From ca375acc49b797e3390bd03fb08575a0e13e859f Mon Sep 17 00:00:00 2001 From: trent-codecov Date: Wed, 27 Sep 2023 15:20:58 -0400 Subject: [PATCH 1/6] Standardizing CI --- .github/workflows/ci.yml | 501 +++--------------- .../workflows/create-self-hosted-release.yml | 43 -- .github/workflows/self-hosted-release-pr.yml | 14 + .github/workflows/self-hosted-release.yml | 39 +- 4 files changed, 86 insertions(+), 511 deletions(-) delete mode 100644 .github/workflows/create-self-hosted-release.yml create mode 100644 .github/workflows/self-hosted-release-pr.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0b6a8d9b7..628b81cb6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,7 +4,6 @@ on: push: tags: - production-* - - self-hosted-* branches: - main - staging @@ -15,229 +14,87 @@ concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true -env: - AR_REPO: ${{ secrets.CODECOV_WORKER_IMAGE_V2 || 'codecov/self-hosted-worker' }} jobs: lint: name: Run Lint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - name: Install dependencies - run: | - python -m pip install --upgrade pip - make lint.install - - name: Check - run: | - make lint.check - build: - name: Build Worker - runs-on: ubuntu-latest - permissions: - contents: 'read' - id-token: 'write' - steps: - - name: Checkout - uses: actions/checkout@v4 - - - id: "auth" - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - name: "Authenticate to Google Cloud" - uses: "google-github-actions/auth@v1.1.1" - with: - token_format: "access_token" - workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} - service_account: ${{ secrets.CODECOV_GCP_WIDSA }} - - - name: Docker configuration - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: |- - echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev + uses: codecov/gha-workflows/.github/workflows/lint.yml@main - - name: Cache Requirements - id: cache-requirements - uses: actions/cache@v3 - env: - cache-name: cache-worker-requirements - with: - path: | - requirements.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ hashFiles('**/requirements.txt') }}-${{ hashFiles('**/docker/Dockerfile.requirements') }} - restore-keys: | - ${{ runner.os }}-worker-${{ env.cache-name }}- - - - name: Cache App - id: cache-app - uses: actions/cache@v3 - env: - cache-name: cache-worker-app - with: - path: | - app.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} - - - name: Load requirements from cache - if: ${{ steps.cache-requirements.outputs.cache-hit == 'true' }} - run: | - make load.requirements - - - name: Build/pull requirements - if: ${{ steps.cache-requirements.outputs.cache-hit != 'true' }} - run: | - make build.requirements - make save.requirements + build: + name: Build WORKER + uses: codecov/gha-workflows/.github/workflows/build-app.yml@main + secrets: inherit + with: + repo: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} - - name: Push Requirements - if: ${{ steps.cache-requirements.outputs.cache-hit != 'true' && github.repository_owner == 'codecov' }} - run: | - make push.requirements - - name: Build app - run: | - make build.app - make save.app codecovstartup: name: Codecov Startup needs: build - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 2 - - name: Install CLI - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: | - make test_env.install_cli - - name: Run Startup - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - env: - CODECOV_TOKEN: ${{ secrets.CODECOV_ORG_TOKEN }} - run: | - codecovcli create-commit --fail-on-error - codecovcli create-report --fail-on-error - - name: Run Startup Staging - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: | - codecovcli -u ${{ secrets.CODECOV_STAGING_URL }} create-commit -t ${{ secrets.CODECOV_ORG_TOKEN_STAGING }} --fail-on-error - codecovcli -u ${{ secrets.CODECOV_STAGING_URL }} create-report -t ${{ secrets.CODECOV_ORG_TOKEN_STAGING }} --fail-on-error - - name: Run Startup QA - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: | - codecovcli -u ${{ secrets.CODECOV_QA_URL }} create-commit -t ${{ secrets.CODECOV_QA_TOKEN }} --fail-on-error - codecovcli -u ${{ secrets.CODECOV_QA_URL }} create-report -t ${{ secrets.CODECOV_QA_TOKEN }} --fail-on-error - - name: Run Startup Public QA - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: | - codecovcli -u ${{ secrets.CODECOV_PUBLIC_QA_URL }} create-commit -t ${{ secrets.CODECOV_PUBLIC_QA_TOKEN }} --fail-on-error - codecovcli -u ${{ secrets.CODECOV_PUBLIC_QA_URL }} create-report -t ${{ secrets.CODECOV_PUBLIC_QA_TOKEN }} --fail-on-error + uses: codecov/gha-workflows/.github/workflows/codecov-startup.yml@main + secrets: inherit ats: name: ATS needs: [build, codecovstartup] if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Cache App - id: cache-app - uses: actions/cache@v3 - env: - cache-name: cache-worker-app - with: - path: | - app.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} - - name: Load built image - run: | - docker load --input app.tar - make tag.latest - - - name: Install docker compose - run: | - sudo curl -SL https://github.com/docker/compose/releases/download/v2.20.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose - sudo chmod +x /usr/local/bin/docker-compose - - name: Bring test env up - run: | - make test_env.up - - name: Prepare for tests - run: | - make test_env.prepare - make test_env.check_db - - name: Run Static Analysis - run: | - make test_env.static_analysis CODECOV_STATIC_TOKEN=${{ secrets.STATIC_TOKEN }} - - name: Run Label Analysis - run: | - make test_env.label_analysis CODECOV_STATIC_TOKEN=${{ secrets.STATIC_TOKEN }} TIMESERIES_ENABLED=false - - name: Run ATS - run: | - make test_env.ats CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_ORG_TOKEN }} + uses: codecov/gha-workflows/.github/workflows/run-ats.yml@main + secrets: inherit + with: + repo: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} test: name: Test needs: [build, codecovstartup] - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Cache App - id: cache-app - uses: actions/cache@v3 - env: - cache-name: cache-worker-app - with: - path: | - app.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} - - name: Load built image - run: | - docker load --input app.tar - - name: Install docker compose - run: | - sudo curl -SL https://github.com/docker/compose/releases/download/v2.20.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose - sudo chmod +x /usr/local/bin/docker-compose - - name: Bring test env up - run: | - make test_env.up - - name: Prepare for tests - run: | - make test_env.prepare - make test_env.check_db - - name: Run unit tests - run: | - make test_env.run_unit - - name: Run integration tests - run: | - make test_env.run_integration - ## Don't upload on forks for now. - - name: upload using codecovcli - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: | - make test_env.upload CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_ORG_TOKEN }} - - name: upload using codecovcli staging - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: | - make test_env.upload CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_ORG_TOKEN_STAGING }} CODECOV_URL=${{ secrets.CODECOV_STAGING_URL }} - - name: upload using codecovcli qa - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: | - make test_env.upload CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_QA_TOKEN }} CODECOV_URL=${{ secrets.CODECOV_QA_URL }} - - name: upload using codecovcli public qa - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - run: | - make test_env.upload CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_PUBLIC_QA_TOKEN }} CODECOV_URL=${{ secrets.CODECOV_PUBLIC_QA_URL }} + uses: codecov/gha-workflows/.github/workflows/run-tests.yml@main + secrets: inherit + with: + repo: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} + + build-self-hosted: + name: Build Self Hosted Worker + needs: [build, test] + uses: codecov/gha-workflows/.github/workflows/self-hosted.yml@main + secrets: inherit + with: + repo: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} + + staging: + name: Push Staging Image + needs: [build, test] + if: ${{ github.event_name == 'push' && github.event.ref == 'refs/heads/staging' && github.repository_owner == 'codecov' }} + uses: codecov/gha-workflows/.github/workflows/push-env.yml@main + secrets: inherit + with: + environment: staging + repo: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} + + production: + name: Push Production Image + needs: [ build, test ] + if: ${{ github.event_name == 'push' && github.event.ref == 'refs/heads/main' && github.repository_owner == 'codecov' }} + uses: codecov/gha-workflows/.github/workflows/push-env.yml@main + secrets: inherit + with: + environment: production + repo: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} + + self-hosted: + name: Push Self Hosted Image + needs: [ build-self-hosted, test ] + secrets: inherit + if: ${{ github.event_name == 'push' && github.event.ref == 'refs/heads/main' && github.repository_owner == 'codecov' }} + uses: codecov/gha-workflows/.github/workflows/self-hosted.yml@main + with: + push_rolling: true + repo: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} mutation: name: Run Mutations needs: [build] runs-on: ubuntu-latest + env: + AR_REPO: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} steps: - name: Checkout uses: actions/checkout@v4 @@ -247,11 +104,11 @@ jobs: id: cache-app uses: actions/cache@v3 env: - cache-name: cache-worker-app + cache-name: cache-app with: path: | app.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} + key: ${{ runner.os }}-${{ env.cache-name }}-${{ github.run_id }} - name: Load built image run: | docker load --input app.tar @@ -268,245 +125,5 @@ jobs: - name: Run mutations run: | make test_env.run_mutation - - - build-self-hosted: - name: Build Self Hosted Worker - runs-on: ubuntu-latest - needs: [build, test] - if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} - permissions: - contents: 'read' - id-token: 'write' - steps: - - name: Checkout - uses: actions/checkout@v4 - - - id: "auth" - name: "Authenticate to Google Cloud" - uses: "google-github-actions/auth@v1.1.1" - with: - token_format: "access_token" - workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} - service_account: ${{ secrets.CODECOV_GCP_WIDSA }} - - - name: Docker configuration - run: |- - echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev - - - name: Cache Requirements - id: cache-requirements - uses: actions/cache@v3 - env: - cache-name: cache-worker-requirements - with: - path: | - requirements.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ hashFiles('**/requirements.txt') }}-${{ hashFiles('**/docker/Dockerfile.requirements') }} - restore-keys: | - ${{ runner.os }}-worker-${{ env.cache-name }}- - - - name: Cache Self hosted - id: cache-self-hosted - uses: actions/cache@v3 - env: - cache-name: cache-worker-self-hosted - with: - path: | - self-hosted-runtime.tar - self-hosted.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} - - - name: Load requirements from cache - if: ${{ steps.cache-requirements.outputs.cache-hit == 'true' }} - run: | - make load.requirements - - - name: Build/pull requirements - if: ${{ steps.cache-requirements.outputs.cache-hit != 'true' }} - run: | - make build.requirements - - - name: Build self hosted - run: | - make build.self-hosted - make save.self-hosted - - name: Build self hosted runtime - run: | - make build.self-hosted-runtime - make save.self-hosted-runtime - staging: - name: Push Staging Image - needs: [build, test] - if: ${{ github.event.pull_request.merged == true && github.head_ref == 'main' && github.repository_owner == 'codecov' }} - runs-on: ubuntu-latest - permissions: - contents: 'read' - id-token: 'write' - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Cache App - id: cache-app - uses: actions/cache@v3 - env: - cache-name: cache-worker-app - with: - path: | - app.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} - - name: Load built image - run: | - docker load --input app.tar - - id: "auth" - name: "Authenticate to Google Cloud" - uses: "google-github-actions/auth@v1.1.1" - with: - token_format: "access_token" - workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} - service_account: ${{ secrets.CODECOV_GCP_WIDSA }} - - - name: Docker configuration - run: |- - echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev - - - name: Push staging - run: | - make tag.staging - make push.staging - - name: Create Sentry release - uses: getsentry/action-release@v1 - env: - SENTRY_AUTH_TOKEN: ${{ secrets.CODECOV_SENTRY_RELEASE_TOKEN }} - SENTRY_ORG: ${{ secrets.CODECOV_SENTRY_ORG }} - SENTRY_PROJECT: ${{ secrets.CODECOV_WORKER_SENTRY_PROJECT }} - with: - environment: staging - production: - name: Push Production Image - needs: [ build, test ] - if: ${{ github.event.pull_request.merged == true && startsWith(github.ref, 'refs/tags/production') && github.repository_owner == 'codecov' }} - runs-on: ubuntu-latest - permissions: - contents: 'read' - id-token: 'write' - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Cache App - id: cache-app - uses: actions/cache@v3 - env: - cache-name: cache-worker-app - with: - path: | - app.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} - - name: Load built image - run: | - docker load --input app.tar - docker image ls -a - - id: "auth" - name: "Authenticate to Google Cloud" - uses: "google-github-actions/auth@v1.1.1" - with: - token_format: "access_token" - workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} - service_account: ${{ secrets.CODECOV_GCP_WIDSA }} - - - name: Docker configuration - run: |- - echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev - - - name: Push production - run: | - make tag.production - make tag.latest - make push.production - make push.latest - - name: Create Sentry release - uses: getsentry/action-release@v1 - env: - SENTRY_AUTH_TOKEN: ${{ secrets.CODECOV_SENTRY_RELEASE_TOKEN }} - SENTRY_ORG: ${{ secrets.CODECOV_SENTRY_ORG }} - SENTRY_PROJECT: ${{ secrets.CODECOV_WORKER_SENTRY_PROJECT }} - with: - environment: production - self-hosted: - name: Push Self Hosted Image - needs: [ build-self-hosted, test ] - if: ${{ github.event.pull_request.merged == true && github.head_ref == 'main' && github.repository_owner == 'codecov' }} - runs-on: ubuntu-latest - permissions: - contents: 'read' - id-token: 'write' - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Cache Self hosted - id: cache-self-hosted - uses: actions/cache@v3 - env: - cache-name: cache-worker-self-hosted - with: - path: | - self-hosted-runtime.tar - self-hosted.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} - - name: Load built image - run: | - docker load --input self-hosted-runtime.tar - docker load --input self-hosted.tar - - name: Log in to Docker Hub - uses: docker/login-action@v1.14.1 - with: - username: ${{ secrets.CODECOV_DEVOPS_DOCKER_USERNAME }} - password: ${{ secrets.CODECOV_DEVOPS_DOCKER_PASSWORD }} - - name: Push self hosted rolling - run: | - make tag.self-hosted-rolling - make push.self-hosted-rolling - self-hosted-release: - name: Push Self Hosted Release Image - needs: [ build-self-hosted, test ] - if: ${{ github.event.pull_request.merged == true && startsWith(github.ref, 'refs/tags/self-hosted') && github.repository_owner == 'codecov' }} - runs-on: ubuntu-latest - permissions: - contents: 'read' - id-token: 'write' - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Cache Self hosted - id: cache-self-hosted - uses: actions/cache@v3 - env: - cache-name: cache-worker-self-hosted - with: - path: | - self-hosted-runtime.tar - self-hosted.tar - key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} - - name: Load built image - run: | - docker load --input self-hosted-runtime.tar - docker load --input self-hosted.tar - - name: Log in to Docker Hub - uses: docker/login-action@v1.14.1 - with: - username: ${{ secrets.CODECOV_DEVOPS_DOCKER_USERNAME }} - password: ${{ secrets.CODECOV_DEVOPS_DOCKER_PASSWORD }} - - name: Push self hosted release - run: | - make tag.self-hosted - make push.self-hosted \ No newline at end of file diff --git a/.github/workflows/create-self-hosted-release.yml b/.github/workflows/create-self-hosted-release.yml deleted file mode 100644 index 270127601..000000000 --- a/.github/workflows/create-self-hosted-release.yml +++ /dev/null @@ -1,43 +0,0 @@ -name: Create Self Hosted Release PR - -on: - workflow_dispatch: - inputs: - versionName: - description: 'Name of version (ie 23.9.5)' - required: true - -jobs: - push_to_registry: - name: Create PR for Release ${{ github.event.inputs.versionName }} - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Initialize mandatory git config - run: | - git config user.name "GitHub Actions" - git config user.email noreply@github.com - - name: Create release branch - run: git checkout -b release/${{ github.event.inputs.versionName }} - - name: Update version file - id: make-commit - run: | - echo ${{ github.event.inputs.versionName }} > VERSION - echo -n $(tr -d '\n' < VERSION) > VERSION - git add VERSION - git commit --allow-empty --message "Prepare release ${{ github.event.inputs.versionName }}" - echo "commit=$(git rev-parse HEAD)" >> "$GITHUB_OUTPUT" - - name: Push release branch - run: git push origin release/${{ github.event.inputs.versionName }} - - name: Create pull request into main - uses: thomaseizinger/create-pull-request@1.2.2 - with: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - head: release/${{ github.event.inputs.versionName }} - base: main - title: Release ${{ github.event.inputs.versionName }} - reviewers: ${{ github.event.issue.user.login }} - body: | - Release PR for ${{ github.event.inputs.versionName }} - I've updated the version name and committed: ${{ steps.make-commit.outputs.commit }}. diff --git a/.github/workflows/self-hosted-release-pr.yml b/.github/workflows/self-hosted-release-pr.yml new file mode 100644 index 000000000..9190a9774 --- /dev/null +++ b/.github/workflows/self-hosted-release-pr.yml @@ -0,0 +1,14 @@ +name: Create Self Hosted Release PR + +on: + workflow_dispatch: + inputs: + versionName: + description: 'Name of version (ie 23.9.5)' + required: true + +jobs: + create-release-pr: + name: Create PR for Release ${{ github.event.inputs.versionName }} + uses: codecov/gha-workflows/.github/workflows/create-self-hosted-pr.yml@main + secrets: inherit diff --git a/.github/workflows/self-hosted-release.yml b/.github/workflows/self-hosted-release.yml index 14d92d755..c923b9a1c 100644 --- a/.github/workflows/self-hosted-release.yml +++ b/.github/workflows/self-hosted-release.yml @@ -7,30 +7,17 @@ on: types: [closed] jobs: - push_to_registry: + create-release: name: Tag Release ${{ github.head_ref }} and Push Docker image to Docker Hub - if: ${{ github.event.pull_request.merged == true && startsWith(github.head_ref, 'release/') }} - runs-on: ubuntu-latest - environment: enterprise - permissions: - contents: 'read' - id-token: 'write' - steps: - - name: Checkout - uses: actions/checkout@v4 - - name: Initialize mandatory git config - run: | - git config user.name "GitHub Actions" - git config user.email noreply@github.com - - id: get-release-vars - name: Configure Release Vars - run: | - echo "release_version=$(cat VERSION)" >> "$GITHUB_OUTPUT" - - name: Create GH Release - uses: softprops/action-gh-release@v0.1.15 - with: - token: ${{ secrets.RELEASE_GITHUB_TOKEN }} - name: Release ${{ steps.get-release-vars.outputs.release_version }} - tag_name: self-hosted-${{ steps.get-release-vars.outputs.release_version }} - generate_release_notes: true - body: Autogenerated for ${{ steps.get-release-vars.outputs.release_version }}. Created for ${{ github.event.pull_request.html_url }} \ No newline at end of file + if: ${{ github.event.pull_request.merged == true && startsWith(github.head_ref, 'release/') && github.repository_owner == 'codecov' }} + uses: codecov/gha-workflows/.github/workflows/create-self-hosted-release.yml@main + secrets: inherit + + push-image: + needs: [create-release] + if: ${{ github.event.pull_request.merged == true && startsWith(github.head_ref, 'release/') && github.repository_owner == 'codecov' }} + uses: codecov/gha-workflows/.github/workflows/self-hosted.yml@main + secrets: inherit + with: + push_release: true + repo: ${{ vars.CODECOV_IMAGE_V2 || 'codecov/self-hosted-worker' }} From 5bab7fb9418737e101b65a4cc4625ccd8ae3ff3b Mon Sep 17 00:00:00 2001 From: trent-codecov Date: Wed, 27 Sep 2023 15:29:50 -0400 Subject: [PATCH 2/6] Standardizing CI --- .github/workflows/ci.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 628b81cb6..c7ba29858 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,6 +9,9 @@ on: - staging pull_request: +permissions: + contents: 'read' + id-token: 'write' concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} @@ -21,7 +24,7 @@ jobs: uses: codecov/gha-workflows/.github/workflows/lint.yml@main build: - name: Build WORKER + name: Build Worker uses: codecov/gha-workflows/.github/workflows/build-app.yml@main secrets: inherit with: From f7522286da90a15e28fcacc92ebcb2ec076f15fa Mon Sep 17 00:00:00 2001 From: trent-codecov Date: Wed, 27 Sep 2023 15:33:32 -0400 Subject: [PATCH 3/6] Using ATS better --- Makefile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index ccc83d2f2..127a3828e 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ sha := $(shell git rev-parse --short=7 HEAD) full_sha := $(shell git rev-parse HEAD) release_version = `cat VERSION` _gcr := ${CODECOV_WORKER_GCR_REPO_BASE} - +merge_sha := $(shell git merge-base HEAD^ origin/main) build_date ?= $(shell git show -s --date=iso8601-strict --pretty=format:%cd $$sha) name ?= worker branch = $(shell git branch | grep \* | cut -f2 -d' ') @@ -224,7 +224,12 @@ test_env.container_static_analysis: codecovcli -u ${CODECOV_URL} static-analysis --token=${CODECOV_STATIC_TOKEN} test_env.container_label_analysis: - codecovcli -u ${CODECOV_URL} label-analysis --base-sha=$(shell git merge-base HEAD^ origin/main) --token=${CODECOV_STATIC_TOKEN} + $(shell codecovcli label-analysis --base-sha=${merge_sha} --token=${CODECOV_STATIC_TOKEN} --dry-run > tests_to_run) + sed -i s/\"//g tests_to_run + sed -i s/ATS_TESTS_TO_RUN=//g tests_to_run + sed -i s/--cov-context=test//g tests_to_run + sed -i 's/\s\+/\n/g' tests_to_run + python -m pytest --cov=./ --cov-context=test `cat tests_to_run` test_env.container_ats: codecovcli --codecov-yml-path=codecov_cli.yml do-upload --plugin pycoverage --plugin compress-pycoverage --flag onlysomelabels --fail-on-error From 22963dae4797a41e4e800a4fdde61ad69a8dd043 Mon Sep 17 00:00:00 2001 From: trent-codecov Date: Wed, 27 Sep 2023 23:48:37 -0400 Subject: [PATCH 4/6] Fixing tests for ats --- Makefile | 6 ++---- services/path_fixer/tests/unit/test_fixpaths.py | 4 +++- services/report/languages/tests/unit/test_bullseye.py | 2 +- services/report/languages/tests/unit/test_clover.py | 11 ++++++++++- .../report/languages/tests/unit/test_cobertura.py | 11 ++++++++++- services/report/languages/tests/unit/test_jacoco.py | 11 ++++++++++- 6 files changed, 36 insertions(+), 9 deletions(-) diff --git a/Makefile b/Makefile index 127a3828e..b4a8baa6c 100644 --- a/Makefile +++ b/Makefile @@ -224,10 +224,8 @@ test_env.container_static_analysis: codecovcli -u ${CODECOV_URL} static-analysis --token=${CODECOV_STATIC_TOKEN} test_env.container_label_analysis: - $(shell codecovcli label-analysis --base-sha=${merge_sha} --token=${CODECOV_STATIC_TOKEN} --dry-run > tests_to_run) - sed -i s/\"//g tests_to_run - sed -i s/ATS_TESTS_TO_RUN=//g tests_to_run - sed -i s/--cov-context=test//g tests_to_run + $(shell codecovcli label-analysis --base-sha=${merge_sha} --token=${CODECOV_STATIC_TOKEN} --dry-run --dry-run-output-path=tests_to_run > /dev/null) + sed -i 's/--cov-context=test//g' tests_to_run sed -i 's/\s\+/\n/g' tests_to_run python -m pytest --cov=./ --cov-context=test `cat tests_to_run` diff --git a/services/path_fixer/tests/unit/test_fixpaths.py b/services/path_fixer/tests/unit/test_fixpaths.py index ef598ee56..8b129c6dd 100644 --- a/services/path_fixer/tests/unit/test_fixpaths.py +++ b/services/path_fixer/tests/unit/test_fixpaths.py @@ -7,7 +7,6 @@ # Hand-written TOCs. paths = [ - ("a\\ b", ["a b"]), ("./a\\b", ["a/b"]), ("./a\n./b", ["a", "b"]), ("path/target/delombok/a\n./b", ["b"]), @@ -30,6 +29,9 @@ class TestFixpaths(BaseTestCase): def test_clean_toc(self, toc, result): assert fixpaths.clean_toc(toc) == result + def test_clean_toc_with_space(self): + assert fixpaths.clean_toc("a\\ b") == ["a b"] + @pytest.mark.parametrize("path, result", list(unquoted_files.items())) def test_unquote_git_path(self, path, result): assert fixpaths.unquote_git_path(path) == result diff --git a/services/report/languages/tests/unit/test_bullseye.py b/services/report/languages/tests/unit/test_bullseye.py index 82d7b462f..f0d3ff7eb 100644 --- a/services/report/languages/tests/unit/test_bullseye.py +++ b/services/report/languages/tests/unit/test_bullseye.py @@ -155,7 +155,7 @@ def fixes(path): @pytest.mark.parametrize( "date", [ - (time.strftime("%Y-%m-%d_%H:%M:%S", (time.gmtime(time.time() - 172800)))), + (time.strftime("%Y-%m-%d_%H:00:00", (time.gmtime(time.time() - 172800)))), "2020-10-28_17:55:47", ], ) diff --git a/services/report/languages/tests/unit/test_clover.py b/services/report/languages/tests/unit/test_clover.py index 811b02b19..d11b397b7 100644 --- a/services/report/languages/tests/unit/test_clover.py +++ b/services/report/languages/tests/unit/test_clover.py @@ -1,3 +1,4 @@ +import datetime import xml.etree.cElementTree as etree from time import time @@ -161,7 +162,15 @@ def fixes(path): assert processed_report == expected_result - @pytest.mark.parametrize("date", [(int(time()) - 172800), "01-01-2014"]) + @pytest.mark.parametrize( + "date", + [ + (datetime.datetime.now() - datetime.timedelta(seconds=172800)) + .replace(minute=0, second=0) + .strftime("%s"), + "01-01-2014", + ], + ) def test_expired(self, date): with pytest.raises(ReportExpiredException, match="Clover report expired"): report_builder = ReportBuilder( diff --git a/services/report/languages/tests/unit/test_cobertura.py b/services/report/languages/tests/unit/test_cobertura.py index cb8767569..edc4a3a38 100644 --- a/services/report/languages/tests/unit/test_cobertura.py +++ b/services/report/languages/tests/unit/test_cobertura.py @@ -1,3 +1,4 @@ +import datetime import os import xml.etree.cElementTree as etree from time import time @@ -194,7 +195,15 @@ def test_timestamp_zero_passes(self): assert len(processed_report["archive"]["file"]) == 3 assert processed_report["totals"]["c"] == "45.45455" - @pytest.mark.parametrize("date", [(int(time()) - 172800), "01-01-2014"]) + @pytest.mark.parametrize( + "date", + [ + (datetime.datetime.now() - datetime.timedelta(seconds=172800)) + .replace(minute=0, second=0) + .strftime("%s"), + "01-01-2014", + ], + ) def test_expired(self, date): with pytest.raises(ReportExpiredException, match="Cobertura report expired"): report_builder = ReportBuilder( diff --git a/services/report/languages/tests/unit/test_jacoco.py b/services/report/languages/tests/unit/test_jacoco.py index cca9340e2..02446bfe9 100644 --- a/services/report/languages/tests/unit/test_jacoco.py +++ b/services/report/languages/tests/unit/test_jacoco.py @@ -1,3 +1,4 @@ +import datetime import xml.etree.cElementTree as etree from time import time @@ -151,7 +152,15 @@ def fixes(path): processed_report = self.convert_report_to_better_readable(report) assert [path] == list(processed_report["archive"].keys()) - @pytest.mark.parametrize("date", [(int(time()) - 172800), "01-01-2014"]) + @pytest.mark.parametrize( + "date", + [ + (datetime.datetime.now() - datetime.timedelta(seconds=172800)) + .replace(minute=0, second=0) + .strftime("%s"), + "01-01-2014", + ], + ) def test_expired(self, date): report_builder = ReportBuilder( current_yaml={}, sessionid=0, ignored_lines={}, path_fixer=None From 7b78767b84bf0d3ad3c3e9f1c37409c46a24a4b7 Mon Sep 17 00:00:00 2001 From: trent-codecov Date: Thu, 28 Sep 2023 00:07:00 -0400 Subject: [PATCH 5/6] Fix branches for builds --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c7ba29858..c27c6b970 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -65,7 +65,7 @@ jobs: staging: name: Push Staging Image needs: [build, test] - if: ${{ github.event_name == 'push' && github.event.ref == 'refs/heads/staging' && github.repository_owner == 'codecov' }} + if: ${{ github.event_name == 'push' && github.event.ref == 'refs/heads/main' && github.repository_owner == 'codecov' }} uses: codecov/gha-workflows/.github/workflows/push-env.yml@main secrets: inherit with: @@ -75,7 +75,7 @@ jobs: production: name: Push Production Image needs: [ build, test ] - if: ${{ github.event_name == 'push' && github.event.ref == 'refs/heads/main' && github.repository_owner == 'codecov' }} + if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/production') && github.repository_owner == 'codecov' }} uses: codecov/gha-workflows/.github/workflows/push-env.yml@main secrets: inherit with: From a79033cde5dd8eab61e1cd888da232bb6c852b03 Mon Sep 17 00:00:00 2001 From: trent-codecov Date: Thu, 28 Sep 2023 00:07:30 -0400 Subject: [PATCH 6/6] Fix branches for builds --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c27c6b970..bb1fdf33a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -86,7 +86,7 @@ jobs: name: Push Self Hosted Image needs: [ build-self-hosted, test ] secrets: inherit - if: ${{ github.event_name == 'push' && github.event.ref == 'refs/heads/main' && github.repository_owner == 'codecov' }} + if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/production') && github.repository_owner == 'codecov' }} uses: codecov/gha-workflows/.github/workflows/self-hosted.yml@main with: push_rolling: true