Skip to content

Add get-weaviate-branch and pull-weaviate-code actions#13

Merged
jfrancoa merged 4 commits into
mainfrom
jose/get-weaviate-branch
Mar 25, 2026
Merged

Add get-weaviate-branch and pull-weaviate-code actions#13
jfrancoa merged 4 commits into
mainfrom
jose/get-weaviate-branch

Conversation

@jfrancoa

@jfrancoa jfrancoa commented Mar 24, 2026

Copy link
Copy Markdown
Collaborator

Summary

  • get-weaviate-branch: Resolves any Weaviate Docker tag to the exact git commit (full 40-char SHA) and branch from weaviate/weaviate. Reverse-engineers the tag format from ci/push_docker.sh to handle all variants: official releases (1.36.6), RC tags (1.36.0-rc.0), semver+hash (1.34.19-6175eab.amd64), preview/PR builds, branch builds (main-01c9f49, stable-v1.34-519f0dc), and special tags (nightly, latest).

  • pull-weaviate-code: Clones weaviate/weaviate at the commit matching a given Docker tag. Uses get-weaviate-branch to resolve the tag, then performs a shallow git fetch --depth=1 for efficiency. Validates the target path doesn't already exist and supports custom clone directories.

Both actions rely on the weaviate repo being public — git operations need no authentication. The gh_token input is optional and only used for the GitHub API call that resolves short commit hashes (improves rate limits from 60 to 5000 req/hr).

Test plan

  • get-weaviate-branch-test.yml — 11 jobs covering all tag patterns using real Docker Hub tags (semver+hash+arch, semver+hash, semver-dev+hash, preview, main branch, stable branch, official release, RC, nightly, latest, arm64 suffix)
  • pull-weaviate-code-test.yml — 5 jobs covering release clone, branch+hash clone, custom directory, directory conflict detection, and nightly clone

🤖 Generated with Claude Code

Add two new reusable GitHub Actions:

- get-weaviate-branch: Resolves a Weaviate Docker tag to the exact git
  commit hash and branch from weaviate/weaviate. Handles all tag variants
  (release, preview, branch+hash, semver+hash, nightly, latest) by
  reverse-engineering the tag format from ci/push_docker.sh. Always
  returns a full 40-char commit SHA.

- pull-weaviate-code: Clones weaviate/weaviate at the commit matching a
  given Docker tag. Uses shallow fetch for efficiency, validates the
  target directory doesn't already exist, and supports custom clone paths.

Both actions use env-based git config (GIT_CONFIG_COUNT) for
authentication to avoid token leakage in URLs or error messages.

Includes comprehensive test workflows covering all tag patterns,
directory conflict detection, and custom directory support.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

@orca-security-eu orca-security-eu Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 0   info 0 View in Orca
Passed Passed SAST high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Vulnerabilities high 0   medium 0   low 0   info 0 View in Orca

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds two GitHub composite actions to resolve Weaviate Docker tags to upstream source and to clone the matching weaviate/weaviate commit, along with CI workflows to validate common tag patterns.

Changes:

  • Introduces get-weaviate-branch to resolve a Weaviate Docker tag into a full 40-char commit SHA (and best-guess branch).
  • Introduces pull-weaviate-code to shallow-clone weaviate/weaviate at the resolved commit into a chosen directory.
  • Adds CI workflows to test both actions across representative tag formats and scenarios (release, branch+hash, nightly, directory conflicts).

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 6 comments.

File Description
.github/workflows/pull-weaviate-code-test.yml Adds workflow coverage for cloning behavior and directory conflict handling.
.github/workflows/get-weaviate-branch-test.yml Adds workflow coverage for tag parsing/resolution across multiple tag shapes.
.github/actions/pull-weaviate-code/action.yml Implements the composite action that clones weaviate/weaviate at the resolved commit.
.github/actions/get-weaviate-branch/action.yml Implements tag → commit/branch resolution logic using git ls-remote + GitHub API.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/pull-weaviate-code-test.yml
Comment thread .github/workflows/get-weaviate-branch-test.yml
Comment thread .github/actions/get-weaviate-branch/action.yml Outdated
Comment thread .github/actions/get-weaviate-branch/action.yml Outdated
Comment thread .github/actions/pull-weaviate-code/action.yml Outdated
Comment thread .github/actions/pull-weaviate-code/action.yml Outdated
@jfrancoa jfrancoa force-pushed the jose/get-weaviate-branch branch 3 times, most recently from b983a44 to a14b3cf Compare March 24, 2026 13:49
- Clear any Authorization header left by actions/checkout in global
  gitconfig before setting our own via env-based config. This fixes
  "Duplicate header: Authorization" errors (HTTP 400).
- Replace fake commit hashes in tests with real Docker tags from
  Docker Hub (6175eab, 305c7dc, 519f0dc, 01c9f49) whose commits
  are verified to exist in weaviate/weaviate.
- Remove arm64 test that used a non-existent tag format (main-HASH
  never has .arm64 suffix); replace with real arm64 tag test.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 4 comments.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/actions/get-weaviate-branch/action.yml
Comment thread .github/actions/get-weaviate-branch/action.yml Outdated
Comment thread .github/actions/get-weaviate-branch/action.yml
Comment thread .github/actions/get-weaviate-branch/action.yml
- Add empty guards for latest_tag/commit in the 'latest' tag path
- Add empty commit check before API resolution (step 6)
- Add explicit error on curl failure when resolving short hashes
- Switch Authorization header from 'token' to 'Bearer' for fine-grained token compat
- Fix major.minor extraction for RC tags (1.36.0-rc.0 → 1.36, not 1.36.0-rc)
- Fix RC tag test expectation back to stable/v1.36

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 1 comment.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/actions/get-weaviate-branch/action.yml Outdated
- Use jq to parse GitHub API JSON response instead of sed regex

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@jfrancoa jfrancoa requested a review from Copilot March 25, 2026 09:47
@jfrancoa jfrancoa merged commit ef4bef1 into main Mar 25, 2026
24 checks passed

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 8 comments.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +75 to +77
if [[ "${COMMIT}" != *"305c7dc"* ]]; then
echo "Expected commit to contain 305c7dc, got=${COMMIT}"
exit 1

Copilot AI Mar 25, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This assertion uses substring matching (*305c7dc*) which can theoretically false-pass. For a strict short->full SHA resolution test, assert the resolved 40-char SHA begins with the short hash (first 7 chars equal 305c7dc).

Copilot uses AI. Check for mistakes.
Comment on lines +102 to +104
if [[ "${COMMIT}" != *"305c7dc"* ]]; then
echo "Expected commit to contain 305c7dc, got=${COMMIT}"
exit 1

Copilot AI Mar 25, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This check uses *305c7dc* (substring). For a correct short-SHA resolution test, assert the full SHA starts with the short hash (e.g., ${COMMIT:0:7} equals 305c7dc).

Copilot uses AI. Check for mistakes.
Comment on lines +129 to +131
if [[ "${COMMIT}" != *"6175eab"* ]]; then
echo "Expected commit to contain 6175eab, got=${COMMIT}"
exit 1

Copilot AI Mar 25, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This uses substring matching (*6175eab*) which can false-pass. Prefer asserting the resolved 40-char SHA starts with the short hash (first 7 chars equal 6175eab).

Copilot uses AI. Check for mistakes.
Comment on lines +161 to +163
if [[ "${COMMIT}" != *"01c9f49"* ]]; then
echo "Expected commit to contain 01c9f49, got=${COMMIT}"
exit 1

Copilot AI Mar 25, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This assertion checks for *01c9f49* anywhere in the SHA. To make the test precise, assert the resolved full SHA starts with 01c9f49 (or compare directly to the commit output if you want an exact match).

Copilot uses AI. Check for mistakes.
Comment on lines +192 to +193
if [[ "${COMMIT}" != *"519f0dc"* ]]; then
echo "Expected commit to contain 519f0dc, got=${COMMIT}"

Copilot AI Mar 25, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This uses substring matching (*519f0dc*). For a strict check that the short SHA was expanded correctly, assert the resolved 40-char SHA begins with 519f0dc (first 7 chars), not just contains it.

Suggested change
if [[ "${COMMIT}" != *"519f0dc"* ]]; then
echo "Expected commit to contain 519f0dc, got=${COMMIT}"
if [[ "${COMMIT}" != 519f0dc* ]]; then
echo "Expected commit to start with 519f0dc, got=${COMMIT}"

Copilot uses AI. Check for mistakes.
Comment on lines +359 to +360
if [[ "${COMMIT}" != *"6175eab"* ]]; then
echo "Expected commit to contain 6175eab, got=${COMMIT}"

Copilot AI Mar 25, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This assertion checks if the full SHA contains 6175eab as a substring. For correctness, assert the resolved SHA starts with the short hash (e.g., first 7 chars equal 6175eab).

Suggested change
if [[ "${COMMIT}" != *"6175eab"* ]]; then
echo "Expected commit to contain 6175eab, got=${COMMIT}"
if [[ "${COMMIT:0:7}" != "6175eab" ]]; then
echo "Expected commit to start with 6175eab, got=${COMMIT}"

Copilot uses AI. Check for mistakes.
Comment on lines +89 to +93
# Verify HEAD contains the short hash
cd "${{ steps.pull.outputs.weaviate_path }}"
HEAD_SHA=$(git rev-parse HEAD)
if [[ "${HEAD_SHA}" != *"01c9f49"* ]]; then
echo "HEAD (${HEAD_SHA}) does not contain expected short hash 01c9f49"

Copilot AI Mar 25, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The verification only checks that HEAD contains the short hash string. This can false-pass if the checked-out SHA happens to include that substring outside the prefix. Compare HEAD_SHA directly to the action's resolved commit output (full 40-char SHA) to assert the clone is exactly at the expected commit.

Suggested change
# Verify HEAD contains the short hash
cd "${{ steps.pull.outputs.weaviate_path }}"
HEAD_SHA=$(git rev-parse HEAD)
if [[ "${HEAD_SHA}" != *"01c9f49"* ]]; then
echo "HEAD (${HEAD_SHA}) does not contain expected short hash 01c9f49"
# Verify HEAD matches the resolved commit SHA
cd "${{ steps.pull.outputs.weaviate_path }}"
HEAD_SHA=$(git rev-parse HEAD)
if [ "${HEAD_SHA}" != "${{ steps.pull.outputs.commit }}" ]; then
echo "HEAD (${HEAD_SHA}) does not match expected commit ${{ steps.pull.outputs.commit }}"

Copilot uses AI. Check for mistakes.
Comment on lines +38 to +39
if [[ "${COMMIT}" != *"6175eab"* ]]; then
echo "Expected commit to contain 6175eab, got=${COMMIT}"

Copilot AI Mar 25, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This assertion checks whether the resolved full SHA merely contains the 7-char short hash. To validate the short->full resolution correctly, check that the full SHA starts with the short hash (e.g., first 7 chars equal 6175eab) rather than substring matching.

Suggested change
if [[ "${COMMIT}" != *"6175eab"* ]]; then
echo "Expected commit to contain 6175eab, got=${COMMIT}"
if [[ "${COMMIT}" != 6175eab* ]]; then
echo "Expected commit to start with short hash 6175eab, got=${COMMIT}"

Copilot uses AI. Check for mistakes.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants