Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Onboard jenkins prod docker images to github actions #924

Merged
merged 1 commit into from
Oct 31, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 0 additions & 18 deletions .github/workflows/dco.yml

This file was deleted.

55 changes: 0 additions & 55 deletions .github/workflows/reports-scheduler-release-workflow.yml

This file was deleted.

19 changes: 17 additions & 2 deletions .github/workflows/reports-scheduler-test-and-build-workflow.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,13 +3,25 @@ name: Test and Build Reports Scheduler
on: [push, pull_request]

jobs:
Get-CI-Image-Tag:
uses: opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main
with:
product: opensearch

linux-build:
needs: Get-CI-Image-Tag
strategy:
matrix:
java:
- 11
- 17
runs-on: ubuntu-latest
container:
# using the same image which is used by opensearch-build team to build the OpenSearch Distribution
# this image tag is subject to change as more dependencies and updates will arrive over time
image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
# need to switch to root so that github actions can install runner binary on container without permission issues.
options: --user root
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

where is the install binary logic? root will introduce permission issues for opensearch

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What binaries are you talking about here?
The image already have all the dependencies needed for running all the build and test.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

And we are switching to user 1000 when running those gradle commands so there will not be any permission issues.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in the comment,

need to switch to root so that github actions can install runner binary

i saw su but it might not be obvious why or when it is needed to switch to normal user

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

linking github doc ref here https://docs.github.com/en/actions/creating-actions/dockerfile-support-for-github-actions#user

Docker actions must be run by the default Docker user (root). Do not use the USER instruction in your Dockerfile, because you won't be able to access the GITHUB_WORKSPACE directory. For more information, see "Variables" and USER reference in the Docker documentation.


steps:
- name: Set up JDK ${{ matrix.java }}
Expand All @@ -23,11 +35,13 @@ jobs:
- name: RunBackwards Compatibility Tests
run: |
echo "Running backwards compatibility tests ..."
./gradlew bwcTestSuite
chown -R 1000:1000 `pwd`
su `id -un 1000` -c "./gradlew bwcTestSuite"
- name: Build with Gradle
run: |
./gradlew build
chown -R 1000:1000 `pwd`
su `id -un 1000` -c "./gradlew build"
- name: Upload coverage
uses: codecov/codecov-action@v1
Expand All @@ -40,6 +54,7 @@ jobs:
run: |
mkdir -p reports-scheduler-builds
cp -r ./build/distributions/*.zip reports-scheduler-builds/
chown -R 1000:1000 `pwd`
- name: Upload Artifacts
uses: actions/upload-artifact@v1
Expand Down
Loading