-
Notifications
You must be signed in to change notification settings - Fork 304
242 lines (211 loc) · 9.4 KB
/
soak-test-start.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
name: Soak test
on:
pull_request:
paths:
- 'packages/sources/**'
- 'packages/composites/**'
- 'packages/targets/**'
- 'packages/core/**'
jobs:
run-soak-tests:
name: Run Soak Tests Against Changed Adapters
runs-on: ubuntu-latest-4cores-16GB
environment: QA
permissions:
id-token: write
contents: read
checks: write
pull-requests: write
concurrency:
group: qa-soaktest-${{ github.ref }}
cancel-in-progress: true
steps:
- name: Setup GitHub Token
id: setup-github-token
uses: smartcontractkit/.github/actions/setup-github-token@9e7cc0779934cae4a9028b8588c9adb64d8ce68c # setup-github-token@0.1.2
with:
aws-role-arn: ${{ secrets.AWS_ROLE_ARN_FOR_QA_GITHUB_TOKEN }}
aws-lambda-url: ${{ secrets.GATI_LAMBDA_DATA_FEEDS_URL }}
aws-region: ${{ secrets.AWS_REGION }}
aws-role-duration-seconds: '1800' # this is optional and defaults to 900
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 2
- uses: jwalton/gh-find-current-pr@89ee5799558265a1e0e31fab792ebb4ee91c016b # v1.3.3
id: findPr
with:
# Can be "open", "closed", or "all". Defaults to "open".
state: all
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
aws-region: ${{ secrets.QA_AWS_REGION }}
role-to-assume: ${{ secrets.QA_AWS_ROLE_TO_ASSUME }}
role-duration-seconds: 3600
mask-aws-account-id: true
- name: Login to Amazon ECR
id: login-ecr
uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1
- name: Set Kubernetes Context
uses: azure/k8s-set-context@212a19233d93f03eceaac31ae5a1d1acf650b6ef # v4.0.1
with:
method: kubeconfig
kubeconfig: ${{ secrets.QA_KUBECONFIG }}
- name: Set up and install dependencies
uses: ./.github/actions/setup
with:
build-all: true
base-branch: ${{ github.base_ref }}
- name: Check AWS CLI version
run: aws --version
- name: Check kubectl version
run: kubectl version
- name: Check helm version
run: helm version
- name: Install SOPS
run: |
TEMP_DEB="temp-sops_3.7.1_amd64.deb" &&
wget -O "$TEMP_DEB" https://github.com/mozilla/sops/releases/download/v3.7.1/sops_3.7.1_amd64.deb &&
sudo dpkg -i "$TEMP_DEB" &&
rm -f "$TEMP_DEB"
- name: Install Helm Secrets
run: helm plugin install https://github.com/jkroepke/helm-secrets --version v3.12.0
- name: Use GH CLI to get pr info
id: get-pr-info
env:
GITHUB_TOKEN: ${{ steps.setup-github-token.outputs.access-token }}
PR_NUMBER: ${{ steps.findPr.outputs.pr }}
run: |
CHANGED_FILES_NAME=./changedFiles.txt
gh pr view ${PR_NUMBER} --json files --jq '.files.[].path' | xargs -I {} sh -c 'if [ -e "$1" ]; then echo "$1"; fi' _ {} > ${CHANGED_FILES_NAME}
TEST_ADAPTERS="$(yarn get-changed-adapters "${CHANGED_FILES_NAME}")"
echo "::set-output name=TEST_ADAPTERS::${TEST_ADAPTERS}"
- name: Clone adapter-secrets repo
if: steps.get-pr-info.outputs.TEST_ADAPTERS != ''
env:
GITHUB_TOKEN: ${{ steps.setup-github-token.outputs.access-token }}
run: git clone https://oauth2:${GITHUB_TOKEN}@github.com/smartcontractkit/adapter-secrets.git
- name: Build the k6 payloads and images
if: steps.get-pr-info.outputs.TEST_ADAPTERS != ''
id: k6-payloads
env:
PR_NUMBER: ${{ steps.findPr.outputs.pr }}
TEST_ADAPTERS: ${{ steps.get-pr-info.outputs.TEST_ADAPTERS }}
IMAGE_PREFIX: ${{ secrets.QA_AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.QA_AWS_REGION }}.amazonaws.com/k6
run: |
if [ -n "$TEST_ADAPTERS" ]; then
for adapter in ${TEST_ADAPTERS}; do
yarn qa:flux:configure k6payload ${adapter} ${PR_NUMBER} || exit 1
cd ./packages/k6
echo "" >> ./.env
echo "PAYLOAD_GENERATED=true" >> ./.env
echo "CI_ADAPTER_NAME=${adapter}" >> ./.env
echo "QA_RELEASE_TAG=${PR_NUMBER}" >> ./.env
echo "PR_NUMBER=${PR_NUMBER}" >> ./.env
echo "TEST_DURATION=10m" >> ./.env
cat ./.env
yarn build
docker build -t ${IMAGE_PREFIX}:pr${PR_NUMBER}-${adapter} .
docker push ${IMAGE_PREFIX}:pr${PR_NUMBER}-${adapter}
cd ../..
done
fi
- name: Build adapters
if: steps.get-pr-info.outputs.TEST_ADAPTERS != ''
id: build-adapters
env:
TEST_ADAPTERS: ${{ steps.get-pr-info.outputs.TEST_ADAPTERS }}
IMAGE_TAG: pr${{ steps.findPr.outputs.pr }}
IMAGE_PREFIX: ${{ secrets.QA_AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.QA_AWS_REGION }}.amazonaws.com/adapters/
run: |
GITHUB_WORKSPACE= IMAGE_TAG=${IMAGE_TAG} IMAGE_PREFIX=${IMAGE_PREFIX} yarn generate:docker-compose
BUILD_ADAPTERS=
if [ -n "$TEST_ADAPTERS" ]; then
yarn qa:dependencies $TEST_ADAPTERS
DEP=$(cat ./packages/scripts/src/adapter-dependencies/dependencies.txt)
BUILD_ADAPTERS="${TEST_ADAPTERS} ${DEP}"
fi
BUILD_NAMES=
if [ -n "$BUILD_ADAPTERS" ]; then
for adapter in ${BUILD_ADAPTERS}; do
BUILD_NAMES="${BUILD_NAMES} ${adapter}-adapter"
done
echo $BUILD_NAMES
docker compose -f docker-compose.generated.yaml build ${BUILD_NAMES}
for adapter in ${BUILD_NAMES}; do
aws ecr create-repository --repository-name adapters/${adapter} || true
docker push ${IMAGE_PREFIX}${adapter}:${IMAGE_TAG}
done
fi
echo "::set-output name=BUILD_ADAPTERS::${BUILD_ADAPTERS}"
- uses: webiny/action-post-run@2a0e96f0e55f0e698cf2a3d85670e3577ae30a30 # 3.1.0
if: steps.get-pr-info.outputs.TEST_ADAPTERS != ''
name: Clean up deployments
env:
PR_NUMBER: ${{ steps.findPr.outputs.pr }}
ADAPTER_NAMES: ${{ steps.build-adapters.outputs.BUILD_ADAPTERS }}
with:
run: ./packages/scripts/src/ephemeral-adapters/cleanup.sh
- name: Deploy adapters
if: steps.get-pr-info.outputs.TEST_ADAPTERS != ''
env:
PR_NUMBER: ${{ steps.findPr.outputs.pr }}
IMAGE_TAG: pr${{ steps.findPr.outputs.pr }}
ADAPTER_NAMES: ${{ steps.build-adapters.outputs.BUILD_ADAPTERS }}
IMAGE_PREFIX: ${{ secrets.QA_AWS_ACCOUNT_NUMBER }}.dkr.ecr.${{ secrets.QA_AWS_REGION }}.amazonaws.com/adapters/
GITHUB_TOKEN: ${{ steps.setup-github-token.outputs.access-token }}
run: |
helm repo add chainlink https://raw.githubusercontent.com/smartcontractkit/charts/gh-pages/ --password ${GITHUB_TOKEN} --username dummy
if [ -n "$ADAPTER_NAMES" ]; then
for adapter in ${ADAPTER_NAMES}; do
HELM_SECRETS_PATH=./adapter-secrets/secure-sdlc/secrets.${adapter/-test/}.yaml
if test -f "$HELM_SECRETS_PATH"
then
HELM_SECRETS_PATH=${HELM_SECRETS_PATH} yarn qa:adapter start ${adapter} ${PR_NUMBER} ${IMAGE_TAG}
else
yarn qa:adapter start ${adapter} ${PR_NUMBER} ${IMAGE_TAG}
fi
done
fi
- name: Deploy k6
if: steps.get-pr-info.outputs.TEST_ADAPTERS != ''
env:
PR_NUMBER: ${{ steps.findPr.outputs.pr }}
IMAGE_TAG: pr${{ steps.findPr.outputs.pr }}
TEST_ADAPTERS: ${{ steps.get-pr-info.outputs.TEST_ADAPTERS }}
run: |
cd ./packages/k6
if [ -n "$TEST_ADAPTERS" ]; then
for adapter in ${TEST_ADAPTERS}; do
helm upgrade k6-${PR_NUMBER}-${adapter} ./k8s \
--install \
--namespace adapters \
--create-namespace \
-f ./k8s/values.yaml \
--set image.tag=${IMAGE_TAG}-${adapter} \
--set name=k6-${PR_NUMBER}-${adapter} \
--wait
done
fi
- name: Wait 15 Minutes for tests to run
if: steps.get-pr-info.outputs.TEST_ADAPTERS != ''
uses: jakejarvis/wait-action@919fc193e07906705e5b7a50f90ea9e74d20b2b0 # v0.1.1
with:
time: '15m'
- name: Assert tests passed
if: steps.get-pr-info.outputs.TEST_ADAPTERS != ''
env:
GITHUB_TOKEN: ${{ steps.setup-github-token.outputs.access-token }}
PR_NUMBER: ${{ steps.findPr.outputs.pr }}
TEST_ADAPTERS: ${{ steps.get-pr-info.outputs.TEST_ADAPTERS }}
run: |
TEST_RESULTS="./test_results.txt"
set -e
if [ -n "$TEST_ADAPTERS" ]; then
for adapter in ${TEST_ADAPTERS}; do
# verify last comment has no failures for each adapter, otherwise exit with error
gh pr view $PR_NUMBER --json comments --jq '.comments | map(select(.body | contains("'$adapter'"))) | last' | cat >> ${TEST_RESULTS}
done
fi
cat $TEST_RESULTS | grep -q "Soak test failed" && exit 1 || echo "All tests passed"