-
Notifications
You must be signed in to change notification settings - Fork 0
255 lines (225 loc) · 11.2 KB
/
tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
---
name: Terraform modules tests
on:
schedule:
- cron: 0 1 * * 2
workflow_dispatch:
pull_request:
# the paths should be synced with ../labeler.yml
paths:
- test/**.go
- test/**/go.mod
- modules/fixtures/**
- modules/**.tf
- .tool-versions
- .github/workflows/tests.yml
- justfile
# limit to a single execution per ref of this workflow
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
# please keep those variables synced with daily-cleanup.yml
AWS_PROFILE: infex
AWS_REGION: eu-west-2 # /!\ always use one of the available test region https://github.com/camunda/infraex-common-config
TESTS_TF_BINARY_NAME: terraform
# please keep test-gha*.yml synced
TF_STATE_BUCKET: tests-eks-tf-state-eu-central-1
TF_STATE_BUCKET_REGION: eu-central-1
jobs:
# We can skip some tests using the commit description (skip-tests:NameOfTest1,NameOfTest2) or all tests (skip-tests:all) (see `DEVELOPER.md`)
# If all tests are skipped, the result of this workflow will be `failed` on purpose
# If you want to skip tests and have no error, you need to use `testing-ci-not-necessary` as a label on the PR
configure-tests:
runs-on: ubuntu-latest
if: >-
github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' || (
github.event_name == 'pull_request' &&
!contains(github.event.pull_request.labels.*.name, 'testing-ci-not-necessary')
)
outputs:
test_functions: ${{ steps.extract_test_functions.outputs.test_functions }}
# ensure a suffix is added to prevent concurrency deletion with gha integration tests (test-gha-eks.yml)
cluster_id: ${{ steps.short_git_sha.outputs.short_git_sha }}-g
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
- name: Get Short GitHub SHA
id: short_git_sha
run: echo "short_git_sha=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
- name: Extract Test Functions
id: extract_test_functions
run: |
test_functions=$(grep -rho 'func \(Test[^ ]*\)' ./test/src/ | sed 's/func \(Test[^ ]*\)(t/\1/' | tr '\n' ',' | sed 's/,$//')
echo "test_functions=$test_functions"
: # Extract test names marked to be skipped from the commit message description
commit_message=$(git log -1 --pretty=format:"%B")
echo "commit_message=$commit_message"
skipped_tests=$(echo "$commit_message" | grep 'skip-tests' | sed 's/skip-tests://')
echo "skipped_tests=$skipped_tests"
: # If all tests are marked to be skipped, then clear the test_functions list completely
if [ "$skipped_tests" == "all" ]; then
test_functions=""
echo "Skipping all tests (skip-tests:all found), this workflow will fail. \
If you want to skip-tests for a PR, please use the label 'testing-ci-not-necessary'"
else
: # Otherwise, remove the tests marked to be skipped from the test_functions list
if [ -n "$skipped_tests" ]; then
for test in $(echo "$skipped_tests" | tr ',' '\n'); do
echo "Skipping test: $test"
test_functions=$(echo "$test_functions" | sed "s/$test//g" | sed 's/,,/,/g' | sed 's/^,//' | sed 's/,$//')
echo "test_functions=$test_functions"
done
fi
fi
: # to json array
IFS=',' read -ra array <<< "$test_functions"
json_array="["
for element in "${array[@]}"
do
json_array+="\"$element\","
done
test_functions="${json_array%,}]"
echo "test_functions=${test_functions}" >> "$GITHUB_OUTPUT"
echo "test_functions=${test_functions}"
integration-tests:
runs-on: ubuntu-latest
needs:
- configure-tests
strategy:
fail-fast: false # don't propagate failing jobs
matrix:
test_function: ${{ fromJson(needs.configure-tests.outputs.test_functions) }}
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
- name: Install tooling using asdf
uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 # v3
- name: Import Secrets
id: secrets
uses: hashicorp/vault-action@d1720f055e0635fd932a1d2a48f87a666a57906c # v3
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false
secrets: |
secret/data/products/infrastructure-experience/ci/common AWS_ACCESS_KEY;
secret/data/products/infrastructure-experience/ci/common AWS_SECRET_KEY;
# Official action does not support profiles
- name: Add profile credentials to ~/.aws/credentials
run: |
aws configure set aws_access_key_id ${{ steps.secrets.outputs.AWS_ACCESS_KEY }} --profile ${{ env.AWS_PROFILE }}
aws configure set aws_secret_access_key ${{ steps.secrets.outputs.AWS_SECRET_KEY }} --profile ${{ env.AWS_PROFILE }}
aws configure set region ${{ env.AWS_REGION }} --profile ${{ env.AWS_PROFILE }}
- name: Get go.mod details
uses: Eun/go-mod-details@b719cd324463e2037cf3a0dd1dd6091bdc2730f4 # v1
id: go-mod-details
with:
modfile: ${{ github.workspace }}/test/src/go.mod
- name: Launch test
timeout-minutes: 125
# Do not interrupt tests; otherwise, the Terraform state may become inconsistent.
if: always() && success()
run: |
export TESTS_CLUSTER_ID="${{ needs.configure-tests.outputs.cluster_id }}"
export TESTS_CLUSTER_REGION="${{ env.AWS_REGION }}"
export TESTS_TF_BINARY_NAME="${{ env.TESTS_TF_BINARY_NAME }}"
just test ${{ matrix.test_function }} "--junitfile ${{ matrix.test_function }}_unit-tests.xml"
# this is a workaround for test report not working as expected due to https://github.com/test-summary/action/issues/5
- name: Filter logger.go from the test report (too large)
if: always()
run: |
sed 's/
/\n/g' < "./test/src/${{ matrix.test_function }}_unit-tests.xml" |
grep -E -v '^.*logger\.go.*$' |
sed 's/\n/
/g' > "./test/src/${{ matrix.test_function }}_unit-tests_filtered.xml"
- name: Upload test reports
if: always()
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: test-reports-${{ matrix.test_function }}
path: ./test/src/${{ matrix.test_function }}_unit-tests_filtered.xml
retention-days: 1
- name: Remove profile credentials from ~/.aws/credentials
if: always()
run: |
rm -rf ~/.aws/credentials
test-report:
runs-on: ubuntu-latest
if: ${{ always() && needs.configure-tests.result == 'success' }}
needs:
- configure-tests
- integration-tests
steps:
- name: Download artifacts
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4
with:
pattern: test-reports-*
path: /tmp/testreports
merge-multiple: true
- name: Run test-summary
uses: test-summary/action@31493c76ec9e7aa675f1585d3ed6f1da69269a86 # v2
with:
paths: /tmp/testreports/**/*.xml
cleanup-resources:
runs-on: ubuntu-latest
if: always()
needs:
- configure-tests
- integration-tests
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
ref: ${{ github.head_ref }}
fetch-depth: 0
- name: Install tooling using asdf
uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 # v3
- name: Import Secrets
id: secrets
uses: hashicorp/vault-action@d1720f055e0635fd932a1d2a48f87a666a57906c # v3
with:
url: ${{ secrets.VAULT_ADDR }}
method: approle
roleId: ${{ secrets.VAULT_ROLE_ID }}
secretId: ${{ secrets.VAULT_SECRET_ID }}
exportEnv: false
secrets: |
secret/data/products/infrastructure-experience/ci/common AWS_ACCESS_KEY;
secret/data/products/infrastructure-experience/ci/common AWS_SECRET_KEY;
# Official action does not support profiles
- name: Add profile credentials to ~/.aws/credentials
run: |
aws configure set aws_access_key_id ${{ steps.secrets.outputs.AWS_ACCESS_KEY }} --profile ${{ env.AWS_PROFILE }}
aws configure set aws_secret_access_key ${{ steps.secrets.outputs.AWS_SECRET_KEY }} --profile ${{ env.AWS_PROFILE }}
aws configure set region ${{ env.AWS_REGION }} --profile ${{ env.AWS_PROFILE }}
- name: Delete resources of this run
timeout-minutes: 125
if: always()
uses: ./.github/actions/eks-cleanup-resources
with:
tf-bucket: ${{ env.TF_STATE_BUCKET }}
tf-bucket-region: ${{ env.TF_STATE_BUCKET_REGION }}
max-age-hours: '0'
target: ${{ needs.configure-tests.outputs.cluster_id }}
notify-on-failure:
runs-on: ubuntu-latest
if: failure()
needs:
- configure-tests
- integration-tests
- test-report
- cleanup-resources
steps:
- name: Notify in Slack in case of failure
id: slack-notification
if: github.event_name == 'schedule'
uses: camunda/infraex-common-config/.github/actions/report-failure-on-slack@033b3a26fc64d789daff444f77e0b689266c22ee # 1.2.6
with:
vault_addr: ${{ secrets.VAULT_ADDR }}
vault_role_id: ${{ secrets.VAULT_ROLE_ID }}
vault_secret_id: ${{ secrets.VAULT_SECRET_ID }}