-
Notifications
You must be signed in to change notification settings - Fork 12
409 lines (317 loc) · 12.4 KB
/
integration.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
name: Integration
on:
# Integration tests always run on pull requests
pull_request:
# Re-run integration tests in main, to make sure there are no issues from the merge
push:
branches:
- main
# Allow manual triggering of integration tests
workflow_dispatch:
# Use baseline language versions for integration builds
env:
JAVA_VERSION: 17
JAVA_DISTRIBUTION: zulu
PYTHON_VERSION: "3.11"
NODE_VERSION: 18
jobs:
web-api:
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup - Java
uses: actions/setup-java@v3
with:
distribution: ${{ env.JAVA_DISTRIBUTION }}
java-version: ${{ env.JAVA_VERSION }}
# Turn on Gradle dependency caching
cache: gradle
- name: Setup -Node.js
uses: actions/setup-node@v3
with:
node-version: ${{ env.NODE_VERSION }}
- name: Platform - Build distribution files
run: ./gradlew installDist
- name: Platform - Install the sandbox
run: |
VERSION=`dev/version.sh`
mkdir -p build/dist/tracdap-sandbox-${VERSION}
for MODULE in build/modules/*/install/*; do
cp -R $MODULE/* build/dist/tracdap-sandbox-${VERSION}
done
cd build/dist
ln -s tracdap-sandbox-${VERSION}/ current
# Currently not starting svc-orch, we'd need to build the runtime and deploy an execution venv
# OUr JavaScript tests only do data and metadata so far, no spawning / checking jobs
# We should aim to get there though!
- name: Platform - Run setup tools
run: |
cd build/dist/current
deploy_dir=`pwd`
mkdir metadata
mkdir -p data/storage1
echo SECRET_KEY=xHjFeFlo$k= >> etc/env.sh
sed -i "s#/path/to#${deploy_dir}#g" etc/trac-platform.yaml
bin/secret-tool run --task init_secrets
bin/secret-tool run --task create_root_auth_key EC 256
bin/deploy-metadb run --task deploy_schema
bin/deploy-metadb run --task add_tenant ACME_CORP "ACME Rockets always get the Coyote!"
- name: Platform - Start
run: |
cd build/dist/current
bin/tracdap-svc-meta start
bin/tracdap-svc-data start
bin/tracdap-gateway start
- name: Web API - Install dependencies
run: |
cd tracdap-api/packages/web
npm install
- name: Web API - Set TRAC version
run: |
cd tracdap-api/packages/web
npm run tracVersion:posix
- name: Web API - Build package
run: |
cd tracdap-api/packages/web
npm run buildApi
- name: Examples - Install dependencies
run: |
cd examples/apps/javascript
npm install
- name: Examples - Run all
run: |
cd examples/apps/javascript
npm run examples
- name: Platform - Shut down
if: always()
run: |
cd build/dist/current
bin/tracdap-gateway stop
bin/tracdap-svc-data stop
bin/tracdap-svc-meta stop
slow-tests:
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
# fetch-depth = 0 is needed to get tags for version info
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Java
uses: actions/setup-java@v3
with:
distribution: ${{ env.JAVA_DISTRIBUTION }}
java-version: ${{ env.JAVA_VERSION }}
cache: gradle
- name: Build
run: ./gradlew testClasses
- name: Slow tests
run: ./gradlew integration -DintegrationTags="slow"
# If the tests fail, make the output available for download
- name: Store failed test results
uses: actions/upload-artifact@v3
if: failure()
with:
name: junit-test-results
path: build/modules/*/reports/**
retention-days: 7
end-to-end:
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
# fetch-depth = 0 is needed to get tags for version info
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Java - Setup
uses: actions/setup-java@v3
with:
distribution: ${{ env.JAVA_DISTRIBUTION }}
java-version: ${{ env.JAVA_VERSION }}
# Turn on Gradle dependency caching
cache: gradle
- name: Java - Build platform
run: ./gradlew testClasses
- name: Python - setup
uses: actions/setup-python@v4
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Python - PIP
run: python -m pip install --upgrade pip
- name: Python - Install build dependencies
run: |
pip install -r tracdap-runtime/python/requirements.txt
- name: Python - Build runtime package
run: python tracdap-runtime/python/build_runtime.py --target codegen dist
- name: Run end to end tests
run: ./gradlew integration -DintegrationTags="int-e2e"
# If the tests fail, make the output available for download
- name: Store failed test results
uses: actions/upload-artifact@v3
if: failure()
with:
name: junit-test-results
path: build/modules/*/reports/**
retention-days: 7
int-metadb:
runs-on: ubuntu-latest
timeout-minutes: 20
container:
image: ubuntu:latest
strategy:
# Try to finish all jobs - it can be helpful to see if some succeed and others fail
fail-fast: false
matrix:
database:
- { DB_NAME: MySQL,
DB_IMAGE: 'mysql:8.0',
DB_PORT: 3306,
DB_OPTIONS: '--health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3',
BUILD_sql_mysql: true,
TRAC_CONFIG_FILE: '.github/config/int-metadb-mysql.yaml',
TRAC_SECRET_KEY: wDeq3x-NjaLL7,
MYSQL_DATABASE: trac,
MYSQL_USER: trac_admin,
MYSQL_PASSWORD: trac_admin,
METADB_SECRET: trac_admin,
MYSQL_ALLOW_EMPTY_PASSWORD: yes }
- { DB_NAME: MariaDB,
DB_IMAGE: 'mariadb:10.3',
DB_PORT: 3306,
DB_OPTIONS: '--health-cmd="mysqladmin ping" --health-interval=10s --health-timeout=5s --health-retries=3',
BUILD_sql_mariadb: true,
TRAC_CONFIG_FILE: '.github/config/int-metadb-mariadb.yaml',
TRAC_SECRET_KEY: uYhnKwq8+esS,
MYSQL_DATABASE: trac,
MYSQL_USER: trac_admin,
MYSQL_PASSWORD: trac_admin,
METADB_SECRET: trac_admin,
MYSQL_ALLOW_EMPTY_PASSWORD: yes }
- { DB_NAME: PostgreSQL,
DB_IMAGE: 'postgres:10-alpine',
DB_PORT: 5432,
DB_OPTIONS: '--health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5',
BUILD_sql_postgresql: true,
TRAC_CONFIG_FILE: '.github/config/int-metadb-postgresql.yaml',
TRAC_SECRET_KEY: hjXks83bX=wxMr,
POSTGRES_DB: trac,
POSTGRES_USER: trac_admin,
METADB_SECRET: trac_admin,
POSTGRES_PASSWORD: trac_admin }
- { DB_NAME: SQLServer,
DB_IMAGE: 'mcr.microsoft.com/mssql/server:2019-latest',
DB_PORT: 1433,
DB_OPTIONS: '-e "NO_DB_OPTIONS=not_used"', # docker run -e flag sets an env variable, passing '' causes errors
BUILD_sql_sqlserver: true,
TRAC_CONFIG_FILE: '.github/config/int-metadb-sqlserver.yaml',
TRAC_SECRET_KEY: unHkj>weN2jSl,
MSSQL_PID: Developer,
ACCEPT_EULA: Y,
SA_PASSWORD: "tR4c_aDm!n",
METADB_SECRET: "tR4c_aDm!n" }
env: ${{ matrix.database }}
services:
metadb:
image: ${{ matrix.database.DB_IMAGE }}
env: ${{ matrix.database }}
ports:
- ${{ matrix.database.DB_PORT }}:${{ matrix.database.DB_PORT }}
options: ${{ matrix.database.DB_OPTIONS }}
steps:
# fetch-depth = 0 is needed to get tags for version info
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Java
uses: actions/setup-java@v3
with:
distribution: ${{ env.JAVA_DISTRIBUTION }}
java-version: ${{ env.JAVA_VERSION }}
cache: gradle
- name: Build
run: ./gradlew trac-svc-meta:testClasses
# Auth tool will also create the secrets file if it doesn't exist
- name: Prepare secrets
run: |
./gradlew secret-tool:run --args="--config ${{ env.TRAC_CONFIG_FILE }} --task init_secrets"
./gradlew secret-tool:run --args="--config ${{ env.TRAC_CONFIG_FILE }} --task create_root_auth_key EC 256"
echo "${METADB_SECRET}" | ./gradlew secret-tool:run --args="--config ${{ env.TRAC_CONFIG_FILE }} --task add_secret metadb_secret"
# The name and description of the test tenant are verified in one of the test cases so they need to match
# MetadataReapApiTest listTenants()
- name: Prepare database
run: |
./gradlew deploy-metadb:run --args="\
--config ${{ env.TRAC_CONFIG_FILE }} \
--secret-key ${{ env.TRAC_SECRET_KEY }} \
--task deploy_schema \
--task add_tenant ACME_CORP 'Test tenant [ACME_CORP]'"
- name: Integration tests
run: ./gradlew trac-svc-meta:integration -DintegrationTags="int-metadb"
# If the tests fail, make the output available for download
- name: Store failed test results
uses: actions/upload-artifact@v3
if: failure()
with:
name: junit-test-results
path: build/modules/*/reports/**
retention-days: 7
int-storage:
strategy:
# Try to finish all jobs - it can be helpful to see if some succeed and others fail
fail-fast: false
matrix:
storage:
- { SERVICE: storage,
TARGET: aws,
PROTOCOL: S3,
ENABLE_IF: TRAC_AWS_BUCKET,
BUILD_aws_storage: true,
INSTALL_SCRIPT: ".github/scripts/int-storage-s3-install.sh",
SETUP_SCRIPT: ".github/scripts/int-storage-s3-setup.sh",
TRAC_CONFIG_FILE: '.github/config/int-storage-s3.yaml',
TRAC_SECRET_KEY: short-lived-secret,
PYTHON_TESTS: int_storage_aws*.py,
JAVA_TESTS: int-storage }
- { SERVICE: storage,
TARGET: gcp,
PROTOCOL: GCS,
ENABLE_IF: TRAC_GCP_BUCKET,
BUILD_gcp_storage: true,
INSTALL_SCRIPT: ".github/scripts/int-storage-gcs-install.sh",
SETUP_SCRIPT: ".github/scripts/int-storage-gcs-setup.sh",
TRAC_CONFIG_FILE: '.github/config/int-storage-gcs.yaml',
TRAC_SECRET_KEY: short-lived-secret,
PYTHON_TESTS: int_storage_gcp*.py,
JAVA_TESTS: int-storage }
- { SERVICE: storage,
TARGET: azure,
PROTOCOL: BLOB,
ENABLE_IF: TRAC_AZURE_CONTAINER,
BUILD_azure_storage: true,
INSTALL_SCRIPT: ".github/scripts/int-storage-azure-install.sh",
SETUP_SCRIPT: ".github/scripts/int-storage-azure-setup.sh",
TRAC_CONFIG_FILE: '.github/config/int-storage-azure.yaml',
TRAC_SECRET_KEY: short-lived-secret,
PYTHON_TESTS: int_storage_azure*.py,
JAVA_TESTS: int-storage }
uses: ./.github/workflows/integration-cloud.yaml
with:
service: ${{ matrix.storage.SERVICE }}
target: ${{ matrix.storage.TARGET }}
protocol: ${{ matrix.storage.PROTOCOL }}
matrix: ${{ toJson( matrix.storage ) }}
enabled: ${{ vars[ matrix.storage.ENABLE_IF ] != '' }}
has_java: ${{ matrix.storage.JAVA_TESTS != '' }}
has_python: ${{ matrix.storage.PYTHON_TESTS != '' }}
secrets: inherit
# Permissions required to use IdP to connect to cloud platforms
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout