Merge pull request #683 from linode/dev #333
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Integration Tests | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| use_minimal_test_account: | |
| description: 'Use minimal test account' | |
| required: false | |
| default: 'false' | |
| module: | |
| description: "The module from 'test/integration' to the target to be tested, e.g. 'cli, domains, events, etc'" | |
| required: false | |
| run_long_tests: | |
| description: "Select True to run long tests, e.g. database, rebuild, etc" | |
| required: false | |
| type: choice | |
| options: | |
| - "True" | |
| - "False" | |
| default: "False" | |
| sha: | |
| description: 'The hash value of the commit.' | |
| required: true | |
| default: '' | |
| pull_request_number: | |
| description: 'The number of the PR. Ensure sha value is provided' | |
| required: false | |
| openapi_spec_url: | |
| description: 'URL of the OpenAPI spec to use for the tests' | |
| required: false | |
| default: '' | |
| python-version: | |
| description: 'Specify Python version to use' | |
| required: false | |
| run-eol-python-version: | |
| description: 'Run EOL python version?' | |
| required: false | |
| default: 'false' | |
| type: choice | |
| options: | |
| - 'true' | |
| - 'false' | |
| push: | |
| branches: | |
| - main | |
| - dev | |
| env: | |
| DEFAULT_PYTHON_VERSION: "3.10" | |
| EOL_PYTHON_VERSION: "3.8" | |
| EXIT_STATUS: 0 | |
| jobs: | |
| integration_tests: | |
| name: Run integration tests on Ubuntu | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'workflow_dispatch' && inputs.sha != '' || github.event_name == 'push' || github.event_name == 'pull_request' | |
| steps: | |
| - name: Checkout Repository with SHA | |
| if: ${{ inputs.sha != '' }} | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'recursive' | |
| ref: ${{ inputs.sha }} | |
| - name: Checkout Repository without SHA | |
| if: ${{ inputs.sha == '' }} | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'recursive' | |
| - name: Get the hash value of the latest commit from the PR branch | |
| uses: octokit/[email protected] | |
| id: commit-hash | |
| if: ${{ inputs.pull_request_number != '' }} | |
| with: | |
| query: | | |
| query PRHeadCommitHash($owner: String!, $repo: String!, $pr_num: Int!) { | |
| repository(owner:$owner, name:$repo) { | |
| pullRequest(number: $pr_num) { | |
| headRef { | |
| target { | |
| ... on Commit { | |
| oid | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } | |
| owner: ${{ github.event.repository.owner.login }} | |
| repo: ${{ github.event.repository.name }} | |
| pr_num: ${{ fromJSON(inputs.pull_request_number) }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Update system packages | |
| run: sudo apt-get update -y | |
| - name: Setup Python | |
| uses: actions/setup-python@v4 | |
| with: | |
| python-version: ${{ inputs.run-eol-python-version == 'true' && env.EOL_PYTHON_VERSION || inputs.python-version || env.DEFAULT_PYTHON_VERSION }} | |
| - name: Install Python dependencies and update cert | |
| run: | | |
| pip install wheel boto3 && \ | |
| pip install certifi -U && \ | |
| pip install .[obj,dev] | |
| - name: Install Package | |
| run: make install SPEC="${{ inputs.OPENAPI_SPEC_URL }}" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set LINODE_CLI_TOKEN | |
| run: | | |
| echo "LINODE_CLI_TOKEN=${{ secrets[inputs.use_minimal_test_account == 'true' && 'MINIMAL_LINODE_TOKEN' || 'LINODE_TOKEN'] }}" >> $GITHUB_ENV | |
| - name: Run the integration test suite | |
| run: | | |
| timestamp=$(date +'%Y%m%d%H%M') | |
| report_filename="${timestamp}_cli_test_report.xml" | |
| make testint TEST_ARGS="--junitxml=${report_filename}" MODULE="${{ inputs.module }}" RUN_LONG_TESTS="${{ inputs.run_long_tests }}" | |
| env: | |
| LINODE_CLI_TOKEN: ${{ env.LINODE_CLI_TOKEN }} | |
| - name: Upload test results | |
| if: always() | |
| run: | | |
| filename=$(ls | grep -E '^[0-9]{12}_cli_test_report\.xml$') | |
| python3 e2e_scripts/tod_scripts/xml_to_obj_storage/scripts/add_gha_info_to_xml.py \ | |
| --branch_name "${GITHUB_REF#refs/*/}" \ | |
| --gha_run_id "$GITHUB_RUN_ID" \ | |
| --gha_run_number "$GITHUB_RUN_NUMBER" \ | |
| --xmlfile "${filename}" | |
| sync | |
| python3 e2e_scripts/tod_scripts/xml_to_obj_storage/scripts/xml_to_obj.py "${filename}" | |
| env: | |
| LINODE_CLI_OBJ_ACCESS_KEY: ${{ secrets.LINODE_CLI_OBJ_ACCESS_KEY }} | |
| LINODE_CLI_OBJ_SECRET_KEY: ${{ secrets.LINODE_CLI_OBJ_SECRET_KEY }} | |
| - name: Update PR Check Run | |
| uses: actions/github-script@v6 | |
| id: update-check-run | |
| if: ${{ inputs.pull_request_number != '' && fromJson(steps.commit-hash.outputs.data).repository.pullRequest.headRef.target.oid == inputs.sha }} | |
| env: | |
| number: ${{ inputs.pull_request_number }} | |
| job: ${{ github.job }} | |
| conclusion: ${{ job.status }} | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| script: | | |
| const { data: pull } = await github.rest.pulls.get({ | |
| ...context.repo, | |
| pull_number: process.env.number | |
| }); | |
| const ref = pull.head.sha; | |
| const { data: checks } = await github.rest.checks.listForRef({ | |
| ...context.repo, | |
| ref | |
| }); | |
| const check = checks.check_runs.filter(c => c.name === process.env.job); | |
| const { data: result } = await github.rest.checks.update({ | |
| ...context.repo, | |
| check_run_id: check[0].id, | |
| status: 'completed', | |
| conclusion: process.env.conclusion | |
| }); | |
| return result; | |
| apply-calico-rules: | |
| runs-on: ubuntu-latest | |
| needs: [integration_tests] | |
| if: ${{ success() || failure() }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| submodules: 'recursive' | |
| - name: Set LINODE_CLI_TOKEN | |
| run: | | |
| echo "LINODE_CLI_TOKEN=${{ secrets[inputs.use_minimal_test_account == 'true' && 'MINIMAL_LINODE_TOKEN' || 'LINODE_TOKEN'] }}" >> $GITHUB_ENV | |
| - name: Download kubectl and calicoctl for LKE clusters | |
| run: | | |
| curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" | |
| curl -LO "https://github.com/projectcalico/calico/releases/download/v3.25.0/calicoctl-linux-amd64" | |
| chmod +x calicoctl-linux-amd64 kubectl | |
| mv calicoctl-linux-amd64 /usr/local/bin/calicoctl | |
| mv kubectl /usr/local/bin/kubectl | |
| - name: Apply Calico Rules to LKE | |
| run: | | |
| cd e2e_scripts/cloud_security_scripts/lke_calico_rules/ && ./lke_calico_rules_e2e.sh | |
| env: | |
| LINODE_TOKEN: ${{ env.LINODE_CLI_TOKEN }} | |
| add-fw-to-remaining-instances: | |
| runs-on: ubuntu-latest | |
| needs: [integration_tests] | |
| if: ${{ success() || failure() }} | |
| steps: | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.x' | |
| - name: Install Linode CLI | |
| run: | | |
| pip install linode-cli | |
| - name: Set LINODE_CLI_TOKEN | |
| run: | | |
| echo "LINODE_CLI_TOKEN=${{ secrets[inputs.use_minimal_test_account == 'true' && 'MINIMAL_LINODE_TOKEN' || 'LINODE_TOKEN'] }}" >> $GITHUB_ENV | |
| - name: Create Firewall and Attach to Instances | |
| run: | | |
| FIREWALL_ID=$(linode-cli firewalls create --label "e2e-fw-$(date +%s)" --rules.inbound_policy "DROP" --rules.outbound_policy "ACCEPT" --text --format=id --no-headers) | |
| echo "Created Firewall with ID: $FIREWALL_ID" | |
| for instance_id in $(linode-cli linodes list --format "id" --text --no-header); do | |
| echo "Attaching firewall to instance: $instance_id" | |
| if linode-cli firewalls device-create "$FIREWALL_ID" --id "$instance_id" --type linode; then | |
| echo "Firewall attached to instance $instance_id successfully." | |
| else | |
| echo "An error occurred while attaching firewall to instance $instance_id. Skipping..." | |
| fi | |
| done | |
| env: | |
| LINODE_CLI_TOKEN: ${{ env.LINODE_CLI_TOKEN }} | |
| notify-slack: | |
| runs-on: ubuntu-latest | |
| needs: [integration_tests] | |
| if: ${{ (success() || failure()) && github.repository == 'linode/linode-cli' }} # Run even if integration tests fail and only on main repository | |
| steps: | |
| - name: Notify Slack | |
| uses: slackapi/[email protected] | |
| with: | |
| channel-id: ${{ secrets.SLACK_CHANNEL_ID }} | |
| payload: | | |
| { | |
| "blocks": [ | |
| { | |
| "type": "section", | |
| "text": { | |
| "type": "mrkdwn", | |
| "text": ":rocket: *${{ github.workflow }} Completed in: ${{ github.repository }}* :white_check_mark:" | |
| } | |
| }, | |
| { | |
| "type": "divider" | |
| }, | |
| { | |
| "type": "section", | |
| "fields": [ | |
| { | |
| "type": "mrkdwn", | |
| "text": "*Build Result:*\n${{ needs.integration_tests.result == 'success' && ':large_green_circle: Build Passed' || ':red_circle: Build Failed' }}" | |
| }, | |
| { | |
| "type": "mrkdwn", | |
| "text": "*Branch:*\n`${{ github.ref_name }}`" | |
| } | |
| ] | |
| }, | |
| { | |
| "type": "section", | |
| "fields": [ | |
| { | |
| "type": "mrkdwn", | |
| "text": "*Commit Hash:*\n<${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}|${{ github.sha }}>" | |
| }, | |
| { | |
| "type": "mrkdwn", | |
| "text": "*Run URL:*\n<${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Run Details>" | |
| } | |
| ] | |
| }, | |
| { | |
| "type": "divider" | |
| }, | |
| { | |
| "type": "context", | |
| "elements": [ | |
| { | |
| "type": "mrkdwn", | |
| "text": "Triggered by: :bust_in_silhouette: `${{ github.actor }}`" | |
| } | |
| ] | |
| } | |
| ] | |
| } | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} |