-
Notifications
You must be signed in to change notification settings - Fork 4
161 lines (148 loc) · 6.86 KB
/
tests-nightly.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
name: Run tests nightly
on:
workflow_dispatch: { }
schedule:
- cron: '0 5 * * *' # 5AM UTC = 12AM EST
jobs:
test-source-and-install:
strategy:
matrix:
testServer: [ "broad-dev" ]
fail-fast: false
runs-on: ubuntu-latest
steps:
- name: Checkout current code
id: checkout_code
uses: actions/checkout@v3
with:
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
- name: Set up JDK 17
id: setup_jdk
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: 17
- name: Cache Gradle packages
id: cache_gradle
uses: actions/cache@v3
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: v1-${{ runner.os }}-gradle-${{ hashfiles('**/gradle-wrapper.properties') }}-${{ hashFiles('**/*.gradle') }}
restore-keys: v1-${{ runner.os }}-gradle-${{ hashfiles('**/gradle-wrapper.properties') }}
- name: Render config
id: render_config
run: |
# For security reasons, Broad prefers we read GHA secrets instead of reading from vault.
# this step does the equivalent of the tools/render-config.sh script.
# on local machines, the script fetches a SA from Vault.
# in GH actions, the SA key is stored in a GH repo secret.
# regardless of how it was fetched, tests and scripts expect these
# keys to be stored in rendered/broad/
mkdir -p rendered/broad/
echo "$TEST_USER_SA_KEY" > rendered/broad/test-user-account.json
echo "$EXT_PROJECT_SA_KEY" > rendered/broad/external-project-account.json
echo "$JANITOR_CLIENT_SA_KEY" > rendered/broad/janitor-client.json
echo "$BROOKLYN_THUNDERLORD" > rendered/broad/[email protected]
echo "$ETHAN_BONECHEWER" > rendered/broad/[email protected]
echo "$JOHN_WHITECLAW" > rendered/broad/[email protected]
echo "$LILY_SHADOWMOON" > rendered/broad/[email protected]
echo "$NOAH_FROSTWOLF" > rendered/broad/[email protected]
echo "$PENELOPE_TWILIGHTSHAMMER" > rendered/broad/[email protected]
env:
TEST_USER_SA_KEY: ${{ secrets.TEST_USER_SA_KEY }}
EXT_PROJECT_SA_KEY: ${{ secrets.EXT_PROJECT_SA_KEY }}
JANITOR_CLIENT_SA_KEY: ${{ secrets.JANITOR_CLIENT_SA_KEY }}
BROOKLYN_THUNDERLORD: ${{ secrets.BROOKLYN_THUNDERLORD }}
ETHAN_BONECHEWER: ${{ secrets.ETHAN_BONECHEWER }}
JOHN_WHITECLAW: ${{ secrets.JOHN_WHITECLAW }}
LILY_SHADOWMOON: ${{ secrets.LILY_SHADOWMOON }}
NOAH_FROSTWOLF: ${{ secrets.NOAH_FROSTWOLF }}
PENELOPE_TWILIGHTSHAMMER: ${{ secrets.PENELOPE_TWILIGHTSHAMMER }}
- name: Update client credentials
run: |
./tools/client-credentials.sh "src/main/resources/broad_secret.json" ${{ secrets.BROAD_CLIENT_ID }} ${{ secrets.BROAD_CLIENT_SECRET }} \
"rendered/broad_secret.json"
- name: Run unit tests
id: run_unit_tests
if: always()
run: |
echo "Running unit tests for server: ${{ matrix.testServer }}"
mkdir -p ~/logs-unit
./gradlew runTestsWithTag -PtestTag=unit -Pplatform=gcp -Pserver=${{ matrix.testServer }} -PcontextDir=$HOME/logs-unit -PquietConsole --scan
- name: Run integration tests against source code
id: run_integration_tests_against_source_code
if: always()
run: |
echo "Running integration tests against source code for server: ${{ matrix.testServer }}"
mkdir -p ~/logs-integration-source
./gradlew runTestsWithTag -PtestTag=integration -Pplatform=gcp -Pserver=${{ matrix.testServer }} -PcontextDir=$HOME/logs-integration-source -PquietConsole --scan
- name: Run integration tests against release
id: run_integration_tests_against_release
if: always()
run: |
echo "Running integration tests against release for server: ${{ matrix.testServer }}"
mkdir -p ~/logs-integration-release
./gradlew runTestsWithTag -PtestTag=integration -Pplatform=gcp -PtestInstallFromGitHub -Pserver=${{ matrix.testServer }} -PcontextDir=$HOME/logs-integration-release -PquietConsole --scan
- name: Compile logs and context files for all test runs
id: compile_logs_and_context_files
if: always()
run: |
declare -a arr=("integration-source" "integration-release")
for i in "${arr[@]}"
do
echo "Compiling logs and context files for test run: $i"
mkdir -p ~/to-archive/$i
cp -R ~/logs-$i/.terra/logs/ ~/to-archive/$i/logs/
cp -R ~/logs-$i/.terra/context.json ~/to-archive/$i/context.json
done
# Unit tests write to worker-specific directories, extract those here
mkdir -p ~/to-archive/unit
for N in `ls ~/logs-unit`
do
mkdir -p ~/to-archive/unit/$N
cp -R ~/logs-unit/$N/.terra/logs/ ~/to-archive/unit/$N/logs/
cp -R ~/logs-unit/$N/.terra/context.json ~/to-archive/unit/$N/context.json
done
- name: Archive logs and context file for all test runs
id: archive_logs_and_context
if: always()
uses: actions/upload-artifact@v3
with:
name: logs-and-context-${{ matrix.testServer }}
path: |
~/to-archive/
- name: Compose status message
id: compose_status_message
if: always()
run: |
title="CLI nightly test run: ${{ matrix.testServer }}"
L2="Unit: ${{ steps.run_unit_tests.outcome }} "
L3="Integ (Source): ${{ steps.run_integration_tests_against_source_code.outcome }} "
L4="Integ (Release): ${{ steps.run_integration_tests_against_release.outcome }}"
bold="$L2 | $L3 | $L4"
text="Link to <https://github.com/DataBiosphere/terra-cli/actions/runs/$GITHUB_RUN_ID|test run>"
if [ "${{ job.status }}" == "success" ]; then
text=":white_check_mark: $text"
else
text=":no_entry: $text"
fi
echo "status-title=$title" >> $GITHUB_OUTPUT
echo "status-bold=$bold" >> $GITHUB_OUTPUT
echo "status-text=$text" >> $GITHUB_OUTPUT
- name: Notify PF alerts slack channel
# don't notify manually triggered runs
if: always() && github.event_name != 'workflow_dispatch'
uses: broadinstitute/[email protected]
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
MATRIX_CONTEXT: ${{ toJson(matrix) }}
with:
status: ${{ job.status }}
channel: "#platform-foundation-alerts"
username: ${{ steps.compose_status_message.outputs.status-title }}
author_name: ${{ steps.compose_status_message.outputs.status-bold }}
icon_emoji: ':cli:'
text: ${{ steps.compose_status_message.outputs.status-text }}