Merge pull request #17505 from lidizheng/check-on-pr

Utilize the GitHub Check Feature

tools/internal_ci/helper_scripts/prepare_build_linux_perf_rc

@@ -34,4 +34,7 @@ fi
 
 sudo pip install tabulate
 
+# Python dependencies for tools/run_tests/python_utils/check_on_pr.py
+time python2.7 -m pip install pyjwt cryptography requests --user
+
 git submodule update --init

tools/internal_ci/helper_scripts/prepare_build_macos_rc

@@ -55,7 +55,7 @@ time pod repo update  # needed by python
 
 # python
 time pip install virtualenv --user python
-time pip install -U Mako six tox setuptools twisted pyyaml --user python
+time pip install -U Mako six tox setuptools twisted pyyaml pyjwt cryptography requests --user python
 export PYTHONPATH=/Library/Python/3.4/site-packages
 
 # Install Python 3.7

tools/internal_ci/linux/pull_request/grpc_microbenchmark_diff.cfg

@@ -17,6 +17,14 @@
 # Location of the continuous shell script in repository.
 build_file: "grpc/tools/internal_ci/linux/grpc_microbenchmark_diff.sh"
 timeout_mins: 120
+before_action {
+  fetch_keystore {
+    keystore_resource {
+      keystore_config_id: 73836
+      keyname: "grpc_checks_private_key"
+    }
+  }
+}
 action {
   define_artifacts {
     regex: "**/*sponge_log.*"

tools/internal_ci/linux/pull_request/grpc_trickle_diff.cfg

@@ -17,6 +17,14 @@
 # Location of the continuous shell script in repository.
 build_file: "grpc/tools/internal_ci/linux/grpc_trickle_diff.sh"
 timeout_mins: 120
+before_action {
+  fetch_keystore {
+    keystore_resource {
+      keystore_config_id: 73836
+      keyname: "grpc_checks_private_key"
+    }
+  }
+}
 action {
   define_artifacts {
     regex: "**/*sponge_log.*"

tools/internal_ci/macos/pull_request/grpc_ios_binary_size.cfg

@@ -18,6 +18,14 @@
 build_file: "grpc/tools/internal_ci/macos/grpc_ios_binary_size.sh"
 timeout_mins: 60
 gfile_resources: "/bigstore/grpc-testing-secrets/github_credentials/oauth_token.txt"
+before_action {
+  fetch_keystore {
+    keystore_resource {
+      keystore_config_id: 73836
+      keyname: "grpc_checks_private_key"
+    }
+  }
+}
 action {
   define_artifacts {
     regex: "**/*sponge_log.*"

tools/profiling/bloat/bloat_diff.py

@@ -25,7 +25,7 @@ import sys
 sys.path.append(
     os.path.join(
         os.path.dirname(sys.argv[0]), '..', '..', 'run_tests', 'python_utils'))
-import comment_on_pr
+import check_on_pr
 
 argp = argparse.ArgumentParser(description='Perform diff on microbenchmarks')
 
@@ -90,4 +90,4 @@ for lib in LIBS:
     text += '\n\n'
 
 print text
-comment_on_pr.comment_on_pr('```\n%s\n```' % text)
+check_on_pr.check_on_pr('Bloat Difference', '```\n%s\n```' % text)

tools/profiling/ios_bin/binary_size.py

@@ -26,7 +26,7 @@ from parse_link_map import parse_link_map
 sys.path.append(
     os.path.join(
         os.path.dirname(sys.argv[0]), '..', '..', 'run_tests', 'python_utils'))
-import comment_on_pr
+import check_on_pr
 
 # Only show diff 1KB or greater
 diff_threshold = 1000
@@ -147,4 +147,4 @@ for frameworks in [False, True]:
 
 print text
 
-comment_on_pr.comment_on_pr('```\n%s\n```' % text)
+check_on_pr.check_on_pr('Binary Size', '```\n%s\n```' % text)

tools/profiling/microbenchmarks/bm_diff/bm_main.py

@@ -30,7 +30,7 @@ import subprocess
 sys.path.append(
     os.path.join(
         os.path.dirname(sys.argv[0]), '..', '..', 'run_tests', 'python_utils'))
-import comment_on_pr
+import check_on_pr
 
 sys.path.append(
     os.path.join(
@@ -152,7 +152,7 @@ def main(args):
     if note:
         text = note + '\n\n' + text
     print('%s' % text)
-    comment_on_pr.comment_on_pr('```\n%s\n```' % text)
+    check_on_pr.check_on_pr('Benchmark', '```\n%s\n```' % text)
 
 
 if __name__ == '__main__':

tools/profiling/qps/qps_diff.py

@@ -33,7 +33,7 @@ import bm_speedup
 sys.path.append(
     os.path.join(
         os.path.dirname(sys.argv[0]), '..', '..', 'run_tests', 'python_utils'))
-import comment_on_pr
+import check_on_pr
 
 
 def _args():
@@ -164,7 +164,7 @@ def main(args):
     else:
         text = '[qps] No significant performance differences'
     print('%s' % text)
-    comment_on_pr.comment_on_pr('```\n%s\n```' % text)
+    check_on_pr.check_on_pr('QPS', '```\n%s\n```' % text)
 
 
 if __name__ == '__main__':

tools/run_tests/python_utils/check_on_pr.py

@@ -0,0 +1,120 @@
+# Copyright 2018 The gRPC Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import print_function
+import os
+import json
+import time
+import datetime
+
+import requests
+import jwt
+
+_GITHUB_API_PREFIX = 'https://api.github.com'
+_GITHUB_REPO = 'grpc/grpc'
+_GITHUB_APP_ID = 22338
+_INSTALLATION_ID = 519109
+
+_ACCESS_TOKEN_CACHE = None
+
+
+def _jwt_token():
+    github_app_key = open(
+        os.path.join(os.environ['KOKORO_KEYSTORE_DIR'],
+                     '73836_grpc_checks_private_key'), 'rb').read()
+    return jwt.encode(
+        {
+            'iat': int(time.time()),
+            'exp': int(time.time() + 60 * 10),  # expire in 10 minutes
+            'iss': _GITHUB_APP_ID,
+        },
+        github_app_key,
+        algorithm='RS256')
+
+
+def _access_token():
+    global _ACCESS_TOKEN_CACHE
+    if _ACCESS_TOKEN_CACHE == None or _ACCESS_TOKEN_CACHE['exp'] < time.time():
+        resp = requests.post(
+            url='https://api.github.com/app/installations/%s/access_tokens' %
+            _INSTALLATION_ID,
+            headers={
+                'Authorization': 'Bearer %s' % _jwt_token().decode('ASCII'),
+                'Accept': 'application/vnd.github.machine-man-preview+json',
+            })
+        _ACCESS_TOKEN_CACHE = {
+            'token': resp.json()['token'],
+            'exp': time.time() + 60
+        }
+    return _ACCESS_TOKEN_CACHE['token']
+
+
+def _call(url, method='GET', json=None):
+    if not url.startswith('https://'):
+        url = _GITHUB_API_PREFIX + url
+    headers = {
+        'Authorization': 'Bearer %s' % _access_token(),
+        'Accept': 'application/vnd.github.antiope-preview+json',
+    }
+    return requests.request(method=method, url=url, headers=headers, json=json)
+
+
+def _latest_commit():
+    resp = _call('/repos/%s/pulls/%s/commits' %
+                 (_GITHUB_REPO,
+                  os.environ['KOKORO_GITHUB_PULL_REQUEST_NUMBER']))
+    return resp.json()[-1]
+
+
+def check_on_pr(name, summary, success=True):
+    """Create/Update a check on current pull request.
+
+    The check runs are aggregated by their name, so newer check will update the
+    older check with the same name.
+
+    Requires environment variable 'KOKORO_GITHUB_PULL_REQUEST_NUMBER' to indicate which pull request
+    should be updated.
+
+    Args:
+      name: The name of the check.
+      summary: A str in Markdown to be used as the detail information of the check.
+      success: A bool indicates whether the check is succeed or not.
+    """
+    if 'KOKORO_GIT_COMMIT' not in os.environ:
+        print('Missing KOKORO_GIT_COMMIT env var: not checking')
+        return
+    if 'KOKORO_KEYSTORE_DIR' not in os.environ:
+        print('Missing KOKORO_KEYSTORE_DIR env var: not checking')
+        return
+    if 'KOKORO_GITHUB_PULL_REQUEST_NUMBER' not in os.environ:
+        print('Missing KOKORO_GITHUB_PULL_REQUEST_NUMBER env var: not checking')
+        return
+    completion_time = str(
+        datetime.datetime.utcnow().replace(microsecond=0).isoformat()) + 'Z'
+    resp = _call(
+        '/repos/%s/check-runs' % _GITHUB_REPO,
+        method='POST',
+        json={
+            'name': name,
+            'head_sha': os.environ['KOKORO_GIT_COMMIT'],
+            'status': 'completed',
+            'completed_at': completion_time,
+            'conclusion': 'success' if success else 'failure',
+            'output': {
+                'title': name,
+                'summary': summary,
+            }
+        })
+    print('Result of Creating/Updating Check on PR:',
+          json.dumps(resp.json(), indent=2))