Run tests nightly #935
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Run tests nightly | |
| on: | |
| workflow_dispatch: { } | |
| schedule: | |
| - cron: '0 5 * * *' # 5AM UTC = 12AM EST | |
| jobs: | |
| test-source-and-install: | |
| strategy: | |
| matrix: | |
| testServer: [ "broad-dev" ] | |
| fail-fast: false | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout current code | |
| id: checkout_code | |
| uses: actions/checkout@v3 | |
| with: | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| - name: Set up JDK 17 | |
| id: setup_jdk | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: 'temurin' | |
| java-version: 17 | |
| - name: Cache Gradle packages | |
| id: cache_gradle | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/.gradle/caches | |
| ~/.gradle/wrapper | |
| key: v1-${{ runner.os }}-gradle-${{ hashfiles('**/gradle-wrapper.properties') }}-${{ hashFiles('**/*.gradle') }} | |
| restore-keys: v1-${{ runner.os }}-gradle-${{ hashfiles('**/gradle-wrapper.properties') }} | |
| - name: Render config | |
| id: render_config | |
| run: | | |
| # For security reasons, Broad prefers we read GHA secrets instead of reading from vault. | |
| # this step does the equivalent of the tools/render-config.sh script. | |
| # on local machines, the script fetches a SA from Vault. | |
| # in GH actions, the SA key is stored in a GH repo secret. | |
| # regardless of how it was fetched, tests and scripts expect these | |
| # keys to be stored in rendered/broad/ | |
| mkdir -p rendered/broad/ | |
| echo "$TEST_USER_SA_KEY" > rendered/broad/test-user-account.json | |
| echo "$EXT_PROJECT_SA_KEY" > rendered/broad/external-project-account.json | |
| echo "$JANITOR_CLIENT_SA_KEY" > rendered/broad/janitor-client.json | |
| echo "$BROOKLYN_THUNDERLORD" > rendered/broad/[email protected] | |
| echo "$ETHAN_BONECHEWER" > rendered/broad/[email protected] | |
| echo "$JOHN_WHITECLAW" > rendered/broad/[email protected] | |
| echo "$LILY_SHADOWMOON" > rendered/broad/[email protected] | |
| echo "$NOAH_FROSTWOLF" > rendered/broad/[email protected] | |
| echo "$PENELOPE_TWILIGHTSHAMMER" > rendered/broad/[email protected] | |
| env: | |
| TEST_USER_SA_KEY: ${{ secrets.TEST_USER_SA_KEY }} | |
| EXT_PROJECT_SA_KEY: ${{ secrets.EXT_PROJECT_SA_KEY }} | |
| JANITOR_CLIENT_SA_KEY: ${{ secrets.JANITOR_CLIENT_SA_KEY }} | |
| BROOKLYN_THUNDERLORD: ${{ secrets.BROOKLYN_THUNDERLORD }} | |
| ETHAN_BONECHEWER: ${{ secrets.ETHAN_BONECHEWER }} | |
| JOHN_WHITECLAW: ${{ secrets.JOHN_WHITECLAW }} | |
| LILY_SHADOWMOON: ${{ secrets.LILY_SHADOWMOON }} | |
| NOAH_FROSTWOLF: ${{ secrets.NOAH_FROSTWOLF }} | |
| PENELOPE_TWILIGHTSHAMMER: ${{ secrets.PENELOPE_TWILIGHTSHAMMER }} | |
| - name: Update client credentials | |
| run: | | |
| ./tools/client-credentials.sh "src/main/resources/broad_secret.json" ${{ secrets.BROAD_CLIENT_ID }} ${{ secrets.BROAD_CLIENT_SECRET }} \ | |
| "rendered/broad_secret.json" | |
| - name: Run unit tests | |
| id: run_unit_tests | |
| if: always() | |
| run: | | |
| echo "Running unit tests for server: ${{ matrix.testServer }}" | |
| mkdir -p ~/logs-unit | |
| ./gradlew runTestsWithTag -PtestTag=unit -Pplatform=gcp -Pserver=${{ matrix.testServer }} -PcontextDir=$HOME/logs-unit -PquietConsole --scan | |
| - name: Run integration tests against source code | |
| id: run_integration_tests_against_source_code | |
| if: always() | |
| run: | | |
| echo "Running integration tests against source code for server: ${{ matrix.testServer }}" | |
| mkdir -p ~/logs-integration-source | |
| ./gradlew runTestsWithTag -PtestTag=integration -Pplatform=gcp -Pserver=${{ matrix.testServer }} -PcontextDir=$HOME/logs-integration-source -PquietConsole --scan | |
| - name: Run integration tests against release | |
| id: run_integration_tests_against_release | |
| if: always() | |
| run: | | |
| echo "Running integration tests against release for server: ${{ matrix.testServer }}" | |
| mkdir -p ~/logs-integration-release | |
| ./gradlew runTestsWithTag -PtestTag=integration -Pplatform=gcp -PtestInstallFromGitHub -Pserver=${{ matrix.testServer }} -PcontextDir=$HOME/logs-integration-release -PquietConsole --scan | |
| - name: Compile logs and context files for all test runs | |
| id: compile_logs_and_context_files | |
| if: always() | |
| run: | | |
| declare -a arr=("integration-source" "integration-release") | |
| for i in "${arr[@]}" | |
| do | |
| echo "Compiling logs and context files for test run: $i" | |
| mkdir -p ~/to-archive/$i | |
| cp -R ~/logs-$i/.terra/logs/ ~/to-archive/$i/logs/ | |
| cp -R ~/logs-$i/.terra/context.json ~/to-archive/$i/context.json | |
| done | |
| # Unit tests write to worker-specific directories, extract those here | |
| mkdir -p ~/to-archive/unit | |
| for N in `ls ~/logs-unit` | |
| do | |
| mkdir -p ~/to-archive/unit/$N | |
| cp -R ~/logs-unit/$N/.terra/logs/ ~/to-archive/unit/$N/logs/ | |
| cp -R ~/logs-unit/$N/.terra/context.json ~/to-archive/unit/$N/context.json | |
| done | |
| - name: Archive logs and context file for all test runs | |
| id: archive_logs_and_context | |
| if: always() | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: logs-and-context-${{ matrix.testServer }} | |
| path: | | |
| ~/to-archive/ | |
| - name: Compose status message | |
| id: compose_status_message | |
| if: always() | |
| run: | | |
| title="CLI nightly test run: ${{ matrix.testServer }}" | |
| L2="Unit: ${{ steps.run_unit_tests.outcome }} " | |
| L3="Integ (Source): ${{ steps.run_integration_tests_against_source_code.outcome }} " | |
| L4="Integ (Release): ${{ steps.run_integration_tests_against_release.outcome }}" | |
| bold="$L2 | $L3 | $L4" | |
| text="Link to <https://github.com/DataBiosphere/terra-cli/actions/runs/$GITHUB_RUN_ID|test run>" | |
| if [ "${{ job.status }}" == "success" ]; then | |
| text=":white_check_mark: $text" | |
| else | |
| text=":no_entry: $text" | |
| fi | |
| echo "status-title=$title" >> $GITHUB_OUTPUT | |
| echo "status-bold=$bold" >> $GITHUB_OUTPUT | |
| echo "status-text=$text" >> $GITHUB_OUTPUT | |
| - name: Notify PF alerts slack channel | |
| # don't notify manually triggered runs | |
| if: always() && github.event_name != 'workflow_dispatch' | |
| uses: broadinstitute/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| MATRIX_CONTEXT: ${{ toJson(matrix) }} | |
| with: | |
| status: ${{ job.status }} | |
| channel: "#platform-foundation-alerts" | |
| username: ${{ steps.compose_status_message.outputs.status-title }} | |
| author_name: ${{ steps.compose_status_message.outputs.status-bold }} | |
| icon_emoji: ':cli:' | |
| text: ${{ steps.compose_status_message.outputs.status-text }} |