.html
+          if [ "$PR_NUMBER" -eq 0 ]; then
+            PREFIX="REFs/$GITHUB_REF_NAME/$COMMIT_SHA"
+          else
+            PREFIX="PRs/$PR_NUMBER/$COMMIT_SHA"
+          fi
+          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PREFIX/ci_run_report.html
           echo "Workflow Run Report: [View Report]($REPORT_LINK)" >> $GITHUB_STEP_SUMMARY
 
       - name: Prepare env script
@@ -1524,7 +1529,7 @@ jobs:
     secrets: inherit
     with:
       runner_type: altinity-on-demand, altinity-regression-tester
-      commit: eadf0647501a547d57c49b71ca256e10c6c304f6
+      commit: bf856e2a535d5bb7a010cc2c2992c75d14df3c0e
       arch: release
       build_sha: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
       timeout_minutes: 300
@@ -1536,7 +1541,7 @@ jobs:
     secrets: inherit
     with:
       runner_type: altinity-on-demand, altinity-regression-tester-aarch64
-      commit: eadf0647501a547d57c49b71ca256e10c6c304f6
+      commit: bf856e2a535d5bb7a010cc2c2992c75d14df3c0e
       arch: aarch64
       build_sha: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
       timeout_minutes: 300

.github/workflows/grype_scan.yml

@@ -139,7 +139,7 @@ jobs:
                 repo: context.repo.repo,
                 sha: '${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}',
                 state: hasError ? 'error' : hasVulnerabilities ? 'failure' : 'success',
-                target_url: '${{ steps.upload_results.outputs.https_s3_path }}/results.html',
+                target_url: '${{ steps.upload_results.outputs.https_report_path }}',
                 description: hasError ? 'An error occurred' : `Grype Scan Completed with ${totalHighCritical} high/critical vulnerabilities`,
                 context: 'Grype Scan ${{ steps.set_version.outputs.docker_image || inputs.docker_image }}'
               });

.github/workflows/master.yml

@@ -62,7 +62,12 @@ jobs:
           PR_NUMBER: ${{ github.event.pull_request.number || 0 }}
           COMMIT_SHA: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
         run: |
-          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PR_NUMBER/$COMMIT_SHA/ci_run_report.html
+          if [ "$PR_NUMBER" -eq 0 ]; then
+            PREFIX="REFs/$GITHUB_REF_NAME/$COMMIT_SHA"
+          else
+            PREFIX="PRs/$PR_NUMBER/$COMMIT_SHA"
+          fi
+          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PREFIX/ci_run_report.html
           echo "Workflow Run Report: [View Report]($REPORT_LINK)" >> $GITHUB_STEP_SUMMARY
 
       - name: Prepare env script
@@ -3998,7 +4003,7 @@ jobs:
     secrets: inherit
     with:
       runner_type: altinity-on-demand, altinity-regression-tester
-      commit: eadf0647501a547d57c49b71ca256e10c6c304f6
+      commit: bf856e2a535d5bb7a010cc2c2992c75d14df3c0e
       arch: release
       build_sha: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
       timeout_minutes: 300
@@ -4010,7 +4015,7 @@ jobs:
     secrets: inherit
     with:
       runner_type: altinity-on-demand, altinity-regression-tester-aarch64
-      commit: eadf0647501a547d57c49b71ca256e10c6c304f6
+      commit: bf856e2a535d5bb7a010cc2c2992c75d14df3c0e
       arch: aarch64
       build_sha: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
       timeout_minutes: 300

.github/workflows/merge_queue.yml

@@ -51,7 +51,12 @@ jobs:
           PR_NUMBER: ${{ github.event.pull_request.number || 0 }}
           COMMIT_SHA: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
         run: |
-          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PR_NUMBER/$COMMIT_SHA/ci_run_report.html
+          if [ "$PR_NUMBER" -eq 0 ]; then
+            PREFIX="REFs/$GITHUB_REF_NAME/$COMMIT_SHA"
+          else
+            PREFIX="PRs/$PR_NUMBER/$COMMIT_SHA"
+          fi
+          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PREFIX/ci_run_report.html
           echo "Workflow Run Report: [View Report]($REPORT_LINK)" >> $GITHUB_STEP_SUMMARY
 
       - name: Prepare env script

.github/workflows/nightly_fuzzers.yml

@@ -39,7 +39,12 @@ jobs:
           PR_NUMBER: ${{ github.event.pull_request.number || 0 }}
           COMMIT_SHA: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
         run: |
-          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PR_NUMBER/$COMMIT_SHA/ci_run_report.html
+          if [ "$PR_NUMBER" -eq 0 ]; then
+            PREFIX="REFs/$GITHUB_REF_NAME/$COMMIT_SHA"
+          else
+            PREFIX="PRs/$PR_NUMBER/$COMMIT_SHA"
+          fi
+          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PREFIX/ci_run_report.html
           echo "Workflow Run Report: [View Report]($REPORT_LINK)" >> $GITHUB_STEP_SUMMARY
 
       - name: Prepare env script

.github/workflows/nightly_jepsen.yml

@@ -39,7 +39,12 @@ jobs:
           PR_NUMBER: ${{ github.event.pull_request.number || 0 }}
           COMMIT_SHA: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
         run: |
-          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PR_NUMBER/$COMMIT_SHA/ci_run_report.html
+          if [ "$PR_NUMBER" -eq 0 ]; then
+            PREFIX="REFs/$GITHUB_REF_NAME/$COMMIT_SHA"
+          else
+            PREFIX="PRs/$PR_NUMBER/$COMMIT_SHA"
+          fi
+          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PREFIX/ci_run_report.html
           echo "Workflow Run Report: [View Report]($REPORT_LINK)" >> $GITHUB_STEP_SUMMARY
 
       - name: Prepare env script

.github/workflows/nightly_statistics.yml

@@ -39,7 +39,12 @@ jobs:
           PR_NUMBER: ${{ github.event.pull_request.number || 0 }}
           COMMIT_SHA: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.sha }}
         run: |
-          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PR_NUMBER/$COMMIT_SHA/ci_run_report.html
+          if [ "$PR_NUMBER" -eq 0 ]; then
+            PREFIX="REFs/$GITHUB_REF_NAME/$COMMIT_SHA"
+          else
+            PREFIX="PRs/$PR_NUMBER/$COMMIT_SHA"
+          fi
+          REPORT_LINK=https://s3.amazonaws.com/altinity-build-artifacts/$PREFIX/ci_run_report.html
           echo "Workflow Run Report: [View Report]($REPORT_LINK)" >> $GITHUB_STEP_SUMMARY
 
       - name: Prepare env script