initial implementation of trigger sentinel

Author: michaeljguarino

.github/workflows/test.yml

@@ -0,0 +1,35 @@
+name: CI
+on:
+  pull_request:
+  push:
+    branches: [main]
+jobs:
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+    steps:
+      - name: Setup Node.js
+        uses: actions/setup-node@v3
+        with:
+          node-version: "16"
+      - name: Checkout code
+        uses: actions/checkout@v3
+      # - name: setup plural
+      #   id: plural
+      #   uses: pluralsh/setup-plural@v1
+      #   with:
+      #     email: [email protected]
+      #     consoleUrl: https://console.plrldemo.onplural.sh
+      # - name: Test trigger pipeline
+      #   uses: ./
+      #   with:
+      #     url: https://console.plrldemo.onplural.sh
+      #     token: ${{ steps.plural.outputs.consoleToken }}
+      #     pipeline: plrl-console-test
+      #     context: |
+      #       {
+      #         "flow": "test-flow",
+      #         "tag": "0.1.2"
+      #       }

README.md

@@ -0,0 +1,45 @@
+# trigger-sentinel Github Action
+
+Github Action to invoke a Plural Sentinel.  Sentinels are meant to be reusable integration tests that are invocable via API in a number of different integration points.  In this case, if you need to add a multi-cluster or deep infrastructure probe to your Github Actions pipeline, `trigger-sentinel` is likely a good fit.
+
+## Inputs
+
+```yaml
+url:
+  description: the url of your Plural Console instance
+  required: true
+token:
+  description: the token to use to authenticate with Plural Console
+  required: true
+sentinel:
+  description: the name of the sentinel to trigger
+  required: true
+wait:
+  description: whether to wait on the sentinel to finish
+  required: false
+```
+
+## Example Usage
+
+```yaml
+- name: Authenticate
+  id: plural
+  uses: pluralsh/setup-plural@v2
+  with:
+    consoleUrl: https://my.console.cloud.plural.sh
+    email: [email protected] # the email bound to your OIDC federated credential
+- name: Trigger PR
+  uses: pluralsh/trigger-sentinel@v1
+  with:
+    url: https://my.console.cloud.plural.sh
+    token: ${{ steps.plural.outputs.consoleToken }}
+    sentinel: test-sentinel
+    wait: 'true'
+```
+
+For this to be possible you need to have configured the following:
+
+1. Federated credential to allow `[email protected]` to exchange a GH actions token for a temporary Plural token.  This token should have at least the scope `createPipelineContext`.
+2. A write binding on the `test-sentinel` Sentinel to allow `[email protected]` to invoke it.  This is not permissible by default unless that user is an admin.
+3. The `test-sentinel` sentinel itself.  You can learn more at https://docs.plural.sh/plural-features/plural-ai/sentinels
+

action.yml

@@ -0,0 +1,24 @@
+name: Trigger Sentinel
+description: Trigger a Plural Sentinel and optionally wait for it to finish
+
+inputs:
+  url:
+    description: the url of your Plural Console instance
+    required: true
+  token:
+    description: the token to use to authenticate with Plural Console
+    required: true
+  sentinel:
+    description: the name of the sentinel to trigger
+    required: true
+  wait:
+    description: whether to wait for the sentinel to finish
+    required: false
+    default: 'false'
+  waitDurationSeconds:
+    description: the maximum duration to wait for the sentinel to finish
+    required: false
+    default: '600'
+runs:
+  using: node20
+  main: index.js

index.js

@@ -0,0 +1,115 @@
+import * as core from "@actions/core";
+import * as path from "path";
+
+const runDoc = `
+mutation RunSentinel($name: String!) {
+  runSentinel(name: $name) {
+    id
+    status
+    sentinel { id }
+  }
+}
+`
+
+const fetchDoc = `
+query GetSentinelRun($id: ID!) {
+  sentinelRun(id: $id) {
+    id
+    status
+  }
+}
+`
+
+async function main() {
+    const url = core.getInput('url');
+    const token = core.getInput('token');
+    const sentinel = core.getInput('sentinel');
+    const wait = core.getInput('wait') === 'true';
+
+    const response = await fetch(path.join(url, 'gql'), {
+        method: 'POST',
+        headers: {
+            'Content-Type': 'application/json',
+            'Authorization': `Bearer ${token}`,
+        },
+        body: JSON.stringify({ 
+            query: runDoc, 
+            variables: { name: sentinel } 
+        }),
+    });
+
+    if (!response.ok) {
+        const body = await response.text();
+        core.setFailed(`Failed to create pull request: ${response.status}\n${body}`);
+        return;
+    }
+
+    const resp = await response.json();
+    const run = resp.data?.runSentinel;
+
+    if (!run) {
+        core.setFailed(`Failed to run sentinel: ${JSON.stringify(resp.errors)}`);
+        return;
+    }
+    core.info(`Ran sentinel: ${run.id}.  View the sentinel at ${path.join(url, "ai", 'sentinels', run.sentinel.id, "runs", run.id)}`);
+
+    if (wait) {
+        var maxDuration = 10 * 60 * 1000;
+        var parsed = parseInt(core.getInput('waitDurationSeconds'))
+        if (parsed) {
+            if (parsed < 0) {
+                core.setFailed(`waitDurationSeconds must be a positive number, got: ${parsed}`);
+                return;
+            }
+            maxDuration = parsed * 1000;
+        } else {
+            core.info(`Using default wait duration of 10 minutes`);
+        }
+
+        await pollSentinelRun(token, url, run.id, Date.now(), maxDuration);
+    }
+}
+
+async function pollSentinelRun(token, url, id, startTime, maxDuration=10 * 60 * 1000) {
+    try {
+        if (Date.now() - startTime > maxDuration) {
+            core.setFailed(`Sentinel run ${id} timed out after ${maxDuration / 1000} seconds`);
+            return;
+        }
+
+        core.info(`Polling sentinel run ${id}...`);
+
+        const response = await fetch(path.join(url, 'gql'), {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Authorization': `Bearer ${token}`,
+            },
+            body: JSON.stringify({ query: fetchDoc, variables: { id } }),
+        });
+
+        const resp = await response.json();
+        const run = resp.data?.sentinelRun;
+
+        if (!run) {
+            core.setFailed(`Failed to fetch sentinel run: ${JSON.stringify(resp.errors)}`);
+            return;
+        }
+
+        if (run.status === 'SUCCESS') {
+            core.info(`Sentinel run ${id} finished successfully`);
+            return;
+        }
+
+        if (run.status === 'FAILED') {
+            core.setFailed(`Sentinel run ${id} failed`);
+            return;
+        }
+    } catch (error) {
+        core.info(`Failed to poll sentinel run: ${error}`);
+    }
+
+    setTimeout(() => pollSentinelRun(id, startTime, maxDuration), 2000); // poll every 2 seconds
+}
+
+main();