Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OPSEXP-2849 Create reusable build/test workflow with ACS 7.4 support #110

Merged
merged 36 commits into from
Nov 7, 2024
Merged

OPSEXP-2849 Create reusable build/test workflow with ACS 7.4 support #110

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
42206a2
OPSEXP-2849 Allow building and testing multiple versions of ACS
pmacius Nov 4, 2024
54309ab
test
pmacius Nov 4, 2024
df79eb9
move permissions
pmacius Nov 4, 2024
b779e89
move precommit to parent
pmacius Nov 4, 2024
b63d108
fetching script path to dir as a 2nd argument
pmacius Nov 4, 2024
0dbd571
add few fixes
pmacius Nov 4, 2024
8072faf
fix artifacts cache and fix artifacts for adw
pmacius Nov 4, 2024
ca67b0c
compose multiversion testing wip
pmacius Nov 5, 2024
ee4f495
try only compose testing
pmacius Nov 5, 2024
728d02a
try to fix build matrix
pmacius Nov 5, 2024
627d383
use simpler way
pmacius Nov 5, 2024
f69dbfc
missing fi
pmacius Nov 5, 2024
187c0cf
fix env
pmacius Nov 5, 2024
d77a5b4
set tomcat to 9 when version is different than 23
pmacius Nov 5, 2024
bb72673
prepare rebase
pmacius Nov 5, 2024
42c712f
enable helm
pmacius Nov 5, 2024
4e4f2d5
change base helm values
pmacius Nov 5, 2024
fb7b15f
fix dtas version check
pmacius Nov 5, 2024
5a61d9e
fix
pmacius Nov 5, 2024
ab5acdf
try without completly changing functionality of fetch-artifacts script
pmacius Nov 5, 2024
1e66542
fine tune build matrix job
pmacius Nov 5, 2024
e174ea1
dont fetch 73 for now
pmacius Nov 5, 2024
7a55bea
addres the review
pmacius Nov 6, 2024
1051630
use the tomcat function for now
pmacius Nov 6, 2024
ad498e3
try script on workflow
pmacius Nov 6, 2024
75f611a
run source
pmacius Nov 7, 2024
42e5bfd
remove the script add make tomcat versions determine change the step …
pmacius Nov 7, 2024
cb525e8
missing folder
pmacius Nov 7, 2024
ca81946
add gikeep
pmacius Nov 7, 2024
7a06491
Update .github/workflows/reusable_build_and_test.yml
pmacius Nov 7, 2024
3544c61
Revert "Update .github/workflows/reusable_build_and_test.yml"
pmacius Nov 7, 2024
f1fe9e5
change name
pmacius Nov 7, 2024
cbdbc03
fix cleanup
pmacius Nov 7, 2024
01aea9f
fix
pmacius Nov 7, 2024
3e96078
Update .github/workflows/cleanup_images.yml
pmacius Nov 7, 2024
6bdbe87
review
pmacius Nov 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
285 changes: 8 additions & 277 deletions .github/workflows/build_and_test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,6 @@ on:
- '.github/workflows/kics.yml'
- '**/*.md'

env:
ACS_DEPLOYMENT_VERSION: 78132d95e29d7126025e127740d10cf958164947 # 8.6.0-alpha.0 with compose healthcheck
ARTIFACT_NAME: alfresco-docker-images
REGISTRY: ghcr.io
REGISTRY_NAMESPACE: alfresco
TAG: ${{ github.event_name == 'pull_request' && format('pr-{0}', github.event.pull_request.number) || github.ref_name }}

concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.ref_name || github.run_id }}
cancel-in-progress: true
Expand All @@ -48,277 +41,15 @@ jobs:
- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
with:
auto-commit: "true"

build:
CI:
name: Build v${{ matrix.version }}
needs: pre-commit
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]

- name: Setup nexus authentication
run: |
echo "machine nexus.alfresco.com" >> ~/.netrc
echo "login ${{ secrets.NEXUS_USERNAME }}" >> ~/.netrc
echo "password ${{ secrets.NEXUS_PASSWORD }}" >> ~/.netrc

- name: Restore packages artifacts
uses: actions/cache/restore@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
id: artifacts-cache
with:
key: ${{ runner.os }}-packages-v2-${{ hashFiles('**/artifacts.json') }}
path: artifacts_cache/**

- name: Fetch artifacts from nexus
run: ./scripts/fetch-artifacts.sh

- name: Save packages artifacts
if: steps.artifacts-cache.outputs.cache-hit != 'true'
uses: actions/cache/save@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
key: ${{ steps.artifacts-cache.outputs.cache-primary-key }}
path: artifacts_cache/**

- name: Set up QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1

- name: Login to Quay.io
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
if: github.actor != 'dependabot[bot]'
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}

- name: Log in to the Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
if: github.actor != 'dependabot[bot]'
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Collect Workflow Telemetry
uses: catchpoint/workflow-telemetry-action@94c3c3d9567a0205de6da68a76c428ce4e769af1 # v2.0.0
with:
comment_on_pr: false

- name: Enumerate bake targets
id: bake-targets
uses: docker/bake-action/subaction/list-targets@2e3d19baedb14545e5d41222653874f25d5b4dfb # v5.10.0
with:
target: default

- name: Enumerate registry cache targets
id: cache-targets
env:
CACHE_TARGET: ${{ env.REGISTRY }}/${{ env.REGISTRY_NAMESPACE }}/bakery-cache
run: |
echo 'cache-set<<EOF' >> $GITHUB_OUTPUT
echo '${{ steps.bake-targets.outputs.targets }}' | jq -r '.[] | '\
'"\(.).cache-from=type=registry,ref=${{ env.CACHE_TARGET }}:${{ env.TAG }}-\(.)\n'\
'\(.).cache-from=type=registry,ref=${{ env.CACHE_TARGET }}:${{ github.event.repository.default_branch }}-\(.)\n'\
'\(.).cache-to=type=registry,ref=${{ env.CACHE_TARGET }}:${{ env.TAG }}-\(.)"' >> $GITHUB_OUTPUT
echo 'EOF' >> $GITHUB_OUTPUT

- name: Bake Docker images
env:
TARGETARCH: linux/amd64,linux/arm64
DOCKER_PUSH: ${{ github.actor != 'dependabot[bot]'}}
uses: docker/bake-action@2e3d19baedb14545e5d41222653874f25d5b4dfb # v5.10.0
with:
set: |
*.output=type=registry,push=${{ env.DOCKER_PUSH }}
${{ steps.cache-targets.outputs.cache-set }}

compose-test:
needs: build
runs-on: ${{ matrix.edition == 'enterprise' && 'alfrescoPub-ubuntu2204-16G-4CPU' || 'ubuntu-latest' }}
if: github.actor != 'dependabot[bot]'
uses: ./.github/workflows/reusable_build_and_test.yml
strategy:
fail-fast: false
matrix:
edition: [enterprise, community]
env:
MERGED_COMPOSE_PATH: test/merged-compose.yaml
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Log in to the Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1

- name: Fetch compose from acs-deployment
run: ./scripts/fetch-compose.sh ${{ env.ACS_DEPLOYMENT_VERSION }}

- name: Merge Docker Compose files
env:
UPSTREAM_COMPOSE_PATH: test/${{ matrix.edition == 'community' && 'community-' || '' }}compose.yaml
OVERRIDE_COMPOSE_PATH: test/${{ matrix.edition }}-override.yaml
run: docker compose -f ${{ env.UPSTREAM_COMPOSE_PATH }} -f ${{ env.OVERRIDE_COMPOSE_PATH }} config > ${{ env.MERGED_COMPOSE_PATH }}

- name: Verify docker-compose (${{ matrix.edition }})
id: verify_compose
uses: Alfresco/alfresco-build-tools/.github/actions/dbp-charts/[email protected]
timeout-minutes: 10
with:
postman_path: test/postman/docker-compose
postman_json: acs-test-docker-compose-collection.json
compose_file_path: ${{ env.MERGED_COMPOSE_PATH }}
quay_username: ${{ secrets.QUAY_USERNAME }}
quay_password: ${{ secrets.QUAY_PASSWORD }}

- name: Save containers logs (${{ matrix.edition }})
if: always() && steps.verify_compose.outcome != 'skipped'
uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
with:
output-archive-name: ${{ matrix.edition }}-logs

helm-test:
needs: build
runs-on: ${{ matrix.arch == 'arm64' && 'alfrescoARM-ubuntu2404-16G-4CPU' || 'alfrescoPub-ubuntu2204-16G-4CPU' }}
if: github.actor != 'dependabot[bot]'
strategy:
fail-fast: false
matrix:
arch: [arm64, amd64]
edition: [enterprise, community]
steps:
- name: Setup cluster
uses: Alfresco/alfresco-build-tools/.github/actions/[email protected]
with:
ingress-nginx-ref: controller-v1.8.2
metrics: "true"

- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
with:
version: "3.15.2"

- name: Login to Quay.io
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}

- name: Log in to the Container registry
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Create registries auth secret
run: >-
kubectl create secret generic regcred
--from-file=.dockerconfigjson=$HOME/.docker/config.json
--type=kubernetes.io/dockerconfigjson

- name: Create configmaps for adf apps
run: |
kubectl create configmap acc-config --from-file=app.config.json=test/configs/acc.json
kubectl create configmap adw-config --from-file=app.config.json=test/configs/adw.json

- name: Checkout acs-deployment sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: Alfresco/acs-deployment
ref: ${{ env.ACS_DEPLOYMENT_VERSION }}
path: acs-deployment

- name: Setup helm repository
working-directory: acs-deployment/helm/alfresco-content-services
run: |
helm repo add self https://alfresco.github.io/alfresco-helm-charts/
helm repo add activiti https://activiti.github.io/activiti-cloud-helm-charts
helm repo add bitnami https://raw.githubusercontent.com/bitnami/charts/archive-full-index/bitnami/
helm repo add elastic https://helm.elastic.co
helm dependency build

- name: Preprocess test-overrides.yaml
env:
OVERRIDES_VALUES_FILE: test/helm/test-overrides.yaml
run: |
sed -i "s|localhost/alfresco/|${REGISTRY}/${REGISTRY_NAMESPACE}/|g" ${{ env.OVERRIDES_VALUES_FILE }}
sed -i "s|tag: latest|tag: ${TAG}|g" ${{ env.OVERRIDES_VALUES_FILE }}

if [ "${{ matrix.edition }}" = "community" ]; then
sed -i "s|/alfresco-content-repository|/alfresco-content-repository-community|g" ${{ env.OVERRIDES_VALUES_FILE }}
sed -i "s|/alfresco-share|/alfresco-share-community|g" ${{ env.OVERRIDES_VALUES_FILE }}
fi

cat ${{ env.OVERRIDES_VALUES_FILE }}

- name: Helm install
id: helm_install
run: |
helm install acs ./acs-deployment/helm/alfresco-content-services \
--set global.search.sharedSecret="$(openssl rand -hex 24)" \
--set global.known_urls=http://localhost \
--set global.alfrescoRegistryPullSecrets=regcred \
--values ./acs-deployment/helm/alfresco-content-services/${{ matrix.edition == 'community' && 'community_' || '' }}values.yaml \
--values ./acs-deployment/test/${{ matrix.edition }}-integration-test-values.yaml \
--values test/helm/test-overrides.yaml \
--values test/helm/test-overrides-${{ matrix.edition }}.yaml

- name: Watch Helm deployment
env:
HELM_INSTALL_TIMEOUT: 10m
run: |
kubectl get pods --watch &
KWPID=$!
kubectl wait --timeout=${{ env.HELM_INSTALL_TIMEOUT }} --all=true --for=condition=Ready pods
kill $KWPID

if [ "${{ matrix.edition }}" = "enterprise" ]; then
echo "Waiting for Enterprise Search Reindexing job to complete... "
kubectl wait --timeout=5m --for=condition=complete job/acs-alfresco-search-enterprise-reindexing
fi

- name: Debug cluster status after install
if: always() && steps.helm_install.outcome != 'skipped'
run: |
helm ls --all-namespaces --all
kubectl get all --all-namespaces
kubectl describe pod

- name: Run helm test
id: helm_test
run: helm test acs

- name: Debug cluster status after helm test
if: always() && steps.helm_test.outcome != 'skipped'
run: |
kubectl logs -l app.kubernetes.io/component=dtas --tail=-1
kubectl get all --all-namespaces
kubectl describe pod

- name: Collect logs from all containers
if: always() && steps.helm_install.outcome != 'skipped'
run: |
mkdir -p logs
for pod in $(kubectl get pods -n default -o jsonpath='{.items[*].metadata.name}'); do
kubectl logs $pod -n default > logs/${pod}.log
done

- name: Upload logs as artifact
if: always() && steps.helm_install.outcome != 'skipped'
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 #v4.4.3
with:
name: k8s-logs-${{ matrix.arch }}-${{ matrix.edition }}
path: logs
version: [23, 74]
with:
tag: ${{ github.event_name == 'pull_request' && format('pr-{0}-v{1}', github.event.pull_request.number, matrix.version) || format('{0}-v{1}', github.ref_name, matrix.version) }}
acs_version: ${{ matrix.version }}
secrets: inherit
4 changes: 2 additions & 2 deletions .github/workflows/cleanup_images.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,13 +53,13 @@ jobs:
uses: dataaxiom/ghcr-cleanup-action@98b4022383d6ddb70ccbf6a378b4d8c67a60f066 # v1.0.13
if: github.event_name == 'pull_request'
env:
PR_TAG: ${{ format('pr-{0}', github.event.pull_request.number) }}
PR_TAGS: ${{ format('pr-{0}*', github.event.pull_request.number) }}
with:
token: ${{ secrets.DELETE_PACKAGES_GITHUB_TOKEN }}
owner: ${{ env.ORG }}
repository: ${{ env.REPO }}
packages: ${{ env.PACKAGE_NAMES }}
delete-tags: ${{ env.PR_TAG }}
delete-tags: ${{ env.PR_TAGS }}
dry-run: false

- name: Remove images when requested
Expand Down
Loading
Loading