Re-enable integration test trigger and route cross-org dispatch through emu-access#5034
Merged
mihaimitrea-db merged 2 commits intomainfrom Apr 23, 2026
Merged
Conversation
…gh emu-access Reverts the intent of #4899 (temporary stub) now that both blockers are resolved: the eng-dev-ecosystem `mark-as-*` jobs moved onto ghec-access runners in databricks-eng/eng-dev-ecosystem#1252, and this change moves the cross-org `gh workflow run` dispatch onto `linux-ubuntu-latest-emu-access` following the pattern from databricks/databricks-sdk-go#1638 so the call is no longer 403'd by the databricks-eng org IP allowlist. Restores the pre-#4899 behavior in `push.yml`: - PRs dispatch `cli-isolated-pr.yml`; pushes to `main` dispatch `cli-isolated-nightly.yml`. - The required `Integration Tests` check is updated by the eng-dev-ecosystem `mark-as-*` jobs (in_progress → success/failure) instead of being fake-stamped. - Testmask-based skip/auto-approve paths are restored with their original summaries. Split into two jobs: - `integration-trigger` (deco runners) writes same-org Skip/Auto-approve checks via the DECO_TEST_APPROVAL token. - `trigger-tests` (emu-access runners) mints the DECO_WORKFLOW_TRIGGER token and does the cross-org `gh workflow run` dispatch. NO_CHANGELOG=true Co-authored-by: Isaac
mihaimitrea-db
temporarily deployed
to
test-trigger-is
GitHub Actions
Inactive
mihaimitrea-db
temporarily deployed
to
test-trigger-is
GitHub Actions
Inactive
Contributor
Waiting for approvalBased on git history, these people are best suited to review:
Eligible reviewers: Suggestions based on git history. See OWNERS for ownership rules. |
hectorcast-db
approved these changes
Apr 21, 2026
…-integration-trigger # Conflicts: # .github/workflows/push.yml
mihaimitrea-db
temporarily deployed
to
test-trigger-is
GitHub Actions
Inactive
mihaimitrea-db
temporarily deployed
to
test-trigger-is
GitHub Actions
Inactive
Contributor
Author
|
From offline discussion with Hector, we decided to merge this even though the tests are failing, due to the posibility of using bypass rules. |
simonfaltum
added a commit
that referenced
this pull request
Apr 23, 2026
## Why Integration test nightlies (`cli-isolated-pr.yml`) have been red on every main run since 2026-04-02, when `#4899` temporarily disabled the trigger. The trigger was re-enabled in `#5034` and all accumulated failures surfaced at once. Nothing in any in-flight feature PR is to blame; this PR just clears the backlog so nightly signal goes green again. Two independent regressions: 1. The host-metadata cache (`#5011`) regenerated goldens for tests that run locally, but could not touch `Cloud=true, Local=false` suites. `acceptance/selftest/record_cloud/{pipeline-crud,workspace-file-io}` still expected the pre-cache `/.well-known/databricks-config` calls. 2. Lakeview server behavior now varies by cloud on workspace import. AWS staging includes `serialized_dashboard` in the updated fields; GCP production no longer clears `warehouse_id`. The exact-match assertions in `TestDashboardAssumptions_WorkspaceImport` fail differently on each cloud. ## Changes **Before:** `record_cloud` goldens include redundant `/.well-known/databricks-config` GETs; dashboard test hard-codes exact updated/deleted fields. **Now:** goldens regenerated against e2-dogfood (only diff is removal of the cached requests); dashboard assertions use `assert.Subset` so they tolerate cross-cloud drift but still fail on anything outside the known-allowed set. - `acceptance/selftest/record_cloud/pipeline-crud/output.txt`, `acceptance/selftest/record_cloud/workspace-file-io/output.txt`: rerun with `-update` under `CLOUD_ENV=aws` against e2-dogfood. Both terraform and direct variants produce identical output. - `integration/assumptions/dashboard_assumptions_test.go`: `etag` and `update_time` must appear in updated fields; `serialized_dashboard` is allowed; `warehouse_id` is the only allowed deletion. Comment points to the observed cross-cloud split so the next reader knows why. Follows the pattern of the previous Lakeview-behavior-change fix in `#4640`. ## Test plan - [x] `make checks` clean - [x] `make lint` clean (0 issues) - [x] `go test ./acceptance -run 'TestAccept/selftest/record_cloud/{workspace-file-io,pipeline-crud}'` passes against e2-dogfood (both terraform and direct variants) - [x] `go test ./integration/assumptions -run TestDashboardAssumptions_WorkspaceImport` passes against e2-dogfood - [ ] cli-isolated-pr.yml integration run on this branch comes back green
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
mark-as-pending/mark-as-success/mark-as-failureontolinux-ubuntu-latest-ghec-accessrunners so cross-org check-run writes no longer 403 on thedatabricksorg allowlist.gh workflow rundispatch is moved ontolinux-ubuntu-latest-emu-access, following the pattern from Split trigger-tests job and route workflow dispatch through emu-access runner databricks-sdk-go#1638, so it no longer 403s on thedatabricks-engorg allowlist.integration-trigger(deco runners) handles same-orgIntegration Testscheck writes for the PR-skip and merge-group-auto-approve paths, using theDECO_TEST_APPROVALapp token. Testmask-based gating and the pre-Temporarily disable integration test trigger #4899 summaries (Skipped (changes do not require integration tests)/Auto-approved for merge queue (tests already passed on PR)) are restored.trigger-tests(emu-access runners) mints theDECO_WORKFLOW_TRIGGERtoken and issues the cross-orggh workflow run cli-isolated-pr.yml/cli-isolated-nightly.ymldispatches.integration-trigger-dependabotis unchanged.NO_CHANGELOG=true
Test plan
integration-triggerruns ondatabricks-deco-testing-runner-groupand succeeds.trigger-testsruns ondatabricks-release-runner-group-emu-access;Generate GitHub App Tokenstep succeeds (no 403);Trigger integration tests (pull request)dispatchescli-isolated-pr.ymlondatabricks-eng/eng-dev-ecosystemwithpull_request_numberandcommit_shainputs.databricks-eng/eng-dev-ecosystem, confirm the dispatchedcli-isolated-prrun appears (event:workflow_dispatch) and itscheckoutjob uploads theupdate-check-actionandgh-report-actionartifacts.mark-as-pendingruns onlinux-ubuntu-latest-ghec-accessand updates theIntegration Testscheck on the PR commit toin_progress.integration-tests-prodmatrix finishes, confirmmark-as-success/mark-as-failureupdates the check tosuccess/failure. (Known separate issue:integration-tests-prodonmainhas been failing due to a Go 1.25.9 toolchain fetch againstproxy.golang.org; that is out of scope here.)integration-triggerwrites theAuto-approved for merge queue (tests already passed on PR)check.workflow_dispatchrun ofcli-isolated-nightly.ymlappears on eng-dev-ecosystem keyed to the merge commit SHA.This pull request and its description were written by Isaac.