diff --git a/.github/workflows/ack.yml b/.github/workflows/ack.yml index dc704dd7..c54720aa 100644 --- a/.github/workflows/ack.yml +++ b/.github/workflows/ack.yml @@ -7,7 +7,7 @@ concurrency: on: pull_request_target: - types: [opened, labeled, unlabeled, synchronize] + types: [labeled, unlabeled] jobs: ack: diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml index 9bae13ba..302b71f5 100644 --- a/.github/workflows/tox.yml +++ b/.github/workflows/tox.yml @@ -27,146 +27,250 @@ permissions: id-token: write # tox/check job jobs: - tox: - uses: ansible/team-devtools/.github/workflows/tox.yml@main - with: - run_pre: ./tools/test-setup.sh - max_python: "3.13" - default_python: "3.10" # min version, for 'lint' in particular - jobs_producing_coverage: 7 - other_names_also: | - devspaces - ee-amd64:tox -e ee:runner=devtools-multiarch-builder - ee-arm64:tox -e ee:runner=ubuntu-24.04-arm64-2core - secrets: inherit # needed for logging to the ghcr.io registry - - codeql: - name: codeql - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: ["python"] - + smoke: + # persistent self-hosted runner so minikube would not need to be installed each time + runs-on: ubuntu-24.04-amd64-azure + # ubuntu-24.04 steps: - - name: Checkout repository + - name: Checkout source code uses: actions/checkout@v4 - # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - # If you wish to specify custom queries, you can do so here or in a config file. - # By default, queries listed here will override any specified in a config file. - # Prefix the list here with "+" to use these queries and those in the config file. + - run: ./tools/test-setup.sh + # - name: Prepare Che-Code Dockerfile ( remove tests ) + # run: | + # # + # # truncate Dockerfile, remove section that runs tests + # # + # cp -f build/dockerfiles/linux-libc-ubi8.Dockerfile build/dockerfiles/linux-libc-ubi8.no-test.Dockerfile + # REMOVE_FROM="### Beginning of tests" + # REMOVE_TO="### Ending of tests" + # sed -i "/${REMOVE_FROM}/,/${REMOVE_TO}/{/${REMOVE_FROM}/n;/${REMOVE_TO}/!d;}" build/dockerfiles/linux-libc-ubi8.no-test.Dockerfile - # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs - # queries: security-extended,security-and-quality + # # + # # show the Dockerfile + # # + # cat build/dockerfiles/linux-libc-ubi8.no-test.Dockerfile - - name: Autobuild - uses: github/codeql-action/autobuild@v3 + # - name: Compile Che-Code editor + # run: | + # # + # # build linux-libc-ubi8-amd64:latest docker image + # # + # docker image prune -a -f + # docker build --memory-swap -1 --memory 12g -f build/dockerfiles/linux-libc-ubi8.no-test.Dockerfile -t linux-libc-ubi8-amd64 . - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" - - publish-ee: - # environment: release # approval - runs-on: ubuntu-24.04 - needs: - - tox - # if: github.ref == 'refs/heads/main' - # github.event_name == 'release' && github.event.action == 'published' - steps: - - name: Check out repository - uses: actions/checkout@v4 + # - name: Build Che-Code Docker image + # run: | + # # + # # build che-code:latest docker image + # # + # cp -f build/dockerfiles/assembly.Dockerfile build/dockerfiles/assembly.copy.Dockerfile + # REPLACE_FROM="FROM linux-musl-amd64 as linux-musl-content" + # sed -i -r -e "s|${REPLACE_FROM}||" build/dockerfiles/assembly.copy.Dockerfile + # REPLACE_FROM="COPY --from=linux-musl-content --chown=0:0 /checode-linux-musl /mnt/rootfs/checode-linux-musl" + # sed -i -r -e "s|${REPLACE_FROM}||" build/dockerfiles/assembly.copy.Dockerfile + # REPLACE_FROM="FROM linux-libc-ubi9-amd64 as linux-libc-ubi9-content" + # sed -i -r -e "s|${REPLACE_FROM}||" build/dockerfiles/assembly.copy.Dockerfile + # REPLACE_FROM="COPY --from=linux-libc-ubi9-content --chown=0:0 /checode-linux-libc/ubi9 /mnt/rootfs/checode-linux-libc/ubi9" + # sed -i -r -e "s|${REPLACE_FROM}||" build/dockerfiles/assembly.copy.Dockerfile - - name: pull-merge-push for the the two arch images under a single manifest - env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - run: ./tools/ee.sh --publish "${{ github.event.release.tag_name || github.sha }}" "${{ (github.event_name == 'release' && github.event.action == 'published') || '--dry' }}" - - publish-devspaces: - runs-on: ubuntu-24.04 - needs: - - codeql - - tox - if: github.ref == 'refs/heads/main' || (github.event_name == 'release' && github.event.action == 'published') - steps: - - name: Push image to ghcr.io as ansible-devspaces-tmp:${GITHUB_SHA} - run: | - echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "$GITHUB_ACTOR" --password-stdin - docker pull "ghcr.io/ansible/ansible-devspaces-tmp:${GITHUB_SHA}" - docker tag "ghcr.io/ansible/ansible-devspaces-tmp:${GITHUB_SHA}" "ghcr.io/ansible/ansible-devspaces:${GITHUB_SHA}" + # export DOCKER_BUILDKIT=1 + # docker build -f build/dockerfiles/assembly.copy.Dockerfile -t che-code . + + # docker tag che-code:latest che-code:next + # docker save -o /tmp/che-code-latest.tar che-code:latest che-code:next + + # - name: Display docker images + # run: | + # docker images - - name: Push image to ghcr.io as ${{ github.event.release.tag_name }} - if: github.event_name == 'release' && github.event.action == 'published' + # - name: Cleanup docker images + # run: | + # docker system prune -af + + # - name: Disk free + # run: | + # df -h + + # - name: Start minikube + # id: run-minikube + # uses: che-incubator/setup-minikube-action@next + # with: + # minikube-version: v1.34.0 + + - name: smoke + run: ./tools/smoke.sh + + - name: Bump logs + if: always() run: | - docker tag "ghcr.io/ansible/ansible-devspaces:${GITHUB_SHA}" "ghcr.io/ansible/ansible-devspaces:${{ github.event.release.tag_name }}" - docker tag "ghcr.io/ansible/ansible-devspaces:${GITHUB_SHA}" "ghcr.io/ansible/ansible-devspaces:latest" - docker push "ghcr.io/ansible/ansible-devspaces:${{ github.event.release.tag_name }}" - docker push "ghcr.io/ansible/ansible-devspaces:latest" - - publish-wheel: - needs: - - codeql - - tox - if: github.event_name == 'release' && github.event.action == 'published' - environment: release # approval - runs-on: ubuntu-24.04 - env: - FORCE_COLOR: 1 - PY_COLORS: 1 - TOXENV: pkg - TOX_EXTRA_BINDEP: 0 - steps: - - name: Switch to using Python 3.10 by default - uses: actions/setup-python@v5 - with: - python-version: "3.10" + NS=admin-che + TARGET_DIR="/tmp/devworkspace-happy-path-artifacts/${NS}-info" + mkdir -p "$TARGET_DIR" + for POD in $(kubectl get pods -o name -n ${NS}); do + for CONTAINER in $(kubectl get -n ${NS} ${POD} -o jsonpath="{.spec.containers[*].name}"); do + echo "[INFO] Downloading logs $POD/$CONTAINER in $NS" + # container name includes `pod/` prefix. remove it + LOGS_FILE=$TARGET_DIR/$(echo ${POD}-${CONTAINER}.log | sed 's|pod/||g') + kubectl logs ${POD} -c ${CONTAINER} -n ${NS} > $LOGS_FILE || true + done + done + echo "[INFO] Bumping events in namespace ${NS}" + kubectl get events -n $NS > $TARGET_DIR/events.log || true - - name: Install tox - run: python3 -m pip install --user "tox>=4.0.0" + - name: Store e2e artifacts + if: always() + uses: actions/upload-artifact@v4 + with: + name: e2e-artifacts + path: /tmp/tests - - name: Check out src from Git - uses: actions/checkout@v4 + - name: Store k8s logs + if: always() + uses: actions/upload-artifact@v4 with: - fetch-depth: 0 # needed by setuptools-scm - submodules: true + name: k8s-logs + path: /tmp/devworkspace-happy-path-artifacts/admin-che-info + # tox: + # uses: ansible/team-devtools/.github/workflows/tox.yml@main + # with: + # run_pre: ./tools/test-setup.sh + # max_python: "3.13" + # default_python: "3.10" # min version, for 'lint' in particular + # jobs_producing_coverage: 7 + # other_names_also: | + # devspaces + # ee-amd64:tox -e ee:runner=devtools-multiarch-builder + # ee-arm64:tox -e ee:runner=ubuntu-24.04-arm64-2core + # secrets: inherit # needed for logging to the ghcr.io registry - - name: Build dists - run: python3 -m tox + # codeql: + # name: codeql + # runs-on: ubuntu-latest + # permissions: + # actions: read + # contents: read + # security-events: write - - name: Publish to pypi.org - if: >- # "create" workflows run separately from "push" & "pull_request" - github.event_name == 'release' - uses: pypa/gh-action-pypi-publish@release/v1 + # strategy: + # fail-fast: false + # matrix: + # language: ["python"] - forum-post: - if: github.event_name == 'release' && github.event.action == 'published' - needs: - - publish-wheel - - publish-ee - - publish-devspaces - runs-on: ubuntu-24.04 + # steps: + # - name: Checkout repository + # uses: actions/checkout@v4 - steps: - - name: Retreive the forum post script from team-devtools - run: curl -O https://raw.githubusercontent.com/ansible/team-devtools/main/.github/workflows/forum_post.py + # # Initializes the CodeQL tools for scanning. + # - name: Initialize CodeQL + # uses: github/codeql-action/init@v3 + # with: + # languages: ${{ matrix.language }} + # # If you wish to specify custom queries, you can do so here or in a config file. + # # By default, queries listed here will override any specified in a config file. + # # Prefix the list here with "+" to use these queries and those in the config file. - - name: Run the forum post script - run: python3 forum_post.py ${{ github.event.repository.full_name }} ${{ github.event.release.tag_name }} ${{ secrets.FORUM_KEY }} ${{ secrets.FORUM_USER }} + # # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # # queries: security-extended,security-and-quality - push: - if: > - github.event_name == 'push' && contains( - fromJSON('["refs/heads/main", "refs/heads/releases", "refs/heads/stable"]'), - github.ref) - uses: ansible/team-devtools/.github/workflows/push.yml@main + # - name: Autobuild + # uses: github/codeql-action/autobuild@v3 + + # - name: Perform CodeQL Analysis + # uses: github/codeql-action/analyze@v3 + # with: + # category: "/language:${{matrix.language}}" + + # publish-ee: + # # environment: release # approval + # runs-on: ubuntu-24.04 + # needs: + # - tox + # # if: github.ref == 'refs/heads/main' + # # github.event_name == 'release' && github.event.action == 'published' + # steps: + # - name: Check out repository + # uses: actions/checkout@v4 + + # - name: pull-merge-push for the the two arch images under a single manifest + # env: + # GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + # run: ./tools/ee.sh --publish "${{ github.event.release.tag_name || github.sha }}" "${{ (github.event_name == 'release' && github.event.action == 'published') || '--dry' }}" + + # publish-devspaces: + # runs-on: ubuntu-24.04 + # needs: + # - codeql + # - tox + # if: github.ref == 'refs/heads/main' || (github.event_name == 'release' && github.event.action == 'published') + # steps: + # - name: Push image to ghcr.io as ansible-devspaces-tmp:${GITHUB_SHA} + # run: | + # echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u "$GITHUB_ACTOR" --password-stdin + # docker pull "ghcr.io/ansible/ansible-devspaces-tmp:${GITHUB_SHA}" + # docker tag "ghcr.io/ansible/ansible-devspaces-tmp:${GITHUB_SHA}" "ghcr.io/ansible/ansible-devspaces:${GITHUB_SHA}" + + # - name: Push image to ghcr.io as ${{ github.event.release.tag_name }} + # if: github.event_name == 'release' && github.event.action == 'published' + # run: | + # docker tag "ghcr.io/ansible/ansible-devspaces:${GITHUB_SHA}" "ghcr.io/ansible/ansible-devspaces:${{ github.event.release.tag_name }}" + # docker tag "ghcr.io/ansible/ansible-devspaces:${GITHUB_SHA}" "ghcr.io/ansible/ansible-devspaces:latest" + # docker push "ghcr.io/ansible/ansible-devspaces:${{ github.event.release.tag_name }}" + # docker push "ghcr.io/ansible/ansible-devspaces:latest" + + # publish-wheel: + # needs: + # - codeql + # - tox + # if: github.event_name == 'release' && github.event.action == 'published' + # environment: release # approval + # runs-on: ubuntu-24.04 + # env: + # FORCE_COLOR: 1 + # PY_COLORS: 1 + # TOXENV: pkg + # TOX_EXTRA_BINDEP: 0 + # steps: + # - name: Switch to using Python 3.10 by default + # uses: actions/setup-python@v5 + # with: + # python-version: "3.10" + + # - name: Install tox + # run: python3 -m pip install --user "tox>=4.0.0" + + # - name: Check out src from Git + # uses: actions/checkout@v4 + # with: + # fetch-depth: 0 # needed by setuptools-scm + # submodules: true + + # - name: Build dists + # run: python3 -m tox + + # - name: Publish to pypi.org + # if: >- # "create" workflows run separately from "push" & "pull_request" + # github.event_name == 'release' + # uses: pypa/gh-action-pypi-publish@release/v1 + + # forum-post: + # if: github.event_name == 'release' && github.event.action == 'published' + # needs: + # - publish-wheel + # - publish-ee + # - publish-devspaces + # runs-on: ubuntu-24.04 + + # steps: + # - name: Retreive the forum post script from team-devtools + # run: curl -O https://raw.githubusercontent.com/ansible/team-devtools/main/.github/workflows/forum_post.py + + # - name: Run the forum post script + # run: python3 forum_post.py ${{ github.event.repository.full_name }} ${{ github.event.release.tag_name }} ${{ secrets.FORUM_KEY }} ${{ secrets.FORUM_USER }} + + # push: + # if: > + # github.event_name == 'push' && contains( + # fromJSON('["refs/heads/main", "refs/heads/releases", "refs/heads/stable"]'), + # github.ref) + # uses: ansible/team-devtools/.github/workflows/push.yml@main diff --git a/tools/smoke.sh b/tools/smoke.sh new file mode 100755 index 00000000..698f8050 --- /dev/null +++ b/tools/smoke.sh @@ -0,0 +1,123 @@ +#!/bin/bash -e +# cspell: disable chectl spodwaittimeout USERSTORY mmusiien OAUTH +set -eu pipefail + +NC='\033[0m' # No Color +export DEBIAN_FRONTEND=noninteractive +# Use "log [notice|warning|error] message" to print a colored message to +# stderr, with colors. +log () { + local prefix + if [ "$#" -ne 2 ]; then + log error "Incorrect call ($*), use: log [group|notice|warning|error] 'message'." + exit 2 + fi + case $1 in + group) + if [ -n "${GITHUB_ACTIONS:-}" ]; then + prefix='::endgroup::\n::group::GROUP\n\033[0;36mGROUP: ' + else + prefix='\033[0;36mGROUP: ' + fi + ;; + notice) prefix='\033[0;36mNOTICE: ' ;; + warning) prefix='\033[0;33mWARNING: ' ;; + error) prefix='\033[0;31mERROR: ' ;; + *) + log error "log first argument must be 'notice', 'warning' or 'error', not $1." + exit 2 + ;; + esac + echo >&2 -e "${prefix}${2}${NC}" +} + +log group "Running smoke.sh" + +ARCH=$(arch) +if [ "$ARCH" == "aarch64" ] || [ "$ARCH" == "arm64" ]; then + ARCH="arm64" + log error "Unsupported architecture: $ARCH" + exit 1 +elif [ "$ARCH" == "x86_64" ]; then + ARCH="amd64" +else + log error "Unsupported architecture: $ARCH" + exit 1 +fi + +if [[ -f "/usr/bin/apt-get" ]]; then + sudo apt-get update -y -qq + sudo apt-get install -y -qq libonig-dev tox podman-docker + + # https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/#install-using-native-package-management + curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.31/deb/Release.key | sudo gpg --batch --yes --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg + sudo chmod 644 /etc/apt/keyrings/kubernetes-apt-keyring.gpg + echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://pkgs.k8s.io/core:/stable:/v1.31/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list + sudo chmod 644 /etc/apt/sources.list.d/kubernetes.list # helps tools such as command-not-found to work correctly + sudo apt-get update -qq + sudo apt-get install -y -q kubectl + + type minikube 2>/dev/null || { + curl -s -o /tmp/minikube_latest.deb https://storage.googleapis.com/minikube/releases/latest/minikube_latest_$ARCH.deb + sudo dpkg -i /tmp/minikube_latest.deb + } + minikube version + log group "Running minikube start" + minikube start +fi + +# not supporting aarch64 architecture! +log group "Install chectl" +bash <(curl -sL https://che-incubator.github.io/chectl/install.sh) --channel=next + +log group "Deploy Che" +# +# load che-code images from /tmp/che-code-latest.tar +# +eval "$(minikube docker-env)" && docker load -i /tmp/che-code-latest.tar && rm /tmp/che-code-latest.tar + +# +# deploy Che +# +chectl server:deploy \ +--batch \ +--platform minikube \ +--k8spodwaittimeout=480000 \ +--k8spodreadytimeout=480000 +# --che-operator-cr-patch-yaml "${GITHUB_WORKSPACE}/build/test/github-minikube-checluster-patch.yaml" + +# +# apply patch +# +# kubectl patch devworkspaceoperatorconfigs \ +# -n eclipse-che devworkspace-config \ +# --patch '{"config": {"workspace": {"imagePullPolicy": "IfNotPresent"}}}' \ +# --type merge + +log group "Pull Universal Base Image" +minikube image pull ghcr.io/ansible/ansible-devspaces:latest + + +log group "Run smoke test" +docker run \ + --shm-size=2048m \ + -p 5920:5920 \ + --network="host" \ + -e TS_SELENIUM_LOAD_PAGE_TIMEOUT=60000 \ + -e TS_SELENIUM_USERNAME=che@eclipse.org \ + -e TS_SELENIUM_PASSWORD=admin \ + -e TS_SELENIUM_BASE_URL="https://$(kubectl get ingress che -n eclipse-che -o jsonpath='{.spec.rules[0].host}')" \ + -e DELETE_WORKSPACE_ON_FAILED_TEST=true \ + -e TS_SELENIUM_START_WORKSPACE_TIMEOUT=120000 \ + -e NODE_TLS_REJECT_UNAUTHORIZED=0 \ + -e VIDEO_RECORDING=true \ + -e TS_SELENIUM_LOG_LEVEL=TRACE \ + -e TS_WAIT_LOADER_PRESENCE_TIMEOUT=120000 \ + -e TS_COMMON_DASHBOARD_WAIT_TIMEOUT=30000 \ + -e USERSTORY=SmokeTest \ + -e TS_SELENIUM_VALUE_OPENSHIFT_OAUTH=false \ + -e TEST_REPO=https://raw.githubusercontent.com/ansible/ansible-dev-tools/refs/heads/main/devfile.yaml \ + quay.io/mmusiien/che-e2e:smoke-test + + # -v ${LOCAL_TEST_DIR}/tests/e2e/report:/tmp/e2e/report:Z \ + # -v ${LOCAL_TEST_DIR}/tests/e2e/video:/tmp/ffmpeg_report:Z \ diff --git a/tools/test-setup.sh b/tools/test-setup.sh index e11fbc3a..c2e104a1 100755 --- a/tools/test-setup.sh +++ b/tools/test-setup.sh @@ -2,5 +2,6 @@ set -eux pipefail if [[ -f "/usr/bin/apt-get" ]]; then + sudo apt-get update -y -q sudo apt-get install -y -q libonig-dev tox fi