ci: add advisory Docker build status check for pull requests#200
Draft
svvarom wants to merge 4 commits into
Draft
ci: add advisory Docker build status check for pull requests#200svvarom wants to merge 4 commits into
svvarom wants to merge 4 commits into
Conversation
Surface a `docker-build` check on each PR so build breakage is caught pre-merge: a pull_request trigger, a dispatch workflow that posts the check and triggers the build, and a scheduled liveness job that fails stale checks. Advisory only; not wired into branch protection. Signed-off-by: Swarom Muley <smuley@nvidia.com>
Contributor
|
svvarom
commented
Jun 5, 2026
| uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 | ||
| env: | ||
| QUEUED_TIMEOUT_MIN: ${{ vars.DOCKER_BUILD_QUEUED_TIMEOUT_MIN || '20' }} | ||
| INPROGRESS_TIMEOUT_MIN: ${{ vars.DOCKER_BUILD_INPROGRESS_TIMEOUT_MIN || '60' }} |
The dispatch and liveness workflows now set output.title to the current state (Waiting to build / Image built / Build failed / Build timed out) so the PR check row shows status at a glance. The check name stays "docker-build" for branch protection. Signed-off-by: Swarom Muley <smuley@nvidia.com>
… run Check runs can only be created by a GitHub App; a commit status can be written with the workflow's GITHUB_TOKEN, which fits our CI setup. The dispatch workflow now posts a docker-build commit status (pending) on the PR head SHA, and the liveness cron reaps stale pending statuses on a single timeout. Drops the App-token minting and the check_run_id plumbing. Signed-off-by: Swarom Muley <smuley@nvidia.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What
Adds a
docker-buildcommit status to pull requests, so a change that breaks the container image build is caught pre-merge. Advisory for now (non-blocking); can become a required check later via branch protection, with no code change.Why
Build breakage currently surfaces only after merge; this puts the signal on the PR instead.
What's added (
.github/workflows/)docker-build-trigger.yml— onpull_request; starts the flow.docker-build-dispatch.yml— sets thedocker-buildcommit status (pending) and triggers the image build; the result is posted back onto the status.docker-build-liveness.yml— scheduled; fails statuses left pending past a timeout.How the status is written
A commit status (not a check run), so it can be written with the workflow's built-in
GITHUB_TOKENrather than a GitHub App. This side posts the initialpending; the builder posts the finalsuccess/failure.Scope
Setup before merge
Dispatch secrets are already present; the builder PR needs a token to post the status result. No GitHub App required.