From 82e33486ad51e4431df139fd7d467c1c77d71383 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 13:27:09 +0000 Subject: [PATCH 01/15] feat: add alarms and monitor --- .github/test-matrix.json | 64 +++++++++++++++++ .github/workflows/bootstrap-alarms.yml | 92 +++++++++++++++++++++++++ .github/workflows/integration-tests.yml | 60 ++++------------ 3 files changed, 171 insertions(+), 45 deletions(-) create mode 100644 .github/test-matrix.json create mode 100644 .github/workflows/bootstrap-alarms.yml diff --git a/.github/test-matrix.json b/.github/test-matrix.json new file mode 100644 index 0000000..b0e4319 --- /dev/null +++ b/.github/test-matrix.json @@ -0,0 +1,64 @@ +{ + "arch": [ + { + "runner": "ubuntu-latest", + "rie": "aws-lambda-rie", + "label": "x64" + }, + { + "runner": "ubuntu-24.04-arm", + "rie": "aws-lambda-rie-arm64", + "label": "arm64" + } + ], + "distro_config": [ + { + "distro": "al2023", + "distro_version": "al2023", + "runtime_version": "3.4", + "executable": "/usr/local/bin/aws_lambda_ric" + }, + { + "distro": "al2023", + "distro_version": "al2023", + "runtime_version": "3.3", + "executable": "/usr/local/bin/aws_lambda_ric" + }, + { + "distro": "alpine", + "distro_version": "3.23", + "runtime_version": "3.4", + "executable": "/usr/local/bundle/bin/aws_lambda_ric" + }, + { + "distro": "alpine", + "distro_version": "3.23", + "runtime_version": "3.3", + "executable": "/usr/local/bundle/bin/aws_lambda_ric" + }, + { + "distro": "debian", + "distro_version": "bookworm", + "runtime_version": "3.4", + "executable": "/usr/local/bundle/bin/aws_lambda_ric" + }, + { + "distro": "debian", + "distro_version": "bookworm", + "runtime_version": "3.3", + "executable": "/usr/local/bundle/bin/aws_lambda_ric" + }, + { + "distro": "ubuntu", + "distro_version": "24.04", + "runtime_version": "3.4", + "executable": "/usr/local/bin/aws_lambda_ric" + }, + { + "distro": "ubuntu", + "distro_version": "24.04", + "runtime_version": "3.3", + "executable": "/usr/local/bin/aws_lambda_ric" + } + ] +} diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml new file mode 100644 index 0000000..a354f9c --- /dev/null +++ b/.github/workflows/bootstrap-alarms.yml @@ -0,0 +1,92 @@ +name: bootstrap-alarms + +permissions: + id-token: write + contents: read + +on: + workflow_dispatch: + +env: + AWS_REGION: ${{ env.AWS_REGION }} + ALARM_NAMESPACE: GitHubActions + COMPOSITE_ALARM_NAME: aws_aws-lambda-ruby-runtime-interface-client + +jobs: + bootstrap: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Configure AWS credentials (OIDC) + uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4 + with: + role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }} + aws-region: ${{ env.AWS_REGION }} + + - name: Create individual metric alarms + run: | + set -euo pipefail + + MATRIX_FILE=".github/test-matrix.json" + ALARM_NAMES=() + + # Iterate over every arch × distro_config permutation from the shared matrix + for row in $(jq -c ' + .arch[] as $a | + .distro_config[] as $d | + { arch: $a.label, distro: $d.distro, distro_version: $d.distro_version, runtime_version: $d.runtime_version } + ' "$MATRIX_FILE"); do + + arch=$(echo "$row" | jq -r '.arch') + distro=$(echo "$row" | jq -r '.distro') + distro_version=$(echo "$row" | jq -r '.distro_version') + runtime_version=$(echo "$row" | jq -r '.runtime_version') + + ALARM_NAME="ruby-ric-${distro}-${distro_version}-ruby${runtime_version}-${arch}" + + echo "Creating alarm: ${ALARM_NAME}" + + aws cloudwatch put-metric-alarm \ + --alarm-name "${ALARM_NAME}" \ + --alarm-description "Integration test: ${distro} ${distro_version} / ruby ${runtime_version} (${arch})" \ + --namespace "${ALARM_NAMESPACE}" \ + --metric-name "TestResult" \ + --dimensions "Name=Distro,Value=${distro}" "Name=DistroVersion,Value=${distro_version}" "Name=RuntimeVersion,Value=${runtime_version}" "Name=Arch,Value=${arch}" \ + --statistic SampleCount \ + --period 60 \ + --evaluation-periods 1 \ + --threshold 0 \ + --comparison-operator GreaterThanThreshold + + ALARM_NAMES+=("${ALARM_NAME}") + done + + # Save alarm names for the composite alarm step + printf '%s\n' "${ALARM_NAMES[@]}" > /tmp/alarm_names.txt + + - name: Create composite aggregate alarm + run: | + set -euo pipefail + + mapfile -t ALARM_NAMES < /tmp/alarm_names.txt + + # Build the composite alarm rule: triggers if ANY sub-alarm fires + RULE="" + for name in "${ALARM_NAMES[@]}"; do + if [ -n "$RULE" ]; then + RULE="${RULE} OR " + fi + RULE="${RULE}ALARM(\"${name}\")" + done + + echo "Composite alarm rule:" + echo "${RULE}" + + aws cloudwatch put-composite-alarm \ + --alarm-name "${COMPOSITE_ALARM_NAME}" \ + --alarm-description "Aggregate alarm for all Ruby RIC integration test permutations" \ + --alarm-rule "${RULE}" + + echo "Composite alarm '${COMPOSITE_ALARM_NAME}' created successfully." diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index f0757d1..6e7ff47 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -11,55 +11,25 @@ on: workflow_dispatch: jobs: + load-matrix: + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set.outputs.matrix }} + steps: + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + + - name: Load test matrix + id: set + run: | + MATRIX=$(jq -c '.' .github/test-matrix.json) + echo "matrix=${MATRIX}" >> "$GITHUB_OUTPUT" + integration-test: + needs: load-matrix runs-on: ${{ matrix.arch.runner }} strategy: fail-fast: false - matrix: - arch: - - runner: ubuntu-latest - rie: aws-lambda-rie - label: x64 - - runner: ubuntu-24.04-arm - rie: aws-lambda-rie-arm64 - label: arm64 - distro_config: - # al2023 - - distro: al2023 - distro_version: "al2023" - runtime_version: "3.4" - executable: /usr/local/bin/aws_lambda_ric - - distro: al2023 - distro_version: "al2023" - runtime_version: "3.3" - executable: /usr/local/bin/aws_lambda_ric - # Alpine - - distro: alpine - distro_version: "3.23" - runtime_version: "3.4" - executable: /usr/local/bundle/bin/aws_lambda_ric - - distro: alpine - distro_version: "3.23" - runtime_version: "3.3" - executable: /usr/local/bundle/bin/aws_lambda_ric - # Debian - - distro: debian - distro_version: bookworm - runtime_version: "3.4" - executable: /usr/local/bundle/bin/aws_lambda_ric - - distro: debian - distro_version: bookworm - runtime_version: "3.3" - executable: /usr/local/bundle/bin/aws_lambda_ric - # Ubuntu - - distro: ubuntu - distro_version: "24.04" - runtime_version: "3.4" - executable: /usr/local/bin/aws_lambda_ric - - distro: ubuntu - distro_version: "24.04" - runtime_version: "3.3" - executable: /usr/local/bin/aws_lambda_ric + matrix: ${{ fromJson(needs.load-matrix.outputs.matrix) }} name: "${{ matrix.distro_config.distro }} ${{ matrix.distro_config.distro_version }} / ruby ${{ matrix.distro_config.runtime_version }} (${{ matrix.arch.label }})" From 12ae8850fba2ed9faaa3ef9bc52152c9e4b4462b Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 13:30:37 +0000 Subject: [PATCH 02/15] fix: cleanup --- .github/workflows/bootstrap-alarms.yml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index a354f9c..79ff203 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -5,16 +5,19 @@ permissions: contents: read on: + pull_request: + branches: [ '*' ] workflow_dispatch: env: - AWS_REGION: ${{ env.AWS_REGION }} + AWS_REGION: ${{ secrets.AWS_REGION }} ALARM_NAMESPACE: GitHubActions - COMPOSITE_ALARM_NAME: aws_aws-lambda-ruby-runtime-interface-client jobs: bootstrap: runs-on: ubuntu-latest + env: + COMPOSITE_ALARM_NAME: ${{ github.repository_owner }}-${{ github.event.repository.name }}-integration-tests-aggregate steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -23,7 +26,7 @@ jobs: uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4 with: role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }} - aws-region: ${{ env.AWS_REGION }} + aws-region: ${{ secrets.AWS_REGION }} - name: Create individual metric alarms run: | From fc6abedd7bd483e6210a4ab86ad57413e7f4238e Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:13:40 +0000 Subject: [PATCH 03/15] fix: add prefix --- .github/workflows/bootstrap-alarms.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 79ff203..6d0d8f1 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -17,7 +17,7 @@ jobs: bootstrap: runs-on: ubuntu-latest env: - COMPOSITE_ALARM_NAME: ${{ github.repository_owner }}-${{ github.event.repository.name }}-integration-tests-aggregate + COMPOSITE_ALARM_NAME: GitHubActions-${{ github.repository_owner }}-${{ github.event.repository.name }}-integration-tests-aggregate steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 @@ -47,7 +47,7 @@ jobs: distro_version=$(echo "$row" | jq -r '.distro_version') runtime_version=$(echo "$row" | jq -r '.runtime_version') - ALARM_NAME="ruby-ric-${distro}-${distro_version}-ruby${runtime_version}-${arch}" + ALARM_NAME="GitHubActions-ruby-ric-${distro}-${distro_version}-ruby${runtime_version}-${arch}" echo "Creating alarm: ${ALARM_NAME}" From ac923327f2afece43d73ed9156f7832bfad9909f Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:24:49 +0000 Subject: [PATCH 04/15] fix: add target actions --- .github/workflows/bootstrap-alarms.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 6d0d8f1..8c58686 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -90,6 +90,8 @@ jobs: aws cloudwatch put-composite-alarm \ --alarm-name "${COMPOSITE_ALARM_NAME}" \ --alarm-description "Aggregate alarm for all Ruby RIC integration test permutations" \ - --alarm-rule "${RULE}" + --alarm-rule "${RULE}" \ + --actions-enabled \ + --alarm-actions "${{ secrets.AWS_ALARM_TARGET_ARN }}" echo "Composite alarm '${COMPOSITE_ALARM_NAME}' created successfully." From fcc1a01ca2b710f461e87238811f6c214930a036 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:28:46 +0000 Subject: [PATCH 05/15] fix: metric is published --- .github/workflows/integration-tests.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 6e7ff47..1fee409 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -1,6 +1,7 @@ name: integration-tests permissions: + id-token: write contents: read on: @@ -36,6 +37,12 @@ jobs: steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - name: Configure AWS credentials (OIDC) + uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4 + with: + role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Download RIE run: | mkdir -p .scratch @@ -101,6 +108,16 @@ jobs: echo "=== Tester container logs ===" docker logs "${TEST_NAME}-tester" 2>&1 || true + - name: Publish failure metric + if: failure() + run: | + aws cloudwatch put-metric-data \ + --namespace "GitHubActions" \ + --metric-name "TestResult" \ + --dimensions "Distro=${{ matrix.distro_config.distro }},DistroVersion=${{ matrix.distro_config.distro_version }},RuntimeVersion=${{ matrix.distro_config.runtime_version }},Arch=${{ matrix.arch.label }}" \ + --value 1 \ + --unit Count + - name: Cleanup if: always() run: | From c6dc2acd2bcecb6e31b4c6fd6240477766d6b3e5 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:31:12 +0000 Subject: [PATCH 06/15] fix: metric --- .github/workflows/bootstrap-alarms.yml | 8 +++++--- .github/workflows/integration-tests.yml | 6 ++++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 8c58686..0e5a237 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -58,10 +58,12 @@ jobs: --metric-name "TestResult" \ --dimensions "Name=Distro,Value=${distro}" "Name=DistroVersion,Value=${distro_version}" "Name=RuntimeVersion,Value=${runtime_version}" "Name=Arch,Value=${arch}" \ --statistic SampleCount \ - --period 60 \ + --period 691200 \ --evaluation-periods 1 \ - --threshold 0 \ - --comparison-operator GreaterThanThreshold + --datapoints-to-alarm 1 \ + --threshold 1 \ + --comparison-operator LessThanThreshold \ + --treat-missing-data breaching ALARM_NAMES+=("${ALARM_NAME}") done diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 1fee409..3d6ed6f 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -9,6 +9,8 @@ on: branches: [main] pull_request: branches: ['*'] + schedule: + - cron: '0 8 * * 1' # Every Monday at 08:00 UTC workflow_dispatch: jobs: @@ -108,8 +110,8 @@ jobs: echo "=== Tester container logs ===" docker logs "${TEST_NAME}-tester" 2>&1 || true - - name: Publish failure metric - if: failure() + - name: Publish success metric + if: success() run: | aws cloudwatch put-metric-data \ --namespace "GitHubActions" \ From fb6ed95126dce0a1f4822a7094ee8e077d016a31 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:32:07 +0000 Subject: [PATCH 07/15] fix: metrics --- .github/workflows/bootstrap-alarms.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 0e5a237..ceaa526 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -58,7 +58,7 @@ jobs: --metric-name "TestResult" \ --dimensions "Name=Distro,Value=${distro}" "Name=DistroVersion,Value=${distro_version}" "Name=RuntimeVersion,Value=${runtime_version}" "Name=Arch,Value=${arch}" \ --statistic SampleCount \ - --period 691200 \ + --period 691200 \ # 8 days (7-day schedule + 1-day buffer) --evaluation-periods 1 \ --datapoints-to-alarm 1 \ --threshold 1 \ From 84d43dfedd7b008b56410ff05805c766494f926a Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:35:22 +0000 Subject: [PATCH 08/15] fix: metrics --- .github/workflows/bootstrap-alarms.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index ceaa526..5551429 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -58,7 +58,8 @@ jobs: --metric-name "TestResult" \ --dimensions "Name=Distro,Value=${distro}" "Name=DistroVersion,Value=${distro_version}" "Name=RuntimeVersion,Value=${runtime_version}" "Name=Arch,Value=${arch}" \ --statistic SampleCount \ - --period 691200 \ # 8 days (7-day schedule + 1-day buffer) + # 8 days (7-day schedule + 1-day buffer) + --period 691200 \ --evaluation-periods 1 \ --datapoints-to-alarm 1 \ --threshold 1 \ From 0ae6700290b687b251df64e8e397e78d2200ef7a Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:38:18 +0000 Subject: [PATCH 09/15] fix: metrics --- .github/workflows/bootstrap-alarms.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 5551429..268a95e 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -51,6 +51,7 @@ jobs: echo "Creating alarm: ${ALARM_NAME}" + # period = 691200s = 8 days (7-day schedule + 1-day buffer) aws cloudwatch put-metric-alarm \ --alarm-name "${ALARM_NAME}" \ --alarm-description "Integration test: ${distro} ${distro_version} / ruby ${runtime_version} (${arch})" \ @@ -58,7 +59,6 @@ jobs: --metric-name "TestResult" \ --dimensions "Name=Distro,Value=${distro}" "Name=DistroVersion,Value=${distro_version}" "Name=RuntimeVersion,Value=${runtime_version}" "Name=Arch,Value=${arch}" \ --statistic SampleCount \ - # 8 days (7-day schedule + 1-day buffer) --period 691200 \ --evaluation-periods 1 \ --datapoints-to-alarm 1 \ From 18be62bb90cdd28d078c799a81a6f8db01b16658 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:40:26 +0000 Subject: [PATCH 10/15] fix: metrics --- .github/workflows/bootstrap-alarms.yml | 4 ++-- .github/workflows/integration-tests.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 268a95e..96e4e1e 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -51,7 +51,7 @@ jobs: echo "Creating alarm: ${ALARM_NAME}" - # period = 691200s = 8 days (7-day schedule + 1-day buffer) + # period = 259200s = 3 days (runs every workday + buffer for weekends) aws cloudwatch put-metric-alarm \ --alarm-name "${ALARM_NAME}" \ --alarm-description "Integration test: ${distro} ${distro_version} / ruby ${runtime_version} (${arch})" \ @@ -59,7 +59,7 @@ jobs: --metric-name "TestResult" \ --dimensions "Name=Distro,Value=${distro}" "Name=DistroVersion,Value=${distro_version}" "Name=RuntimeVersion,Value=${runtime_version}" "Name=Arch,Value=${arch}" \ --statistic SampleCount \ - --period 691200 \ + --period 259200 \ --evaluation-periods 1 \ --datapoints-to-alarm 1 \ --threshold 1 \ diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 3d6ed6f..4bbfbb7 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -10,7 +10,7 @@ on: pull_request: branches: ['*'] schedule: - - cron: '0 8 * * 1' # Every Monday at 08:00 UTC + - cron: '0 8 * * 1-5' # Every workday (Mon-Fri) at 08:00 UTC workflow_dispatch: jobs: From d8e108b01d6892a740b63270e24d393cbbea68d4 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 14:48:13 +0000 Subject: [PATCH 11/15] fix: harden alarm --- .github/workflows/bootstrap-alarms.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 96e4e1e..4ef3eb0 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -78,13 +78,13 @@ jobs: mapfile -t ALARM_NAMES < /tmp/alarm_names.txt - # Build the composite alarm rule: triggers if ANY sub-alarm fires + # Build the composite alarm rule: triggers if ANY sub-alarm is in ALARM or INSUFFICIENT_DATA RULE="" for name in "${ALARM_NAMES[@]}"; do if [ -n "$RULE" ]; then RULE="${RULE} OR " fi - RULE="${RULE}ALARM(\"${name}\")" + RULE="${RULE}(ALARM(\"${name}\") OR INSUFFICIENT_DATA(\"${name}\"))" done echo "Composite alarm rule:" @@ -95,6 +95,7 @@ jobs: --alarm-description "Aggregate alarm for all Ruby RIC integration test permutations" \ --alarm-rule "${RULE}" \ --actions-enabled \ - --alarm-actions "${{ secrets.AWS_ALARM_TARGET_ARN }}" + --alarm-actions "${{ secrets.AWS_ALARM_TARGET_ARN }}" \ + --insufficient-data-actions "${{ secrets.AWS_ALARM_TARGET_ARN }}" echo "Composite alarm '${COMPOSITE_ALARM_NAME}' created successfully." From c9e95b067c093f329d8dd3a7fbceef83fae885ce Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 15:08:35 +0000 Subject: [PATCH 12/15] fix sample count to sum --- .github/workflows/bootstrap-alarms.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 4ef3eb0..18de9f0 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -52,13 +52,14 @@ jobs: echo "Creating alarm: ${ALARM_NAME}" # period = 259200s = 3 days (runs every workday + buffer for weekends) + # Alarms when no success metric is received within the period aws cloudwatch put-metric-alarm \ --alarm-name "${ALARM_NAME}" \ --alarm-description "Integration test: ${distro} ${distro_version} / ruby ${runtime_version} (${arch})" \ --namespace "${ALARM_NAMESPACE}" \ --metric-name "TestResult" \ --dimensions "Name=Distro,Value=${distro}" "Name=DistroVersion,Value=${distro_version}" "Name=RuntimeVersion,Value=${runtime_version}" "Name=Arch,Value=${arch}" \ - --statistic SampleCount \ + --statistic Sum \ --period 259200 \ --evaluation-periods 1 \ --datapoints-to-alarm 1 \ From 774a342eeb6b54619b5875eaec55493d63f178eb Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 15:36:36 +0000 Subject: [PATCH 13/15] fix: bump github action --- .github/workflows/bootstrap-alarms.yml | 2 +- .github/workflows/integration-tests.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 18de9f0..ea1b26d 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -23,7 +23,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4 + uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 with: role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }} aws-region: ${{ secrets.AWS_REGION }} diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 4bbfbb7..a6d72aa 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -40,7 +40,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ececac1a45f3b08a01d2dd070d28d111c5fe6722 # v4 + uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 with: role-to-assume: ${{ secrets.AWS_OIDC_ROLE_ARN }} aws-region: ${{ secrets.AWS_REGION }} From 6124b7b02ef63bea56466cc638cb6b611f90e526 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 15:39:24 +0000 Subject: [PATCH 14/15] fix: metrics --- .github/workflows/bootstrap-alarms.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index ea1b26d..32522aa 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -51,8 +51,8 @@ jobs: echo "Creating alarm: ${ALARM_NAME}" - # period = 259200s = 3 days (runs every workday + buffer for weekends) - # Alarms when no success metric is received within the period + # Alarms if no success metric is received within 3 days + # Uses 1-day periods with 3 evaluation periods for faster state transitions aws cloudwatch put-metric-alarm \ --alarm-name "${ALARM_NAME}" \ --alarm-description "Integration test: ${distro} ${distro_version} / ruby ${runtime_version} (${arch})" \ @@ -60,9 +60,9 @@ jobs: --metric-name "TestResult" \ --dimensions "Name=Distro,Value=${distro}" "Name=DistroVersion,Value=${distro_version}" "Name=RuntimeVersion,Value=${runtime_version}" "Name=Arch,Value=${arch}" \ --statistic Sum \ - --period 259200 \ - --evaluation-periods 1 \ - --datapoints-to-alarm 1 \ + --period 86400 \ + --evaluation-periods 3 \ + --datapoints-to-alarm 3 \ --threshold 1 \ --comparison-operator LessThanThreshold \ --treat-missing-data breaching From df42d9a27c222b8254e226052ad371e73947fd61 Mon Sep 17 00:00:00 2001 From: Maxime David Date: Wed, 22 Apr 2026 15:45:10 +0000 Subject: [PATCH 15/15] fix: add debug --- .github/workflows/bootstrap-alarms.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/bootstrap-alarms.yml b/.github/workflows/bootstrap-alarms.yml index 32522aa..c619159 100644 --- a/.github/workflows/bootstrap-alarms.yml +++ b/.github/workflows/bootstrap-alarms.yml @@ -20,6 +20,11 @@ jobs: COMPOSITE_ALARM_NAME: GitHubActions-${{ github.repository_owner }}-${{ github.event.repository.name }}-integration-tests-aggregate steps: + - name: Debug OIDC token + run: | + echo "GitHub ref: ${{ github.ref }}" + echo "GitHub event name: ${{ github.event_name }}" + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC)