Github actions integration tests use docker image instead of python l…

…ocal setup (#884) * Run integrations tests with docker compose setup * Remove obsolete/commented code from workflow file * switch to `docker compose`, no file version
integritee-network · Aug 10, 2022 · 08ce9f3 · 08ce9f3
1 parent bbcf62e
commit 08ce9f3
Show file tree

Hide file tree

Showing 13 changed files with 111 additions and 193 deletions.
diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml
@@ -11,10 +11,7 @@ on:
 
 env:
   CARGO_TERM_COLOR: always
-  WORKER_BIN: integritee-service
-  CLIENT_BIN: integritee-cli
-  ENCLAVE_BIN: enclave.signed.so
-  LOG_DIR: log
+  LOG_DIR: logs
   BUILD_CONTAINER_NAME: integritee_worker_enclave_test
 
 jobs:
@@ -27,8 +24,9 @@ jobs:
           access_token: ${{ secrets.GITHUB_TOKEN }}
 
   build-test:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     strategy:
+      fail-fast: false
       matrix:
         mode: [ sidechain, offchain-worker ]
 
@@ -39,57 +37,45 @@ jobs:
         uses: docker/setup-buildx-action@v2
         with:
           buildkitd-flags: --debug
+          driver: docker-container
 
-      - name: Build Enclave Test Image
+      - name: Build Worker & Run Cargo Test
         env:
           DOCKER_BUILDKIT: 1
-        run: docker build -t integritee-worker-enclave-test-${{ matrix.mode }}-${{ github.sha }} --target enclave-test --build-arg WORKER_MODE_ARG=${{ matrix.mode }} -f build.Dockerfile .
+        run: >
+          docker build -t integritee-worker-${{ matrix.mode }}-${{ github.sha }} 
+          --target deployed-worker --build-arg WORKER_MODE_ARG=${{ matrix.mode }} 
+          -f build.Dockerfile .
 
-      - name: Test Enclave # cargo test is not supported, see: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/232
-        run: docker run --name ${{ env.BUILD_CONTAINER_NAME }} integritee-worker-enclave-test-${{ matrix.mode }}-${{ github.sha }}
-
-      - name: Build Cargo Test Image
+      - name: Build CLI client
         env:
           DOCKER_BUILDKIT: 1
-        run:  docker build -t integritee-worker-ctest-${{ matrix.mode }}-${{ github.sha }} --target cargo-test --build-arg WORKER_MODE_ARG=${{ matrix.mode }} -f build.Dockerfile .
+        run: >
+          docker build -t integritee-cli-client-${{ matrix.mode }}-${{ github.sha }} 
+          --target deployed-client --build-arg WORKER_MODE_ARG=${{ matrix.mode }} 
+          -f build.Dockerfile .
 
-      - name: Run Cargo Test
-        run: docker run --rm integritee-worker-ctest-${{ matrix.mode }}-${{ github.sha }}
+      - run: docker images --all
 
-      - name: Build Deployable Image
-        env:
-          DOCKER_BUILDKIT: 1
-        run: docker build --output=type=tar,dest=/tmp/integritee-worker.tar --target=deployed-worker --build-arg WORKER_MODE_ARG=${{ matrix.mode }} -f build.Dockerfile .
-
-      - name: Copy artifacts from container
-        run: |
-          docker cp ${{ env.BUILD_CONTAINER_NAME }}:/root/work/worker/bin/${{ env.WORKER_BIN }} .
-          docker cp ${{ env.BUILD_CONTAINER_NAME }}:/root/work/worker/bin/${{ env.CLIENT_BIN }} .
-          docker cp ${{ env.BUILD_CONTAINER_NAME }}:/root/work/worker/bin/${{ env.ENCLAVE_BIN }} .
+      - name: Test Enclave # cargo test is not supported in the enclave, see: https://github.com/apache/incubator-teaclave-sgx-sdk/issues/232
+        run: docker run --name ${{ env.BUILD_CONTAINER_NAME }} integritee-worker-${{ matrix.mode }}-${{ github.sha }} test --all
 
-      - name: Upload worker
-        uses: actions/upload-artifact@v2
-        with:
-          name: integritee-worker-${{ matrix.mode }}-${{ github.sha }}
-          path: ${{ env.WORKER_BIN }}
-
-      - name: Upload client
-        uses: actions/upload-artifact@v2
-        with:
-          name: integritee-client-${{ matrix.mode }}-${{ github.sha }}
-          path: ${{ env.CLIENT_BIN }}
+      - name: Export worker image(s)
+        run: |
+          docker image save integritee-worker-${{ matrix.mode }}-${{ github.sha }} | gzip > integritee-worker-${{ matrix.mode }}-${{ github.sha }}.tar.gz
+          docker image save integritee-cli-client-${{ matrix.mode }}-${{ github.sha }} | gzip > integritee-cli-client-${{ matrix.mode }}-${{ github.sha }}.tar.gz
 
-      - name: Upload enclave
+      - name: Upload worker image
         uses: actions/upload-artifact@v2
         with:
-          name: enclave-signed-${{ matrix.mode }}-${{ github.sha }}
-          path: ${{ env.ENCLAVE_BIN }}
+          name: integritee-worker-${{ matrix.mode }}-${{ github.sha }}.tar.gz
+          path: integritee-worker-${{ matrix.mode }}-${{ github.sha }}.tar.gz
 
-      - name: Upload deployable image
+      - name: Upload CLI client image
         uses: actions/upload-artifact@v2
         with:
-          name: integritee-worker-${{ matrix.mode }}-image-${{ github.sha }}
-          path: /tmp/integritee-worker.tar
+          name: integritee-cli-client-${{ matrix.mode }}-${{ github.sha }}.tar.gz
+          path: integritee-cli-client-${{ matrix.mode }}-${{ github.sha }}.tar.gz
 
   clippy:
     runs-on: ubuntu-latest
@@ -126,144 +112,77 @@ jobs:
         uses: andymckay/cancel-action@0.2
 
   integration-tests:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
     needs: build-test
-    container: "integritee/integritee-dev:0.1.9"
+    env:
+      WORKER_IMAGE_TAG: integritee-worker:dev
+      CLIENT_IMAGE_TAG: integritee-cli:dev
     strategy:
       fail-fast: false
       matrix:
         include:
           - test: M6
             mode: sidechain
-            demo_name: m6_demo_shielding_unshielding
-            demo_script: m6.sh
+            demo_name: demo-indirect-invocation
           - test: M8
             mode: sidechain
-            demo_name: m8_demo_direct_call
-            demo_script: m8.sh
+            demo_name: demo-direct-call
           - test: Sidechain
             mode: sidechain
-            demo_name: sidechain_demo
-            demo_script: sidechain.sh
+            demo_name: demo-sidechain
           - test: M6
             mode: offchain-worker
-            demo_name: m6_demo_shielding_unshielding
-            demo_script: m6.sh
+            demo_name: demo-indirect-invocation
 
-    env:
-      BIN_DIR: bin
     steps:
       - uses: actions/checkout@v3
 
-      - uses: actions/setup-python@v3
-        with:
-          python-version: '3.7'
-
-      - name: Download Worker
+      - name: Download Worker Image
         uses: actions/download-artifact@v2
         with:
-          name: integritee-worker-${{ matrix.mode }}-${{ github.sha }}
-          path: ${{ env.BIN_DIR }}
+          name: integritee-worker-${{ matrix.mode }}-${{ github.sha }}.tar.gz
+          path: .
 
-      - name: Download Client
+      - name: Download CLI client Image
         uses: actions/download-artifact@v2
         with:
-          name: integritee-client-${{ matrix.mode }}-${{ github.sha }}
-          path: ${{ env.BIN_DIR }}
+          name: integritee-cli-client-${{ matrix.mode }}-${{ github.sha }}.tar.gz
+          path: .
 
-      - name: Download Enclave
-        uses: actions/download-artifact@v2
-        with:
-          name: enclave-signed-${{ matrix.mode }}-${{ github.sha }}
-          path: ${{ env.BIN_DIR }}
-
-        # If you want to debug ci and you don't want to build the binaries, you can replace the downloads above with
-        # the actions below to download binaries from an earlier run.
-#      - name: Download Worker
-#        uses: dawidd6/action-download-artifact@v2
-#        with:
-#          github_token: ${{secrets.GITHUB_TOKEN}}
-#          workflow: build_and_test.yml
-#          run_id: 1033249727
-#          name: integritee-worker-da8d4b442d3f2b09dbafb097d4d7a1bce409d518
-#          path: ${{ env.BIN_DIR }}
-#
-#      - name: Download Client
-#        uses: dawidd6/action-download-artifact@v2
-#        with:
-#          github_token: ${{secrets.GITHUB_TOKEN}}
-#          workflow: build_and_test.yml
-#          run_id: 1033249727
-#          name: integritee-client-da8d4b442d3f2b09dbafb097d4d7a1bce409d518
-#          path: ${{ env.BIN_DIR }}
-#
-#      - name: Download Enclave
-#        uses: dawidd6/action-download-artifact@v2
-#        with:
-#          github_token: ${{secrets.GITHUB_TOKEN}}
-#          workflow: build_and_test.yml
-#          run_id: 1033249727
-#          name: enclave-signed-da8d4b442d3f2b09dbafb097d4d7a1bce409d518
-#          path: ${{ env.BIN_DIR }}
-
-      - name: Download integritee-node
-        uses: dawidd6/action-download-artifact@v2
-        with:
-          github_token: ${{secrets.GITHUB_TOKEN}}
-          workflow: ci.yml
-          name: integritee-node-dev-a1a80ab709c3c94f3174c7218f86b4de390d6dc5
-          # in fact this action should download the latest artifact, but sometimes fails. Then we need to
-          # set the `run_id` to force a download of an updated binary.
-          run_id: 2740081205
-          path: node
-          repo: integritee-network/integritee-node
-
-      - name: Prepare working directory
-        run: |
-          mkdir -p ${{ env.LOG_DIR}}
-          chmod +x node/integritee-node
-          cd ${{ env.BIN_DIR }}
-          chmod +x ${{ env.WORKER_BIN }}
-          chmod +x ${{ env.CLIENT_BIN }}
-          chmod +x ${{ env.ENCLAVE_BIN }}
-
-      - name: "Setup Keys"
+      - name: Load Worker & Client Images
         env:
-          KEY: ${{ secrets.IAS_PRIMARY_KEY }}
-          SPID: ${{ secrets.IAS_SPID }}
-          TLS_CERTIFICATE: ${{ secrets.TLS_WS_SERVER_CERTIFICATE }}
-          TLS_PRIVATE_KEY: ${{ secrets.TLS_WS_SERVER_PRIVATE_KEY }}
+          DOCKER_BUILDKIT: 1
         run: |
-          cd ${{ env.BIN_DIR }}
-          echo "${{ env.KEY }}" > key.txt
-          echo "${{ env.SPID }}" > spid.txt
-          echo "${{ env.TLS_CERTIFICATE }}" > end.fullchain
-          echo "${{ env.TLS_PRIVATE_KEY }}" > end.rsa
-          chmod 644 end.fullchain
-          chmod 644 end.rsa
-
-      - name: Run local setup
-        # * `set -eo pipefail` is needed to return an error even if piped to `tee`.
-        shell: bash --noprofile --norc -eo pipefail {0}
+          docker image load --input integritee-worker-${{ matrix.mode }}-${{ github.sha }}.tar.gz
+          docker image load --input integritee-cli-client-${{ matrix.mode }}-${{ github.sha }}.tar.gz
+          docker images --all
+
+      - name: Re-name Image Tags
         run: |
-          touch ${{ env.LOG_DIR }}/local-setup.log
-          ./local-setup/launch.py local-setup/github-action-config.json 2>&1 | tee -i ${{ env.LOG_DIR }}/local-setup.log &
-          sleep 150
-
-      - name: ${{ matrix.demo_name }}-${{ matrix.mode }}
-        # * the change the symbolic link which points to the target/release... folder.
-        # * need overwrite default shell to bash to get access to the `source` cmd.
-        shell: bash --noprofile --norc -eo pipefail {0}
+          docker tag integritee-worker-${{ matrix.mode }}-${{ github.sha }} ${{ env.WORKER_IMAGE_TAG }}
+          docker tag integritee-cli-client-${{ matrix.mode }}-${{ github.sha }} ${{ env.CLIENT_IMAGE_TAG }} 
+          docker images --all
+
+      - name: Integration Test ${{ matrix.test }}-${{ matrix.mode }}
         run: |
-          source ./scripts/init_env.sh && ./scripts/${{ matrix.demo_script }}
+          cd docker
+          docker compose -f docker-compose.yml -f ${{ matrix.demo_name }}.yml up --no-build --exit-code-from ${{ matrix.demo_name }}
 
-      - name: Upload logs
+      - name: Collect Docker Logs
         continue-on-error: true
+        if: always()
+        uses: jwalton/gh-docker-logs@v2.2.0
+        with:
+          #images: '${{ env.WORKER_IMAGE_TAG }},${{ env.CLIENT_IMAGE_TAG }}'
+          tail: all
+          dest: ./${{ env.LOG_DIR }}
+
+      - name: Upload logs
         if: always()
         uses: actions/upload-artifact@v2
         with:
-          name: ${{ matrix.test }}-${{ matrix.mode }}_logs
-          path: ${{ env.LOG_DIR }}
+          name: logs-${{ matrix.test }}-${{ matrix.mode }}
+          path: ./${{ env.LOG_DIR }}
 
   release:
     name: Draft Release

diff --git a/build.Dockerfile b/build.Dockerfile
@@ -31,30 +31,13 @@ ENV SGX_MODE SW
 ARG WORKER_MODE_ARG
 ENV WORKER_MODE=$WORKER_MODE_ARG
 
-COPY . /root/work/worker/
 WORKDIR /root/work/worker
+COPY . .
 
-#RUN --mount=type=cache,target=/usr/local/cargo/registry \
-#	--mount=type=cache,target=/root/work/worker/target \
-#	make
 RUN make
 
-### Enclave Test Stage
-##################################################
-FROM builder AS enclave-test
-
-WORKDIR /root/work/worker/bin
-
-CMD ./integritee-service test --all
-
-
-### Cargo Test Stage
-##################################################
-FROM builder AS cargo-test
-
-WORKDIR /root/work/worker
+RUN cargo test --release
 
-CMD cargo test --release
 
 ### Base Runner Stage
 ##################################################

diff --git a/core/rpc-client/src/direct_client.rs b/core/rpc-client/src/direct_client.rs
@@ -68,6 +68,7 @@ impl DirectApi for DirectClient {
 
 		info!("[WorkerApi Direct]: (get) Sending request: {:?}", request);
 		WsClient::connect_one_shot(&self.url, request, port_in)?;
+		debug!("Waiting for web-socket result..");
 		port_out.recv().map_err(Error::MspcReceiver)
 	}
 

diff --git a/core/rpc-client/src/ws_client.rs b/core/rpc-client/src/ws_client.rs
@@ -84,6 +84,7 @@ impl WsClient {
 		result: &MpscSender<String>,
 		control: Arc<WsClientControl>,
 	) -> Result<()> {
+		debug!("Connecting web-socket connection with watch");
 		connect(url.to_string(), |out| {
 			control.subscribe_sender(out.clone()).expect("Failed sender subscription");
 			WsClient::new(out, request.to_string(), result.clone(), true)
@@ -92,7 +93,9 @@ impl WsClient {
 
 	/// Connects a web-socket client for a one-shot request.
 	pub fn connect_one_shot(url: &str, request: &str, result: MpscSender<String>) -> Result<()> {
+		debug!("Connecting one-shot web-socket connection");
 		connect(url.to_string(), |out| {
+			debug!("Create new web-socket client");
 			WsClient::new(out, request.to_string(), result.clone(), false)
 		})
 	}