OCM CLI Integration Tests #1668
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: OCM Integration Tests | |
| # trigger manually | |
| run-name: OCM CLI Integration Tests | |
| on: | |
| # can be called via dispatch event on the repo directly | |
| workflow_dispatch: | |
| inputs: | |
| use-release: | |
| type: boolean | |
| description: use latest pre-built release instead of building from HEAD | |
| default: false | |
| pr_number: | |
| type: number | |
| description: "Number of PR to test (without #, e.g.: 517)" | |
| required: false | |
| # runs regularly on main | |
| schedule: | |
| - cron: '0 6 * * *' # 6 AM UTC everyday for default branch | |
| # runs on PRs via workflow_call directly from within open-component-model/ocm | |
| workflow_call: | |
| secrets: | |
| OCMBOT_APP_ID: | |
| required: true | |
| OCMBOT_PRIV_KEY: | |
| required: true | |
| inputs: | |
| repo: | |
| description: "The repo to checkout, can be used to reference other repositories" | |
| required: false | |
| default: '' | |
| type: string | |
| ref: | |
| description: "The ref to checkout for OCM" | |
| required: true | |
| default: '' | |
| type: string | |
| env: | |
| REPO: ${{ inputs.repo != '' && inputs.repo || 'open-component-model/ocm'}} | |
| REF: main | |
| REF_FROM_OTHER_WORKFLOW: ${{ inputs.ref != '' }} | |
| permissions: | |
| contents: write | |
| jobs: | |
| test-ocm: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Generate token | |
| id: generate_token | |
| uses: tibdex/github-app-token@v2 | |
| with: # OCMBot | |
| app_id: ${{ secrets.OCMBOT_APP_ID }} | |
| private_key: ${{ secrets.OCMBOT_PRIV_KEY }} | |
| - name: checkout inttest | |
| uses: actions/checkout@v4 | |
| with: | |
| # hard code repo because we want to reuse it across workflows | |
| repository: open-component-model/ocm-integrationtest | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - name: get-pr | |
| if: ${{ inputs.ref!= '' }} | |
| run: | | |
| echo "Building OCM from a ref: ${{ inputs.ref }}" | |
| echo "REF=${{ inputs.ref }}" >> $GITHUB_ENV | |
| - name: get-pr | |
| if: ${{ github.event.client_payload }} | |
| run: | | |
| echo "PR was triggered with payload: pr: ${{ github.event.client_payload.pr }}, ref: ${{ github.event.client_payload.ref }}, sha: ${{ github.event.client_payload.sha }}" | |
| echo "PR_NUMBER=${{ github.event.client_payload.pr }}" >> $GITHUB_ENV | |
| echo "SHA=${{ github.event.client_payload.sha }}" >> $GITHUB_ENV | |
| echo "REF=${{ github.event.client_payload.ref }}" >> $GITHUB_ENV | |
| - name: get-pr | |
| if: ${{ inputs.pr_number!= '' }} | |
| run: | | |
| echo "get-pr" | |
| echo "Input was: ${{ inputs.pr_number }}" | |
| REF="refs/pull/${{ inputs.pr_number }}/head" | |
| echo "Building OCM from a pull request: ${REF}" | |
| echo "REF=${REF}" >> $GITHUB_ENV | |
| - name: checkout ocm | |
| uses: actions/checkout@v4 | |
| if: ${{ ! inputs.use-release }} | |
| with: | |
| repository: ${{ env.REPO }} | |
| ref: ${{ env.REF }} | |
| path: ocm | |
| token: ${{ steps.generate_token.outputs.token }} | |
| - name: get ocm commit | |
| if: ${{ ! inputs.github.event.client_payload }} | |
| run: | | |
| SHA=`git -C ./ocm log -1 --format='%H'` | |
| echo "Checked out ocm from commit: ${SHA}" | |
| echo "SHA=${SHA}" >> $GITHUB_ENV | |
| - name: debug env | |
| run: | | |
| echo "PR_NUMBER=${{ env.PR_NUMBER }}" | |
| echo "SHA=${{ env.SHA }}" | |
| echo "REF=${{ env.REF }}" | |
| - name: setup OCM | |
| uses: open-component-model/ocm-setup-action@main | |
| if: ${{ inputs.use-release }} | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version-file: '${{ github.workspace }}/go.mod' | |
| - name: create-cert | |
| run: | | |
| FDQN_NAME=`hostname --fqdn` | |
| HNAME=`hostname` | |
| echo "working dir is: $PWD" | |
| echo "home-dir: $HOME" | |
| echo "fqdn hostame is: $FDQN_NAME" | |
| if [ "$FDQN_NAME" = "$HNAME" ]; then | |
| echo "Failed to get fully qualified hostname: $FQDN_NAME , falling back to hostname.local" | |
| FDQN_NAME=`hostname`.local | |
| fi | |
| sudo rm -rf certs | |
| mkdir -p certs | |
| openssl req -newkey rsa:4096 -nodes -sha256 -keyout certs/ociregistry.key -addext "subjectAltName = DNS:${FDQN_NAME}" -x509 -days 365 -out certs/ociregistry.crt -subj "/C=DE/ST=Baden-Wuertemberg/L=Walldorf/O=SAP/OU=ocm/CN=${HNAME}" | |
| openssl x509 -noout -text -in certs/ociregistry.crt | |
| sudo cp certs/ociregistry.crt /usr/local/share/ca-certificates | |
| sudo update-ca-certificates | |
| echo "FDQN_NAME=${FDQN_NAME}" >> $GITHUB_ENV | |
| - name: create user and credentials | |
| run: | | |
| mkdir -p auth | |
| # generate a random password | |
| PASSWD=`head /dev/urandom | tr -dc 'A-Za-z0-9!#-$%&=+-' | head -c12` | |
| USER_NAME=ocmuser | |
| htpasswd -Bbn ocmuser ${PASSWD} > auth/htpasswd | |
| htpasswd -b -v auth/htpasswd ${USER_NAME} ${PASSWD} | |
| echo "PASSWD=${PASSWD}" >> $GITHUB_ENV | |
| echo "USER_NAME=${USER_NAME}" >> $GITHUB_ENV | |
| - name: start OCI registry (docker) | |
| run: | | |
| docker run -d -p 443:443 --name registry \ | |
| -v ${{ github.workspace}}/certs:/certs \ | |
| -v ${{ github.workspace}}/auth:/auth \ | |
| -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ | |
| -e REGISTRY_AUTH=htpasswd \ | |
| -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ | |
| -e REGISTRY_HTTP_ADDR=:443 \ | |
| -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/ociregistry.crt \ | |
| -e REGISTRY_HTTP_TLS_KEY=/certs/ociregistry.key \ | |
| registry:2.8.1 | |
| - name: Install Crane | |
| uses: imjasonh/[email protected] | |
| - name: Build OCM | |
| if: ${{ ! inputs.use-release }} | |
| run: | | |
| cd ocm | |
| make install | |
| - name: Build go Test Binaries | |
| run: | | |
| env GOOS=linux GOARCH=arm64 GO111MODULE=on go build -o local/hello.arm64 -ldflags '-extldflags "-static"' main.go | |
| env GOOS=linux GOARCH=amd64 GO111MODULE=on go build -o local/hello.amd64 -ldflags '-extldflags "-static"' main.go | |
| - name: Wait for OCI registry to become ready | |
| timeout-minutes: 1 | |
| run: | | |
| while ! curl https://${{ env.FDQN_NAME }}/v2 | |
| do | |
| echo "Waiting for container to become ready... still trying" | |
| sleep 1 | |
| done | |
| echo "$Registy container is ready" | |
| - name: Python add CA | |
| run: | | |
| location=`python3 -c "import certifi; print(certifi.where());"` | |
| cat ${{ github.workspace}}/certs/ociregistry.crt >> location | |
| python -c "import urllib.request; urllib.request.urlopen('https://${{ env.FDQN_NAME }}')" | |
| - name: Install Python Libs | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r requirements.txt | |
| - name: Test with pytest | |
| run: | | |
| if [ -e ${HOME}/.ocmconfig ]; then | |
| rm ${HOME}/.ocmconfig | |
| fi | |
| ocm_ver=$(ocm --version) | |
| echo "OCM-Version: ${ocm_ver}" | |
| pytest ./tests | |
| res=$? | |
| now=$(date +"%Y-%m-%d %H:%M:%S%z") | |
| echo "TEST_RUN_TS=${now}" >> $GITHUB_ENV | |
| echo "TEST_RESULT=${res}" >> $GITHUB_ENV | |
| echo "OCM_VERSION=${ocm_ver}" >> $GITHUB_ENV | |
| cp docs/report.html docs/report-${{ env.SHA }}.html | |
| if [ ${res} -eq 0 ]; then | |
| echo "Tests run successfully." | |
| echo "TEST_RESULT_STR=Success ✅" >> $GITHUB_ENV | |
| echo "$now | ${ocm_ver} | ✅ (passed)" >> README.md | |
| else | |
| echo "Tests failed." | |
| echo "TEST_RESULT_STR=Failure ❌" >> $GITHUB_ENV | |
| echo "$now | ${ocm_ver} | ❌ (failed)" >> README.md | |
| fi | |
| exit ${res} | |
| - name: Upload Report | |
| # only upload the artifact if we are not on a PR | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| if-no-files-found: error | |
| overwrite: true | |
| retention-days: 7 | |
| name: test-report | |
| path: docs/report.html | |
| - name: stop docker registry | |
| if: always() | |
| run: | | |
| docker container stop registry | |
| docker container rm -v registry | |
| - name: push | |
| uses: github-actions-x/[email protected] | |
| if: ${{ env.REF_FROM_OTHER_WORKFLOW == false && always()}} # push result also on failure | |
| with: | |
| github-token: ${{ steps.generate_token.outputs.token }} | |
| commit-message: 'add test report' | |
| files: README.md docs/ | |
| name: github-ation | |
| email: [email protected] | |
| - name: send test result as PR comment | |
| if: ${{ env.REF_FROM_OTHER_WORKFLOW == false && github.event.client_payload }} | |
| uses: actions/github-script@v7 | |
| with: | |
| github-token: ${{ steps.generate_token.outputs.token }} | |
| script: | | |
| github.rest.issues.createComment({ | |
| owner: 'open-component-model', | |
| repo: 'ocm', | |
| issue_number: ${{ env.PR_NUMBER }}, | |
| body: 'Integration Tests for ${{ env.SHA }} run with result: ${{ env.TEST_RESULT_STR }}!' | |
| }) | |
| - name: Post to a Slack channel | |
| id: slack | |
| uses: slackapi/[email protected] | |
| if: ${{ env.REF_FROM_OTHER_WORKFLOW == false && github.ref_name == 'main' && github.event_name == 'schedule' && always()}} | |
| with: | |
| # Slack channel id, channel name, or user id to post message. | |
| # See also: https://api.slack.com/methods/chat.postMessage#channels | |
| # You can pass in multiple channels to post to by providing a comma-delimited list of channel IDs. | |
| # Test-channel-id: 'C057KU48M7Y' | |
| channel-id: 'C03NF7KH128' | |
| payload: | | |
| { | |
| "text" : "OCM Integration Test Report, Status: ${{ job.status }}", | |
| "blocks": [ | |
| { | |
| "type": "section", | |
| "text": | |
| { | |
| "type": "mrkdwn", | |
| "text": "Integration Test for OCM CLI ${{ job.status == 'success' && ':white_check_mark:' || ':x:' }} <https://open-component-model.github.io/ocm-integrationtest/report-${{ env.SHA }}.html|TestReport> <https://github.com/open-component-model/ocm-integrationtest/actions/runs/${{ github.run_id }}|Github Action>" | |
| } | |
| } | |
| ] | |
| } | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} |