Integration Tests #455
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Integration Tests | |
on: | |
workflow_dispatch: {} | |
schedule: | |
- cron: "0 0 * * *" | |
jobs: | |
integration-tests: | |
runs-on: ubuntu-noble-garm | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Golang | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: go.mod | |
- name: Setup LXD | |
uses: canonical/setup-lxd@main | |
with: | |
channel: latest/stable | |
- name: Install dependencies | |
run: | | |
sudo rm -f /etc/apt/sources.list.d/microsoft-prod.list | |
sudo apt-get -qq update && sudo apt-get -qq install -y apg coreutils make jq build-essential libsqlite3-dev libsqlite3-0 | |
- name: Set up tunnel | |
shell: bash | |
run: | | |
mkdir -p /home/runner/.ssh | |
echo "${{ secrets.SSH_PRIVATE_KEY }}" > /home/runner/.ssh/ssh_key | |
sudo chown -R runner:runner /home/runner/.ssh | |
sudo chmod 500 /home/runner/.ssh | |
sudo chmod 400 /home/runner/.ssh/ssh_key | |
SUBDOMAIN=$(apg -a 0 -M l -m 12 -n 1) | |
echo "::add-mask::$SUBDOMAIN" | |
BASE_URL="${{ secrets.TUNNEL_BASE_URL }}" | |
GARM_BASE_URL="https://$SUBDOMAIN.$BASE_URL" | |
echo "::add-mask::$GARM_BASE_URL" | |
echo "GARM_BASE_URL=$GARM_BASE_URL" >> $GITHUB_ENV | |
cat <<EOF | sudo tee /etc/systemd/system/garm-tunnel.service | |
[Unit] | |
Description=GARM tunnel | |
After=network.target | |
[Service] | |
Type=simple | |
ExecStart=/usr/bin/ssh -q -i /home/runner/.ssh/ssh_key -N -n -o ServerAliveInterval=60 -o ExitOnForwardFailure=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -R $SUBDOMAIN:80:127.0.0.1:9997 $BASE_URL | |
Restart=always | |
User=runner | |
[Install] | |
WantedBy=default.target | |
EOF | |
sudo systemctl daemon-reload | |
sudo systemctl enable garm-tunnel | |
sudo systemctl start garm-tunnel | |
- name: Generate secrets | |
run: | | |
GARM_PASSWORD=$(apg -n1 -m32) | |
REPO_WEBHOOK_SECRET=$(apg -n1 -m32) | |
ORG_WEBHOOK_SECRET=$(apg -n1 -m32) | |
echo "::add-mask::$GARM_PASSWORD" | |
echo "::add-mask::$REPO_WEBHOOK_SECRET" | |
echo "::add-mask::$ORG_WEBHOOK_SECRET" | |
echo "GARM_PASSWORD=$GARM_PASSWORD" >> $GITHUB_ENV | |
echo "REPO_WEBHOOK_SECRET=$REPO_WEBHOOK_SECRET" >> $GITHUB_ENV | |
echo "ORG_WEBHOOK_SECRET=$ORG_WEBHOOK_SECRET" >> $GITHUB_ENV | |
echo "GARM_CHECKOUT_DIR=$GITHUB_WORKSPACE" >> $GITHUB_ENV | |
- name: Create logs directory | |
if: always() | |
run: sudo mkdir -p /artifacts-logs && sudo chmod 777 /artifacts-logs | |
- name: Run integration tests | |
run: | | |
set -o pipefail | |
set -o errexit | |
make integration 2>&1 | |
env: | |
ORG_NAME: gsamfira | |
REPO_NAME: garm-testing | |
CREDENTIALS_NAME: test-garm-creds | |
WORKFLOW_FILE_NAME: test.yml | |
GH_TOKEN: ${{ secrets.GH_OAUTH_TOKEN }} | |
LXD_REMOTE_SERVER: ${{ secrets.LXD_REMOTE_SERVER }} | |
- name: Show GARM logs | |
if: always() | |
run: | | |
sudo systemctl status garm@runner || true | |
sudo journalctl --no-pager 2>&1 > /artifacts-logs/system.log | |
sudo journalctl -u garm@runner --no-pager 2>&1 > /artifacts-logs/garm.log | |
- name: Upload GARM and e2e logs | |
if: always() | |
uses: actions/upload-artifact@v3 | |
with: | |
name: garm-logs | |
path: /artifacts-logs | |
- name: Cleanup orphan GARM resources via GitHub API | |
if: always() | |
run: | | |
set -o pipefail | |
set -o errexit | |
sudo systemctl stop garm@runner || true | |
go run ./test/integration/gh_cleanup/main.go || true | |
env: | |
ORG_NAME: gsamfira | |
REPO_NAME: garm-testing | |
GH_TOKEN: ${{ secrets.GH_OAUTH_TOKEN }} |