test: add rolling upgrade test #1576
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Default | |
on: | |
merge_group: | |
push: | |
branches: | |
- main | |
- releases/* | |
pull_request: | |
types: [ assigned, opened, synchronize, reopened, labeled ] | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
jobs: | |
PR: | |
if: github.event_name == 'pull_request' | |
name: Check PR Title | |
runs-on: ubuntu-latest | |
permissions: | |
statuses: write | |
steps: | |
- uses: amannn/action-semantic-pull-request@v5 | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
Dirty: | |
runs-on: "formance-runner" | |
steps: | |
- uses: 'actions/checkout@v4' | |
with: | |
fetch-depth: 0 | |
- name: Setup Env | |
uses: ./.github/actions/env | |
with: | |
token: ${{ secrets.NUMARY_GITHUB_TOKEN }} | |
- run: > | |
earthly | |
--allow-privileged | |
--secret SPEAKEASY_API_KEY=$SPEAKEASY_API_KEY | |
${{ contains(github.event.pull_request.labels.*.name, 'no-cache') && '--no-cache' || '' }} | |
+pre-commit | |
env: | |
SPEAKEASY_API_KEY: ${{ secrets.SPEAKEASY_API_KEY }} | |
- name: Get changed files | |
id: changed-files | |
shell: bash | |
run: | | |
hasChanged=$(git status --porcelain) | |
if (( $(echo ${#hasChanged}) != 0 )); then | |
git status | |
echo "There are changes in the repository" | |
git diff | |
exit 1 | |
fi | |
Tests: | |
runs-on: "formance-runner" | |
steps: | |
- uses: 'actions/checkout@v4' | |
with: | |
fetch-depth: 0 | |
- name: Setup Env | |
uses: ./.github/actions/env | |
with: | |
token: ${{ secrets.NUMARY_GITHUB_TOKEN }} | |
- run: > | |
earthly | |
--no-output | |
--allow-privileged | |
--secret SPEAKEASY_API_KEY=$SPEAKEASY_API_KEY | |
${{ contains(github.event.pull_request.labels.*.name, 'no-cache') && '--no-cache' || '' }} | |
+tests --coverage=true | |
env: | |
SPEAKEASY_API_KEY: ${{ secrets.SPEAKEASY_API_KEY }} | |
- name: Upload coverage reports to Codecov with GitHub Action | |
uses: codecov/codecov-action@v4.2.0 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
TestsDeployments: | |
runs-on: "formance-runner" | |
steps: | |
- uses: 'actions/checkout@v4' | |
with: | |
fetch-depth: 0 | |
- name: Setup Env | |
uses: ./.github/actions/env | |
with: | |
token: ${{ secrets.NUMARY_GITHUB_TOKEN }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: "NumaryBot" | |
password: ${{ secrets.NUMARY_GITHUB_TOKEN }} | |
- run: > | |
earthly | |
--allow-privileged | |
--no-output | |
--push | |
--secret GITHUB_TOKEN=$GITHUB_TOKEN | |
--secret KUBE_APISERVER=$KUBE_APISERVER | |
--secret KUBE_TOKEN=$KUBE_TOKEN | |
--secret PULUMI_ACCESS_TOKEN=$PULUMI_ACCESS_TOKEN | |
${{ contains(github.event.pull_request.labels.*.name, 'no-cache') && '--no-cache' || '' }} | |
./test/rolling-upgrades+run | |
--CLUSTER_NAME ledger-${{ github.event.number }} | |
--NO_CLEANUP=${{ contains(github.event.pull_request.labels.*.name, 'no-cleanup') && 'true' || 'false' }} | |
--NO_CLEANUP_ON_FAILURE=true | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
KUBE_APISERVER: ${{ secrets.FORMANCE_DEV_KUBE_API_SERVER_ADDRESS }} | |
KUBE_TOKEN: ${{ secrets.FORMANCE_DEV_KUBE_TOKEN }} | |
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }} | |
GoReleaser: | |
runs-on: "formance-runner" | |
if: contains(github.event.pull_request.labels.*.name, 'build-images') || github.ref == 'refs/heads/main' || github.event_name == 'merge_group' | |
needs: | |
- Dirty | |
steps: | |
- uses: earthly/actions-setup@v1 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
version: "latest" | |
- uses: 'actions/checkout@v4' | |
with: | |
fetch-depth: 0 | |
- name: Setup Env | |
uses: ./.github/actions/env | |
with: | |
token: ${{ secrets.NUMARY_GITHUB_TOKEN }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: "NumaryBot" | |
password: ${{ secrets.NUMARY_GITHUB_TOKEN }} | |
- run: > | |
earthly | |
--no-output | |
--allow-privileged | |
--secret SPEAKEASY_API_KEY=$SPEAKEASY_API_KEY | |
--secret GITHUB_TOKEN=$GITHUB_TOKEN | |
--secret FURY_TOKEN=$FURY_TOKEN | |
--secret GORELEASER_KEY=$GORELEASER_KEY | |
${{ contains(github.event.pull_request.labels.*.name, 'no-cache') && '--no-cache' || '' }} | |
+release --mode=ci | |
env: | |
GITHUB_TOKEN: ${{ secrets.NUMARY_GITHUB_TOKEN }} | |
SPEAKEASY_API_KEY: ${{ secrets.SPEAKEASY_API_KEY }} | |
FURY_TOKEN: ${{ secrets.FURY_TOKEN }} | |
GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }} | |
Deploy: | |
runs-on: "formance-runner" | |
if: github.ref == 'refs/heads/main' | |
environment: staging | |
needs: | |
- GoReleaser | |
- Tests | |
steps: | |
- uses: earthly/actions-setup@v1 | |
with: | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
version: "latest" | |
- uses: 'actions/checkout@v4' | |
with: | |
fetch-depth: 0 | |
- name: Tailscale | |
uses: tailscale/github-action@v2 | |
with: | |
oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }} | |
oauth-secret: ${{ secrets.TS_OAUTH_SECRET }} | |
tags: tag:ci | |
- name: "Deploy in staging" | |
env: | |
TAG: ${{ github.sha }} | |
COMPONENT: ledger | |
ARGOCD_REGION_AUTH_TOKEN: ${{ secrets.ARGOCD_REGION_AUTH_TOKEN }} | |
run: > | |
earthly | |
--no-output | |
--secret AUTH_TOKEN=$ARGOCD_REGION_AUTH_TOKEN | |
+deploy-staging | |
--TAG=$TAG | |
--COMPONENT=$COMPONENT |