0d095b3778
Fixes #29140 This is an engineering initiated story that does not impact product. This code has been running and manually tested in my own repo: https://github.com/getvictor/eng-metrics See [README.md](https://github.com/fleetdm/fleet/blob/victor/29140-eng-metrics/.github/actions/eng-metrics/README.md) in this branch for details. The metrics can be viewed on https://fleeteng.grafana.net/d/b97a629f-3626-4a28-9781-0fa3c8427897/engineering-metrics (credentials in 1Password) <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Introduced an engineering metrics collection tool that gathers GitHub metrics (e.g., Time to First Review, Time to Merge) and uploads them to BigQuery. * Added support for user group management and product group mapping via markdown parsing. * Enabled print-only mode for testing metrics output without uploading to BigQuery. * Added automatic handling of bot filtering, weekend-aware time calculations, and differential syncing of user groups. * Implemented robust GitHub username validation and retry logic for API rate limits. * **Documentation** * Added comprehensive usage and configuration documentation for the engineering metrics tool. * **Chores** * Added configuration, environment example, and workflow files for automated metrics collection and testing. * Specified Node.js version and set up project dependencies and scripts. * **Tests** * Added extensive unit and end-to-end test suites to ensure reliability of metrics collection, configuration, and integrations. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|---|---|---|
| .. | ||
| config | ||
| build-and-check-fleetctl-docker-and-deps.yml | ||
| build-binaries.yaml | ||
| build-fleetd-base-msi.yml | ||
| build-fleetd-base-pkg.yml | ||
| build-fleetd_tables.yaml | ||
| build-orbit.yaml | ||
| check-automated-doc.yml | ||
| check-tuf-timestamps.yml | ||
| check-updates-timestamps.yml | ||
| check-vulnerabilities-in-released-docker-images.yml | ||
| close-stale-eng-initiated-issues.yml | ||
| code-sign-windows.yml | ||
| codeql-analysis.yml | ||
| collect-eng-metrics-test.yml | ||
| collect-eng-metrics.yml | ||
| db-upgrade-test.yml | ||
| dependency-review.yml | ||
| deploy-fleet-website.yml | ||
| deploy-vulnerability-dashboard.yml | ||
| docs.yml | ||
| dogfood-automated-policy-updates.yml | ||
| dogfood-deploy.yml | ||
| dogfood-gitops.yml | ||
| fleet-and-orbit.yml | ||
| fleetctl-preview-latest.yml | ||
| fleetctl-preview.yml | ||
| fleetd-tuf.yml | ||
| generate-desktop-targets.yml | ||
| generate-nudge-targets.yml | ||
| generate-osqueryd-targets.yml | ||
| golangci-lint.yml | ||
| goreleaser-fleet.yaml | ||
| goreleaser-orbit.yaml | ||
| goreleaser-snapshot-fleet.yaml | ||
| ingest-maintained-apps.yml | ||
| integration.yml | ||
| pr-helm.yaml | ||
| randokiller-go.yml | ||
| README.md | ||
| release-fleetctl-docker-deps.yaml | ||
| release-fleetd-base.yml | ||
| release-fleetd-chrome-beta.yml | ||
| release-fleetd-chrome.yml | ||
| release-helm.yaml | ||
| render-deploy.yml | ||
| scorecards-analysis.yml | ||
| secrets-to-confidential.yml | ||
| test-bulk-operations-dashboard-changes.yml | ||
| test-db-changes.yml | ||
| test-fleetd-chrome.yml | ||
| test-go.yaml | ||
| test-js.yml | ||
| test-native-tooling-packaging.yml | ||
| test-packaging-build-docker-deps.yml | ||
| test-packaging.yml | ||
| test-puppet.yml | ||
| test-vulnerability-dashboard-changes.yml | ||
| test-website.yml | ||
| test-yml-specs.yml | ||
| tfvalidate.yml | ||
| trivy-scan.yml | ||
| update-certs.yml | ||
| update-old-tuf-timestamp-signature.yaml | ||
| update-osquery-versions.yml | ||
| update-tuf-timestamp-signature.yaml | ||
| verify-fleetd-base.yml | ||
Github Actions
Fleet uses Github Actions for continuous integration (CI). This document describes best practices and at patterns for writing and maintaining Fleet's Github Actions workflows.
Bash
By default, Github Actions sets the shell to bash -e for linux and MacOS runners. To help write
safer bash scripts in run jobs and avoid common issues, override the default by adding the following
to the workflow file
defaults:
run:
# fail-fast using bash -eo pipefail. See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference
shell: bash
By specifying the default shell to bash, some extra flags are set. The option pipefail changes
the behaviour when using the pipe | operator such that if any command in a pipeline fails, that
commands return code will be used a the return code for the whole pipeline. Consider the following
example in test-go.yaml
- name: Run Go Tests
run: |
# omitted ...
make test-go 2>&1 | tee /tmp/gotest.log
If the pipefail option was not set, this job would always succeed because tee would always
return success. This is not the intended behavior. Instead, we want the job to fail if make test-go fails.
Concurrency
Github Action runners are limited. If a lot of workflows are queued, they will wait in pending until a runner becomes available. This has caused issue in the past where workflows take an excessively long time to start. To help with this issue, use the following in workflows
# This allows a subsequently queued workflow run to interrupt previous runs
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id}}
cancel-in-progress: true
When a workflow is triggered via a pull request, it will cancel previous running workflows for that
pull request. This is especially useful when changes are pushed to a pull request frequently.
Manually triggered workflows, workflows that run on a schedule, and workflows triggered by pushes to
main are unaffected.