From 5c0124c5041a9f68a8cc08e3c8718344ef9633ff Mon Sep 17 00:00:00 2001 From: Feiyang Liu Date: Wed, 1 Oct 2025 11:34:03 +0200 Subject: [PATCH 1/5] add NewReleaseDetected metric for monitoring upstream releases --- .github/workflows/update-automation.yaml | 34 ++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-automation.yaml b/.github/workflows/update-automation.yaml index 87433cc..fa81a66 100644 --- a/.github/workflows/update-automation.yaml +++ b/.github/workflows/update-automation.yaml @@ -404,6 +404,36 @@ jobs: echo "Created PR from ${{ needs.update-automation.outputs.staging-branch }} to $TARGET_BRANCH" + publish-new-release-detected: + name: Publish New Release Detected Metric + runs-on: ubuntu-latest + needs: [update-automation] + if: needs.update-automation.outputs.staging-branch != '' + environment: update-automation-workflow-env + permissions: + id-token: write # Required for OIDC + env: + REPOSITORY: ${{ github.repository }} + AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} + steps: + - name: Use role credentials for metrics + id: aws-creds + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }} + aws-region: us-east-1 + - name: Publish new release detected metric + if: steps.aws-creds.outcome == 'success' + run: | + aws cloudwatch put-metric-data \ + --namespace "GitHub/Workflows" \ + --metric-name "NewReleaseDetected" \ + --dimensions "Repository=${{ env.REPOSITORY }},Workflow=UpdateAutomation" \ + --value 1 \ + --timestamp $(date -u +%Y-%m-%dT%H:%M:%S.000Z) + + echo "Published metric: NewReleaseDetected for version ${{ needs.update-automation.outputs.latest-code-oss-tag }}" + send-notification: name: Send Notification runs-on: ubuntu-latest @@ -434,7 +464,7 @@ jobs: publish-success-metrics: name: Publish Success Metrics runs-on: ubuntu-latest - needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification] + needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-new-release-detected] environment: update-automation-workflow-env if: always() && !failure() && !cancelled() permissions: @@ -463,7 +493,7 @@ jobs: publish-failure-metrics: name: Publish Failure Metrics runs-on: ubuntu-latest - needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification] + needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-new-release-detected] environment: update-automation-workflow-env if: failure() permissions: From 4c7a84186c31ba109293c538bebb8f4a998dc790 Mon Sep 17 00:00:00 2001 From: Feiyang Liu Date: Thu, 2 Oct 2025 11:21:42 +0200 Subject: [PATCH 2/5] Replace NewReleaseDetected metric with CodeOSSReleaseLag metric --- .github/workflows/update-automation.yaml | 37 +++++++++++++++++------- 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/.github/workflows/update-automation.yaml b/.github/workflows/update-automation.yaml index fa81a66..ddfd8a8 100644 --- a/.github/workflows/update-automation.yaml +++ b/.github/workflows/update-automation.yaml @@ -404,35 +404,52 @@ jobs: echo "Created PR from ${{ needs.update-automation.outputs.staging-branch }} to $TARGET_BRANCH" - publish-new-release-detected: - name: Publish New Release Detected Metric + publish-release-lag-metric: + name: Publish Release Lag Metric runs-on: ubuntu-latest needs: [update-automation] - if: needs.update-automation.outputs.staging-branch != '' + if: always() environment: update-automation-workflow-env permissions: id-token: write # Required for OIDC + contents: read env: REPOSITORY: ${{ github.repository }} AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + submodules: true + fetch-depth: 1 + - name: Use role credentials for metrics id: aws-creds uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }} aws-region: us-east-1 - - name: Publish new release detected metric + + - name: Calculate and publish release lag metric if: steps.aws-creds.outcome == 'success' run: | + cd third-party-src + SUBMODULE_COMMIT_TIMESTAMP=$(git log -1 --format=%ct) + cd .. + + CURRENT_TIMESTAMP=$(date +%s) + SECONDS_BEHIND=$((CURRENT_TIMESTAMP - SUBMODULE_COMMIT_TIMESTAMP)) + NORMALIZED_VALUE=$(awk "BEGIN {printf \"%.6f\", $SECONDS_BEHIND / 2592000}") + aws cloudwatch put-metric-data \ --namespace "GitHub/Workflows" \ - --metric-name "NewReleaseDetected" \ + --metric-name "CodeOSSReleaseLag" \ --dimensions "Repository=${{ env.REPOSITORY }},Workflow=UpdateAutomation" \ - --value 1 \ - --timestamp $(date -u +%Y-%m-%dT%H:%M:%S.000Z) + --value $NORMALIZED_VALUE \ + --unit None - echo "Published metric: NewReleaseDetected for version ${{ needs.update-automation.outputs.latest-code-oss-tag }}" + DAYS_BEHIND=$((SECONDS_BEHIND / 86400)) + echo "Published metric: CodeOSSReleaseLag = $NORMALIZED_VALUE (equivalent to $DAYS_BEHIND days behind upstream)" send-notification: name: Send Notification @@ -464,7 +481,7 @@ jobs: publish-success-metrics: name: Publish Success Metrics runs-on: ubuntu-latest - needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-new-release-detected] + needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-release-lag-metric] environment: update-automation-workflow-env if: always() && !failure() && !cancelled() permissions: @@ -493,7 +510,7 @@ jobs: publish-failure-metrics: name: Publish Failure Metrics runs-on: ubuntu-latest - needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-new-release-detected] + needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-release-lag-metric] environment: update-automation-workflow-env if: failure() permissions: From 3867c9f3e930b2ecb000161d46a1b0741dbb7587 Mon Sep 17 00:00:00 2001 From: Feiyang Liu Date: Wed, 1 Oct 2025 11:34:03 +0200 Subject: [PATCH 3/5] add NewReleaseDetected metric for monitoring upstream releases --- .github/workflows/update-automation.yaml | 34 ++++++++++++++++++++++-- 1 file changed, 32 insertions(+), 2 deletions(-) diff --git a/.github/workflows/update-automation.yaml b/.github/workflows/update-automation.yaml index 87433cc..fa81a66 100644 --- a/.github/workflows/update-automation.yaml +++ b/.github/workflows/update-automation.yaml @@ -404,6 +404,36 @@ jobs: echo "Created PR from ${{ needs.update-automation.outputs.staging-branch }} to $TARGET_BRANCH" + publish-new-release-detected: + name: Publish New Release Detected Metric + runs-on: ubuntu-latest + needs: [update-automation] + if: needs.update-automation.outputs.staging-branch != '' + environment: update-automation-workflow-env + permissions: + id-token: write # Required for OIDC + env: + REPOSITORY: ${{ github.repository }} + AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} + steps: + - name: Use role credentials for metrics + id: aws-creds + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }} + aws-region: us-east-1 + - name: Publish new release detected metric + if: steps.aws-creds.outcome == 'success' + run: | + aws cloudwatch put-metric-data \ + --namespace "GitHub/Workflows" \ + --metric-name "NewReleaseDetected" \ + --dimensions "Repository=${{ env.REPOSITORY }},Workflow=UpdateAutomation" \ + --value 1 \ + --timestamp $(date -u +%Y-%m-%dT%H:%M:%S.000Z) + + echo "Published metric: NewReleaseDetected for version ${{ needs.update-automation.outputs.latest-code-oss-tag }}" + send-notification: name: Send Notification runs-on: ubuntu-latest @@ -434,7 +464,7 @@ jobs: publish-success-metrics: name: Publish Success Metrics runs-on: ubuntu-latest - needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification] + needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-new-release-detected] environment: update-automation-workflow-env if: always() && !failure() && !cancelled() permissions: @@ -463,7 +493,7 @@ jobs: publish-failure-metrics: name: Publish Failure Metrics runs-on: ubuntu-latest - needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification] + needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-new-release-detected] environment: update-automation-workflow-env if: failure() permissions: From 64b2638ca8a5198b589a58cdb3e8fc8604dc5fc7 Mon Sep 17 00:00:00 2001 From: Feiyang Liu Date: Thu, 2 Oct 2025 11:21:42 +0200 Subject: [PATCH 4/5] Replace NewReleaseDetected metric with CodeOSSReleaseLag metric --- .github/workflows/update-automation.yaml | 37 +++++++++++++++++------- 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/.github/workflows/update-automation.yaml b/.github/workflows/update-automation.yaml index fa81a66..ddfd8a8 100644 --- a/.github/workflows/update-automation.yaml +++ b/.github/workflows/update-automation.yaml @@ -404,35 +404,52 @@ jobs: echo "Created PR from ${{ needs.update-automation.outputs.staging-branch }} to $TARGET_BRANCH" - publish-new-release-detected: - name: Publish New Release Detected Metric + publish-release-lag-metric: + name: Publish Release Lag Metric runs-on: ubuntu-latest needs: [update-automation] - if: needs.update-automation.outputs.staging-branch != '' + if: always() environment: update-automation-workflow-env permissions: id-token: write # Required for OIDC + contents: read env: REPOSITORY: ${{ github.repository }} AWS_ROLE_TO_ASSUME: ${{ secrets.AWS_ROLE_TO_ASSUME }} steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + submodules: true + fetch-depth: 1 + - name: Use role credentials for metrics id: aws-creds uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: ${{ env.AWS_ROLE_TO_ASSUME }} aws-region: us-east-1 - - name: Publish new release detected metric + + - name: Calculate and publish release lag metric if: steps.aws-creds.outcome == 'success' run: | + cd third-party-src + SUBMODULE_COMMIT_TIMESTAMP=$(git log -1 --format=%ct) + cd .. + + CURRENT_TIMESTAMP=$(date +%s) + SECONDS_BEHIND=$((CURRENT_TIMESTAMP - SUBMODULE_COMMIT_TIMESTAMP)) + NORMALIZED_VALUE=$(awk "BEGIN {printf \"%.6f\", $SECONDS_BEHIND / 2592000}") + aws cloudwatch put-metric-data \ --namespace "GitHub/Workflows" \ - --metric-name "NewReleaseDetected" \ + --metric-name "CodeOSSReleaseLag" \ --dimensions "Repository=${{ env.REPOSITORY }},Workflow=UpdateAutomation" \ - --value 1 \ - --timestamp $(date -u +%Y-%m-%dT%H:%M:%S.000Z) + --value $NORMALIZED_VALUE \ + --unit None - echo "Published metric: NewReleaseDetected for version ${{ needs.update-automation.outputs.latest-code-oss-tag }}" + DAYS_BEHIND=$((SECONDS_BEHIND / 86400)) + echo "Published metric: CodeOSSReleaseLag = $NORMALIZED_VALUE (equivalent to $DAYS_BEHIND days behind upstream)" send-notification: name: Send Notification @@ -464,7 +481,7 @@ jobs: publish-success-metrics: name: Publish Success Metrics runs-on: ubuntu-latest - needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-new-release-detected] + needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-release-lag-metric] environment: update-automation-workflow-env if: always() && !failure() && !cancelled() permissions: @@ -493,7 +510,7 @@ jobs: publish-failure-metrics: name: Publish Failure Metrics runs-on: ubuntu-latest - needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-new-release-detected] + needs: [update-automation, build-and-update-package-locks, generate-oss-attribution, create-pr, send-notification, publish-release-lag-metric] environment: update-automation-workflow-env if: failure() permissions: From 07e377948a2f7c8b7d732cca235bf54f2770f828 Mon Sep 17 00:00:00 2001 From: Feiyang Liu Date: Fri, 3 Oct 2025 09:31:42 +0200 Subject: [PATCH 5/5] Changing normalized metric value from month to day --- .github/workflows/update-automation.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/update-automation.yaml b/.github/workflows/update-automation.yaml index ddfd8a8..e66784d 100644 --- a/.github/workflows/update-automation.yaml +++ b/.github/workflows/update-automation.yaml @@ -439,7 +439,7 @@ jobs: CURRENT_TIMESTAMP=$(date +%s) SECONDS_BEHIND=$((CURRENT_TIMESTAMP - SUBMODULE_COMMIT_TIMESTAMP)) - NORMALIZED_VALUE=$(awk "BEGIN {printf \"%.6f\", $SECONDS_BEHIND / 2592000}") + NORMALIZED_VALUE=$(awk "BEGIN {printf \"%.6f\", $SECONDS_BEHIND / 86400}") aws cloudwatch put-metric-data \ --namespace "GitHub/Workflows" \ @@ -448,8 +448,7 @@ jobs: --value $NORMALIZED_VALUE \ --unit None - DAYS_BEHIND=$((SECONDS_BEHIND / 86400)) - echo "Published metric: CodeOSSReleaseLag = $NORMALIZED_VALUE (equivalent to $DAYS_BEHIND days behind upstream)" + echo "Published metric: CodeOSSReleaseLag = $NORMALIZED_VALUE (equivalent to $NORMALIZED_VALUE days behind upstream)" send-notification: name: Send Notification