From 851aa1c91eac0645a399a21ec7384ca6c6781ad7 Mon Sep 17 00:00:00 2001 From: galargh Date: Tue, 3 Sep 2024 10:40:52 +0200 Subject: [PATCH 1/6] chore: parameterise s3 build cache setup --- .github/workflows/hole-punch-interop.yml | 6 +++--- .github/workflows/transport-interop.yml | 6 +++--- hole-punch-interop/helpers/cache.ts | 7 ++++++- transport-interop/helpers/cache.ts | 7 ++++++- 4 files changed, 18 insertions(+), 8 deletions(-) diff --git a/.github/workflows/hole-punch-interop.yml b/.github/workflows/hole-punch-interop.yml index 723cc2327..d306da2b7 100644 --- a/.github/workflows/hole-punch-interop.yml +++ b/.github/workflows/hole-punch-interop.yml @@ -28,7 +28,7 @@ jobs: - uses: actions/checkout@v3 - uses: ./.github/actions/run-interop-hole-punch-test with: - s3-cache-bucket: libp2p-by-tf-aws-bootstrap - s3-access-key-id: ${{ vars.S3_AWS_ACCESS_KEY_ID }} - s3-secret-access-key: ${{ secrets.S3_AWS_SECRET_ACCESS_KEY }} + s3-cache-bucket: ${{ vars.S3_LIBP2P_BUILD_CACHE_BUCKET_NAME }} + s3-access-key-id: ${{ vars.S3_LIBP2P_BUILD_CACHE_AWS_ACCESS_KEY_ID }} + s3-secret-access-key: ${{ secrets.S3_LIBP2P_BUILD_CACHE_AWS_SECRET_ACCESS_KEY }} worker-count: 16 diff --git a/.github/workflows/transport-interop.yml b/.github/workflows/transport-interop.yml index 275ebb1bf..713ce585c 100644 --- a/.github/workflows/transport-interop.yml +++ b/.github/workflows/transport-interop.yml @@ -18,9 +18,9 @@ jobs: - uses: actions/checkout@v3 - uses: ./.github/actions/run-transport-interop-test with: - s3-cache-bucket: libp2p-by-tf-aws-bootstrap - s3-access-key-id: ${{ vars.S3_AWS_ACCESS_KEY_ID }} - s3-secret-access-key: ${{ secrets.S3_AWS_SECRET_ACCESS_KEY }} + s3-cache-bucket: ${{ vars.S3_LIBP2P_BUILD_CACHE_BUCKET_NAME }} + s3-access-key-id: ${{ vars.S3_LIBP2P_BUILD_CACHE_AWS_ACCESS_KEY_ID }} + s3-secret-access-key: ${{ secrets.S3_LIBP2P_BUILD_CACHE_AWS_SECRET_ACCESS_KEY }} worker-count: 16 build-without-secrets: runs-on: ubuntu-latest diff --git a/hole-punch-interop/helpers/cache.ts b/hole-punch-interop/helpers/cache.ts index a5d07fdf8..3dec0535d 100755 --- a/hole-punch-interop/helpers/cache.ts +++ b/hole-punch-interop/helpers/cache.ts @@ -1,4 +1,4 @@ -const AWS_BUCKET = process.env.AWS_BUCKET || 'libp2p-by-tf-aws-bootstrap'; +const AWS_BUCKET = process.env.AWS_BUCKET; const scriptDir = __dirname; import * as crypto from 'crypto'; @@ -73,6 +73,11 @@ async function loadCacheOrBuild(dir: string, ig: Ignore) { const cacheKey = await hashFiles(files) console.log("Cache key:", cacheKey) + if (AWS_BUCKET === "") { + console.log("Cache not found", new Error("AWS_BUCKET not set")) + return + } + if (mode == Mode.PushCache) { console.log("Pushing cache") try { diff --git a/transport-interop/helpers/cache.ts b/transport-interop/helpers/cache.ts index 697e452fb..7a47f76db 100755 --- a/transport-interop/helpers/cache.ts +++ b/transport-interop/helpers/cache.ts @@ -1,4 +1,4 @@ -const AWS_BUCKET = process.env.AWS_BUCKET || 'libp2p-by-tf-aws-bootstrap'; +const AWS_BUCKET = process.env.AWS_BUCKET; const scriptDir = __dirname; import * as crypto from 'crypto'; @@ -62,6 +62,11 @@ switch (modeStr) { const cacheKey = await hashFiles(files) console.log("Cache key:", cacheKey) + if (AWS_BUCKET === "") { + console.log("Cache not found", new Error("AWS_BUCKET not set")) + continue + } + if (mode == Mode.PushCache) { console.log("Pushing cache") try { From d90d9420fe7dfe0e5e8ec47b030c1848d79fbce9 Mon Sep 17 00:00:00 2001 From: Piotr Galar Date: Wed, 4 Sep 2024 14:51:54 +0200 Subject: [PATCH 2/6] Apply suggestions from code review Co-authored-by: Alex Potsides --- hole-punch-interop/helpers/cache.ts | 2 +- transport-interop/helpers/cache.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hole-punch-interop/helpers/cache.ts b/hole-punch-interop/helpers/cache.ts index 3dec0535d..30943c75a 100755 --- a/hole-punch-interop/helpers/cache.ts +++ b/hole-punch-interop/helpers/cache.ts @@ -73,7 +73,7 @@ async function loadCacheOrBuild(dir: string, ig: Ignore) { const cacheKey = await hashFiles(files) console.log("Cache key:", cacheKey) - if (AWS_BUCKET === "") { + if (!AWS_BUCKET) { console.log("Cache not found", new Error("AWS_BUCKET not set")) return } diff --git a/transport-interop/helpers/cache.ts b/transport-interop/helpers/cache.ts index 7a47f76db..e1670c915 100755 --- a/transport-interop/helpers/cache.ts +++ b/transport-interop/helpers/cache.ts @@ -62,7 +62,7 @@ switch (modeStr) { const cacheKey = await hashFiles(files) console.log("Cache key:", cacheKey) - if (AWS_BUCKET === "") { + if (!AWS_BUCKET) { console.log("Cache not found", new Error("AWS_BUCKET not set")) continue } From 11f920601fe900b3fe53f503272bbe33a671619a Mon Sep 17 00:00:00 2001 From: galargh Date: Wed, 4 Sep 2024 14:59:46 +0200 Subject: [PATCH 3/6] fix: cache load/push --- .../actions/run-interop-hole-punch-test/action.yml | 3 +++ .github/actions/run-interop-ping-test/action.yml | 3 +++ .github/actions/run-transport-interop-test/action.yml | 3 +++ hole-punch-interop/helpers/cache.ts | 11 ++++++----- transport-interop/helpers/cache.ts | 11 ++++++----- 5 files changed, 21 insertions(+), 10 deletions(-) diff --git a/.github/actions/run-interop-hole-punch-test/action.yml b/.github/actions/run-interop-hole-punch-test/action.yml index f73647469..ac6b86134 100644 --- a/.github/actions/run-interop-hole-punch-test/action.yml +++ b/.github/actions/run-interop-hole-punch-test/action.yml @@ -86,6 +86,9 @@ runs: - name: Load cache and build working-directory: ${{ steps.find-workdir.outputs.WORK_DIR }} + env: + AWS_BUCKET: ${{ inputs.s3-cache-bucket }} + AWS_REGION: ${{ inputs.aws-region }} run: npm run cache -- load shell: bash diff --git a/.github/actions/run-interop-ping-test/action.yml b/.github/actions/run-interop-ping-test/action.yml index b351f1d17..8372ac056 100644 --- a/.github/actions/run-interop-ping-test/action.yml +++ b/.github/actions/run-interop-ping-test/action.yml @@ -78,6 +78,9 @@ runs: - name: Load cache and build working-directory: ${{ steps.find-workdir.outputs.WORK_DIR }} + env: + AWS_BUCKET: ${{ inputs.s3-cache-bucket }} + AWS_REGION: ${{ inputs.aws-region }} run: npm run cache -- load shell: bash diff --git a/.github/actions/run-transport-interop-test/action.yml b/.github/actions/run-transport-interop-test/action.yml index 09eaaf33d..c1e2d0854 100644 --- a/.github/actions/run-transport-interop-test/action.yml +++ b/.github/actions/run-transport-interop-test/action.yml @@ -78,6 +78,9 @@ runs: - name: Load cache and build working-directory: ${{ steps.find-workdir.outputs.WORK_DIR }} + env: + AWS_BUCKET: ${{ inputs.s3-cache-bucket }} + AWS_REGION: ${{ inputs.aws-region }} run: npm run cache -- load shell: bash diff --git a/hole-punch-interop/helpers/cache.ts b/hole-punch-interop/helpers/cache.ts index 30943c75a..c88631f56 100755 --- a/hole-punch-interop/helpers/cache.ts +++ b/hole-punch-interop/helpers/cache.ts @@ -73,14 +73,12 @@ async function loadCacheOrBuild(dir: string, ig: Ignore) { const cacheKey = await hashFiles(files) console.log("Cache key:", cacheKey) - if (!AWS_BUCKET) { - console.log("Cache not found", new Error("AWS_BUCKET not set")) - return - } - if (mode == Mode.PushCache) { console.log("Pushing cache") try { + if (!AWS_BUCKET) { + throw new Error("AWS_BUCKET not set") + } const res = await fetch(`https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`, {method: "HEAD"}) if (res.ok) { console.log("Cache already exists") @@ -101,6 +99,9 @@ async function loadCacheOrBuild(dir: string, ig: Ignore) { console.log("Loading cache") let cacheHit = false try { + if (!AWS_BUCKET) { + throw new Error("AWS_BUCKET not set") + } // Check if the cache exists const res = await fetch(`https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`, {method: "HEAD"}) if (res.ok) { diff --git a/transport-interop/helpers/cache.ts b/transport-interop/helpers/cache.ts index e1670c915..80d284d4e 100755 --- a/transport-interop/helpers/cache.ts +++ b/transport-interop/helpers/cache.ts @@ -62,14 +62,12 @@ switch (modeStr) { const cacheKey = await hashFiles(files) console.log("Cache key:", cacheKey) - if (!AWS_BUCKET) { - console.log("Cache not found", new Error("AWS_BUCKET not set")) - continue - } - if (mode == Mode.PushCache) { console.log("Pushing cache") try { + if (!AWS_BUCKET) { + throw new Error("AWS_BUCKET not set") + } const res = await fetch(`https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`, { method: "HEAD" }) if (res.ok) { console.log("Cache already exists") @@ -90,6 +88,9 @@ switch (modeStr) { console.log("Loading cache") let cacheHit = false try { + if (!AWS_BUCKET) { + throw new Error("AWS_BUCKET not set") + } // Check if the cache exists const res = await fetch(`https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`, { method: "HEAD" }) if (res.ok) { From fda31835df48fa65e0e1eef3fadc61f6f174c59e Mon Sep 17 00:00:00 2001 From: galargh Date: Thu, 5 Sep 2024 17:04:33 +0200 Subject: [PATCH 4/6] chore: pass creds when reading cache --- .github/actions/run-interop-hole-punch-test/action.yml | 2 ++ .github/actions/run-interop-ping-test/action.yml | 2 ++ .github/actions/run-transport-interop-test/action.yml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/.github/actions/run-interop-hole-punch-test/action.yml b/.github/actions/run-interop-hole-punch-test/action.yml index ac6b86134..5ef607b06 100644 --- a/.github/actions/run-interop-hole-punch-test/action.yml +++ b/.github/actions/run-interop-hole-punch-test/action.yml @@ -89,6 +89,8 @@ runs: env: AWS_BUCKET: ${{ inputs.s3-cache-bucket }} AWS_REGION: ${{ inputs.aws-region }} + AWS_ACCESS_KEY_ID: ${{ inputs.s3-access-key-id }} + AWS_SECRET_ACCESS_KEY: ${{ inputs.s3-secret-access-key }} run: npm run cache -- load shell: bash diff --git a/.github/actions/run-interop-ping-test/action.yml b/.github/actions/run-interop-ping-test/action.yml index 8372ac056..434ed19d1 100644 --- a/.github/actions/run-interop-ping-test/action.yml +++ b/.github/actions/run-interop-ping-test/action.yml @@ -81,6 +81,8 @@ runs: env: AWS_BUCKET: ${{ inputs.s3-cache-bucket }} AWS_REGION: ${{ inputs.aws-region }} + AWS_ACCESS_KEY_ID: ${{ inputs.s3-access-key-id }} + AWS_SECRET_ACCESS_KEY: ${{ inputs.s3-secret-access-key }} run: npm run cache -- load shell: bash diff --git a/.github/actions/run-transport-interop-test/action.yml b/.github/actions/run-transport-interop-test/action.yml index c1e2d0854..8122f4d34 100644 --- a/.github/actions/run-transport-interop-test/action.yml +++ b/.github/actions/run-transport-interop-test/action.yml @@ -81,6 +81,8 @@ runs: env: AWS_BUCKET: ${{ inputs.s3-cache-bucket }} AWS_REGION: ${{ inputs.aws-region }} + AWS_ACCESS_KEY_ID: ${{ inputs.s3-access-key-id }} + AWS_SECRET_ACCESS_KEY: ${{ inputs.s3-secret-access-key }} run: npm run cache -- load shell: bash From 69f4fcc669789e0f97de05dab8a0c7b44c7d8657 Mon Sep 17 00:00:00 2001 From: galargh Date: Thu, 5 Sep 2024 17:28:57 +0200 Subject: [PATCH 5/6] fix: interact with aws only using the CLI --- hole-punch-interop/helpers/cache.ts | 28 +++++++++++++--------------- transport-interop/helpers/cache.ts | 28 +++++++++++++--------------- 2 files changed, 26 insertions(+), 30 deletions(-) diff --git a/hole-punch-interop/helpers/cache.ts b/hole-punch-interop/helpers/cache.ts index c88631f56..cb54ad4e0 100755 --- a/hole-punch-interop/helpers/cache.ts +++ b/hole-punch-interop/helpers/cache.ts @@ -3,6 +3,7 @@ const scriptDir = __dirname; import * as crypto from 'crypto'; import * as fs from 'fs'; +import * as os from 'os'; import * as path from 'path'; import * as child_process from 'child_process'; import ignore, { Ignore } from 'ignore' @@ -79,10 +80,11 @@ async function loadCacheOrBuild(dir: string, ig: Ignore) { if (!AWS_BUCKET) { throw new Error("AWS_BUCKET not set") } - const res = await fetch(`https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`, {method: "HEAD"}) - if (res.ok) { + try { + child_process.execSync(`aws s3 ls s3://${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`) console.log("Cache already exists") - } else { + } catch (e) { + console.log("Cache doesn't exist", e) // Read image id from image.json const imageID = JSON.parse(fs.readFileSync(path.join(dir, 'image.json')).toString()).imageID; console.log(`Pushing cache for ${dir}: ${imageID}`) @@ -102,18 +104,14 @@ async function loadCacheOrBuild(dir: string, ig: Ignore) { if (!AWS_BUCKET) { throw new Error("AWS_BUCKET not set") } - // Check if the cache exists - const res = await fetch(`https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`, {method: "HEAD"}) - if (res.ok) { - const dockerLoadedMsg = child_process.execSync(`curl https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz | docker image load`).toString(); - const loadedImageId = dockerLoadedMsg.match(/Loaded image( ID)?: (.*)/)[2]; - if (loadedImageId) { - console.log(`Cache hit for ${loadedImageId}`); - fs.writeFileSync(path.join(dir, 'image.json'), JSON.stringify({imageID: loadedImageId}) + "\n"); - cacheHit = true - } - } else { - console.log("Cache not found") + const cachePath = fs.mkdtempSync(path.join(os.tmpdir(), 'cache')) + const archivePath = path.join(cachePath, 'archive.tar.gz') + const dockerLoadedMsg = child_process.execSync(`aws s3 cp s3://${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz ${archivePath} && docker image load -i ${archivePath}`).toString(); + const loadedImageId = dockerLoadedMsg.match(/Loaded image( ID)?: (.*)/)[2]; + if (loadedImageId) { + console.log(`Cache hit for ${loadedImageId}`); + fs.writeFileSync(path.join(dir, 'image.json'), JSON.stringify({imageID: loadedImageId}) + "\n"); + cacheHit = true } } catch (e) { console.log("Cache not found:", e) diff --git a/transport-interop/helpers/cache.ts b/transport-interop/helpers/cache.ts index 80d284d4e..5504a0c0f 100755 --- a/transport-interop/helpers/cache.ts +++ b/transport-interop/helpers/cache.ts @@ -3,6 +3,7 @@ const scriptDir = __dirname; import * as crypto from 'crypto'; import * as fs from 'fs'; +import * as os from 'os'; import * as path from 'path'; import * as child_process from 'child_process'; import ignore, { Ignore } from 'ignore' @@ -68,10 +69,11 @@ switch (modeStr) { if (!AWS_BUCKET) { throw new Error("AWS_BUCKET not set") } - const res = await fetch(`https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`, { method: "HEAD" }) - if (res.ok) { + try { + child_process.execSync(`aws s3 ls s3://${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`) console.log("Cache already exists") - } else { + } catch (e) { + console.log("Cache doesn't exist", e) // Read image id from image.json const imageID = JSON.parse(fs.readFileSync(path.join(implFolder, 'image.json')).toString()).imageID; console.log(`Pushing cache for ${impl}: ${imageID}`) @@ -91,18 +93,14 @@ switch (modeStr) { if (!AWS_BUCKET) { throw new Error("AWS_BUCKET not set") } - // Check if the cache exists - const res = await fetch(`https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz`, { method: "HEAD" }) - if (res.ok) { - const dockerLoadedMsg = child_process.execSync(`curl https://s3.amazonaws.com/${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz | docker image load`).toString(); - const loadedImageId = dockerLoadedMsg.match(/Loaded image( ID)?: (.*)/)[2]; - if (loadedImageId) { - console.log(`Cache hit for ${loadedImageId}`); - fs.writeFileSync(path.join(implFolder, 'image.json'), JSON.stringify({ imageID: loadedImageId }) + "\n"); - cacheHit = true - } - } else { - console.log("Cache not found") + const cachePath = fs.mkdtempSync(path.join(os.tmpdir(), 'cache')) + const archivePath = path.join(cachePath, 'archive.tar.gz') + const dockerLoadedMsg = child_process.execSync(`aws s3 cp s3://${AWS_BUCKET}/imageCache/${cacheKey}-${arch}.tar.gz ${archivePath} && docker image load -i ${archivePath}`).toString(); + const loadedImageId = dockerLoadedMsg.match(/Loaded image( ID)?: (.*)/)[2]; + if (loadedImageId) { + console.log(`Cache hit for ${loadedImageId}`); + fs.writeFileSync(path.join(implFolder, 'image.json'), JSON.stringify({ imageID: loadedImageId }) + "\n"); + cacheHit = true } } catch (e) { console.log("Cache not found:", e) From 0f3022d346094ebfa1e17ddb9122dfbb1997cc6d Mon Sep 17 00:00:00 2001 From: Piotr Galar Date: Tue, 10 Sep 2024 20:25:54 +0200 Subject: [PATCH 6/6] Update transport-interop.yml --- .github/workflows/transport-interop.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/transport-interop.yml b/.github/workflows/transport-interop.yml index 713ce585c..e5fcc6dc2 100644 --- a/.github/workflows/transport-interop.yml +++ b/.github/workflows/transport-interop.yml @@ -23,7 +23,7 @@ jobs: s3-secret-access-key: ${{ secrets.S3_LIBP2P_BUILD_CACHE_AWS_SECRET_ACCESS_KEY }} worker-count: 16 build-without-secrets: - runs-on: ubuntu-latest + runs-on: ['self-hosted', 'linux', 'x64', '4xlarge'] # https://github.com/pl-strflt/tf-aws-gh-runner/blob/main/runners.tf steps: - uses: actions/checkout@v3 # Purposely not using secrets to replicate how forks will behave.