privilegedescalation/org
Archived
12
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #37 from privilegedescalation/fix/ci-health-check-improvements

Browse Source 
fix: improve ci-health-check signal and replace node with jq
This commit is contained in:
privilegedescalation-ceo[bot]
2026-03-21 00:43:54 +00:00
committed by GitHub
parent e453bee9df 2df48640bb
commit 911c94a11d
2 changed files with 15 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/scripts/ci-health-check.sh
+15 -19
View File
@@ -23,8 +23,8 @@ warnings=0
for repo in "${PLUGIN_REPOS[@]}"; do for repo in "${PLUGIN_REPOS[@]}"; do
echo "--- ${repo} ---" echo "--- ${repo} ---"
# Get last 5 runs # Get last 10 runs (wider window to catch intermittent failures)
runs=$(gh run list --repo "${ORG}/${repo}" --limit 5 --json name,conclusion,headBranch,updatedAt 2>/dev/null || echo "[]") runs=$(gh run list --repo "${ORG}/${repo}" --limit 10 --json name,conclusion,headBranch,updatedAt 2>/dev/null || echo "[]")
if [ "$runs" = "[]" ]; then if [ "$runs" = "[]" ]; then
echo " WARNING: No workflow runs found" echo " WARNING: No workflow runs found"
@@ -32,27 +32,23 @@ for repo in "${PLUGIN_REPOS[@]}"; do
continue continue
fi fi
# Use node for JSON parsing (jq not available) # Count CI failures on main — exclude Release workflow failures since those
main_failures=$(echo "$runs" | node -e " # fail at the post-release PR-creation step (tracked separately via PRI-380).
const d = JSON.parse(require('fs').readFileSync(0,'utf8')); main_failures=$(echo "$runs" | jq '[.[] | select(.headBranch=="main" and .conclusion=="failure" and .name!="Release")] | length')
const fails = d.filter(r => r.headBranch==='main' && r.conclusion==='failure'); total=$(echo "$runs" | jq 'length')
console.log(fails.length);
")
total=$(echo "$runs" | node -e "
const d = JSON.parse(require('fs').readFileSync(0,'utf8'));
console.log(d.length);
")
if [ "$main_failures" -gt 0 ]; then if [ "$main_failures" -gt 0 ]; then
echo " FAIL: ${main_failures} failure(s) in last ${total} runs on main:" echo " FAIL: ${main_failures} CI failure(s) in last ${total} runs on main:"
echo "$runs" | node -e " echo "$runs" | jq -r '.[] | select(.headBranch=="main" and .conclusion=="failure" and .name!="Release") | " - \(.name) (\(.updatedAt))"'
const d = JSON.parse(require('fs').readFileSync(0,'utf8'));
d.filter(r => r.headBranch==='main' && r.conclusion==='failure')
.forEach(r => console.log(' - ' + r.name + ' (' + r.updatedAt + ')'));
"
((failures++)) || true ((failures++)) || true
else else
echo " OK: All recent runs passing" echo " OK: All recent CI runs passing"
# Surface any Release failures as a warning (known issue: PRI-380)
release_failures=$(echo "$runs" | jq '[.[] | select(.name=="Release" and .conclusion=="failure")] | length')
if [ "$release_failures" -gt 0 ]; then
echo " WARN: Release workflow has ${release_failures} failure(s) — see PRI-380 (missing RELEASE_APP org secrets)"
((warnings++)) || true
fi
fi fi
# Check latest release # Check latest release
.github/workflows/ci-health-check.yaml
-5
View File
@@ -12,11 +12,6 @@ jobs:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v6 uses: actions/checkout@v6
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '22'
- name: Run CI/CD health check - name: Run CI/CD health check
env: env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}