Skip to content
CI

Bump google.golang.org/grpc from 1.58.2 to 1.58.3 #1218

Sign in to view logs

Bump google.golang.org/grpc from 1.58.2 to 1.58.3

Bump google.golang.org/grpc from 1.58.2 to 1.58.3 #1218

Workflow file for this run

.github/workflows/ci.yml at a024183
name: CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
env:
NOMAD_VERSION: '1.6.2'
CNI_VERSION: '1.3.0'
jobs:
compile:
runs-on: ubuntu-latest
env:
CGO_ENABLED: 0
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: go.mod
- uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Update last trim for Go build cache
# Go usually trims all builds not used for at least five days. We simulate that the last trim just occurred recently.
# Otherwise, the cache restored in the previous step would not be used for the build resulting in a longer workflow run.
# More details: https://github.com/golang/go/blob/d60ad1e068263832c711aaf17b6ccb1b7f71b000/src/cmd/go/internal/cache/cache.go#L255-L326
run: date +%s > ~/.cache/go-build/trim.txt
continue-on-error: true
- name: Build
run: make build-cover
- name: Upload Poseidon binary
uses: actions/upload-artifact@v3
with:
name: poseidon
path: poseidon
lint:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: go.mod
- name: golangci-lint
uses: golangci/golangci-lint-action@v3
with:
version: latest
args: --timeout=3m
test:
runs-on: ubuntu-latest
needs: [ compile ]
steps:
- uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: go.mod
- uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Update last trim for Go build cache
# Go usually trims all builds not used for at least five days. We simulate that the last trim just occurred recently.
# Otherwise, the cache restored in the previous step would not be used for the build resulting in a longer workflow run.
# More details: https://github.com/golang/go/blob/d60ad1e068263832c711aaf17b6ccb1b7f71b000/src/cmd/go/internal/cache/cache.go#L255-L326
run: date +%s > ~/.cache/go-build/trim.txt
continue-on-error: true
- name: Run tests
run: make coverhtml
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v3
if: ${{ success() || failure() }}
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Upload coverage report
uses: actions/upload-artifact@v3
if: ${{ success() || failure() }}
with:
name: coverage
path: coverage/coverage_unit.html
dep-scan:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
needs: [ compile ]
if: github.event_name != 'push' || github.actor != 'dependabot[bot]' && github.actor != 'dependabot-preview[bot]' && github.actor != 'dependabot'
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
severity: 'HIGH,CRITICAL'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
e2e-test:
runs-on: ubuntu-latest
needs: [ compile, test ]
env:
POSEIDON_AWS_ENABLED: false
POSEIDON_AWS_ENDPOINT: ${{ secrets.POSEIDON_AWS_ENDPOINT }}
POSEIDON_AWS_FUNCTIONS: ""
POSEIDON_LOGGER_FORMATTER: "JSONFormatter"
POSEIDON_LOG_FILE: "../../poseidon.log"
POSEIDON_NOMAD_DISABLEFORCEPULL: true
GOCOVERDIR: coverage
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: go.mod
- name: Cache Go modules
uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Update last trim for Go build cache
# Go usually trims all builds not used for at least five days. We simulate that the last trim just occurred recently.
# Otherwise, the cache restored in the previous step would not be used for the build resulting in a longer workflow run.
# More details: https://github.com/golang/go/blob/d60ad1e068263832c711aaf17b6ccb1b7f71b000/src/cmd/go/internal/cache/cache.go#L255-L326
run: date +%s > ~/.cache/go-build/trim.txt
continue-on-error: true
- name: Cache Nomad and CNI binaries
uses: actions/cache@v3
with:
path: |
${{ github.workspace }}/nomad
${{ github.workspace }}/cni/bin
key: ${{ runner.os }}-nomad-${{ env.NOMAD_VERSION }}
restore-keys: |
${{ runner.os }}-nomad-${{ env.NOMAD_VERSION }}
- name: Download Nomad binary
run: |
if [[ -f ./nomad ]]; then exit 0; fi
wget -q "https://releases.hashicorp.com/nomad/${NOMAD_VERSION}/nomad_${NOMAD_VERSION}_linux_amd64.zip"
wget -q "https://releases.hashicorp.com/nomad/${NOMAD_VERSION}/nomad_${NOMAD_VERSION}_SHA256SUMS"
grep "nomad_${NOMAD_VERSION}_linux_amd64.zip" nomad_${NOMAD_VERSION}_SHA256SUMS | sha256sum -c -
unzip nomad_${NOMAD_VERSION}_linux_amd64.zip
- name: Download CNI binaries
run: |
if [[ -f ./cni/bin ]]; then exit 0; fi
wget -q "https://github.com/containernetworking/plugins/releases/download/v${CNI_VERSION}/cni-plugins-linux-amd64-v${CNI_VERSION}.tgz"
wget -q "https://github.com/containernetworking/plugins/releases/download/v${CNI_VERSION}/cni-plugins-linux-amd64-v${CNI_VERSION}.tgz.sha256"
grep "cni-plugins-linux-amd64-v${CNI_VERSION}.tgz" cni-plugins-linux-amd64-v${CNI_VERSION}.tgz.sha256 | sha256sum -c -
mkdir -p ./cni/bin
tar zxvf cni-plugins-linux-amd64-v${CNI_VERSION}.tgz -C ./cni/bin
- name: Set Nomad Config
run: |
cp ./docs/resources/secure-bridge.conflist ./cni/secure-bridge.conflist
echo "server { default_scheduler_config { memory_oversubscription_enabled = true } }, client { cni_path = \"${{ github.workspace }}/cni/bin\", cni_config_dir = \"${{ github.workspace }}/cni\" }" > e2e-config.hcl
- name: Download Poseidon binary
uses: actions/download-artifact@v3
with:
name: poseidon
- name: Get current branch name
id: branch-name
uses: tj-actions/branch-names@v7
- name: Checkout matching branch for Dockerfiles (optional)
id: checkout-dockerfiles
if: steps.branch-name.outputs.is_default == 'false'
uses: actions/checkout@v4
continue-on-error: true
with:
repository: openHPI/dockerfiles
path: deploy/dockerfiles
ref: ${{ steps.branch-name.outputs.current_branch }}
- name: Build new e2e test image (optional)
if: steps.checkout-dockerfiles.outcome == 'success'
run: make e2e-test-docker-image
- name: Run e2e tests
run: |
sudo ./nomad agent -dev -log-level=WARN -config e2e-config.hcl &
until curl -s --fail http://localhost:4646/v1/agent/health ; do sleep 1; done
chmod +x ./poseidon
mkdir -p ${GOCOVERDIR}
./poseidon | tee poseidon.log &
until curl -s --fail http://localhost:7200/api/v1/health ; do sleep 1; done
make e2e-test
- name: Run e2e recovery tests
run: |
killall poseidon
make e2e-test-recovery
if: ${{ success() || failure() }}
- name: Convert coverage reports
run: make convert-run-coverage
if: ${{ success() || failure() }}
- name: Upload coverage reports to Codecov
uses: codecov/codecov-action@v3
if: ${{ success() || failure() }}
with:
token: ${{ secrets.CODECOV_TOKEN }}
- name: Upload coverage report
uses: actions/upload-artifact@v3
if: ${{ success() || failure() }}
with:
name: coverage
path: coverage/coverage_run.html