248 - fix build script so it runs integration tests

boozallen · Aug 9, 2024 · 0d872e0 · 0d872e0
1 parent 2fb0300
commit 0d872e0
Show file tree

Hide file tree

Showing 10 changed files with 204 additions and 3 deletions.
diff --git a/.github/resources/configmap_role.yaml b/.github/resources/configmap_role.yaml
@@ -0,0 +1,8 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: configmap-manager
+rules:
+  - apiGroups: [""]
+    resources: ["configmaps"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
diff --git a/.github/resources/configmap_role_binding.yaml b/.github/resources/configmap_role_binding.yaml
@@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: configmap-rolebinding-github-action
+subjects:
+  - kind: User
+    name: arc-runner-set-aissemble-gha-rs-no-permission
+    apiGroup: rbac.authorization.k8s.io
+roleRef:
+  kind: ClusterRole
+  name: configmap-manager
+  apiGroup: rbac.authorization.k8s.io
+
+
diff --git a/.github/resources/configmap_role_binding_default.yaml b/.github/resources/configmap_role_binding_default.yaml
@@ -0,0 +1,15 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: configmap-rolebinding-github-action-default
+  namespace: default
+subjects:
+  - kind: User
+    name: arc-runner-set-aissemble-gha-rs-no-permission
+    apiGroup: rbac.authorization.k8s.io
+roleRef:
+  kind: ClusterRole
+  name: configmap-manager-default
+  apiGroup: rbac.authorization.k8s.io
+
+
diff --git a/.github/resources/configmap_role_default.yaml b/.github/resources/configmap_role_default.yaml
@@ -0,0 +1,9 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: configmap-manager-default
+  namespace: default
+rules:
+  - apiGroups: [""]
+    resources: ["configmaps"]
+    verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
diff --git a/.github/resources/helm_it_role_binding.yaml b/.github/resources/helm_it_role_binding.yaml
@@ -0,0 +1,13 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: helm-it-user-binding
+  namespace: actions-runners
+subjects:
+  - kind: ServiceAccount
+    name: arc-runner-set-aissemble-gha-rs-no-permission
+    namespace: actions-runners
+roleRef:
+  kind: ClusterRole
+  name: helm-it-user
+  apiGroup: rbac.authorization.k8s.io
diff --git a/.github/resources/helm_it_roles.yaml b/.github/resources/helm_it_roles.yaml
@@ -0,0 +1,29 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: helm-it-user
+rules:
+  - apiGroups: [""]
+    resources: ["namespaces", "pods", "services", "configmaps", "secrets", "serviceaccounts", "persistentvolumeclaims"]
+    verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
+  - apiGroups: ["apps"]
+    resources: ["deployments", "statefulsets", "daemonsets", "replicasets"]
+    verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
+  - apiGroups: ["batch"]
+    resources: ["jobs", "cronjobs"]
+    verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
+  - apiGroups: ["networking.k8s.io"]
+    resources: ["ingresses", "networkpolicies"]
+    verbs: ["create", "delete", "get", "list", "patch", "update", "watch"]
+  - apiGroups: ["rbac.authorization.k8s.io"]
+    resources: ["roles", "rolebindings", "clusterroles", "clusterrolebindings"]
+    verbs: ["get", "list"]
+  - apiGroups: ["apiextensions.k8s.io"]
+    resources: ["customresourcedefinitions"]
+    verbs: ["get", "list"]
+  - apiGroups: ["admissionregistration.k8s.io"]
+    resources: ["validatingwebhookconfigurations", "mutatingwebhookconfigurations"]
+    verbs: ["get", "list"]
+  - apiGroups: ["policy"]
+    resources: ["poddisruptionbudgets"]
+    verbs: ["get", "list"]
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -15,7 +15,7 @@ on:
         description: "Branch you want to build"
         required: true
         type: string
-        default: 'dev'
+        default: '248-gh-build-it-tests'
   push:
     branches: [ "dev" ]
 

diff --git a/.github/workflows/build2.yml b/.github/workflows/build2.yml
@@ -0,0 +1,109 @@
+# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven
+
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+name: Build aissemble 2
+
+on:
+  workflow_dispatch:
+    inputs:
+      buildBranch:
+        description: "Branch you want to build"
+        required: true
+        type: string
+        default: '248-gh-build-it-tests'
+  push:
+    branches: [ "248-gh-build-it-tests" ]
+
+jobs:
+  build:
+
+    runs-on: arc-runner-set-aissemble
+    env:
+      DOCKER_CONFIG: /home/runner/.docker
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.buildBranch }}
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Install required packages
+        run: |
+          sudo apt-get update
+          sudo apt install -y build-essential libssl-dev zlib1g-dev libbz2-dev libreadline-dev libsqlite3-dev curl \
+              git libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev zip unzip \
+              libpython3.11
+      - name: Install Python
+        uses: gabrielfalcao/pyenv-action@v18
+        with:
+          default: 3.11.4
+      - name: Load m2 repository cache # Manually caching .m2 repo as the setup-java caching isn't falling back to older caches
+        id: cached-m2-repo
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/repository
+          key: maven-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            maven-
+      - name: Load m2 build cache
+        id: cached-m2-build
+        uses: actions/cache@v4
+        with:
+          path: ~/.m2/build-cache
+          key: maven-build-cache-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            maven-build-cache-
+      - name: Install Poetry
+        uses: snok/install-poetry@v1
+      - name: Poetry cache
+        id: cached-poetry
+        uses: actions/cache@v4
+        with:
+          path: ~/.cache/pypoetry
+          key: poetry-cache-${{ hashFiles('**/pom.xml') }}
+          restore-keys: |
+            poetry-
+      - name: Install Helm
+        run: |
+          curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3
+          chmod 700 get_helm.sh
+          ./get_helm.sh
+      - name: Install Helm Unittest Plugin
+        run: |
+          echo "Updating helm unittest plugin to latest version..."
+          helm plugin install https://github.com/helm-unittest/helm-unittest.git
+#          helm plugin install https://github.com/quintush/helm-unittest
+      - name: Set up JDK 11
+        uses: actions/setup-java@v4
+        with:
+          java-version: '11'
+          distribution: 'temurin'
+      - name: Create Docker Builder Config File
+        run: sudo touch /etc/buildkitd.toml
+      - name: Build aiSSEMBLE
+        run: |
+          ./mvnw -B clean install -U --file pom.xml -Pci,integration-test
+      #NB: The following two explicit cache saves are necessary to ensure caches are saved on build failure,
+      # until https://github.com/actions/cache/issues/1315 is resolved
+      - name: Save m2 repository cache
+        id: save-m2-repo
+        uses: actions/cache/save@v4
+        if: always()
+        with:
+          path: ~/.m2/repository
+          key: maven-${{ hashFiles('**/pom.xml') }}
+      - name: Save m2 build cache
+        id: save-m2-build
+        uses: actions/cache/save@v4
+        if: always()
+        with:
+          path: ~/.m2/build-cache
+          key: maven-build-cache-${{ hashFiles('**/pom.xml') }}
diff --git a/extensions/extensions-helm/pom.xml b/extensions/extensions-helm/pom.xml
@@ -84,6 +84,9 @@
                                     </goals>
                                 </execution>
                             </executions>
+                            <configuration>
+                                <namespace>actions-runners</namespace>
+                            </configuration>
                         </plugin>
                     </plugins>
                 </pluginManagement>

diff --git a/...delivery-pyspark-model/tests/resources/integration-test-resources/docker-compose-setup.sh b/...delivery-pyspark-model/tests/resources/integration-test-resources/docker-compose-setup.sh
@@ -21,8 +21,9 @@ then
   DOCKER_COMPOSE_RELEASE_URL="https://github.com/docker/compose/releases/download/v2.12.2/docker-compose-${SYS_PLATFORM}-${SYS_ARCH}"
   echo "Installing docker-compose v2.12.2 (${SYS_PLATFORM} ${SYS_ARCH})"
   echo "Pulling binary from ${DOCKER_COMPOSE_RELEASE_URL}..."
-  curl -SL "${DOCKER_COMPOSE_RELEASE_URL}" -o /usr/local/bin/docker-compose
-  chmod +x /usr/local/bin/docker-compose
+  whoami
+  sudo curl -SL "${DOCKER_COMPOSE_RELEASE_URL}" -o /usr/local/bin/docker-compose
+  sudo chmod +x /usr/local/bin/docker-compose
 else
   echo "Already installed"
 fi