Skip to content

fix: add more roles to reserved_roles & reserved_memberships #675

fix: add more roles to reserved_roles & reserved_memberships

fix: add more roles to reserved_roles & reserved_memberships #675

Workflow file for this run

name: Testinfra Integration Tests Nix
on:
pull_request:
workflow_dispatch:
jobs:
test-ami-nix:
strategy:
fail-fast: false
matrix:
include:
- runner: arm-runner
arch: arm64
ubuntu_release: focal
ubuntu_version: 20.04
mcpu: neoverse-n1
runs-on: ${{ matrix.runner }}
timeout-minutes: 150
permissions:
contents: write
packages: write
id-token: write
steps:
- name: Checkout Repo
uses: actions/checkout@v4
- id: args
uses: mikefarah/yq@master
with:
cmd: yq 'to_entries | map(select(.value|type == "!!str")) | map(.key + "=" + .value) | join("\n")' 'ansible/vars.yml'
- run: docker context create builders
- uses: docker/setup-buildx-action@v3
with:
endpoint: builders
- name: Generate random string
id: random
run: echo "random_string=$(openssl rand -hex 8)" >> $GITHUB_OUTPUT
- name: Build AMI stage 1
run: |
packer init amazon-arm64-nix.pkr.hcl
GIT_SHA=${{github.sha}}
packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common-nix.vars.pkr.hcl" -var "ansible_arguments=" -var "postgres-version=${{ steps.random.outputs.random_string }}" -var "region=ap-southeast-1" -var 'ami_regions=["ap-southeast-1"]' -var "force-deregister=true" amazon-arm64-nix.pkr.hcl
- name: Build AMI stage 2
run: |
packer init stage2-nix-psql.pkr.hcl
GIT_SHA=${{github.sha}}
packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common-nix.vars.pkr.hcl" -var "postgres-version=${{ steps.random.outputs.random_string }}" -var "region=ap-southeast-1" -var 'ami_regions=["ap-southeast-1"]' -var "force-deregister=true" -var "git_sha=${GITHUB_SHA}" stage2-nix-psql.pkr.hcl
- name: Run tests
timeout-minutes: 10
env:
AMI_NAME: "supabase-postgres-${{ steps.random.outputs.random_string }}"
run: |
# TODO: use poetry for pkg mgmt
pip3 install boto3 boto3-stubs[essential] docker ec2instanceconnectcli pytest pytest-testinfra[paramiko,docker] requests
pytest -vv -s testinfra/test_ami_nix.py
- name: Cleanup resources on build cancellation
if: ${{ cancelled() }}
run: |
aws ec2 --region ap-southeast-1 describe-instances --filters "Name=tag:packerExecutionId,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -n 1 -I {} aws ec2 terminate-instances --region ap-southeast-1 --instance-ids {}
- name: Cleanup resources on build cancellation
if: ${{ always() }}
run: |
aws ec2 --region ap-southeast-1 describe-instances --filters "Name=tag:testinfra-run-id,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -n 1 -I {} aws ec2 terminate-instances --region ap-southeast-1 --instance-ids {} || true
- name: Cleanup AMIs
if: always()
run: |
# Define AMI name patterns
STAGE1_AMI_NAME="supabase-postgres-ci-ami-test-stage-1"
STAGE2_AMI_NAME="${{ steps.random.outputs.random_string }}"
# Function to deregister AMIs by name pattern
deregister_ami_by_name() {
local ami_name_pattern=$1
local ami_ids=$(aws ec2 describe-images --region ap-southeast-1 --owners self --filters "Name=name,Values=${ami_name_pattern}" --query 'Images[*].ImageId' --output text)
for ami_id in $ami_ids; do
echo "Deregistering AMI: $ami_id"
aws ec2 deregister-image --region ap-southeast-1 --image-id $ami_id
done
}
# Deregister AMIs
deregister_ami_by_name "$STAGE1_AMI_NAME"
deregister_ami_by_name "$STAGE2_AMI_NAME"