-
Notifications
You must be signed in to change notification settings - Fork 0
128 lines (123 loc) · 5.06 KB
/
daily.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
name: daily
on:
schedule:
- cron: "14 14 * * *"
# Uncomment below to test.
#push:
# branches: [gha-test-*, canary, auto]
jobs:
audit:
runs-on: ubuntu-latest
container:
image: libra/build_environment:github-1
strategy:
fail-fast: false
matrix:
#this is a painful solution since it doesn't pick up new branches, other option is lotsa shell in one job....
#to test in canary add in canary here.....
target-branch: [main, master, release-1.1]
env:
MESSAGE_PAYLOAD_FILE: /tmp/message
steps:
- uses: actions/checkout@v2
with:
ref: ${{ matrix.target-branch }}
- uses: ./.github/actions/build-setup
- name: install cargo-audit
run: cargo install --force cargo-audit
- name: audit crates
# List of ignored RUSTSEC
# 1. RUSTSEC-2021-0020 - Not impacted, see #7723
run: |
$CARGO $CARGOFLAGS audit --ignore RUSTSEC-2021-0020 >> $MESSAGE_PAYLOAD_FILE
- uses: ./.github/actions/slack-file
with:
webhook: ${{ secrets.WEBHOOK_AUDIT }}
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }}
if: ${{ failure() }}
- uses: ./.github/actions/build-teardown
coverage:
runs-on: ubuntu-latest-xl
container:
image: libra/build_environment:github-1
env:
CODECOV_OUTPUT: codecov
MESSAGE_PAYLOAD_FILE: /tmp/message
steps:
- uses: actions/checkout@v2
- uses: ./.github/actions/build-setup
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.DIEM_S3_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.DIEM_S3_AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.DIEM_S3_AWS_REGION }}
- name: produce coverage
run: cargo xtest --html-cov-dir=$CODECOV_OUTPUT/grcovhtml/ --html-lcov-dir=$CODECOV_OUTPUT/lcovhtml/ --no-fail-fast -j 16 || true
- name: Push Coverage Reports to S3
run: |
set -x
SUFFIX="$(date +"%Y-%m-%d")-$(git rev-parse --short=8 HEAD)"
PREFIX="ci-artifacts.diem.com/coverage";
#Push grcov
aws s3 cp --recursive ${CODECOV_OUTPUT}/grcovhtml "s3://${PREFIX}/unit-coverage/${SUFFIX}/";
aws s3 cp --recursive ${CODECOV_OUTPUT}/grcovhtml "s3://${PREFIX}/unit-coverage/latest/";
echo "Grcov available in s3 https://${PREFIX}/unit-coverage/${SUFFIX}/index.html" >> ${MESSAGE_PAYLOAD_FILE}
#Push lcov
aws s3 cp --recursive ${CODECOV_OUTPUT}/lcovhtml "s3://${PREFIX}/lcov-unit-coverage/${SUFFIX}/";
aws s3 cp --recursive ${CODECOV_OUTPUT}/lcovhtml "s3://${PREFIX}/lcov-unit-coverage/latest/";
echo "lcov available in s3 https://${PREFIX}/lcov-unit-coverage/${SUFFIX}/index.html" >> ${MESSAGE_PAYLOAD_FILE}
- name: "Send Message"
uses: ./.github/actions/slack-file
with:
payload-file: ${{ env.MESSAGE_PAYLOAD_FILE }}
webhook: ${{ secrets.WEBHOOK_COVERAGE }}
# Disabling for now as this is not critical for job success. TODO: fix it up.
#- name: publish to codecov.io
# run: bash <(curl -s https://codecov.io/bash) -f $CODECOV_OUTPUT/lcovhtml/lcov.info -F unittest;
#- uses: ./.github/actions/build-teardown
transaction-replay:
runs-on: ubuntu-latest-xl
container:
image: libra/build_environment:github-1
env:
MESSAGE_PAYLOAD_FILE: /tmp/message
ACCOUNT: ${{ secrets.TRANSACTION_REPLAY_ACCOUNT }}
CONTAINER: backup
SUB_DIR: e2
SAS: ""
CONFIG: .github/workflows/transaction-replay.toml
steps:
- uses: actions/checkout@v2
- uses: ./.github/actions/build-setup
- name: install azcopy
run: |
# Download AzCopy
curl -sL -o downloadazcopy-v10-linux "https://aka.ms/downloadazcopy-v10-linux"
# Expand Archive
tar -xvf downloadazcopy-v10-linux
# Move AzCopy to the destination you want to store it
cp ./azcopy_linux_amd64_*/azcopy /usr/bin/
rm -rf downloadazcopy-v10-linux azcopy_linux_amd64_*
- name: replay transactions
run: |
cargo run --release --bin db-restore -- --target-db-dir /var/tmp/dbrestore/ auto --replay-all command-adapter --config "$CONFIG"
- uses: ./.github/actions/build-teardown
prune-docker-images:
runs-on: ubuntu-latest
env:
TAG: github-1
steps:
- uses: actions/checkout@v2
- name: sign in to DockerHub; install image signing cert
uses: ./.github/actions/dockerhub_login
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
key_material: ${{ secrets.DOCKERHUB_KEY_MATERIAL }}
key_name: ${{ secrets.DOCKERHUB_KEY_NAME }}
key_password: ${{ secrets.DOCKERHUB_KEY_PASSWORD }}
- name: prune Docker image
if: ${{ github.ref != 'refs/heads/auto' }}
run: |
scripts/dockerhub_prune.sh -u "${{ secrets.DOCKERHUB_USERNAME }}" -p "${{ secrets.DOCKERHUB_PASSWORD }}" -x