Le 15/07/2021 à 17:54, Nasser Grainawi a écrit :
>>> * Create a new job that runs in the "post" pipeline (jobs run after each
>>> change merges, and in the context of the newly-updated ref).
>>>
>>> * It builds the artifact in the same way as the check job (but omits
>>> testing).
>
> Should it really omit testing? I know we typically have changes going
> through verification before they submit, but two changes could
> independently work and then when both are submitted tests would fail.
> Seems like it’d be safer to test in the post pipeline too.
Hello,
The whole promise of Zuul is that it "Stop Merging Broken Code": code
that has been merged has a guarantee that tests pass.
You rightfully points that two independent changes might conflict with
each others and lead to test suddenly failing after they have been
manually submitted. Even though independently they work fine. The same
can happen when the target branch has moved forward and, even though
there is no merge conflict, some tests might fail once the change got
merged on top of the new commits. Zuul lets one catch those
incompatibilities.
Instead of submitting, humans approve the changes (ex: Code-Review +2)
but do not submit them. Zuul catches the approval requests, queue the
changes and tests them against the tip of the branch and as if all
changes ahead in the queue already have been merged. Essentially it has
the ability to run tests against a speculative state.
Given changes A and B not having any file conflict and having tests
passing. Humans approve A then B which enter a queue.
When processing A, Zuul:
- updates its copy of the project repo and bring the target branch
up-to-date
- attempts to merge change A against the branch. If that fails: it
reports back
- creates a git reference for the merge of A into branch
- runs tests against that (updated branch + change A)
If that works, we know that A merged in the branch does indeed pass
tests and Zuul submit the change to Gerrit. The branch is known to have
tests passing, there is no need to run tests again.
When processing B while A is already in the queue, Zuul:
- updates its copy of the project repo and bring the target branch
up-to-date
- merges Change A, which has not yet been merged but is ahead in the queue
- merges Change B
- creates a git reference for the merge of A and B into the branch
- run tests against that (updated branch + change A + change B)
If that works, we know that B passed the tests if A gets merged
(speculative state). The change B is on hold until A got all tests
working and is merged.
If A and B are incompatible, B will fail since it is tested as if A got
in and thus B will not be merged.
If A fails for some reason, Zuul will remove A from the queue and report
the tests failure. It then cancels all jobs for B, move B ahead in the
queue then prepare a merge commit of B into the branch and retrigger
jobs. B is thus rested without A. If everything pass, B get merged but
not A.
The concept is named "gating" and is definitely worth reading:
https://zuul-ci.org/docs/zuul/discussion/gating.html
<
https://zuul-ci.org/docs/zuul/discussion/gating.html>
cheers,
--
Antoine "hashar" Musso
Release Engineering