Add Chronus Verify CI workflow and update changelog docs to reference azpysdk changelog#46585
Open
Copilot wants to merge 8 commits into
Open
Add Chronus Verify CI workflow and update changelog docs to reference azpysdk changelog#46585Copilot wants to merge 8 commits into
azpysdk changelog#46585Copilot wants to merge 8 commits into
Conversation
Agent-Logs-Url: https://github.com/Azure/azure-sdk-for-python/sessions/5b569801-2fe6-444b-9f82-e75c3eff1f9b Co-authored-by: l0lawrence <100643745+l0lawrence@users.noreply.github.com>
Agent-Logs-Url: https://github.com/Azure/azure-sdk-for-python/sessions/5b569801-2fe6-444b-9f82-e75c3eff1f9b Co-authored-by: l0lawrence <100643745+l0lawrence@users.noreply.github.com>
Copilot created this pull request from a session on behalf of
l0lawrence
April 28, 2026 19:36
View session
l0lawrence
force-pushed
the
copilot/update-changelog-for-azpysdk
branch
from
31ca2ca to
3c3c6aa
Compare
On chronus-verify failure, post a sticky PR comment instructing the contributor to comment '/chronus add [kind]' for a one-click fix. Add chronus-fix.yml: an issue_comment-triggered workflow that verifies commenter permissions, rejects fork PRs (security), parses the requested kind, runs 'chronus add <package> --kind X --message <PR title>' for each missing package, and pushes the result back to the PR branch. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ghter perms - Pin actions/checkout, setup-node, github-script to SHA + version comment. - chronus-fix: restore .github/chronus from base branch before npm ci/run, so PR-head changes to the tooling cannot execute under the write token. - persist-credentials: false on both checkouts; push uses an explicit x-access-token URL only at push time. - Permissions: verify drops pull-requests:write for issues:write only; fix drops pull-requests:write to pull-requests:read. - Slash command parsed by strict regex; rejects /chronus additive etc. - Add concurrency groups on both workflows. - Consolidate 4 small github-script steps into one auth+metadata step. - Merge 4 terminal reply steps into one always() switch step. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
l0lawrence
pushed a commit
that referenced
this pull request
May 1, 2026
Touches sdk/template/azure-template without a chronus changelog entry to confirm the new chronus-verify workflow posts the sticky one-click-fix comment. This branch will be closed without merging. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
l0lawrence
reviewed
Jun 3, 2026
…ilot autofix The custom slash-command bot (chronus-fix.yml) parsed 'chronus verify' output for sdk/ paths, but verify emits package names, so it could never detect packages and never added an entry. Per review feedback, drop the bot entirely and rely on running 'azpysdk changelog add' locally or using GitHub Copilot to fix the failing check. Reword the Chronus Verify sticky comment, annotation, and docs accordingly. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
l0lawrence
changed the title
azpysdk changelogazpysdk changelog
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
danieljurek
reviewed
Jun 15, 2026
danieljurek
reviewed
Jun 15, 2026
danieljurek
reviewed
Jun 15, 2026
Comment on lines
+6
to
+7
| paths: | ||
| - "sdk/*/*/**" |
Member
There was a problem hiding this comment.
If constraining to these paths then this job cannot be made required. Is the intent for this workflow to block PRs?
Member
There was a problem hiding this comment.
Initially I dont want this to block prs but eventually yes this should
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Member
|
test run here: #47564 |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR adds a new GitHub Actions workflow (chronus-verify.yml) that enforces the presence of Chronus change descriptions on pull requests touching SDK package source, and revises doc/dev/changelog_updates.md to promote the in-repo azpysdk changelog commands (add/verify/status/create) as the primary interface, keeping raw npx chronus as a fallback. It builds on the earlier #45803 effort, updated to match the npm-based pinned tooling now committed under .github/chronus.
Changes:
- New
Chronus Verifyworkflow: triggers on PRs tomainmatchingsdk/*/*/**, skipsazure-sdkbot PRs, installs pinned Chronus vianpm ci, runschronus verify, and on failure posts a sticky PR comment (main-repo PRs) plus an error annotation; uses SHA-pinned actions and least-privilege permissions. - Documentation rewritten to recommend
azpysdk changelogcommands and to describe the new CI enforcement and remediation steps.
Notable review findings:
- The doc and the workflow's failure guidance steer users to
azpysdk changelog add, but theazpysdk changelogimplementation installs/looks for Chronus under.github, while the pinned deps the workflow uses live in.github/chronus. This mismatch means the recommended remediation command likely won't work untilchangelog.pyis reconciled (the fix is outside this PR's diff). - The sticky failure comment is never cleared once the check passes, so a "Missing changelog entry" comment can persist after the issue is fixed.
- This introduces a repo-wide, potentially merge-blocking CI check and auto-comments on PRs; the predecessor PR explicitly noted partner teams should be pinged before merging.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
.github/workflows/chronus-verify.yml |
New CI workflow enforcing Chronus change descriptions, with sticky comment + annotation on failure. |
doc/dev/changelog_updates.md |
Updated guidance to recommend azpysdk changelog commands and document the new CI enforcement and fix steps. |
| ## Prerequisites | ||
|
|
||
| Chronus is distributed as an npm package. To use it, you need [Node.js](https://nodejs.org/) installed (LTS version recommended). You can then run Chronus without a global install using `npx`: | ||
| The recommended way to interact with Chronus is through the `azpysdk` CLI, which is already available in this repository's developer environment and handles installing Chronus automatically. |
Comment on lines
+43
to
+45
| - name: Post sticky fix-instructions PR comment on failure | ||
| if: failure() && steps.verify.conclusion == 'failure' && github.event.pull_request.head.repo.full_name == github.repository | ||
| uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR delivers what #45803 originally set out to do — CI enforcement of Chronus change descriptions — updated to reflect the
azpysdk changelogcommand that has since been added to the repo.When a PR fails the check, contributors fix it by running
azpysdk changelog addlocally and pushing the resulting.chronus/changes/*.mdfile, or by asking GitHub Copilot to fix the failing check directly from the PR's Checks tab.What changed since PR #45803
.github/package.json.github/chronus/package.json(already in repo).github/pnpm-lock.yaml.github/chronus/package-lock.json(already in repo)npx chronus addazpysdk changelog add(withnpx chronusas fallback)Changes
.github/workflows/chronus-verify.yml(new)mainthat touchsdk/*/*/**azure-sdkbot (automated release PRs).github/chronus/package-lock.jsonvianpm cichronus verifyfrom the repo rootazpysdk changelog addand to Copilot's fix-the-check optionpermissions(contents: read,issues: write)doc/dev/changelog_updates.md(updated)azpysdk changelog(add / verify / status / create) as the primary toolnpx chronuscommands as alternatives for users withoutazpysdkinstalledazpysdk changelog addor Copilot)