From b2e91029da4fe3be9102381fff6bdf18fb21cb25 Mon Sep 17 00:00:00 2001 From: Matt Pryor Date: Thu, 17 Aug 2023 15:16:36 +0100 Subject: [PATCH] Move testing into reusable actions --- .github/actions/destroy/action.yml | 18 +++++++++ .github/actions/provision/action.yml | 30 ++++++++++++++ .github/actions/setup/action.yml | 47 ++++++++++++++++++++++ .github/actions/test/action.yml | 14 +++++++ .github/workflows/demo-deploy.yml | 56 --------------------------- .github/workflows/deployment-test.yml | 39 ------------------- .github/workflows/test-pr.yml | 54 ++++++++++++++++++++++++++ 7 files changed, 163 insertions(+), 95 deletions(-) create mode 100644 .github/actions/destroy/action.yml create mode 100644 .github/actions/provision/action.yml create mode 100644 .github/actions/setup/action.yml create mode 100644 .github/actions/test/action.yml delete mode 100644 .github/workflows/demo-deploy.yml delete mode 100644 .github/workflows/deployment-test.yml create mode 100644 .github/workflows/test-pr.yml diff --git a/.github/actions/destroy/action.yml b/.github/actions/destroy/action.yml new file mode 100644 index 00000000..d3d799cb --- /dev/null +++ b/.github/actions/destroy/action.yml @@ -0,0 +1,18 @@ +name: Azimuth CI destroy +description: Destroys an Azimuth CI environment. +inputs: + azimuth-ops-version: + description: > + The azimuth-ops version to use. If not given, the default version is used. + required: true + default: "" +runs: + using: composite + steps: + - name: Destroy Azimuth + shell: bash + # Make sure to source the ci environment before running the destroy + run: | + set -e + source ./ci.env + ./bin/ci-exec destroy diff --git a/.github/actions/provision/action.yml b/.github/actions/provision/action.yml new file mode 100644 index 00000000..5692a6e5 --- /dev/null +++ b/.github/actions/provision/action.yml @@ -0,0 +1,30 @@ +name: Azimuth CI provision +description: Provisions an Azimuth environment using the CI config. +inputs: + azimuth-ops-version: + description: > + The azimuth-ops version to use. If not given, the default version is used. + required: true + default: "" +runs: + using: composite + steps: + - name: Update azimuth-ops version in requirements.yml + shell: bash + run: cat > requirements.yml <<< "$REQUIREMENTS_CONTENT" + env: + REQUIREMENTS_CONTENT: | + --- + collections: + - name: https://github.com/stackhpc/ansible-collection-azimuth-ops.git + type: git + version: ${{ inputs.azimuth-ops-version }} + if: ${{ inputs.azimuth-ops-version != '' }} + + - name: Deploy Azimuth + shell: bash + # Make sure to source the ci environment before running the provision + run: | + set -e + source ./ci.env + ./bin/ci-exec provision diff --git a/.github/actions/setup/action.yml b/.github/actions/setup/action.yml new file mode 100644 index 00000000..84bf1184 --- /dev/null +++ b/.github/actions/setup/action.yml @@ -0,0 +1,47 @@ +name: Azimuth CI setup +description: Sets up an environment for running Azimuth CI. +inputs: + config-ref: + description: The ref of the azimuth-config repo to check out. + required: true + default: feature/ci-external-actions + os-clouds: + description: The contents of the clouds.yaml to use. + required: true + os-cloud-name: + description: The name of the cloud within the clouds.yaml to use. + required: true + default: openstack + environment-prefix: + description: > + The environment prefix to use. The run ID will be appended to this, + separated by a hyphen. + required: true + default: ci +runs: + using: composite + steps: + - name: Checkout azimuth-config repo + uses: actions/checkout@v3 + with: + repository: stackhpc/azimuth-config + ref: ${{ inputs.config-ref }} + + - name: Write clouds.yaml + shell: bash + run: cat > ./clouds.yaml <<< "$OS_CLOUDS" + env: + OS_CLOUDS: ${{ inputs.os-clouds }} + + # This environment file will be sourced before running any other actions + - name: Write environment file + shell: bash + run: cat > ./ci.env <<< "$CI_ENV" + env: + CI_ENV: | + set -a + OS_CLOUD="${{ inputs.os-cloud-name }}" + OS_CLIENT_CONFIG_FILE="$PWD/clouds.yaml" + AZIMUTH_CONFIG_ENVIRONMENT=ci + AZIMUTH_ENVIRONMENT="${{ inputs.environment-prefix }}-${{ github.run_id }}" + set +a diff --git a/.github/actions/test/action.yml b/.github/actions/test/action.yml new file mode 100644 index 00000000..1ed9c14f --- /dev/null +++ b/.github/actions/test/action.yml @@ -0,0 +1,14 @@ +name: Azimuth CI tests +description: Tests an Azimuth environment using the CI config. +# inputs: +runs: + using: composite + steps: + - name: Check expected alerts are pending or firing + shell: bash + # Make sure to source the ci environment before running the tests + run: | + set -e + source ./ci.env + source ./bin/activate $AZIMUTH_CONFIG_ENVIRONMENT $AZIMUTH_ENVIRONMENT + ./bin/check-alerts diff --git a/.github/workflows/demo-deploy.yml b/.github/workflows/demo-deploy.yml deleted file mode 100644 index 34933d4c..00000000 --- a/.github/workflows/demo-deploy.yml +++ /dev/null @@ -1,56 +0,0 @@ -name: Deploy External -on: workflow_call - -env: - OS_CLOUD: openstack - OS_CLIENT_CONFIG_FILE: ${{ github.workspace }}/clouds.yml - AZIMUTH_CONFIG_ENVIRONMENT: ci - AZIMUTH_ENVIRONMENT: ci-${{ github.run_id }} - -jobs: - test_deployment: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - ref: ${{ github.event.pull_request.head.sha }} - - - name: Copy cloud creds to file - run: 'echo "$CLOUD" > clouds.yml' - shell: bash - env: - CLOUD: ${{ secrets.CLOUD }} - - - uses: actions/setup-python@v4 - with: - python-version: '3.9' - check-latest: true - - - name: Deploy Azimuth - id: deploy - run: ./bin/ci-exec provision - env: - AWS_ACCESS_KEY_ID: ${{ secrets.ARCUS_S3_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.ARCUS_S3_SECRET_KEY }} - - - name: Check expected alerts are pending or firing - run: | - source ./bin/activate $AZIMUTH_CONFIG_ENVIRONMENT $AZIMUTH_ENVIRONMENT \ - && ./bin/check-alerts - env: - AWS_ACCESS_KEY_ID: ${{ secrets.ARCUS_S3_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.ARCUS_S3_SECRET_KEY }} - - - name: Destroy Azimuth - # NOTE: This step won't teardown the demo deployment if the CI fails, - # which allows us to then access the failed partial deployment to debug. - # Assuming you have Arcus cloud access, the seed node for a given CI run - # can be accessed by activating the CI environment locally with - # `source ./bin/activate ci ci-` - # then running the seed-ssh script as normal. - if: ${{ always() }} - run: ./bin/ci-exec destroy - env: - AWS_ACCESS_KEY_ID: ${{ secrets.ARCUS_S3_ACCESS_KEY }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.ARCUS_S3_SECRET_KEY }} diff --git a/.github/workflows/deployment-test.yml b/.github/workflows/deployment-test.yml deleted file mode 100644 index 4a88fe0a..00000000 --- a/.github/workflows/deployment-test.yml +++ /dev/null @@ -1,39 +0,0 @@ -name: Demo env deployment test - -on: - pull_request: - types: - - opened - - synchronize - - ready_for_review - - reopened - branches: - - main - paths-ignore: - - 'docs/**' - -concurrency: - group: ${{ github.head_ref }} - cancel-in-progress: true - -jobs: - # This job exists so that draft PRs see the check as failed - fail_on_draft: - runs-on: ubuntu-latest - steps: - - name: PR must be marked as ready for review before tests will run - run: exit 1 - if: ${{ github.event.pull_request.draft }} - - - deploy_demo_env: - uses: ./.github/workflows/demo-deploy.yml - secrets: inherit - # NOTE: Github docs claim that workflows should automatically await approval on PRs from external - # forks but haven't tested this explicitly so keep this conditional just in case - # (https://docs.github.com/en/actions/managing-workflow-runs/approving-workflow-runs-from-public-forks) - if: >- - ${{ - github.repository == 'stackhpc/azimuth-config' && - !github.event.pull_request.draft - }} diff --git a/.github/workflows/test-pr.yml b/.github/workflows/test-pr.yml new file mode 100644 index 00000000..672705f4 --- /dev/null +++ b/.github/workflows/test-pr.yml @@ -0,0 +1,54 @@ +name: Test Azimuth deployment + +on: + pull_request: + types: + - opened + - synchronize + - ready_for_review + - reopened + branches: + - main + paths-ignore: + - 'docs/**' + +concurrency: + group: ${{ github.head_ref }} + cancel-in-progress: true + +jobs: + # This job exists so that PRs from outside the main repo are rejected + fail_on_remote: + runs-on: ubuntu-latest + steps: + - name: PR must be from a branch in the azimuth-images repo + run: exit ${{ github.repository == 'stackhpc/azimuth-config' && '0' || '1' }} + + # This job exists so that draft PRs see the check as failed + fail_on_draft: + runs-on: ubuntu-latest + steps: + - name: PR must be marked as ready for review before tests will run + run: exit ${{ github.event.pull_request.draft && '1' || '0' }} + + run_azimuth_tests: + needs: [fail_on_remote, fail_on_draft] + runs-on: ubuntu-latest + steps: + - name: Set up Azimuth environment + uses: ./.github/actions/setup + with: + # Make sure to check out the config version under test + config-ref: ${{ github.sha }} + os-clouds: ${{ secrets.CLOUD }} + environment-prefix: ci + + - name: Provision Azimuth + uses: ./.github/actions/provision + + - name: Run Azimuth tests + uses: ./.github/actions/test + + - name: Destroy Azimuth + uses: ./.github/actions/destroy + if: ${{ always() }}