-
Notifications
You must be signed in to change notification settings - Fork 800
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added a CI job for WPCloud testing of wpcomsh. #39258
base: trunk
Are you sure you want to change the base?
Conversation
Thank you for your PR! When contributing to Jetpack, we have a few suggestions that can help us test and review your patch:
This comment will be updated as you work on your PR and make changes. If you think that some of those checks are not needed for your PR, please explain why you think so. Thanks for cooperation 🤖 The e2e test report can be found here. Please note that it can take a few minutes after the e2e tests checks are complete for the report to be available. Follow this PR Review Process:
Still unsure? Reach out in #jetpack-developers for guidance! Wpcomsh plugin:
If you have any questions about the release process, please ask in the #jetpack-releases channel on Slack. |
.github/workflows/wpcloud.yml
Outdated
touch ~/.ssh/askpass | ||
chmod -v 700 ~/.ssh/askpass | ||
cat >>~/.ssh/askpass <<END | ||
#!/bin/bash | ||
echo "\$WPCLOUD_SSH_KEY_PASSPHRASE" | ||
END | ||
echo "wrote ~/.ssh/askpass" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wonder if we could switch to a key with no password, so we could skip this. Is there an attack scenario where someone could steal the key but not also steal this file with the password?
.github/workflows/wpcloud.yml
Outdated
export SSH_ASKPASS="$HOME/.ssh/askpass" | ||
echo "exported SSH_ASKPASS" | ||
export SSH_ASKPASS_REQUIRE="force" | ||
echo "exported SSH_ASKPASS_REQUIRE" | ||
export DISPLAY=":" | ||
echo "exported DISPLAY" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(this along with the comment on lines 61–67 above)
.github/workflows/wpcloud.yml
Outdated
echo "::endgroup::" | ||
|
||
echo "::group::execution" | ||
cat ~/.ssh/stdin | setsid ssh -i ~/.ssh/id_site -l "$WPCLOUD_SSH_USER" ssh.atomicsites.net "$WPCLOUD_SSH_COMMAND" || CODE=$? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm left wondering what's in WPCLOUD_SSH_COMMAND
that we can't just put it in here.
Is whatever this runs going to work if multiple PRs run this at the same time?
.github/workflows/wpcloud.yml
Outdated
END | ||
echo "wrote ~/.ssh/stdin" | ||
echo "::group::Installing and building wpcomsh" | ||
pnpm jetpack build plugins/wpcomsh |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You probably need to include --deps
, and adding -v
would probably be helpful in case anything fails.
Personally, I'd do the build as a separate step, if not as a separate job to make re-runs not have to re-build (cf. #32686).
.github/workflows/wpcloud.yml
Outdated
|
||
- name: Restore wpcomsh build cache | ||
id: wpcomsh-build-cache | ||
if: needs.build.result == 'success' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we can leave out this line, it's there in the E2E workflow because the build might be skipped when it's going to run against Atomic or something.
if: needs.build.result == 'success' |
.github/workflows/wpcloud.yml
Outdated
name: Run PHPUnit on the WPCloud test site | ||
runs-on: ubuntu-latest | ||
needs: build | ||
if: needs.build.changed.outputs.wpcomsh == 'true' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oops, this is why it skipped this time.
if: needs.build.changed.outputs.wpcomsh == 'true' | |
if: needs.build.outputs.wpcomsh == 'true' |
Adds a new CI flow specifically for starting WPCloud test runs in case wpcomsh is modified.
@a8caustin we would need to make some changes in the WPCloud environment to properly check out and run wpcomsh using the Monorepo, can you help with that please?
Proposed changes:
Other information:
Jetpack product discussion
Does this pull request change what data or activity we track or use?
Testing instructions: