From lsrGetTests return full path to test playbooks #38
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Run GET_PYTHON_MODULES against all roles | |
on: | |
issue_comment: | |
types: | |
- created | |
permissions: | |
contents: read | |
# This is required for the ability to create/update the Pull request status | |
statuses: write | |
env: | |
TEST_ROLES: "[\"ad_integration\",\"bootloader\",\"certificate\",\"cockpit\",\"crypto_policies\",\"fapolicyd\",\ | |
\"firewall\",\"gfs2\",\"ha_cluster\",\"journald\",\"kdump\",\"kernel_settings\",\"keylime_server\",\ | |
\"logging\",\"metrics\",\"nbde_client\",\"nbde_server\",\"network\",\"podman\",\"postfix\",\ | |
\"postgresql\",\"rhc\",\"selinux\",\"snapshot\",\"ssh\",\"sshd\",\"storage\",\"sudo\",\"systemd\",\ | |
\"timesync\",\"tlog\",\"vpn\"]" | |
jobs: | |
prepare_run_vars: | |
name: Get head sha of the tft-tests PR | |
concurrency: | |
# group name contains reponame-pr_num to allow simultaneous runs in different PRs | |
group: testing-farm-${{ github.event.repository.name }}-${{ github.event.issue.number }} | |
cancel-in-progress: true | |
# Let's schedule tests only on user request. NOT automatically. | |
# Only repository owner or member can schedule tests | |
if: | | |
github.event.issue.pull_request | |
&& contains(github.event.comment.body, '[get_python_modules]') | |
&& (contains(fromJson('["OWNER", "MEMBER", "COLLABORATOR", "CONTRIBUTOR"]'), github.event.comment.author_association) | |
|| contains('systemroller', github.event.comment.user.login)) | |
runs-on: ubuntu-latest | |
outputs: | |
head_sha: ${{ steps.head_sha.outputs.head_sha }} | |
TEST_ROLES: ${{ steps.set_vars.outputs.TEST_ROLES }} | |
steps: | |
- name: Dump github context | |
run: echo "$GITHUB_CONTEXT" | |
shell: bash | |
env: | |
GITHUB_CONTEXT: ${{ toJson(github) }} | |
- name: Get head sha of the tft-tests PR | |
id: head_sha | |
run: | | |
head_sha=$(gh api "repos/$REPO/pulls/$PR_NO" --jq '.head.sha') | |
echo "head_sha=$head_sha" | |
echo "head_sha=$head_sha" >> $GITHUB_OUTPUT | |
env: | |
REPO: ${{ github.repository }} | |
PR_NO: ${{ github.event.issue.number }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set variables used by all tests | |
id: set_vars | |
run: | | |
echo "TEST_ROLES=$TEST_ROLES" >> $GITHUB_OUTPUT | |
- name: Debug | |
run: | | |
echo "TEST_ROLES=/${{ steps.set_vars.outputs.TEST_ROLES }}/" | |
prepare_role_vars: | |
name: Get info from test roles | |
runs-on: ubuntu-latest | |
needs: prepare_run_vars | |
outputs: | |
postfix_memory: ${{ steps.memory.outputs.postfix_memory }} | |
postfix_supported_platforms: ${{ steps.supported_platforms.outputs.postfix_supported_platforms }} | |
selinux_memory: ${{ steps.memory.outputs.selinux_memory }} | |
selinux_supported_platforms: ${{ steps.supported_platforms.outputs.selinux_supported_platforms }} | |
timesync_memory: ${{ steps.memory.outputs.timesync_memory }} | |
timesync_supported_platforms: ${{ steps.supported_platforms.outputs.timesync_supported_platforms }} | |
kdump_memory: ${{ steps.memory.outputs.kdump_memory }} | |
kdump_supported_platforms: ${{ steps.supported_platforms.outputs.kdump_supported_platforms }} | |
network_memory: ${{ steps.memory.outputs.network_memory }} | |
network_supported_platforms: ${{ steps.supported_platforms.outputs.network_supported_platforms }} | |
storage_memory: ${{ steps.memory.outputs.storage_memory }} | |
storage_supported_platforms: ${{ steps.supported_platforms.outputs.storage_supported_platforms }} | |
metrics_memory: ${{ steps.memory.outputs.metrics_memory }} | |
metrics_supported_platforms: ${{ steps.supported_platforms.outputs.metrics_supported_platforms }} | |
tlog_memory: ${{ steps.memory.outputs.tlog_memory }} | |
tlog_supported_platforms: ${{ steps.supported_platforms.outputs.tlog_supported_platforms }} | |
kernel_settings_memory: ${{ steps.memory.outputs.kernel_settings_memory }} | |
kernel_settings_supported_platforms: ${{ steps.supported_platforms.outputs.kernel_settings_supported_platforms }} | |
logging_memory: ${{ steps.memory.outputs.logging_memory }} | |
logging_supported_platforms: ${{ steps.supported_platforms.outputs.logging_supported_platforms }} | |
nbde_server_memory: ${{ steps.memory.outputs.nbde_server_memory }} | |
nbde_server_supported_platforms: ${{ steps.supported_platforms.outputs.nbde_server_supported_platforms }} | |
nbde_client_memory: ${{ steps.memory.outputs.nbde_client_memory }} | |
nbde_client_supported_platforms: ${{ steps.supported_platforms.outputs.nbde_client_supported_platforms }} | |
certificate_memory: ${{ steps.memory.outputs.certificate_memory }} | |
certificate_supported_platforms: ${{ steps.supported_platforms.outputs.certificate_supported_platforms }} | |
crypto_policies_memory: ${{ steps.memory.outputs.crypto_policies_memory }} | |
crypto_policies_supported_platforms: ${{ steps.supported_platforms.outputs.crypto_policies_supported_platforms }} | |
sshd_memory: ${{ steps.memory.outputs.sshd_memory }} | |
sshd_supported_platforms: ${{ steps.supported_platforms.outputs.sshd_supported_platforms }} | |
ssh_memory: ${{ steps.memory.outputs.ssh_memory }} | |
ssh_supported_platforms: ${{ steps.supported_platforms.outputs.ssh_supported_platforms }} | |
ha_cluster_memory: ${{ steps.memory.outputs.ha_cluster_memory }} | |
ha_cluster_supported_platforms: ${{ steps.supported_platforms.outputs.ha_cluster_supported_platforms }} | |
vpn_memory: ${{ steps.memory.outputs.vpn_memory }} | |
vpn_supported_platforms: ${{ steps.supported_platforms.outputs.vpn_supported_platforms }} | |
firewall_memory: ${{ steps.memory.outputs.firewall_memory }} | |
firewall_supported_platforms: ${{ steps.supported_platforms.outputs.firewall_supported_platforms }} | |
cockpit_memory: ${{ steps.memory.outputs.cockpit_memory }} | |
cockpit_supported_platforms: ${{ steps.supported_platforms.outputs.cockpit_supported_platforms }} | |
podman_memory: ${{ steps.memory.outputs.podman_memory }} | |
podman_supported_platforms: ${{ steps.supported_platforms.outputs.podman_supported_platforms }} | |
ad_integration_memory: ${{ steps.memory.outputs.ad_integration_memory }} | |
ad_integration_supported_platforms: ${{ steps.supported_platforms.outputs.ad_integration_supported_platforms }} | |
rhc_memory: ${{ steps.memory.outputs.rhc_memory }} | |
rhc_supported_platforms: ${{ steps.supported_platforms.outputs.rhc_supported_platforms }} | |
journald_memory: ${{ steps.memory.outputs.journald_memory }} | |
journald_supported_platforms: ${{ steps.supported_platforms.outputs.journald_supported_platforms }} | |
postgresql_memory: ${{ steps.memory.outputs.postgresql_memory }} | |
postgresql_supported_platforms: ${{ steps.supported_platforms.outputs.postgresql_supported_platforms }} | |
systemd_memory: ${{ steps.memory.outputs.systemd_memory }} | |
systemd_supported_platforms: ${{ steps.supported_platforms.outputs.systemd_supported_platforms }} | |
keylime_server_memory: ${{ steps.memory.outputs.keylime_server_memory }} | |
keylime_server_supported_platforms: ${{ steps.supported_platforms.outputs.keylime_server_supported_platforms }} | |
fapolicyd_memory: ${{ steps.memory.outputs.fapolicyd_memory }} | |
fapolicyd_supported_platforms: ${{ steps.supported_platforms.outputs.fapolicyd_supported_platforms }} | |
bootloader_memory: ${{ steps.memory.outputs.bootloader_memory }} | |
bootloader_supported_platforms: ${{ steps.supported_platforms.outputs.bootloader_supported_platforms }} | |
snapshot_memory: ${{ steps.memory.outputs.snapshot_memory }} | |
snapshot_supported_platforms: ${{ steps.supported_platforms.outputs.snapshot_supported_platforms }} | |
gfs2_memory: ${{ steps.memory.outputs.gfs2_memory }} | |
gfs2_supported_platforms: ${{ steps.supported_platforms.outputs.gfs2_supported_platforms }} | |
sudo_memory: ${{ steps.memory.outputs.sudo_memory }} | |
sudo_supported_platforms: ${{ steps.supported_platforms.outputs.sudo_supported_platforms }} | |
strategy: | |
matrix: | |
test_role: ${{ fromJSON(needs.prepare_run_vars.outputs.TEST_ROLES) }} | |
steps: | |
- name: Checkout the ${{ matrix.test_role }} repo | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ matrix.test_role == 'sshd' && 'willshersystems' || 'linux-system-roles' }}/${{ matrix.test_role == 'sshd' && 'ansible-sshd' || matrix.test_role }} | |
ref: main | |
path: ${{ matrix.test_role }} | |
- name: Get memory from the ${{ matrix.test_role }} repo | |
id: memory | |
run: | | |
provision_fmf=${{ matrix.test_role }}/tests/provision.fmf | |
if [ -f "$provision_fmf" ]; then | |
memory=$(grep -rPo ' m: \K(.*)' "$provision_fmf" || :) | |
fi | |
if [ -z "$memory" ]; then | |
memory=2048 | |
fi | |
echo "${{ matrix.test_role }}_memory=$memory" | |
echo "${{ matrix.test_role }}_memory=$memory" >> $GITHUB_OUTPUT | |
- name: Get supported platforms from the ${{ matrix.test_role }} repo | |
id: supported_platforms | |
run: | | |
supported_platforms="" | |
meta_main=${{ matrix.test_role }}/meta/main.yml | |
# All Fedora are supported, add latest Fedora versions to supported_platforms | |
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi fedora$; then | |
supported_platforms+=" Fedora-39" | |
supported_platforms+=" Fedora-40" | |
fi | |
# Specific Fedora versions supported | |
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qiP 'fedora\d+$'; then | |
for fedora_ver in $(yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -iPo 'fedora\K(\d+$)'); do | |
supported_platforms+=" Fedora-$fedora_ver" | |
done | |
fi | |
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi el7; then | |
supported_platforms+=" CentOS-7-latest" | |
fi | |
for ver in 8 9 10; do | |
if yq '.galaxy_info.galaxy_tags[]' "$meta_main" | grep -qi el"$ver"; then | |
supported_platforms+=" CentOS-Stream-$ver" | |
fi | |
done | |
echo "${{ matrix.test_role }}_supported_platforms=$supported_platforms" | |
echo "${{ matrix.test_role }}_supported_platforms=$supported_platforms" >> $GITHUB_OUTPUT | |
testing-farm: | |
name: ${{ matrix.test_role }}/${{ matrix.platform_ansible.platform }}/ansible-${{ matrix.platform_ansible.ansible_version }} | |
needs: | |
- prepare_run_vars | |
- prepare_role_vars | |
strategy: | |
fail-fast: false | |
matrix: | |
test_role: ${{ fromJSON(needs.prepare_run_vars.outputs.TEST_ROLES) }} | |
platform_ansible: | |
- platform: Fedora-39 | |
ansible_version: 2.17 | |
- platform: Fedora-40 | |
ansible_version: 2.17 | |
- platform: CentOS-7-latest | |
ansible_version: 2.9 | |
- platform: CentOS-Stream-8 | |
ansible_version: 2.9 | |
# On CentOS-Stream-8, latest supported Ansible is 2.16 | |
- platform: CentOS-Stream-8 | |
ansible_version: 2.16 | |
- platform: CentOS-Stream-9 | |
ansible_version: 2.17 | |
- platform: CentOS-Stream-10 | |
ansible_version: 2.17 | |
runs-on: ubuntu-latest | |
steps: | |
- name: Prepare ARTIFACTS_DIR and ARTIFACTS_URL | |
id: prepare_artifacts_info | |
run: | | |
printf -v DATETIME '%(%Y%m%d-%H%M%S)T' -1 | |
ARTIFACTS_DIR_NAME="tf_${{ github.event.repository.name }}-${{ github.event.issue.number }}_\ | |
${{ matrix.platform_ansible.platform }}-${{ matrix.platform_ansible.ansible_version }}_$DATETIME/artifacts" | |
ARTIFACTS_TARGET_DIR=/srv/pub/alt/${{ vars.LINUXSYSTEMROLES_USER }}/logs | |
ARTIFACTS_DIR=$ARTIFACTS_TARGET_DIR/$ARTIFACTS_DIR_NAME | |
ARTIFACTS_URL=https://dl.fedoraproject.org/pub/alt/${{ vars.LINUXSYSTEMROLES_USER }}/logs/$ARTIFACTS_DIR_NAME | |
echo "DATETIME=$DATETIME" >> $GITHUB_OUTPUT | |
echo "ARTIFACTS_DIR=$ARTIFACTS_DIR" >> $GITHUB_OUTPUT | |
echo "ARTIFACTS_URL=$ARTIFACTS_URL" >> $GITHUB_OUTPUT | |
- name: Set commit status as pending | |
uses: myrotvorets/set-commit-status-action@master | |
with: | |
sha: ${{ needs.prepare_run_vars.outputs.head_sha }} | |
status: pending | |
context: ${{ matrix.test_role }}|${{ matrix.platform_ansible.platform }}|ansible-${{ matrix.platform_ansible.ansible_version }} | |
description: Test started | |
targetUrl: "" | |
- name: Run general plan against ${{ matrix.test_role }} | |
uses: sclorg/testing-farm-as-github-action@v3 | |
continue-on-error: true | |
with: | |
git_url: ${{ github.event.repository.html_url }} | |
git_ref: ${{ needs.prepare_run_vars.outputs.head_sha }} | |
pipeline_settings: '{ "type": "tmt-multihost" }' | |
environment_settings: '{ "provisioning": { "tags": { "BusinessUnit": "system_roles" } } }' | |
# Keeping ARTIFACTS_URL at the bottom makes the link in logs clickable | |
variables: "ANSIBLE_VER=${{ matrix.platform_ansible.ansible_version }};\ | |
REPO_NAME=${{ matrix.test_role }};\ | |
GITHUB_ORG=${{ github.repository_owner }};\ | |
ARTIFACTS_DIR=${{ steps.prepare_artifacts_info.outputs.ARTIFACTS_DIR }};\ | |
TEST_LOCAL_CHANGES=false;\ | |
LINUXSYSTEMROLES_USER=${{ vars.LINUXSYSTEMROLES_USER }};\ | |
ARTIFACTS_URL=${{ steps.prepare_artifacts_info.outputs.ARTIFACTS_URL }};\ | |
GET_PYTHON_MODULES=${{ contains(github.event.comment.body, '[get_python_modules]') || | |
github.event_name == 'workflow_dispatch' }}" | |
# Note that LINUXSYSTEMROLES_SSH_KEY must be single-line, TF doesn't read multi-line variables fine. | |
secrets: "LINUXSYSTEMROLES_DOMAIN=${{ secrets.LINUXSYSTEMROLES_DOMAIN }};\ | |
LINUXSYSTEMROLES_SSH_KEY=${{ secrets.LINUXSYSTEMROLES_SSH_KEY }}" | |
compose: ${{ matrix.platform_ansible.platform }} | |
# There are two blockers for using public ranch: | |
# 1. multihost is not supported in public https://github.com/teemtee/tmt/issues/2620 | |
# 2. Security issue that leaks long secrets - Jira TFT-2698 | |
tf_scope: private | |
api_key: ${{ secrets.TF_API_KEY_RH }} | |
update_pull_request_status: false | |
tmt_hardware: '{ "memory": ">= 4096" }' | |
tmt_plan_filter: "tag:general" | |
- name: Set final commit status | |
uses: myrotvorets/set-commit-status-action@master | |
if: | | |
always() | |
with: | |
sha: ${{ needs.prepare_run_vars.outputs.head_sha }} | |
status: ${{ job.status }} | |
context: ${{ matrix.test_role }}|${{ matrix.platform_ansible.platform }}|ansible-${{ matrix.platform_ansible.ansible_version }} | |
description: Test finished | |
targetUrl: ${{ steps.prepare_artifacts_info.outputs.ARTIFACTS_URL }} |