2023-08-21 14:07:49 +00:00
# Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0
name : Nightly test-integrations 1.15.x
on :
schedule :
# Run nightly at 1AM UTC/9PM EST/6PM PST
- cron : '* 1 * * *'
workflow_dispatch : {}
env :
TEST_RESULTS_DIR : /tmp/test-results
TEST_RESULTS_ARTIFACT_NAME : test-results
CONSUL_LICENSE : ${{ secrets.CONSUL_LICENSE }}
GOTAGS : ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }}
2023-11-20 16:39:51 +00:00
GOTESTSUM_VERSION : "1.11.0"
2023-08-21 14:07:49 +00:00
CONSUL_BINARY_UPLOAD_NAME : consul-bin
# strip the hashicorp/ off the front of github.repository for consul
CONSUL_LATEST_IMAGE_NAME : ${{ endsWith(github.repository, '-enterprise') && github.repository || 'hashicorp/consul' }}
GOPRIVATE : github.com/hashicorp # Required for enterprise deps
BRANCH : "release/1.15.x"
BRANCH_NAME : "release-1.15.x" # Used for naming artifacts
jobs :
setup :
runs-on : ubuntu-latest
name : Setup
outputs :
compute-small : ${{ steps.runners.outputs.compute-small }}
compute-medium : ${{ steps.runners.outputs.compute-medium }}
compute-large : ${{ steps.runners.outputs.compute-large }}
compute-xl : ${{ steps.runners.outputs.compute-xl }}
enterprise : ${{ steps.runners.outputs.enterprise }}
steps :
- name : Checkout code
uses : actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with :
ref : ${{ env.BRANCH }}
- id : runners
run : .github/scripts/get_runner_classes.sh
dev-build :
needs : [ setup]
uses : ./.github/workflows/reusable-dev-build.yml
with :
runs-on : ${{ needs.setup.outputs.compute-large }}
repository-name : ${{ github.repository }}
uploaded-binary-name : 'consul-bin'
2023-08-22 15:16:12 +00:00
branch-name : "release/1.15.x"
2023-08-21 14:07:49 +00:00
secrets :
elevated-github-token : ${{ secrets.ELEVATED_GITHUB_TOKEN }}
generate-envoy-job-matrices :
needs : [ setup]
runs-on : ${{ fromJSON(needs.setup.outputs.compute-small) }}
name : Generate Envoy Job Matrices
outputs :
envoy-matrix : ${{ steps.set-matrix.outputs.envoy-matrix }}
steps :
- name : Checkout code
uses : actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with :
ref : ${{ env.BRANCH }}
- name : Generate Envoy Job Matrix
id : set-matrix
env :
# this is further going to multiplied in envoy-integration tests by the
# other dimensions in the matrix. Currently TOTAL_RUNNERS would be
# multiplied by 8 based on these values:
2023-10-19 21:08:20 +00:00
# envoy-version: ["1.22.11", "1.23.12", "1.24.12", "1.25.11"]
2023-08-21 14:07:49 +00:00
# xds-target: ["server", "client"]
TOTAL_RUNNERS : 4
JQ_SLICER : '[ inputs ] | [_nwise(length / $runnercount | floor)]'
run : |
NUM_RUNNERS=$TOTAL_RUNNERS
NUM_DIRS=$(find ./test/integration/connect/envoy -mindepth 1 -maxdepth 1 -type d | wc -l)
if [ "$NUM_DIRS" -lt "$NUM_RUNNERS" ]; then
echo "TOTAL_RUNNERS is larger than the number of tests/packages to split."
NUM_RUNNERS=$((NUM_DIRS-1))
fi
# fix issue where test splitting calculation generates 1 more split than TOTAL_RUNNERS.
NUM_RUNNERS=$((NUM_RUNNERS-1))
{
echo -n "envoy-matrix="
find ./test/integration/connect/envoy -maxdepth 1 -type d -print0 \
| xargs -0 -n 1 basename \
| jq --raw-input --argjson runnercount "$NUM_RUNNERS" "$JQ_SLICER" \
| jq --compact-output 'map(join("|"))'
} >> "$GITHUB_OUTPUT"
envoy-integration-test :
2023-08-31 14:56:59 +00:00
runs-on : ${{ fromJSON(needs.setup.outputs.compute-large) }}
2023-08-21 14:07:49 +00:00
needs :
- setup
- generate-envoy-job-matrices
- dev-build
permissions :
id-token: write # NOTE : this permission is explicitly required for Vault auth.
contents : read
strategy :
fail-fast : false
matrix :
2023-10-19 21:08:20 +00:00
envoy-version : [ "1.22.11" , "1.23.12" , "1.24.12" , "1.25.11" ]
2023-08-21 14:07:49 +00:00
xds-target : [ "server" , "client" ]
test-cases : ${{ fromJSON(needs.generate-envoy-job-matrices.outputs.envoy-matrix) }}
env :
ENVOY_VERSION : ${{ matrix.envoy-version }}
XDS_TARGET : ${{ matrix.xds-target }}
AWS_LAMBDA_REGION : us-west-2
steps :
- name : Checkout code
uses : actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with :
ref : ${{ env.BRANCH }}
- uses : actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with :
go-version-file : 'go.mod'
- name : fetch binary
uses : actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with :
name : '${{ env.CONSUL_BINARY_UPLOAD_NAME }}'
path : ./bin
- name : restore mode+x
run : chmod +x ./bin/consul
- name : Set up Docker Buildx
uses : docker/setup-buildx-action@2a1a44ac4aa01993040736bd95bb470da1a38365 # v2.9.0
- name : Docker build
run : docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile ./bin
- name : Envoy Integration Tests
env :
GOTESTSUM_JUNITFILE : ${{ env.TEST_RESULTS_DIR }}/results.xml
GOTESTSUM_FORMAT : standard-verbose
COMPOSE_INTERACTIVE_NO_CLI : 1
LAMBDA_TESTS_ENABLED : "true"
# tput complains if this isn't set to something.
TERM : ansi
run : |
# shellcheck disable=SC2001
echo "Running $(sed 's,|, ,g' <<< "${{ matrix.test-cases }}" |wc -w) subtests"
# shellcheck disable=SC2001
sed 's,|,\n,g' <<< "${{ matrix.test-cases }}"
go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \
--debug \
--rerun-fails \
--rerun-fails-report=/tmp/gotestsum-rerun-fails \
--jsonfile /tmp/jsonfile/go-test.log \
--packages=./test/integration/connect/envoy \
-- -timeout=30m -tags integration -run="TestEnvoy/(${{ matrix.test-cases }})"
# NOTE: ENT specific step as we store secrets in Vault.
- name : Authenticate to Vault
if : ${{ endsWith(github.repository, '-enterprise') }}
id : vault-auth
run : vault-auth
# NOTE: ENT specific step as we store secrets in Vault.
- name : Fetch Secrets
if : ${{ endsWith(github.repository, '-enterprise') }}
id : secrets
uses : hashicorp/vault-action@v2.5.0
with :
url : ${{ steps.vault-auth.outputs.addr }}
caCertificate : ${{ steps.vault-auth.outputs.ca_certificate }}
token : ${{ steps.vault-auth.outputs.token }}
secrets : |
kv/data/github/${{ github.repository }}/datadog apikey | DATADOG_API_KEY;
- name : prepare datadog-ci
if : ${{ !endsWith(github.repository, '-enterprise') }}
run : |
curl -L --fail "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64" --output "/usr/local/bin/datadog-ci"
chmod +x /usr/local/bin/datadog-ci
- name : upload coverage
# do not run on forks
if : github.event.pull_request.head.repo.full_name == github.repository
env :
DATADOG_API_KEY : "${{ endsWith(github.repository, '-enterprise') && env.DATADOG_API_KEY || secrets.DATADOG_API_KEY }}"
DD_ENV : ci
run : datadog-ci junit upload --service "$GITHUB_REPOSITORY" $TEST_RESULTS_DIR/results.xml
upgrade-integration-test :
2023-08-31 14:56:59 +00:00
runs-on : ${{ fromJSON(needs.setup.outputs.compute-large) }}
2023-08-21 14:07:49 +00:00
needs :
- setup
- dev-build
permissions :
id-token: write # NOTE : this permission is explicitly required for Vault auth.
contents : read
strategy :
fail-fast : false
matrix :
2023-08-22 15:16:12 +00:00
consul-version : [ "1.14" , "1.15" ]
2023-08-21 14:07:49 +00:00
env :
CONSUL_LATEST_VERSION : ${{ matrix.consul-version }}
ENVOY_VERSION : "1.24.6"
steps :
- name : Checkout code
uses : actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with :
ref : ${{ env.BRANCH }}
# NOTE: This step is specifically needed for ENT. It allows us to access the required private HashiCorp repos.
- name : Setup Git
if : ${{ endsWith(github.repository, '-enterprise') }}
run : git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- uses : actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
with :
go-version-file : 'go.mod'
- run : go env
# Get go binary from workspace
- name : fetch binary
uses : actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with :
name : '${{ env.CONSUL_BINARY_UPLOAD_NAME }}'
path : .
- name : restore mode+x
run : chmod +x consul
- name : Build consul:local image
run : docker build -t ${{ env.CONSUL_LATEST_IMAGE_NAME }}:local -f ./build-support/docker/Consul-Dev.dockerfile .
- name : Configure GH workaround for ipv6 loopback
if : ${{ !endsWith(github.repository, '-enterprise') }}
run : |
cat /etc/hosts && echo "-----------"
sudo sed -i 's/::1 *localhost ip6-localhost ip6-loopback/::1 ip6-localhost ip6-loopback/g' /etc/hosts
cat /etc/hosts
- name : Upgrade Integration Tests
run : |
mkdir -p "${{ env.TEST_RESULTS_DIR }}"
cd ./test/integration/consul-container/test/upgrade
docker run --rm ${{ env.CONSUL_LATEST_IMAGE_NAME }}:local consul version
go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \
--raw-command \
2023-11-20 16:39:51 +00:00
--format=github-actions \
--rerun-fails \
2023-08-21 14:07:49 +00:00
--packages="./..." \
-- \
go test \
-p=4 \
-tags "${{ env.GOTAGS }}" \
-timeout=30m \
-json \
./... \
--follow-log=false \
--target-image ${{ env.CONSUL_LATEST_IMAGE_NAME }} \
--target-version local \
--latest-image docker.mirror.hashicorp.services/${{ env.CONSUL_LATEST_IMAGE_NAME }} \
--latest-version "${{ env.CONSUL_LATEST_VERSION }}"
ls -lrt
env :
# this is needed because of incompatibility between RYUK container and GHA
GOTESTSUM_JUNITFILE : ${{ env.TEST_RESULTS_DIR }}/results.xml
GOTESTSUM_FORMAT : standard-verbose
COMPOSE_INTERACTIVE_NO_CLI : 1
# tput complains if this isn't set to something.
TERM : ansi
# NOTE: ENT specific step as we store secrets in Vault.
- name : Authenticate to Vault
if : ${{ endsWith(github.repository, '-enterprise') }}
id : vault-auth
run : vault-auth
# NOTE: ENT specific step as we store secrets in Vault.
- name : Fetch Secrets
if : ${{ endsWith(github.repository, '-enterprise') }}
id : secrets
uses : hashicorp/vault-action@v2.5.0
with :
url : ${{ steps.vault-auth.outputs.addr }}
caCertificate : ${{ steps.vault-auth.outputs.ca_certificate }}
token : ${{ steps.vault-auth.outputs.token }}
secrets : |
kv/data/github/${{ github.repository }}/datadog apikey | DATADOG_API_KEY;
- name : prepare datadog-ci
if : ${{ !endsWith(github.repository, '-enterprise') }}
run : |
curl -L --fail "https://github.com/DataDog/datadog-ci/releases/latest/download/datadog-ci_linux-x64" --output "/usr/local/bin/datadog-ci"
chmod +x /usr/local/bin/datadog-ci
- name : upload coverage
# do not run on forks
if : github.event.pull_request.head.repo.full_name == github.repository
env :
DATADOG_API_KEY : "${{ endsWith(github.repository, '-enterprise') && env.DATADOG_API_KEY || secrets.DATADOG_API_KEY }}"
DD_ENV : ci
run : datadog-ci junit upload --service "$GITHUB_REPOSITORY" $TEST_RESULTS_DIR/results.xml
test-integrations-success :
needs :
- setup
- dev-build
- generate-envoy-job-matrices
- envoy-integration-test
- upgrade-integration-test
runs-on : ${{ fromJSON(needs.setup.outputs.compute-small) }}
if : ${{ always() }}
steps :
- name : evaluate upstream job results
run : |
# exit 1 if failure or cancelled result for any upstream job
if printf '${{ toJSON(needs) }}' | grep -E -i '\"result\": \"(failure|cancelled)\"'; then
printf "Tests failed or workflow cancelled:\n\n${{ toJSON(needs) }}"
exit 1
fi
2023-08-25 13:39:08 +00:00
- name : Notify Slack
if : ${{ failure() }}
id : slack
uses : slackapi/slack-github-action@e28cf165c92ffef168d23c5c9000cffc8a25e117 # v1.24.0
with :
payload : |
{
"message": "One or more nightly integration tests have failed on branch ${{ env.BRANCH }} for Consul. ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}
env :
SLACK_WEBHOOK_URL : ${{ secrets.CONSUL_NIGHTLY_INTEG_TEST_SLACK_WEBHOOK }}