forked from metalbear-co/mirrord
-
Notifications
You must be signed in to change notification settings - Fork 0
552 lines (532 loc) · 20.4 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
name: CI
on:
workflow_dispatch:
push:
branches-ignore: [staging-squash-merge.tmp]
pull_request:
branches: [main, staging, trying]
types: [opened, synchronize, reopened, ready_for_review]
# Cancel previous runs on the same PR.
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
env:
CARGO_NET_GIT_FETCH_WITH_CLI: "true"
MIRRORD_TELEMETRY: false
jobs:
towncrier_check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: install towncrier
run: pip install towncrier
- name: verify newsfragment exist
run: towncrier check
changed_files:
runs-on: ubuntu-latest
# don't run CI on drafts
if: github.event.pull_request.draft == false
outputs:
rs_changed: ${{ steps.changed-rs.outputs.any_changed }}
markdown_changed: ${{ steps.changed-markdown.outputs.any_changed }}
ci_changed: ${{ steps.changed-ci.outputs.any_changed }}
protocol_changed: ${{ steps.changed-protocol.outputs.any_changed }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: get CI changes
id: changed-ci
uses: tj-actions/changed-files@v36
with:
files: |
.github/workflows/ci.yaml
- name: get changed rs files
id: changed-rs
uses: tj-actions/changed-files@v36
with:
files: |
**/*.rs
mirrord/**
tests/**
Cargo.toml
Cargo.lock
.dockerignore
rust-toolchain.toml
rustfmt.toml
.cargo/**
- name: get markdown changes
id: changed-markdown
uses: tj-actions/changed-files@v36
with:
files: |
README.md
- name: get protocol changes
id: changed-protocol
uses: tj-actions/changed-files@v36
with:
files: |
mirrord/protocol/**
- name: get protocol toml changes
id: changed-protocol-toml
uses: tj-actions/changed-files@v36
with:
files: |
mirrord/protocol/Cargo.toml
- name: verify protocol bump
run: |
if [ "${{ steps.changed-protocol.outputs.any_changed }}" == "true" ] && [ "${{ steps.changed-protocol-toml.outputs.any_changed }}" != "true" ]; then
echo "Error: Protocol has changed but Cargo.toml has not. Please update Cargo.toml."
exit 1
fi
- name: output test
run: |
echo ${{ steps.changed-rs.outputs.any_changed }};
echo ${{ steps.changed-rs.outputs.all_changed_files }};
echo ${{ steps.changed-markdown.outputs.any_changed }};
echo ${{ steps.changed-markdown.outputs.all_changed_files }};
echo ${{ steps.changed-ci.outputs.any_changed }};
echo ${{ steps.changed-ci.outputs.all_changed_files }};
echo ${{ steps.changed-protocol.outputs.any_changed }};
echo ${{ steps.changed-protocol-toml.outputs.any_changed }};
lint:
runs-on: ubuntu-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
# Otherwise the arguments to the setup-rust-toolchain action are ignored.
- run: rm rust-toolchain.toml
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
toolchain: nightly-2023-04-19
components: rustfmt, clippy
target: aarch64-unknown-linux-gnu,x86_64-unknown-linux-gnu
- run: python3 -m pip install cargo-zigbuild
# Needed for agent
- run: cargo fmt --all -- --check
- run: cargo-zigbuild clippy --lib --bins --all-features -- -Wclippy::indexing_slicing -D warnings
# Check that agent compiles for the supported targets (aarch64)
- run: cargo-zigbuild clippy -p mirrord-agent --target aarch64-unknown-linux-gnu -- -Wclippy::indexing_slicing -D warnings
check-rust-docs:
runs-on: ubuntu-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
env:
# enables the creation of a workspace index.html page.
RUSTDOCFLAGS: "--enable-index-page -Zunstable-options"
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
# TODO(alex): update this when https://github.com/rust-lang/rust/issues/109631 is fixed
toolchain: nightly-2023-04-19
- run: cargo doc --document-private-items
lint_macos:
runs-on: macos-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
steps:
- uses: actions/checkout@v3
# the setup rust toolchain action ignores the input if file exists.. so remove it
- run: rm rust-toolchain.toml
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
components: rustfmt, clippy
target: aarch64-apple-darwin
toolchain: nightly-2023-04-19
# only mirrord, mirrord-sip contain macOS specific, so run clippy on that.
- run: cargo clippy -p mirrord -p mirrord-sip --target=x86_64-apple-darwin -- -Wclippy::indexing_slicing -D warnings
- run: cargo clippy -p mirrord -p mirrord-sip --target=aarch64-apple-darwin -- -Wclippy::indexing_slicing -D warnings
test_mirrord_protocol:
runs-on: ubuntu-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
steps:
- uses: actions/checkout@v3
- uses: actions-rust-lang/setup-rust-toolchain@v1
- run: |
cargo test -p mirrord-protocol
test_mirrord_config:
runs-on: ubuntu-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
steps:
- uses: actions/checkout@v3
- uses: actions-rust-lang/setup-rust-toolchain@v1
- run: |
cargo test -p mirrord-config
test_mirrord_kube:
runs-on: ubuntu-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
steps:
- uses: actions/checkout@v3
- uses: actions-rust-lang/setup-rust-toolchain@v1
- run: |
cargo test -p mirrord-kube --all-features
test_mirrord_sip:
runs-on: macos-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
steps:
- uses: actions/checkout@v3
- uses: actions-rust-lang/setup-rust-toolchain@v1
- run: |
cargo test -p mirrord-sip
test_agent:
runs-on: ubuntu-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
container:
image: ghcr.io/metalbear-co/ci-agent-build:f8330d35a2a4b9132138f6fa9a3f3f80768c7c32
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: test
run: cargo test -p mirrord-agent
test_agent_image:
runs-on: ubuntu-latest
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true' }}
steps:
- uses: actions/checkout@v3
- uses: docker/setup-buildx-action@v2
- name: build and export
uses: docker/build-push-action@v3
with:
context: .
tags: test
file: mirrord/agent/Dockerfile
outputs: type=docker,dest=/tmp/test.tar
cache-from: type=gha
cache-to: type=gha,mode=max
- name: upload image
uses: actions/upload-artifact@v3
with:
name: test
path: /tmp/test.tar
test_mirrord_layer_cli:
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
strategy:
matrix:
os: [ubuntu-latest, macos-12, macos-11]
target:
[x86_64-unknown-linux-gnu, x86_64-apple-darwin, aarch64-apple-darwin]
exclude:
- os: ubuntu-latest
target: x86_64-apple-darwin
- os: ubuntu-latest
target: aarch64-apple-darwin
- os: macos-12
target: x86_64-unknown-linux-gnu
- os: macos-11
target: aarch64-apple-darwin
- os: macos-11
target: x86_64-unknown-linux-gnu
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v3
# the setup rust toolchain action ignores the input if file exists.. so remove it
- if: ${{matrix.target == 'aarch64-apple-darwin'}}
run: rm rust-toolchain.toml
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
target: ${{matrix.target}}
toolchain: nightly-2023-04-19
# For now, just verify it compiles.
- run: cargo build -p mirrord-layer -p mirrord --target=${{matrix.target}}
build_mirrord:
runs-on: ubuntu-latest
name: build mirrord
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
steps:
- uses: actions/checkout@v3
- uses: arduino/setup-protoc@v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
- uses: actions-rust-lang/setup-rust-toolchain@v1
with:
components: rustfmt
- run: cargo build --manifest-path=./Cargo.toml
- name: upload layer
uses: actions/upload-artifact@v3
with:
name: mirrord-artifacts
path: |
target/debug/libmirrord_layer.so
target/debug/mirrord
if-no-files-found: error
integration_tests:
runs-on: ubuntu-latest
needs: [build_mirrord, changed_files]
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
env:
MIRRORD_TEST_USE_EXISTING_LIB: /home/runner/work/mirrord/mirrord/target/debug/libmirrord_layer.so
steps:
- uses: actions/checkout@v3 # Checkout the mirrord repo.
- uses: actions-rust-lang/setup-rust-toolchain@v1 # Install rust.
with:
target: x86_64-unknown-linux-gnu
- run: |
cd mirrord/layer/tests/apps/issue1123
rustc issue1123.rs --out-dir target
- run: |
cd mirrord/layer/tests/apps/issue1054
rustc issue1054.rs --out-dir target
- run: |
cd mirrord/layer/tests/apps/issue1458
rustc issue1458.rs --out-dir target
- run: |
cd mirrord/layer/tests/apps/issue1458portnot53
rustc issue1458portnot53.rs --out-dir target
# For the `java_temurin_sip` test.
- uses: sdkman/sdkman-action@b1f9b696c79148b66d3d3a06f7ea801820318d0f
id: sdkman
with:
candidate: java
version: 17.0.6-tem
- run: java -version
- uses: actions/setup-node@v3 # For http mirroring test.
with:
node-version: 14
- run: npm install express # For http mirroring test with node.
- uses: actions/setup-python@v3 # For http mirroring tests with Flask and FastAPI.
- run: pip3 install flask # For http mirroring test with Flask.
- run: pip3 install fastapi # For http mirroring test with FastAPI.
- run: pip3 install uvicorn[standard] # For http mirroring test with FastAPI.
- uses: actions/setup-go@v3
with:
go-version: "1.20.0-rc.3"
- run: |
go version
- run: | # Build Go test apps.
./scripts/build_go_apps.sh 20
- uses: actions/setup-go@v3
with:
go-version: "1.19.5"
- run: |
go version
- run: | # Build Go test apps.
./scripts/build_go_apps.sh 19
- uses: actions/setup-go@v3
with:
go-version: "1.18.10"
- run: |
go version
- run: | # Build Go test apps.
./scripts/build_go_apps.sh 18
- run: |
cd mirrord/layer/tests/apps/fileops
cargo build
- run: |
cd mirrord/layer/tests/apps/outgoing
cargo build
- run: |
cd mirrord/layer/tests/apps/recv_from
cargo build
- run: |
cd mirrord/layer/tests/apps/dns_resolve
cargo build
- run: |
cd mirrord/layer/tests/apps/listen_ports
cargo build
- run: |
cd mirrord/layer/tests/apps/issue1776
cargo build
- run: |
cd mirrord/layer/tests/apps/issue1776portnot53
cargo build
- run: ./scripts/build_c_apps.sh
- name: download layer # Download layer lib built in the `build_mirrord` job.
uses: actions/download-artifact@v3
with:
name: mirrord-artifacts
path: target/debug/
- run: cargo test -p mirrord-layer
integration_tests_macos:
runs-on: macos-12
needs: changed_files
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
env:
MIRRORD_TEST_USE_EXISTING_LIB: ../../target/debug/libmirrord_layer.dylib
RUST_LOG: warn,mirrord=trace
steps:
- uses: actions/checkout@v3 # Checkout the mirrord repo.
- uses: actions-rust-lang/setup-rust-toolchain@v1 # Install Rust.
with:
target: x86_64-apple-darwin
- run: |
cd mirrord/layer/tests/apps/issue1123
rustc issue1123.rs --out-dir target
- run: |
cd mirrord/layer/tests/apps/issue1054
rustc issue1054.rs --out-dir target
- run: |
cd mirrord/layer/tests/apps/issue1458
rustc issue1458.rs --out-dir target
- run: |
cd mirrord/layer/tests/apps/issue1458portnot53
rustc issue1458portnot53.rs --out-dir target
- uses: actions/setup-go@v3 # Install Go for http mirroring tests with a Go webserver.
with:
go-version: "1.18"
- run: |
go version
- run: | # Build Go test apps.
./scripts/build_go_apps.sh 18
- uses: actions/setup-go@v3 # Install Go for http mirroring tests with a Go webserver.
with:
go-version: "1.19"
- run: |
go version
- run: | # Build Go test apps.
./scripts/build_go_apps.sh 19
- uses: actions/setup-go@v3 # Install Go for http mirroring tests with a Go webserver.
with:
go-version: "1.20.0-rc.3"
- run: |
go version
- run: | # Build Go test apps.
./scripts/build_go_apps.sh 20
- run: |
cd mirrord/layer/tests/apps/fileops
cargo build
- run: |
cd mirrord/layer/tests/apps/outgoing
cargo build
- run: |
cd mirrord/layer/tests/apps/recv_from
cargo build
- run: |
cd mirrord/layer/tests/apps/dns_resolve
cargo build
- run: |
cd mirrord/layer/tests/apps/issue1776
cargo build
- run: |
cd mirrord/layer/tests/apps/issue1776portnot53
cargo build
- run: ./scripts/build_c_apps.sh
# For the `java_temurin_sip` test.
- uses: sdkman/sdkman-action@b1f9b696c79148b66d3d3a06f7ea801820318d0f
id: sdkman
with:
candidate: java
version: 17.0.6-tem
- run: java -version
- uses: actions/setup-node@v3
with:
node-version: 14
- run: npm install express # For http mirroring test with node.
- uses: actions/setup-python@v3 # For http mirroring tests with Flask and FastAPI.
- run: pip3 install flask # For http mirroring test with Flask.
- run: pip3 install fastapi # For http mirroring test with FastAPI.
- run: pip3 install uvicorn[standard] # For http mirroring test with FastAPI.
- run: cargo build -p mirrord-layer # Build layer lib. The tests load it into the apps.
- uses: actions/setup-node@v3 # version 19 spawns processes with `posix_spawn`, so test that also.
with:
node-version: 19
- run: cargo test -p mirrord-layer
e2e:
runs-on: ubuntu-latest
strategy:
matrix:
container-runtime: ["docker", "containerd"]
name: e2e
needs: [build_mirrord, test_agent_image, changed_files]
if: ${{needs.changed_files.outputs.rs_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
env:
MIRRORD_AGENT_RUST_LOG: "warn,mirrord=debug"
steps:
- uses: actions/checkout@v3
- run: ./scripts/setup_e2e.sh
- name: download image
uses: actions/download-artifact@v3
with:
name: test
path: /tmp
- name: start minikube
uses: medyagh/setup-minikube@master
with:
container-runtime: ${{matrix.container-runtime}}
- run: minikube image load /tmp/test.tar
# By running the test of the targetless agent first, we prove it works on an empty cluster without any pods.
- name: Run targetless E2E test.
run: cargo test -p tests targetless
- name: Run all E2E test
run: cargo test -p tests -- --test-threads=6
- name: Collect logs
if: ${{ failure() }}
run: |
kubectl describe pods
docker exec minikube find /var/log/pods -print -exec cat {} \;
lint_markdown:
runs-on: ubuntu-latest
needs: changed_files
if: ${{needs.changed_files.outputs.markdown_changed == 'true' || needs.changed_files.outputs.ci_changed == 'true'}}
steps:
- uses: actions/checkout@v3
- uses: avto-dev/markdown-lint@v1
with:
config: "markdownlint-config.json"
args: "README.md"
# We need some "accummulation" job here because bors fails (timeouts) to
# listen on matrix builds.
# Hence, we have some kind of dummy here that bors can listen on
ci-success:
name: ci
# We want this to run even if some of the required jobs got skipped
if: always()
needs:
[
towncrier_check,
changed_files,
build_mirrord,
test_agent_image,
integration_tests_macos,
integration_tests,
e2e,
test_mirrord_layer_cli,
test_agent,
lint,
lint_macos,
test_mirrord_config,
test_mirrord_protocol,
test_mirrord_sip,
lint_markdown,
]
runs-on: ubuntu-latest
steps:
- name: CI succeeded
# We have to do it in the shell since if it's in the if condition
# then skipping is considered success by branch protection rules
env:
CI_SUCCESS: ${{ (needs.changed_files.result == 'success') &&
(needs.towncrier_check.result == 'success') &&
(needs.build_mirrord.result == 'success' || needs.build_mirrord.result == 'skipped') &&
(needs.test_agent_image.result == 'success' || needs.test_agent_image.result == 'skipped') &&
(needs.integration_tests_macos.result == 'success' || needs.integration_tests_macos.result == 'skipped') &&
(needs.integration_tests.result == 'success' || needs.integration_tests.result == 'skipped') &&
(needs.e2e.result == 'success' || needs.e2e.result == 'skipped') &&
(needs.test_mirrord_layer_cli.result == 'success' || needs.test_mirrord_layer_cli.result == 'skipped') &&
(needs.test_agent.result == 'success' || needs.test_agent.result == 'skipped') &&
(needs.lint.result == 'success' || needs.lint.result == 'skipped') &&
(needs.lint_macos.result == 'success' || needs.lint_macos.result == 'skipped') &&
(needs.test_mirrord_config.result == 'success' || needs.test_mirrord_config.result == 'skipped') &&
(needs.test_mirrord_protocol.result == 'success' || needs.test_mirrord_protocol.result == 'skipped') &&
(needs.test_mirrord_sip.result == 'success' || needs.test_mirrord_sip.result == 'skipped') &&
(needs.lint_markdown.result == 'success' || needs.lint_markdown.result == 'skipped') }}
run: echo $CI_SUCCESS && if [ "$CI_SUCCESS" == "true" ]; then echo "SUCCESS" && exit 0; else echo "Failure" && exit 1; fi