Initialize tfexec.Terraform once per request + refactoring/cleanup #16239
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ------------------------------------------------------------ | |
# Copyright 2023 The Radius Authors. | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
# ------------------------------------------------------------ | |
name: Build and Test | |
on: | |
push: | |
branches: | |
- main | |
- release/* | |
tags: | |
- v* | |
pull_request: | |
branches: | |
- main | |
- features/* | |
- release/* | |
concurrency: | |
# Cancel the previously triggered build for only PR build. | |
group: build-${{ github.ref }}-${{ github.event.pull_request.number || github.sha }} | |
cancel-in-progress: true | |
env: | |
# Go version to install | |
GOVER: '^1.21' | |
# gotestsum version - see: https://github.com/gotestyourself/gotestsum | |
GOTESTSUMVERSION: 1.10.0 | |
# GitHub Actor for pushing images to GHCR | |
GHCR_ACTOR: rad-ci-bot | |
# Container registry url for GitHub container registry. | |
CONTAINER_REGISTRY: 'ghcr.io/radius-project' | |
# Local file path to the release binaries. | |
RELEASE_PATH: ./release | |
# ORAS (OCI Registry As Storage) CLI version | |
ORAS_VERSION: 1.1.0 | |
# URL to get source code for building the image | |
IMAGE_SRC: https://github.com/radius-project/radius | |
jobs: | |
build-and-push-cli: | |
name: Build ${{ matrix.target_os }}_${{ matrix.target_arch }} binaries | |
runs-on: ubuntu-latest | |
env: | |
GOOS: ${{ matrix.target_os }} | |
GOARCH: ${{ matrix.target_arch }} | |
GOPROXY: https://proxy.golang.org | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- target_os: linux | |
target_arch: arm | |
- target_os: linux | |
target_arch: arm64 | |
- target_os: linux | |
target_arch: amd64 | |
- target_os: windows | |
target_arch: amd64 | |
- target_os: darwin | |
target_arch: amd64 | |
- target_os: darwin | |
target_arch: arm64 | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v3 | |
- name: Set up Go ${{ env.GOVER }} | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GOVER }} | |
cache-dependency-path: go.sum | |
- name: Restore the previous coverage | |
uses: actions/cache/restore@v3 | |
with: | |
path: ./dist/cache | |
key: radius-coverage- | |
- name: Parse release version and set environment variables | |
run: python ./.github/scripts/get_release_version.py | |
- name: Make build | |
run: make build | |
- name: Run make test (unit tests) | |
if: matrix.target_arch == 'amd64' && matrix.target_os == 'linux' | |
env: | |
GOTESTSUM_OPTS: '--junitfile ./dist/unit_test/results.xml' | |
GOTEST_OPTS: '-race -coverprofile ./dist/ut_coverage_orig.out' | |
run: | | |
go install gotest.tools/gotestsum@v${{ env.GOTESTSUMVERSION }} | |
make test | |
- name: Process Unit Test Results | |
uses: ./.github/actions/process-test-results | |
# Always is required here to make sure this target runs even when tests fail. | |
if: always() && matrix.target_arch == 'amd64' && matrix.target_os == 'linux' | |
with: | |
test_group_name: 'Unit Tests' | |
artifact_name: 'unit_test_results' | |
result_directory: 'dist/unit_test/' | |
- name: Copy cli binaries to release (unix-like) | |
if: matrix.target_os != 'windows' | |
run: | | |
mkdir ${{ env.RELEASE_PATH }} | |
cp ./dist/${{ matrix.target_os}}_${{ matrix.target_arch}}/release/rad ${{ env.RELEASE_PATH }}/rad_${{ matrix.target_os}}_${{ matrix.target_arch}} | |
- name: Copy cli binaries to release (windows) | |
if: matrix.target_os == 'windows' | |
run: | | |
mkdir ${{ env.RELEASE_PATH }} | |
cp ./dist/${{ matrix.target_os}}_${{ matrix.target_arch}}/release/rad.exe ${{ env.RELEASE_PATH }}/rad_${{ matrix.target_os}}_${{ matrix.target_arch}}.exe | |
- name: Upload Release binaries | |
uses: actions/upload-artifact@v3 | |
with: | |
name: rad_cli_release | |
path: ${{ env.RELEASE_PATH }} | |
- name: Upload CLI binary | |
uses: actions/upload-artifact@v3 | |
with: | |
name: rad_cli_${{ matrix.target_os}}_${{ matrix.target_arch}} | |
path: | | |
./dist/${{ matrix.target_os}}_${{ matrix.target_arch}}/release/rad | |
./dist/${{ matrix.target_os}}_${{ matrix.target_arch}}/release/rad.exe | |
- name: Generate unit-test coverage files | |
if: matrix.target_arch == 'amd64' && matrix.target_os == 'linux' | |
run: | | |
# Remove mock, generated files, and datamodels from original coverage output. | |
cat ./dist/ut_coverage_orig.out | grep -v "mock" | grep -v "zz_" | grep -v "armrpc/rpctest" | grep -v '/datamodel/[A-za-z0-9_]*.go' > $COVERAGE_FILE | |
# Generate reports. | |
$GO_TOOL_COVER -func=$COVERAGE_FILE -o ./dist/ut_coverage.txt | |
$GO_TOOL_COVER -html=$COVERAGE_FILE -o ./dist/ut_coverage.html | |
# Parse total coverage rate from report. | |
UT_COVERAGE=`cat ./dist/ut_coverage.txt | grep total: | grep -Eo '[0-9]+\.[0-9]+'` | |
echo "Test coverage : $UT_COVERAGE" | |
echo "ut_coverage=$UT_COVERAGE" >> $GITHUB_ENV | |
mkdir -p ./dist/cache | |
MAIN_COVERAGE=0 | |
if [ -f "./dist/cache/ut_coverage.txt" ]; then | |
MAIN_COVERAGE=$(cat ./dist/cache/ut_coverage.txt | grep total: | grep -Eo '[0-9]+\.[0-9]+') | |
fi | |
echo "main_coverage=$MAIN_COVERAGE" >> $GITHUB_ENV | |
if (( $(echo "$UT_COVERAGE < $MAIN_COVERAGE" | bc -l) )) ; then | |
COLOR=red | |
else | |
COLOR=green | |
fi | |
DIFF_RATE=$(echo "$UT_COVERAGE-$MAIN_COVERAGE" | bc -l) | |
echo "diff_coverage=$DIFF_RATE" >> $GITHUB_ENV | |
echo "coverage_img=https://img.shields.io/badge/coverage-$UT_COVERAGE%25-$COLOR" >> $GITHUB_ENV | |
# copy coverage to cache | |
cp ./dist/ut_coverage.txt ./dist/cache/ | |
env: | |
COVERAGE_FILE: ./dist/ut_coverage.out | |
GO_TOOL_COVER: go tool cover | |
- name: Upload unit-test coverage artifact | |
if: matrix.target_arch == 'amd64' && matrix.target_os == 'linux' | |
uses: actions/upload-artifact@v3 | |
with: | |
name: unit_test_coverage | |
path: | | |
./dist/coverage_orig.out | |
./dist/ut_coverage.out | |
./dist/ut_coverage.txt | |
./dist/ut_coverage.html | |
- name: Add coverage result comment | |
if: matrix.target_arch == 'amd64' && matrix.target_os == 'linux' && github.event.pull_request && github.event.pull_request.head.repo.full_name == github.repository | |
uses: marocchino/sticky-pull-request-comment@v2 | |
with: | |
header: testcov-${{ github.run_id }} | |
number: ${{ github.event.pull_request.number }} | |
hide: true | |
hide_classify: OUTDATED | |
message: | | |
![${{ env.ut_coverage }}](${{ env.coverage_img }}) | |
For the detailed report, please go to `Checks tab`, click `Build and Test`, and then download `unit_test_coverage` artifact at the bottom of build page. | |
* Your PR branch coverage: ${{ env.ut_coverage }} % | |
* main branch coverage: ${{ env.main_coverage }} % | |
* diff coverage: ${{ env.diff_coverage }} % | |
> The coverage result does not include the functional test coverage. | |
- name: Save coverage (only main push) | |
uses: actions/cache/save@v3 | |
if: matrix.target_arch == 'amd64' && matrix.target_os == 'linux' && github.ref == 'refs/heads/main' | |
with: | |
path: ./dist/cache | |
key: radius-coverage-${{ github.sha }}-${{ github.run_number }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- uses: oras-project/setup-oras@v1 | |
with: | |
version: ${{ env.ORAS_VERSION }} | |
- name: Push latest rad cli binary to GHCR (unix-like) | |
if: github.ref == 'refs/heads/main' && matrix.target_os != 'windows' | |
run: | | |
oras push ${{ env.CONTAINER_REGISTRY }}/rad/${{ matrix.target_os }}-${{ matrix.target_arch }}:latest ./dist/${{ matrix.target_os}}_${{ matrix.target_arch}}/release/rad --annotation "org.opencontainers.image.source=${{ env.IMAGE_SRC }}" | |
- name: Copy cli binaries to release (windows) | |
if: github.ref == 'refs/heads/main' && matrix.target_os == 'windows' | |
run: | | |
oras push ${{ env.CONTAINER_REGISTRY }}/rad/${{ matrix.target_os }}-${{ matrix.target_arch }}:latest ./dist/${{ matrix.target_os}}_${{ matrix.target_arch}}/release/rad.exe --annotation "org.opencontainers.image.source=${{ env.IMAGE_SRC }}" | |
build-and-push-images: | |
name: Build and publish container images | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code | |
uses: actions/checkout@v3 | |
- name: Parse release version and set environment variables | |
run: python ./.github/scripts/get_release_version.py | |
- name: Set up Go ${{ env.GOVER }} | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GOVER }} | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@v2 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v2 | |
with: | |
platforms: linux/amd64,linux/arm64,linux/arm/v7 | |
- name: Push container images (latest) | |
run: | | |
make docker-test-image-build && make docker-test-image-push | |
make docker-multi-arch-push | |
if: (github.ref == 'refs/heads/main') # push image to latest on merge to main | |
env: | |
DOCKER_REGISTRY: ${{ env.CONTAINER_REGISTRY }} | |
DOCKER_TAG_VERSION: latest | |
- name: Build container images (PR) # Don't push on PR, agent will not have permission. | |
run: | | |
make docker-test-image-build | |
make docker-multi-arch-build | |
if: github.event_name == 'pull_request' | |
env: | |
DOCKER_REGISTRY: ${{ env.CONTAINER_REGISTRY }} | |
DOCKER_TAG_VERSION: ${{ env.REL_VERSION }} # includes PR number | |
- name: Push container images (release) | |
run: | | |
make docker-test-image-build && make docker-test-image-push | |
make docker-multi-arch-push | |
if: startsWith(github.ref, 'refs/tags/v') # push image on tag | |
env: | |
DOCKER_REGISTRY: ${{ env.CONTAINER_REGISTRY }} | |
DOCKER_TAG_VERSION: ${{ env.REL_CHANNEL }} | |
build-and-push-helm-chart: | |
name: Helm chart build | |
needs: ['build-and-push-images'] | |
runs-on: ubuntu-latest | |
# Don't push on PR, agent will not have permission. | |
if: (startsWith(github.ref, 'refs/tags/v') || github.ref == 'refs/heads/main') | |
env: | |
ARTIFACT_DIR: ./dist/Charts | |
HELM_PACKAGE_DIR: helm | |
HELM_CHARTS_DIR: deploy/Chart | |
OCI_REGISTRY: ghcr.io | |
# We only push the chart on pushes to main or to a tag. The versioning logic will select the right | |
# version for us. | |
OCI_REPOSITORY: 'radius-project/helm-chart' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Install helm | |
uses: Azure/setup-helm@v3 | |
with: | |
version: 'v3.11.1' | |
- name: Parse release version and set environment variables | |
run: python ./.github/scripts/get_release_version.py | |
- name: Run Helm linter | |
run: | | |
helm lint ${{ env.HELM_CHARTS_DIR }} | |
- name: Package Helm chart | |
run: | | |
mkdir -p ${{ env.ARTIFACT_DIR }}/${{ env.HELM_PACKAGE_DIR }} | |
helm package ${{ env.HELM_CHARTS_DIR }} --version ${{ env.CHART_VERSION }} --app-version ${{ env.REL_VERSION }} --destination ${{ env.ARTIFACT_DIR }}/${{ env.HELM_PACKAGE_DIR }} | |
# TODO: Delete this step once we use GHCR as the helm chart repo. | |
- name: Setup Azure CLI | |
run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash | |
- name: az CLI login | |
run: | | |
az login --service-principal \ | |
--username ${{ secrets.AZURE_SP_TESTS_APPID }} \ | |
--password ${{ secrets.AZURE_SP_TESTS_PASSWORD }} \ | |
--tenant ${{ secrets.AZURE_SP_TESTS_TENANTID }} | |
# TODO: Delete this step once we use GHCR as the helm chart repo. | |
- name: Push helm chart to ACR | |
run: | | |
az acr helm push --name radius ${{ env.ARTIFACT_DIR }}/${{ env.HELM_PACKAGE_DIR }}/radius-${{ env.CHART_VERSION }}.tgz --force | |
- name: Push helm chart to GHCR | |
run: | | |
echo ${{ secrets.GITHUB_TOKEN }} | helm registry login -u ${{ github.actor }} --password-stdin ${{ env.OCI_REGISTRY }} | |
helm push ${{ env.ARTIFACT_DIR }}/${{ env.HELM_PACKAGE_DIR }}/radius-${{ env.CHART_VERSION }}.tgz oci://${{ env.OCI_REGISTRY }}/${{ env.OCI_REPOSITORY }} | |
publish-release: | |
name: Publish GitHub Release | |
needs: ['build-and-push-cli'] | |
runs-on: ubuntu-latest | |
env: | |
GITHUB_TOKEN: ${{ secrets.GH_RAD_CI_BOT_PAT }} | |
if: startsWith(github.ref, 'refs/tags/v') | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- name: Parse release version and set environment variables | |
run: python ./.github/scripts/get_release_version.py | |
- name: Download release artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
name: rad_cli_release | |
path: ${{ env.RELEASE_PATH }} | |
- name: generate checksum files | |
run: cd ${{ env.RELEASE_PATH }} && for i in *; do sha256sum -b $i > "$i.sha256"; done && cd - | |
- name: Create GitHub RC Release (pre-release and auto-generate release notes) | |
if: ${{ contains(env.REL_VERSION, 'rc') }} | |
run: | | |
gh release create v${{ env.REL_VERSION }} \ | |
${{ env.RELEASE_PATH }}/* \ | |
--title "Radius v${{ env.REL_VERSION }}" \ | |
--generate-notes \ | |
--verify-tag \ | |
--prerelease | |
- name: Create GitHub Official Release | |
if: ${{ !contains(env.REL_VERSION, 'rc') }} | |
run: | | |
gh release create v${{ env.REL_VERSION }} \ | |
${{ env.RELEASE_PATH }}/* \ | |
--title "Radius v${{ env.REL_VERSION }}" \ | |
--notes-file docs/release-notes/v${{ env.REL_VERSION }}.md \ | |
--verify-tag | |
delete_artifacts: | |
name: Delete artifacts | |
needs: ['build-and-push-cli'] | |
if: ${{ always() && !contains(needs.build-and-push-cli.result, 'failure') }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Delete release artifacts | |
uses: geekyeggo/delete-artifact@v1 | |
with: | |
name: | | |
rad_cli_windows_amd64 | |
rad_cli_linux_amd64 | |
rad_cli_darwin_amd64 | |
rad_cli_linux_arm | |
rad_cli_darwin_arm64 | |
rad_cli_linux_arm64 | |
failOnError: false |