From cb5e497b27d3e094957a60af42ca6a02cf4b71a4 Mon Sep 17 00:00:00 2001 From: Ming Wang Date: Mon, 16 Oct 2023 13:58:11 -0400 Subject: [PATCH] build + test cryostat image --- .github/workflows/ci.yaml | 88 ++++++++++++-------- .github/workflows/cryostat-build.yml | 47 ----------- .github/workflows/cryostat-test.yml | 118 +++++++++++++++++++++++++++ 3 files changed, 172 insertions(+), 81 deletions(-) delete mode 100644 .github/workflows/cryostat-build.yml create mode 100644 .github/workflows/cryostat-test.yml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index ab155570..30bb848a 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -19,21 +19,31 @@ on: - cryostat-v[0-9]+.[0-9]+ jobs: + check-before-build: + runs-on: ubuntu-latest + steps: + - name: Fail if safe-to-test is not applied + if: github.repository_owner == 'cryostatio' && (!contains(github.event.pull_request.labels.*.name, 'safe-to-test')) + run: exit 1 + build-core: runs-on: ubuntu-latest outputs: - test_version: ${{ steps.get_core_version.outputs.test_version }} + core_version: ${{ steps.get_core_version.outputs.core_version }} steps: - uses: actions/checkout@v4 - id: get_core_version run: | - echo "test_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT + echo "core_version=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_OUTPUT echo "name=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout)" >> $GITHUB_OUTPUT - uses: actions/setup-java@v3 with: java-version: '17' distribution: 'temurin' - cache: 'maven' + - uses: actions/cache@v3 + with: + path: ~/.m2 + key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} - run: mvn -B -U clean install build-cryostat: @@ -41,10 +51,46 @@ jobs: strategy: matrix: arch: [amd64, arm64] - uses: ./.github/workflows/cryostat-build.yml - with: - build-arch: ${{ matrix.arch }} - test-version: ${{ needs.build-core.outputs.test_version }} + runs-on: ubuntu-latest + steps: + - name: Install qemu + if: ${{ inputs.build-arch != 'amd64' }} + continue-on-error: true + run: | + sudo apt-get update + sudo apt-get install -y qemu-user-static + - uses: actions/checkout@v4 + with: + repository: ${{ github.repository_owner }}/cryostat + ref: main + submodules: true + fetch-depth: 0 + - uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + - uses: actions/cache@v3 + with: + path: ~/.m2 + key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-build- + ${{ runner.os }}- + - name: maven-settings + uses: s4u/maven-settings-action@v2 + with: + githubServer: true + - run: git submodule init + - run: git submodule update + - run: mvn -B -U -Dbuild.arch=${{ matrix.arch}} -Dio.cryostat.core.version=${{ needs.build-core.outputs.core_version }} clean package + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Save cryostat image + run: podman save -o cryostat-${{ matrix.arch }}.tar --format oci-archive quay.io/cryostat/cryostat + - uses: actions/upload-artifact@v3 + with: + name: cryostat-${{ matrix.arch }} + path: ${{ github.workspace }}/cryostat-${{ matrix.arch }}.tar push-to-ghcr: runs-on: ubuntu-latest @@ -77,38 +123,12 @@ jobs: - name: Store images as output amd64 if: ${{ matrix.arch == 'amd64' }} id: amd64_image - run: z "image=${{ steps.push-to-ghcr.outputs.registry-path }}" >> "$GITHUB_OUTPUT" + run: echo "image=${{ steps.push-to-ghcr.outputs.registry-path }}" >> "$GITHUB_OUTPUT" - name: Store images as output if: ${{ matrix.arch == 'arm64' }} id: arm64_image run: echo "image=${{ steps.push-to-ghcr.outputs.registry-path }}" >> "$GITHUB_OUTPUT" - cryostat-test: - runs-on: ubuntu-latest - needs: [push-to-ghcr] - steps: - - uses: actions/checkout@v4 - with: - repository: ${{ github.repository_owner }} - ref: main - submodules: true - fetch-depth: 0 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - cache: maven - - name: Pull cryostat image - run: podman pull ghcr.io/${{ github.repository_owner }}/cryostat-core:pr-${{ github.event.number }}-${{ github.event.pull_request.head.sha }}-linux-${{ matrix.arch }} - - name: Run integration tests - run: POD_NAME=cryostat-itests CONTAINER_NAME=cryostat-itest ITEST_IMG_VERSION=latest bash repeated-integration-tests.bash - - name: Print itest logs - if: failure() - run: ls -1dt target/cryostat-itest-*.log | head -n1 | xargs cat - - name: Print itest container logs - if: failure() - run: ls -1dt target/cryostat-*.server.log | head -n1 | xargs cat - comment-image: runs-on: ubuntu-latest needs: [push-to-ghcr] diff --git a/.github/workflows/cryostat-build.yml b/.github/workflows/cryostat-build.yml deleted file mode 100644 index 66491383..00000000 --- a/.github/workflows/cryostat-build.yml +++ /dev/null @@ -1,47 +0,0 @@ -on: - workflow_call: - inputs: - build-arch: - required: true - type: string - core-version: - required: true - type: string - -jobs: - build-image: - runs-on: ubuntu-latest - steps: - - name: Install qemu - if: ${{ inputs.build-arch != 'amd64' }} - continue-on-error: true - run: | - sudo apt-get update - sudo apt-get install -y qemu-user-static - - uses: actions/checkout@v4 - with: - repository: ${{ github.repository_owner }}/cryostat - ref: main - submodules: true - fetch-depth: 0 - - uses: actions/setup-java@v3 - with: - java-version: '17' - distribution: 'temurin' - cache: maven - - name: maven-settings - uses: s4u/maven-settings-action@v2 - with: - servers: '[{"id": "github", "username": "dummy", "password": "${env.GITHUB_TOKEN_REF}"}]' - githubServer: false - - run: git submodule init - - run: git submodule update - - run: mvn -B -U -Dbuild.arch=${{ inputs.build-arch }} -Dio.cryostat.core.version=${{ inputs.core-version }} clean package - env: - GITHUB_TOKEN_REF: ${{ secrets.GITHUB_TOKEN }} - - name: Save cryostat image - run: podman save -o cryostat-${{ inputs.build-arch }}.tar --format oci-archive quay.io/cryostat/cryostat - - uses: actions/upload-artifact@v3 - with: - name: cryostat-${{ inputs.build-arch }} - path: ${{ github.workspace }}/cryostat-${{ inputs.build-arch }}.tar diff --git a/.github/workflows/cryostat-test.yml b/.github/workflows/cryostat-test.yml new file mode 100644 index 00000000..b8659677 --- /dev/null +++ b/.github/workflows/cryostat-test.yml @@ -0,0 +1,118 @@ +name: Cryostat Test + +concurrency: + group: ci-${{ github.run_id }} + cancel-in-progress: true + +on: + issue_comment: + types: + - created + +jobs: + check-before-build: + runs-on: ubuntu-latest + if: github.repository_owner == 'cryostatio' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/build_test') + permissions: + pull-requests: write + steps: + - name: Show warning if permission is denied + if: | + !(github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER') + && (!contains(github.event.issue.labels.*.name, 'safe-to-test') || github.event.issue.user.name != github.event.comment.user.name) + uses: thollander/actions-comment-pull-request@v2 + with: + message: |- + You do not have permission to run the /build_test command. Please ask @cryostatio/reviewers + to resolve the issue. + - name: Fail if command permission is denied + if: | + !(github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER') + && (!contains(github.event.issue.labels.*.name, 'safe-to-test') || github.event.issue.user.name != github.event.comment.user.name) + run: exit 1 + - name: React to comment + uses: actions/github-script@v4 + with: + script: | + const {owner, repo} = context.issue + github.reactions.createForIssueComment({ + owner, + repo, + comment_id: context.payload.comment.id, + content: "+1", + }); + + checkout-branch: + runs-on: ubuntu-latest + needs: [check-before-build] + outputs: + PR_head_ref: ${{ fromJSON(steps.comment-branch.outputs.result).ref }} + PR_head_sha: ${{ fromJSON(steps.comment-branch.outputs.result).sha }} + PR_num: ${{ fromJSON(steps.comment-branch.outputs.result).num }} + PR_repo: ${{ fromJSON(steps.comment-branch.outputs.result).repo }} + permissions: + pull-requests: read + steps: + - uses: actions/github-script@v4 + id: comment-branch + with: + script: | + const result = await github.pulls.get ({ + owner: context.repo.owner, + repo: context.repo.repo, + pull_number: context.issue.number + }) + return { repo: result.data.head.repo.full_name, num: result.data.number, sha: result.data.head.sha, ref: result.data.head.ref } + + cryostat-test: + runs-on: ubuntu-latest + needs: [checkout-branch] + env: + build_arch: 'arm64' + steps: + - name: Install qemu + continue-on-error: true + run: | + sudo apt-get update + sudo apt-get install -y qemu-user-static + - uses: actions/checkout@v4 + with: + repository: ${{ github.repository_owner }}/cryostat + ref: main + submodules: true + fetch-depth: 0 + - uses: actions/setup-java@v3 + with: + java-version: '17' + distribution: 'temurin' + - uses: actions/cache@v3 + with: + path: ~/.m2 + key: ${{ runner.os }}-build-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-build- + ${{ runner.os }}- + - name: maven-settings + uses: s4u/maven-settings-action@v2 + with: + githubServer: true + - name: ghcr login + uses: redhat-actions/podman-login@v1 + with: + registry: ghcr.io/${{ github.repository_owner }} + username: ${{ github.event.comment.user.login }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: pull cryostat image + run: podman pull ghcr.io/${{ github.repository_owner }}/cryostat-core:pr-${{ needs.checkout-branch.outputs.PR_num }}-${{ needs.checkout-branch.outputs.PR_head_sha }}-linux-${{ env.build_arch }} + - name: tag cryostat image + run: podman tag ghcr.io/${{ github.repository_owner }}/cryostat-core:pr-${{ needs.checkout-branch.outputs.PR_num }}-${{ needs.checkout-branch.outputs.PR_head_sha }}-linux-${{ env.build_arch }} quay.io/cryostat/cryostat + - name: run integration tests + run: bash repeated-integration-tests.bash + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Print itest logs + if: failure() + run: ls -1dt target/cryostat-itest-*.log | head -n1 | xargs cat + - name: Print itest container logs + if: failure() + run: ls -1dt target/cryostat-*.server.log | head -n1 | xargs cat