DataDog · daniel-mohedano · Oct 8, 2025 · Oct 8, 2025 · Oct 8, 2025 · Oct 8, 2025
@@ -1,19 +1,119 @@
-run-ci-visibility-test-environment:
-  stage: ci-visibility-tests
-  when: manual
-  needs: []
-  trigger:
-    project: DataDog/apm-reliability/test-environment
-    branch: main
-    strategy: depend
-  variables:
-    UPSTREAM_PACKAGE_JOB: build
-    UPSTREAM_PROJECT_ID: $CI_PROJECT_ID
-    UPSTREAM_PROJECT_NAME: $CI_PROJECT_NAME
-    UPSTREAM_PIPELINE_ID: $CI_PIPELINE_ID
-    UPSTREAM_BRANCH: $CI_COMMIT_BRANCH
-    UPSTREAM_TAG: $CI_COMMIT_TAG
-    UPSTREAM_COMMIT_AUTHOR: $CI_COMMIT_AUTHOR
-    UPSTREAM_COMMIT_SHORT_SHA: $CI_COMMIT_SHORT_SHA
-    TRACER_LANG: java
-    JAVA_TRACER_REF_TO_TEST: $CI_COMMIT_BRANCH
+test-gitlab-api:
+  stage: build
+  image: registry.ddbuild.io/images/dd-octo-sts-ci-base:2025.06-1
+  tags: [ "arch:amd64" ]
+  script:
+  - |
+    curl -s --header "JOB-TOKEN: $CI_JOB_TOKEN" "$CI_API_V4_URL/projects/$CI_PROJECT_ID"
+
+#check-ci-visibility-label:
+#  stage: publish
+#  image: registry.ddbuild.io/images/dd-octo-sts-ci-base:2025.06-1
+#  tags: [ "arch:amd64" ]
+#  needs: [ publish-artifacts-to-s3 ]
+#  id_tokens:
+#    DDOCTOSTS_ID_TOKEN:
+#      aud: dd-octo-sts
+#  rules:
+#    - if: '$POPULATE_CACHE'
+#      when: never
+#    - if: '$CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH !~ /^(master|release\/)/'
+#      when: on_success
+#    - when: never
+#  before_script:
+#    - dd-octo-sts version
+#    - dd-octo-sts debug --scope DataDog/dd-trace-java --policy self.gitlab.github-access.read
+#    - dd-octo-sts token --scope DataDog/dd-trace-java --policy self.gitlab.github-access.read > github-token.txt
+#    - gh auth login --with-token < github-token.txt
+#  script:
+#    - |
+#      # Source utility functions
+#      source .gitlab/ci_visibility_utils.sh
+#      
+#      # Get PR number
+#      if ! PR_NUMBER=$(get_pr_number "${CI_COMMIT_BRANCH}"); then
+#        echo "No open PR found for branch ${CI_COMMIT_BRANCH}"
+#        exit 1
+#      fi
+#      
+#      echo "Found PR #${PR_NUMBER}"
+#      
+#      # Check if PR has the CI visibility label
+#      if pr_has_label "$PR_NUMBER" "comp: ci visibility"; then
+#        echo "PR #${PR_NUMBER} detected as CI Visibility PR"
+#        exit 0
+#      else
+#        echo "PR #${PR_NUMBER} not a CI Visibility PR, ignoring trigger"
+#        exit 1
+#      fi
+#  after_script:
+#    - dd-octo-sts revoke -t $(cat github-token.txt) || true
+#  allow_failure: true
+#  retry:
+#    max: 2
+#    when: always
+#
+#run-ci-visibility-test-environment:
+#  stage: ci-visibility-tests
+#  needs:
+#    - job: check-ci-visibility-label
+#  rules:
+#    - if: '$POPULATE_CACHE'
+#      when: never
+#    - if: '$CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH !~ /^(master|release\/)/'
+#      when: on_success
+#  trigger:
+#    project: DataDog/apm-reliability/test-environment
+#    branch: daniel.mohedano/java-auto-trigger # TODO: set back to `main`
+#    strategy: depend
+#  variables:
+#    UPSTREAM_PACKAGE_JOB: build
+#    UPSTREAM_PROJECT_ID: $CI_PROJECT_ID
+#    UPSTREAM_PROJECT_NAME: $CI_PROJECT_NAME
+#    UPSTREAM_PIPELINE_ID: $CI_PIPELINE_ID
+#    UPSTREAM_BRANCH: $CI_COMMIT_BRANCH
+#    UPSTREAM_TAG: $CI_COMMIT_TAG
+#    UPSTREAM_COMMIT_AUTHOR: $CI_COMMIT_AUTHOR
+#    UPSTREAM_COMMIT_SHORT_SHA: $CI_COMMIT_SHORT_SHA
+#    TRACER_LANG: java
+#    JAVA_TRACER_REF_TO_TEST: $CI_COMMIT_BRANCH
+#
+#report-ci-visibility-test-environment-results:
+#  stage: ci-visibility-tests
+#  image: registry.ddbuild.io/images/dd-octo-sts-ci-base:2025.06-1
+#  tags: [ "arch:amd64" ]
+#  needs:
+#    - job: check-ci-visibility-label
+#  id_tokens:
+#    DDOCTOSTS_ID_TOKEN:
+#      aud: dd-octo-sts
+#  rules:
+#    - if: '$POPULATE_CACHE'
+#      when: never
+#    - if: '$CI_COMMIT_BRANCH && $CI_COMMIT_BRANCH !~ /^(master|release\/)/'
+#      when: on_success
+#  before_script:
+#    - dd-octo-sts version
+#    - dd-octo-sts token --scope DataDog/dd-trace-java --policy self.gitlab.github-access.read > github-token.txt
+#    - gh auth login --with-token < github-token.txt
+#  script:
+#    - |
+#      # Install authanywhere
+#      wget -q binaries.ddbuild.io/dd-source/authanywhere/LATEST/authanywhere-linux-amd64
+#      chmod +x authanywhere-linux-amd64
+#      
+#      # Source utility functions
+#      source .gitlab/ci_visibility_utils.sh
+#      
+#      # Get PR number
+#      if ! PR_NUMBER=$(get_pr_number "${CI_COMMIT_BRANCH}"); then
+#        echo "No PR found, skipping comment"
+#        exit 0
+#      fi
+#
+#      echo $(get_downstream_pipeline_id)
+#      
+#      # Post comment
+#      write_pr_comment "$PR_NUMBER" "Test environment triggered." "Test Environment Tests"
+#  after_script:
+#    - dd-octo-sts revoke -t $(cat github-token.txt) || true
@@ -0,0 +1,116 @@
+#!/usr/bin/env bash
+
+function get_pr_number() {
+  local branch=$1
+
+  if [ -z "$branch" ]; then
+    echo "Error: Branch name is required" >&2
+    return 1
+  fi
+
+  local pr_number
+  pr_number=$(gh pr list --repo DataDog/dd-trace-java --head "$branch" --state open --json number --jq '.[0].number')
+
+  if [ -z "$pr_number" ]; then
+    echo "Error: No open PR found for branch $branch" >&2
+    return 1
+  fi
+
+  echo "$pr_number"
+  return 0
+}
+
+function get_pr_labels() {
+  local pr_number=$1
+
+  if [ -z "$pr_number" ]; then
+    echo "Error: PR number is required" >&2
+    return 1
+  fi
+
+  local labels
+  labels=$(gh pr view "$pr_number" --repo DataDog/dd-trace-java --json labels --jq '.labels[].name')
+
+  if [ -z "$labels" ]; then
+    echo "Warning: No labels found for PR #$pr_number" >&2
+    return 1
+  fi
+
+  echo "$labels"
+  return 0
+}
+
+function pr_has_label() {
+  local pr_number=$1
+  local target_label=$2
+
+  if [ -z "$pr_number" ] || [ -z "$target_label" ]; then
+    echo "Error: PR number and label are required" >&2
+    return 1
+  fi
+
+  local labels
+  if ! labels=$(get_pr_labels "$pr_number"); then
+    return 1
+  fi
+
+  if echo "$labels" | grep -q "$target_label"; then
+    return 0
+  else
+    return 1
+  fi
+}
+
+function write_pr_comment() {
+  local pr_number=$1
+  local message=$2
+  local header=$3
+
+  if [ -z "$pr_number" ]; then
+    echo "Error: PR number is required" >&2
+    return 1
+  fi
+
+  if [ -z "$message" ]; then
+    echo "Error: Message is required" >&2
+    return 1
+  fi
+
+  if [ -z "$header" ]; then
+    header="CI Notification"
+  fi
+
+  # Create JSON payload
+  local json_payload
+  json_payload=$(jq -n \
+    --argjson pr_num "$pr_number" \
+    --arg message "$message" \
+    --arg header "$header" \
+    --arg org "DataDog" \
+    --arg repo "dd-trace-java" \
+    '{pr_num: $pr_num, message: $message, header: $header, org: $org, repo: $repo}')
+
+  # Ensure authanywhere is available
+  if [ ! -x "./authanywhere-linux-amd64" ]; then
+    echo "Error: authanywhere-linux-amd64 not found or not executable" >&2
+    return 1
+  fi
+
+  # Post comment to PR
+  echo "Posting comment to PR #${pr_number}"
+  curl -s 'https://pr-commenter.us1.ddbuild.io/internal/cit/pr-comment' \
+    -H "$(./authanywhere-linux-amd64)" \
+    -H "Content-Type: application/json" \
+    -X PATCH \
+    -d "$json_payload"
+
+  return $?
+}
+
+function get_downstream_pipeline_id() {
+  local downstream_id
+  echo "DEBUG: curl --header \"JOB-TOKEN: ${CI_JOB_TOKEN}\" --url \"${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/pipelines/${CI_PIPELINE_ID}/bridges\"" >&2
+  downstream_id=$(curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" --url "${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/pipelines/${CI_PIPELINE_ID}/bridges")
+  echo "$downstream_id"
+  return 0
+}