Skip to content

Move ci.yaml to self-hosted #920

Move ci.yaml to self-hosted

Move ci.yaml to self-hosted #920

Workflow file for this run

# Copyright 2023 Canonical Ltd.
# See LICENSE file for licensing details.
name: Tests
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on:
pull_request:
schedule:
- cron: "53 0 * * *" # Daily at 00:53 UTC
# Triggered on push to branch "main" by .github/workflows/release.yaml
workflow_call:
# secrets:
# CHARMHUB_TOKEN:
# required: true
# AWS_ACCESS_KEY:
# required: true
# AWS_SECRET_KEY:
# required: true
# GCP_ACCESS_KEY:
# required: true
# GCP_SECRET_KEY:
# required: true
inputs:
no-proxy:
default: "10.0.0.0/8,192.168.0.0/16,172.16.0.0/12,194.169.254.133,.pc1.canonical.com,.openstack.partnercloud1.lan,127.0.0.1,localhost"
required: false
type: string
http-proxy:
default: "http://squid.internal:3128"
required: false
type: string
jobs:
lint:
name: Lint
runs-on: [self-hosted, linux, X64, large, jammy]
timeout-minutes: 5
steps:
- name: Set up aproxy
run: |
sudo snap install aproxy --edge
sudo snap set aproxy proxy=squid.internal:3128
sudo nft -f - << EOF
define default-ip = $(ip route get $(ip route show 0.0.0.0/0 | grep -oP 'via \K\S+') | grep -oP 'src \K\S+')
define private-ips = { 10.0.0.0/8, 127.0.0.1/8, 172.16.0.0/12, 192.168.0.0/16 }
table ip aproxy
flush table ip aproxy
table ip aproxy {
chain prerouting {
type nat hook prerouting priority dstnat; policy accept;
ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:8443
}
chain output {
type nat hook output priority -100; policy accept;
ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:8443
}
}
EOF
- name: Checkout
uses: actions/checkout@v3
- name: Install tox
# TODO: Consider replacing with custom image on self-hosted runner OR pinning version
run: python3 -m pip install tox
- name: Run linters
run: tox run -e lint
unit-test:
name: Unit tests
runs-on: [self-hosted, linux, X64, large, jammy]
timeout-minutes: 5
steps:
- name: Set up aproxy
run: |
sudo snap install aproxy --edge
sudo snap set aproxy proxy=squid.internal:3128
sudo nft -f - << EOF
define default-ip = $(ip route get $(ip route show 0.0.0.0/0 | grep -oP 'via \K\S+') | grep -oP 'src \K\S+')
define private-ips = { 10.0.0.0/8, 127.0.0.1/8, 172.16.0.0/12, 192.168.0.0/16 }
table ip aproxy
flush table ip aproxy
table ip aproxy {
chain prerouting {
type nat hook prerouting priority dstnat; policy accept;
ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:8443
}
chain output {
type nat hook output priority -100; policy accept;
ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:8443
}
}
EOF
- name: Checkout
uses: actions/checkout@v3
- name: Install tox
# TODO: Consider replacing with custom image on self-hosted runner OR pinning version
run: python3 -m pip install tox
- name: Run tests
run: tox run -e unit
lib-check:
name: Check libraries
runs-on: [self-hosted, linux, X64, large, jammy]
timeout-minutes: 5
steps:
- name: Set up aproxy
run: |
sudo snap install aproxy --edge
sudo snap set aproxy proxy=squid.internal:3128
sudo nft -f - << EOF
define default-ip = $(ip route get $(ip route show 0.0.0.0/0 | grep -oP 'via \K\S+') | grep -oP 'src \K\S+')
define private-ips = { 10.0.0.0/8, 127.0.0.1/8, 172.16.0.0/12, 192.168.0.0/16 }
table ip aproxy
flush table ip aproxy
table ip aproxy {
chain prerouting {
type nat hook prerouting priority dstnat; policy accept;
ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:8443
}
chain output {
type nat hook output priority -100; policy accept;
ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:8443
}
}
EOF
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Check libs
uses: canonical/charming-actions/[email protected]
with:
credentials: "${{ secrets.CHARMHUB_TOKEN }}" # FIXME: current token will expire in 2023-07-04
github-token: "${{ secrets.GITHUB_TOKEN }}"
build:
name: Build charms
uses: canonical/data-platform-workflows/.github/workflows/build_charms_with_cache.yaml@add-aproxy-snap
with:
charmcraft-snap-revision: 1349 # version 2.3.0
permissions:
actions: write # Needed to manage GitHub Actions cache
integration-test:
strategy:
fail-fast: false
matrix:
tox-environments:
- charm-integration
- ha-integration
- relation-integration
- legacy-integration
- tls-integration
- backup-integration
- metric-integration
name: ${{ matrix.tox-environments }}
needs:
- lint
- unit-test
- lib-check
- build
runs-on: [self-hosted, linux, X64, xlarge, jammy]
timeout-minutes: 120
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup operator environment
# TODO: Replace with custom image on self-hosted runner
uses: charmed-kubernetes/actions-operator@main
with:
provider: lxd
juju-channel: 3.1/stable
bootstrap-options: "--agent-version 3.1.6 --model-default juju-http-proxy=${{ inputs.http-proxy }} --model-default juju-https-proxy=${{ inputs.http-proxy }} --model-default juju-no-proxy=${{ inputs.no-proxy }} --model-default apt-http-proxy=${{ inputs.http-proxy }} --model-default apt-https-proxy=${{ inputs.http-proxy }} --model-default snap-http-proxy=${{ inputs.http-proxy }} --model-default snap-https-proxy=${{ inputs.http-proxy }}"
- name: Download packed charm(s)
uses: actions/download-artifact@v3
with:
name: ${{ needs.build.outputs.artifact-name }}
- name: Free disk space
run: |
echo "Free disk space before cleanup"
df -T
# free space in the runner
sudo rm -rf /usr/share/dotnet
sudo rm -rf /opt/ghc
sudo rm -rf /usr/local/share/boost
sudo rm -rf "$AGENT_TOOLSDIRECTORY"
echo "Free disk space after cleanup"
df -T
- name: Select tests
id: select-tests
run: |
if [ "${{ github.event_name }}" == "schedule" ]
then
echo Running unstable and stable tests
echo "mark_expression=" >> $GITHUB_OUTPUT
else
echo Skipping unstable tests
echo "mark_expression=not unstable" >> $GITHUB_OUTPUT
fi
- name: Run integration tests
run: tox run -e ${{ matrix.tox-environments }} -- -m '${{ steps.select-tests.outputs.mark_expression }}'
env:
CI_PACKED_CHARMS: ${{ needs.build.outputs.charms }}
# AWS_ACCESS_KEY: ${{ matrix.tox-environments != 'backup-integration' || secrets.AWS_ACCESS_KEY }}
# AWS_SECRET_KEY: ${{ matrix.tox-environments != 'backup-integration' || secrets.AWS_SECRET_KEY }}
# GCP_ACCESS_KEY: ${{ matrix.tox-environments != 'backup-integration' || secrets.GCP_ACCESS_KEY }}
# GCP_SECRET_KEY: ${{ matrix.tox-environments != 'backup-integration' || secrets.GCP_SECRET_KEY }}