mwarkentin
commented
2 months ago What's the purpose of this? A little concerned that flakiness in unrelated checks could now block terraform applies.
Which checks are for terraform specifically?
Closed lynnagara closed 2 months ago
mwarkentin
commented
2 months ago What's the purpose of this? A little concerned that flakiness in unrelated checks could now block terraform applies.
Which checks are for terraform specifically?
fpacifici
commented
2 months ago What's the purpose of this?
To ensure that, before we apply a change to production, CI runs and does not fail. I believe we should get used to this approach. For terraform we allow changes to be applied to production before reaching master. This should not extend to applying changes that do not pass CI.
Now it is true that today we only have one test that runs on terraform changes but we have slices that runs on top of materialized files. Materialization has to happen before terraform apply happens.
A little concerned that flakiness in unrelated checks could now block terraform applies.
If a check is unrelated it is not supposed to run, thus ignored. If that is not the case there is something to fix in our CI actions targeting. If the PR contains changes independent from terraform and those required checks do not pass, the fact that tacos would not run would be a good incentive not to add unrelated changes to PRs.
@mwarkentin if you look for a mechanism to skip in case of emergency. we could consider looking for a label like emergency-inc-xxx in the PR to skip this check. But I would still not use it to skip CI. CI is generally there to help not to make things worse.
I think the way to avoid your concern is having a healthy culture where flaky required CI checks are not tolerated and we fix our stuff.
tacos apply needs required checks to pass