reenabling all commented things #417
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release Testing | ||
on: | ||
push: | ||
branches: | ||
- "hotfix-*" | ||
- "rc--*" | ||
workflow_dispatch: | ||
# new commits interrupt any running workflow on the same branch | ||
concurrency: | ||
group: ${{ github.ref }} | ||
cancel-in-progress: true | ||
env: | ||
CI_COMMIT_SHA: ${{ github.sha }} | ||
CI_COMMIT_REF_PROTECTED: ${{ github.ref_protected }} | ||
CI_JOB_NAME: ${{ github.job }} | ||
CI_JOB_ID: ${{ github.job }} # github does not expose this variable https://github.com/orgs/community/discussions/8945 | ||
CI_JOB_URL: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | ||
CI_PIPELINE_SOURCE: ${{ github.event_name }} | ||
CI_PROJECT_DIR: ${{ github.workspace }} | ||
CI_MERGE_REQUEST_TARGET_BRANCH_NAME: ${{ github.event.pull_request.base.ref }} | ||
BRANCH_NAME: ${{ github.event.workflow_run.head_branch || github.ref_name }} | ||
ROOT_PIPELINE_ID: ${{ github.run_id }} | ||
BAZEL_STARTUP_ARGS: "--output_base=/var/tmp/bazel-output/" | ||
RUSTFLAGS: "--remap-path-prefix=${CI_PROJECT_DIR}=/ic" | ||
BUILDEVENT_DATASET: "github-ci-dfinity" | ||
jobs: | ||
ci-main: | ||
name: CI Main | ||
uses: ./.github/workflows/ci-main.yml | ||
secrets: inherit | ||
bazel-system-test-nightly: | ||
name: Bazel System Test Nightly | ||
runs-on: | ||
group: zh1 | ||
labels: dind-large | ||
container: | ||
image: ghcr.io/dfinity/ic-build@sha256:748d5cd92d982531a25cd6c4f247bb6c0e484c9ac654164341f59a7d57d1fffc | ||
options: >- | ||
-e NODE_NAME --privileged --cgroupns host -v /cache:/cache -v /var/sysimage:/var/sysimage -v /var/tmp:/var/tmp | ||
timeout-minutes: 180 # 3 hours | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ github.event.workflow_run.head_branch }} | ||
- name: Before script | ||
id: before-script | ||
shell: bash | ||
run: | | ||
[ -n "${NODE_NAME:-}" ] && echo "Node: $NODE_NAME" | ||
- name: Login to Dockerhub | ||
shell: bash | ||
run: ./ci/scripts/docker-login.sh | ||
env: | ||
DOCKER_HUB_USER: ${{ vars.DOCKER_HUB_USER }} | ||
DOCKER_HUB_PASSWORD_RO: ${{ secrets.DOCKER_HUB_PASSWORD_RO }} | ||
- name: Run Bazel System Test Nightly | ||
id: bazel-test-all | ||
uses: ./.github/actions/bazel-test-all/ | ||
with: | ||
BAZEL_COMMAND: "test" | ||
BAZEL_TARGETS: "//rs/tests/..." | ||
BAZEL_CI_CONFIG: "--config=ci --repository_cache=/cache/bazel" | ||
BAZEL_EXTRA_ARGS: "--keep_going --test_tag_filters=system_test_nightly" | ||
HONEYCOMB_API_TOKEN: ${{ secrets.HONEYCOMB_API_TOKEN }} | ||
- name: Upload bazel-bep | ||
if: always() | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: ${{ github.job }}-bep | ||
retention-days: 14 | ||
if-no-files-found: ignore | ||
compression-level: 9 | ||
path: | | ||
bazel-bep.pb | ||
profile.json | ||
bazel-system-test-staging: | ||
name: Bazel System Test Staging | ||
continue-on-error: True | ||
runs-on: | ||
group: zh1 | ||
labels: dind-large | ||
container: | ||
image: ghcr.io/dfinity/ic-build@sha256:748d5cd92d982531a25cd6c4f247bb6c0e484c9ac654164341f59a7d57d1fffc | ||
options: >- | ||
-e NODE_NAME --privileged --cgroupns host -v /cache:/cache -v /var/sysimage:/var/sysimage -v /var/tmp:/var/tmp | ||
timeout-minutes: 180 # 3 hours | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ github.event.workflow_run.head_branch }} | ||
- name: Before script | ||
id: before-script | ||
shell: bash | ||
run: | | ||
[ -n "${NODE_NAME:-}" ] && echo "Node: $NODE_NAME" | ||
- name: Login to Dockerhub | ||
shell: bash | ||
run: ./ci/scripts/docker-login.sh | ||
env: | ||
DOCKER_HUB_USER: ${{ vars.DOCKER_HUB_USER }} | ||
DOCKER_HUB_PASSWORD_RO: ${{ secrets.DOCKER_HUB_PASSWORD_RO }} | ||
- name: Run Bazel System Test Staging | ||
id: bazel-test-all | ||
uses: ./.github/actions/bazel-test-all/ | ||
with: | ||
BAZEL_COMMAND: "test" | ||
BAZEL_TARGETS: "//rs/tests/..." | ||
BAZEL_CI_CONFIG: "--config=ci --repository_cache=/cache/bazel" | ||
BAZEL_EXTRA_ARGS: "--keep_going --test_tag_filters=system_test_staging" | ||
HONEYCOMB_API_TOKEN: ${{ secrets.HONEYCOMB_API_TOKEN }} | ||
- name: Upload bazel-bep | ||
uses: actions/upload-artifact@v4 | ||
if: always() | ||
with: | ||
name: ${{ github.job }}-bep | ||
retention-days: 14 | ||
if-no-files-found: ignore | ||
compression-level: 9 | ||
path: | | ||
bazel-bep.pb | ||
profile.json | ||
bazel-system-test-hotfix: | ||
name: Bazel System Test Hotfix | ||
runs-on: | ||
group: zh1 | ||
labels: dind-large | ||
container: | ||
image: ghcr.io/dfinity/ic-build@sha256:748d5cd92d982531a25cd6c4f247bb6c0e484c9ac654164341f59a7d57d1fffc | ||
options: >- | ||
-e NODE_NAME --privileged --cgroupns host -v /cache:/cache -v /var/sysimage:/var/sysimage -v /var/tmp:/var/tmp | ||
timeout-minutes: 90 | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
with: | ||
ref: ${{ github.event.workflow_run.head_branch }} | ||
- name: Before script | ||
id: before-script | ||
shell: bash | ||
run: | | ||
[ -n "${NODE_NAME:-}" ] && echo "Node: $NODE_NAME" | ||
- name: Login to Dockerhub | ||
shell: bash | ||
run: ./ci/scripts/docker-login.sh | ||
env: | ||
DOCKER_HUB_USER: ${{ vars.DOCKER_HUB_USER }} | ||
DOCKER_HUB_PASSWORD_RO: ${{ secrets.DOCKER_HUB_PASSWORD_RO }}k | ||
with: | ||
ref: ${{ github.event.workflow_run.head_branch }} | ||
- name: Before script | ||
id: before-script | ||
shell: bash | ||
run: | | ||
[ -n "${NODE_NAME:-}" ] && echo "Node: $NODE_NAME" | ||
- name: Login to Dockerhub | ||
shell: bash | ||
run: ./ci/scripts/docker-login.sh | ||
env: | ||
DOCKER_HUB_USER: ${{ vars.DOCKER_HUB_USER }} | ||
DOCKER_HUB_PASSWORD_RO: ${{ secrets.DOCKER_HUB_PASSWORD_RO }} | ||
- name: Setup python deps | ||
id: setup-python-deps | ||
shell: bash | ||
run: | | ||
pip3 install --ignore-installed -r requirements.txt | ||
- name: Dependency Scan for Release | ||
id: dependency-scan-release-cut | ||
shell: bash | ||
run: | | ||
set -euo pipefail | ||
export PYTHONPATH=$PWD/ci/src:$PWD/ci/src/dependencies | ||
cd ci/src/dependencies/ | ||
$SHELL_WRAPPER python3 job/bazel_rust_ic_scanner_release_job.py | ||
trigger-qualifier-workflow: | ||
name: Qualify | ||
needs: | ||
[ | ||
ci-main, | ||
bazel-system-test-nightly, | ||
bazel-system-test-staging, | ||
bazel-system-test-hotfix, | ||
dependency-scan-release-cut, | ||
] | ||
uses: dfinity/dre/.github/workflows/qualify.yaml@main | ||
secrets: inherit | ||
with: | ||
version: ${{ github.sha }} | ||
setup-guest-os-qualification: | ||
runs-on: # Needs to be in Dfinity network | ||
group: zh1 | ||
labels: dind-small | ||
outputs: | ||
matrix: ${{ steps.generate.outputs.output }} | ||
steps: | ||
- id: generate | ||
name: Fetch beginning versions for qualification | ||
shell: bash | ||
run: | | ||
sudo apt-get install -y jq curl | ||
UNIQUE_VERSIONS=$(curl https://rollout-dashboard.ch1-rel1.dfinity.network/api/v1/rollouts | jq -r '.[] | select (.state != "failed") | select (.state != "complete") | .batches | to_entries[] | "\(.value)"' | jq '.subnets[].git_revision' | sort | uniq | jq -s ) | ||
echo "Will qualify starting from versions: ${UNIQUE_VERSIONS}" | ||
echo "output=$(jq -cn --argjson versions "$UNIQUE_VERSIONS" '{version: $versions}')" >> $GITHUB_OUTPUT | ||
guest-os-qualification: | ||
name: Qualifying ${{ matrix.version }} -> ${{ github.sha }} | ||
needs: setup-guest-os-qualification | ||
strategy: | ||
matrix: ${{ fromJson(needs.setup-guest-os-qualification.outputs.matrix) }} | ||
runs-on: | ||
group: zh1 | ||
labels: dind-small | ||
container: | ||
image: ghcr.io/dfinity/ic-build@sha256:748d5cd92d982531a25cd6c4f247bb6c0e484c9ac654164341f59a7d57d1fffc | ||
options: >- | ||
-e NODE_NAME --privileged --cgroupns host -v /cache:/cache -v /var/sysimage:/var/sysimage -v /var/tmp:/var/tmp | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
- name: Run qualification for version ${{ matrix.version }} from the tip of the branch | ||
uses: ./.github/actions/bazel-test-all/ | ||
env: | ||
AWS_SHARED_CREDENTIALS_CONTENT: ${{ secrets.AWS_SHARED_CREDENTIALS_FILE }} | ||
with: | ||
BAZEL_COMMAND: "test" | ||
BAZEL_TARGETS: "//rs/tests/dre:guest_os_qualification" | ||
BAZEL_CI_CONFIG: "--config=systest --repository_cache=/cache/bazel --cache_test_results=no --test_timeout=7200 --test_env=OLD_VERSION=${{ matrix.version }}" | ||
# check if PR title contains release and set timeout filters accordingly | ||
BAZEL_EXTRA_ARGS_RULES: ${{ env.BAZEL_EXTRA_ARGS_RULES || '' }} | ||
# run on diff only if it is a pull request, otherwise run all targets | ||
RUN_ON_DIFF_ONLY: false | ||
HONEYCOMB_API_TOKEN: ${{ secrets.HONEYCOMB_API_TOKEN }} |