generated from open-component-model/repository-template
-
Notifications
You must be signed in to change notification settings - Fork 1
261 lines (259 loc) · 10.4 KB
/
integrationtest.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
name: OCM Integration Tests
# trigger manually
run-name: OCM CLI Integration Tests
on:
# can be called via dispatch event on the repo directly
workflow_dispatch:
inputs:
use-release:
type: boolean
description: use latest pre-built release instead of building from HEAD
default: false
pr_number:
type: number
description: "Number of PR to test (without #, e.g.: 517)"
required: false
# runs regularly on main
schedule:
- cron: '0 6 * * *' # 6 AM UTC everyday for default branch
# runs on PRs via workflow_call directly from within open-component-model/ocm
workflow_call:
secrets:
OCMBOT_APP_ID:
required: true
OCMBOT_PRIV_KEY:
required: true
inputs:
repo:
description: "The repo to checkout, can be used to reference other repositories"
required: false
default: ''
type: string
ref:
description: "The ref to checkout for OCM"
required: true
default: ''
type: string
env:
REPO: ${{ inputs.repo != '' && inputs.repo || 'open-component-model/ocm'}}
REF: main
REF_FROM_OTHER_WORKFLOW: ${{ inputs.ref != '' }}
permissions:
contents: write
jobs:
test-ocm:
runs-on: ubuntu-latest
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v2
with: # OCMBot
app_id: ${{ secrets.OCMBOT_APP_ID }}
private_key: ${{ secrets.OCMBOT_PRIV_KEY }}
- name: checkout inttest
uses: actions/checkout@v4
with:
# hard code repo because we want to reuse it across workflows
repository: open-component-model/ocm-integrationtest
token: ${{ steps.generate_token.outputs.token }}
- name: get-pr
if: ${{ inputs.ref!= '' }}
run: |
echo "Building OCM from a ref: ${{ inputs.ref }}"
echo "REF=${{ inputs.ref }}" >> $GITHUB_ENV
- name: get-pr
if: ${{ github.event.client_payload }}
run: |
echo "PR was triggered with payload: pr: ${{ github.event.client_payload.pr }}, ref: ${{ github.event.client_payload.ref }}, sha: ${{ github.event.client_payload.sha }}"
echo "PR_NUMBER=${{ github.event.client_payload.pr }}" >> $GITHUB_ENV
echo "SHA=${{ github.event.client_payload.sha }}" >> $GITHUB_ENV
echo "REF=${{ github.event.client_payload.ref }}" >> $GITHUB_ENV
- name: get-pr
if: ${{ inputs.pr_number!= '' }}
run: |
echo "get-pr"
echo "Input was: ${{ inputs.pr_number }}"
REF="refs/pull/${{ inputs.pr_number }}/head"
echo "Building OCM from a pull request: ${REF}"
echo "REF=${REF}" >> $GITHUB_ENV
- name: checkout ocm
uses: actions/checkout@v4
if: ${{ ! inputs.use-release }}
with:
repository: ${{ env.REPO }}
ref: ${{ env.REF }}
path: ocm
token: ${{ steps.generate_token.outputs.token }}
- name: get ocm commit
if: ${{ ! inputs.github.event.client_payload }}
run: |
SHA=`git -C ./ocm log -1 --format='%H'`
echo "Checked out ocm from commit: ${SHA}"
echo "SHA=${SHA}" >> $GITHUB_ENV
- name: debug env
run: |
echo "PR_NUMBER=${{ env.PR_NUMBER }}"
echo "SHA=${{ env.SHA }}"
echo "REF=${{ env.REF }}"
- name: setup OCM
uses: open-component-model/ocm-setup-action@main
if: ${{ inputs.use-release }}
- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: '${{ github.workspace }}/go.mod'
- name: create-cert
run: |
FDQN_NAME=`hostname --fqdn`
HNAME=`hostname`
echo "working dir is: $PWD"
echo "home-dir: $HOME"
echo "fqdn hostame is: $FDQN_NAME"
if [ "$FDQN_NAME" = "$HNAME" ]; then
echo "Failed to get fully qualified hostname: $FQDN_NAME , falling back to hostname.local"
FDQN_NAME=`hostname`.local
fi
sudo rm -rf certs
mkdir -p certs
openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/ociregistry.key -addext "subjectAltName = DNS:${FDQN_NAME}" -x509 -days 365 -out certs/ociregistry.crt -subj "/C=DE/ST=Baden-Wuertemberg/L=Walldorf/O=SAP/OU=ocm/CN=${HNAME}"
openssl x509 -noout -text -in certs/ociregistry.crt
sudo cp certs/ociregistry.crt /usr/local/share/ca-certificates
sudo update-ca-certificates
echo "FDQN_NAME=${FDQN_NAME}" >> $GITHUB_ENV
- name: create user and credentials
run: |
mkdir -p auth
# generate a random password
PASSWD=`head /dev/urandom | tr -dc 'A-Za-z0-9!#-$%&=+-' | head -c12`
USER_NAME=ocmuser
htpasswd -Bbn ocmuser ${PASSWD} > auth/htpasswd
htpasswd -b -v auth/htpasswd ${USER_NAME} ${PASSWD}
echo "PASSWD=${PASSWD}" >> $GITHUB_ENV
echo "USER_NAME=${USER_NAME}" >> $GITHUB_ENV
- name: start OCI registry (docker)
run: |
docker run -d -p 443:443 --name registry \
-v ${{ github.workspace}}/certs:/certs \
-v ${{ github.workspace}}/auth:/auth \
-e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \
-e REGISTRY_AUTH=htpasswd \
-e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \
-e REGISTRY_HTTP_ADDR=:443 \
-e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/ociregistry.crt \
-e REGISTRY_HTTP_TLS_KEY=/certs/ociregistry.key \
registry:2.8.1
- name: Install Crane
uses: imjasonh/setup-crane@v0.4
- name: Build OCM
if: ${{ ! inputs.use-release }}
run: |
cd ocm
make install
- name: Build go Test Binaries
run: |
env GOOS=linux GOARCH=arm64 GO111MODULE=on go build -o local/hello.arm64 -ldflags '-extldflags "-static"' main.go
env GOOS=linux GOARCH=amd64 GO111MODULE=on go build -o local/hello.amd64 -ldflags '-extldflags "-static"' main.go
- name: Wait for OCI registry to become ready
timeout-minutes: 1
run: |
while ! curl https://${{ env.FDQN_NAME }}/v2
do
echo "Waiting for container to become ready... still trying"
sleep 1
done
echo "$Registy container is ready"
- name: Python add CA
run: |
location=`python3 -c "import certifi; print(certifi.where());"`
cat ${{ github.workspace}}/certs/ociregistry.crt >> location
python -c "import urllib.request; urllib.request.urlopen('https://${{ env.FDQN_NAME }}')"
- name: Install Python Libs
run: |
python -m pip install --upgrade pip
pip install -r requirements.txt
- name: Test with pytest
run: |
if [ -e ${HOME}/.ocmconfig ]; then
rm ${HOME}/.ocmconfig
fi
ocm_ver=$(ocm --version)
echo "OCM-Version: ${ocm_ver}"
pytest ./tests
res=$?
now=$(date +"%Y-%m-%d %H:%M:%S%z")
echo "TEST_RUN_TS=${now}" >> $GITHUB_ENV
echo "TEST_RESULT=${res}" >> $GITHUB_ENV
echo "OCM_VERSION=${ocm_ver}" >> $GITHUB_ENV
cp docs/report.html docs/report-${{ env.SHA }}.html
if [ ${res} -eq 0 ]; then
echo "Tests run successfully."
echo "TEST_RESULT_STR=Success ✅" >> $GITHUB_ENV
echo "$now | ${ocm_ver} | ✅ (passed)" >> README.md
else
echo "Tests failed."
echo "TEST_RESULT_STR=Failure ❌" >> $GITHUB_ENV
echo "$now | ${ocm_ver} | ❌ (failed)" >> README.md
fi
exit ${res}
- name: Upload Report
# only upload the artifact if we are not on a PR
if: always()
uses: actions/upload-artifact@v4
with:
if-no-files-found: error
overwrite: true
retention-days: 7
name: test-report
path: docs/report.html
- name: stop docker registry
if: always()
run: |
docker container stop registry
docker container rm -v registry
- name: push
uses: github-actions-x/commit@v2.9
if: ${{ env.REF_FROM_OTHER_WORKFLOW == false && always()}} # push result also on failure
with:
github-token: ${{ steps.generate_token.outputs.token }}
commit-message: 'add test report'
files: README.md docs/
name: github-ation
email: noreply@github.com
- name: send test result as PR comment
if: ${{ env.REF_FROM_OTHER_WORKFLOW == false && github.event.client_payload }}
uses: actions/github-script@v7
with:
github-token: ${{ steps.generate_token.outputs.token }}
script: |
github.rest.issues.createComment({
owner: 'open-component-model',
repo: 'ocm',
issue_number: ${{ env.PR_NUMBER }},
body: 'Integration Tests for ${{ env.SHA }} run with result: ${{ env.TEST_RESULT_STR }}!'
})
- name: Post to a Slack channel
id: slack
uses: slackapi/slack-github-action@v2.0.0
if: ${{ env.REF_FROM_OTHER_WORKFLOW == false && github.ref_name == 'main' && github.event_name == 'schedule' && always()}}
with:
# Slack channel id, channel name, or user id to post message.
# See also: https://api.slack.com/methods/chat.postMessage#channels
# You can pass in multiple channels to post to by providing a comma-delimited list of channel IDs.
# Test-channel-id: 'C057KU48M7Y'
channel-id: 'C03NF7KH128'
payload: |
{
"text" : "OCM Integration Test Report, Status: ${{ job.status }}",
"blocks": [
{
"type": "section",
"text":
{
"type": "mrkdwn",
"text": "Integration Test for OCM CLI ${{ job.status == 'success' && ':white_check_mark:' || ':x:' }} <https://open-component-model.github.io/ocm-integrationtest/report-${{ env.SHA }}.html|TestReport> <https://github.com/open-component-model/ocm-integrationtest/actions/runs/${{ github.run_id }}|Github Action>"
}
}
]
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}