diff --git a/.github/workflows/build-base-app.yml b/.github/workflows/build-base-app.yml deleted file mode 100644 index 3995b4b49b..0000000000 --- a/.github/workflows/build-base-app.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: Build Base App Docker Image - -on: - push: - branches: - - 'main' - paths: - - 'docker/base.Dockerfile' - - 'requirements.txt' - - workflow_dispatch: - -jobs: - publish: - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - - steps: - - uses: actions/checkout@v4 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Docker Build & Push - uses: docker/build-push-action@v6 - env: - DOCKER_BUILD_NO_SUMMARY: true - with: - context: . - file: docker/base.Dockerfile - platforms: linux/amd64,linux/arm64 - push: true - tags: ghcr.io/ietf-tools/datatracker-app-base:latest diff --git a/.github/workflows/build-celery-worker.yml b/.github/workflows/build-celery-worker.yml deleted file mode 100644 index d14e4f2c8b..0000000000 --- a/.github/workflows/build-celery-worker.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: Build Celery Worker Docker Image - -on: - push: - branches: - - 'main' - paths: - - 'requirements.txt' - - 'dev/celery/**' - - '.github/workflows/build-celery-worker.yml' - - workflow_dispatch: - -jobs: - publish: - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - - steps: - - uses: actions/checkout@v4 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Docker Build & Push - uses: docker/build-push-action@v6 - env: - DOCKER_BUILD_NO_SUMMARY: true - with: - context: . - file: dev/celery/Dockerfile - platforms: linux/amd64,linux/arm64 - push: true - tags: ghcr.io/ietf-tools/datatracker-celery:latest - diff --git a/.github/workflows/build-mq-broker.yml b/.github/workflows/build-mq-broker.yml deleted file mode 100644 index 8c6f1e6ae1..0000000000 --- a/.github/workflows/build-mq-broker.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Build MQ Broker Docker Image - -on: - push: - branches: - - 'main' - paths: - - 'dev/mq/**' - - '.github/workflows/build-mq-broker.yml' - - workflow_dispatch: - -env: - RABBITMQ_VERSION: 3.12-alpine - -jobs: - publish: - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - - steps: - - uses: actions/checkout@v4 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Docker Build & Push - uses: docker/build-push-action@v6 - env: - DOCKER_BUILD_NO_SUMMARY: true - with: - context: . - file: dev/mq/Dockerfile - platforms: linux/amd64,linux/arm64 - push: true - build-args: RABBITMQ_VERSION=${{ env.RABBITMQ_VERSION }} - tags: | - ghcr.io/ietf-tools/datatracker-mq:${{ env.RABBITMQ_VERSION }} - ghcr.io/ietf-tools/datatracker-mq:latest diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 8f88c7c22e..0000000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,475 +0,0 @@ -name: Build and Release -run-name: ${{ github.ref_name == 'release' && '[Prod]' || '[Dev]' }} Build ${{ github.run_number }} of branch ${{ github.ref_name }} by @${{ github.actor }} - -on: - push: - branches: [release] - - workflow_dispatch: - inputs: - deploy: - description: 'Deploy to K8S' - default: 'Skip' - required: true - type: choice - options: - - Skip - - Staging Only - - Staging + Prod - sandbox: - description: 'Deploy to Sandbox' - default: true - required: true - type: boolean - sandboxNoDbRefresh: - description: 'Sandbox Disable Daily DB Refresh' - default: false - required: true - type: boolean - skiptests: - description: 'Skip Tests' - default: false - required: true - type: boolean - skiparm: - description: 'Skip ARM64 Build' - default: false - required: true - type: boolean - ignoreLowerCoverage: - description: 'Ignore Lower Coverage' - default: false - required: true - type: boolean - updateCoverage: - description: 'Update Baseline Coverage' - default: false - required: true - type: boolean - -concurrency: - group: ${{ github.workflow }}-${{ github.ref }} - cancel-in-progress: true - -jobs: - # ----------------------------------------------------------------- - # PREPARE - # ----------------------------------------------------------------- - prepare: - name: Prepare Release - runs-on: ubuntu-latest - outputs: - should_deploy: ${{ steps.buildvars.outputs.should_deploy }} - pkg_version: ${{ steps.buildvars.outputs.pkg_version }} - from_tag: ${{ steps.semver.outputs.nextStrict }} - to_tag: ${{ steps.semver.outputs.current }} - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 1 - fetch-tags: false - - - name: Get Next Version (Prod) - if: ${{ github.ref_name == 'release' }} - id: semver - uses: ietf-tools/semver-action@v1 - with: - token: ${{ github.token }} - branch: release - skipInvalidTags: true - - - name: Get Dev Version - if: ${{ github.ref_name != 'release' }} - id: semverdev - uses: ietf-tools/semver-action@v1 - with: - token: ${{ github.token }} - branch: release - skipInvalidTags: true - noVersionBumpBehavior: 'current' - noNewCommitBehavior: 'current' - - - name: Set Release Flag - if: ${{ github.ref_name == 'release' }} - run: | - echo "IS_RELEASE=true" >> $GITHUB_ENV - - - name: Create Draft Release - uses: ncipollo/release-action@v1.14.0 - if: ${{ github.ref_name == 'release' }} - with: - prerelease: true - draft: false - commit: ${{ github.sha }} - tag: ${{ steps.semver.outputs.nextStrict }} - name: ${{ steps.semver.outputs.nextStrict }} - body: '*pending*' - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Set Build Variables - id: buildvars - run: | - if [[ $IS_RELEASE ]]; then - echo "Using AUTO SEMVER mode: ${{ steps.semver.outputs.nextStrict }}" - echo "should_deploy=true" >> $GITHUB_OUTPUT - echo "pkg_version=${{ steps.semver.outputs.nextStrict }}" >> $GITHUB_OUTPUT - echo "::notice::Release ${{ steps.semver.outputs.nextStrict }} created using branch $GITHUB_REF_NAME" - else - echo "Using TEST mode: ${{ steps.semverdev.outputs.nextMajorStrict }}.0.0-dev.$GITHUB_RUN_NUMBER" - echo "should_deploy=false" >> $GITHUB_OUTPUT - echo "pkg_version=${{ steps.semverdev.outputs.nextMajorStrict }}.0.0-dev.$GITHUB_RUN_NUMBER" >> $GITHUB_OUTPUT - echo "::notice::Non-production build ${{ steps.semverdev.outputs.nextMajorStrict }}.0.0-dev.$GITHUB_RUN_NUMBER created using branch $GITHUB_REF_NAME" - fi - - # ----------------------------------------------------------------- - # TESTS - # ----------------------------------------------------------------- - - tests: - name: Run Tests - uses: ./.github/workflows/tests.yml - if: ${{ github.event.inputs.skiptests == 'false' || github.ref_name == 'release' }} - needs: [prepare] - with: - ignoreLowerCoverage: ${{ github.event.inputs.ignoreLowerCoverage == 'true' }} - - # ----------------------------------------------------------------- - # RELEASE - # ----------------------------------------------------------------- - release: - name: Make Release - if: ${{ !failure() && !cancelled() }} - needs: [tests, prepare] - runs-on: ubuntu-latest - permissions: - contents: write - packages: write - env: - SHOULD_DEPLOY: ${{needs.prepare.outputs.should_deploy}} - PKG_VERSION: ${{needs.prepare.outputs.pkg_version}} - FROM_TAG: ${{needs.prepare.outputs.from_tag}} - TO_TAG: ${{needs.prepare.outputs.to_tag}} - - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 1 - fetch-tags: false - - - name: Setup Node.js - uses: actions/setup-node@v4 - with: - node-version: '16' - - - name: Setup Python - uses: actions/setup-python@v5 - with: - python-version: '3.x' - - - name: Download a Coverage Results - if: ${{ github.event.inputs.skiptests == 'false' || github.ref_name == 'release' }} - uses: actions/download-artifact@v4.1.8 - with: - name: coverage - - - name: Make Release Build - env: - DEBIAN_FRONTEND: noninteractive - BROWSERSLIST_IGNORE_OLD_DATA: 1 - run: | - echo "PKG_VERSION: $PKG_VERSION" - echo "GITHUB_SHA: $GITHUB_SHA" - echo "GITHUB_REF_NAME: $GITHUB_REF_NAME" - echo "Running frontend build script..." - echo "Compiling native node packages..." - yarn rebuild - echo "Packaging static assets..." - yarn build --base=https://static.ietf.org/dt/$PKG_VERSION/ - yarn legacy:build - echo "Setting version $PKG_VERSION..." - sed -i -r -e "s|^__version__ += '.*'$|__version__ = '$PKG_VERSION'|" ietf/__init__.py - sed -i -r -e "s|^__release_hash__ += '.*'$|__release_hash__ = '$GITHUB_SHA'|" ietf/__init__.py - sed -i -r -e "s|^__release_branch__ += '.*'$|__release_branch__ = '$GITHUB_REF_NAME'|" ietf/__init__.py - - - name: Set Production Flags - if: ${{ env.SHOULD_DEPLOY == 'true' }} - run: | - echo "Setting production flags in settings.py..." - sed -i -r -e 's/^DEBUG *= *.*$/DEBUG = False/' -e "s/^SERVER_MODE *= *.*\$/SERVER_MODE = 'production'/" ietf/settings.py - - - name: Make Release Tarball - env: - DEBIAN_FRONTEND: noninteractive - run: | - echo "Build release tarball..." - mkdir -p /home/runner/work/release - tar -czf /home/runner/work/release/release.tar.gz -X dev/build/exclude-patterns.txt . - - - name: Collect + Push Statics - env: - DEBIAN_FRONTEND: noninteractive - AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_STATIC_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CF_R2_STATIC_KEY_SECRET }} - AWS_DEFAULT_REGION: auto - AWS_ENDPOINT_URL: ${{ secrets.CF_R2_ENDPOINT }} - run: | - echo "Collecting statics..." - docker run --rm --name collectstatics -v $(pwd):/workspace ghcr.io/ietf-tools/datatracker-app-base:latest sh dev/build/collectstatics.sh - echo "Pushing statics..." - cd static - aws s3 sync . s3://static/dt/$PKG_VERSION --only-show-errors - - - name: Augment dockerignore for docker image build - env: - DEBIAN_FRONTEND: noninteractive - run: | - cat >> .dockerignore < by ${{ github.triggering_actor }} - <@${{ secrets.SLACK_UID_RJSPARKS }}>", - "attachments": [ - { - "color": "28a745", - "fields": [ - { - "title": "Status", - "short": true, - "value": "Completed" - } - ] - } - ] - } - env: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_GH_BOT }} - - name: Notify on Slack (Failure) - if: ${{ contains(join(needs.*.result, ','), 'failure') }} - uses: slackapi/slack-github-action@v1.26.0 - with: - channel-id: ${{ secrets.SLACK_GH_BUILDS_CHANNEL_ID }} - payload: | - { - "text": "Datatracker Build by ${{ github.triggering_actor }} - <@${{ secrets.SLACK_UID_RJSPARKS }}>", - "attachments": [ - { - "color": "a82929", - "fields": [ - { - "title": "Status", - "short": true, - "value": "Failed" - } - ] - } - ] - } - env: - SLACK_BOT_TOKEN: ${{ secrets.SLACK_GH_BOT }} - - # ----------------------------------------------------------------- - # SANDBOX - # ----------------------------------------------------------------- - sandbox: - name: Deploy to Sandbox - if: ${{ !failure() && !cancelled() && github.event.inputs.sandbox == 'true' }} - needs: [prepare, release] - runs-on: [self-hosted, dev-server] - environment: - name: sandbox - env: - PKG_VERSION: ${{needs.prepare.outputs.pkg_version}} - - steps: - - uses: actions/checkout@v4 - - - name: Download a Release Artifact - uses: actions/download-artifact@v4.1.8 - with: - name: release-${{ env.PKG_VERSION }} - - - name: Deploy to containers - env: - DEBIAN_FRONTEND: noninteractive - run: | - echo "Reset production flags in settings.py..." - sed -i -r -e 's/^DEBUG *= *.*$/DEBUG = True/' -e "s/^SERVER_MODE *= *.*\$/SERVER_MODE = 'development'/" ietf/settings.py - echo "Install Deploy to Container CLI dependencies..." - cd dev/deploy-to-container - npm ci - cd ../.. - echo "Start Deploy..." - node ./dev/deploy-to-container/cli.js --branch ${{ github.ref_name }} --domain dev.ietf.org --appversion ${{ env.PKG_VERSION }} --commit ${{ github.sha }} --ghrunid ${{ github.run_id }} --nodbrefresh ${{ github.event.inputs.sandboxNoDbRefresh }} - - - name: Cleanup old docker resources - env: - DEBIAN_FRONTEND: noninteractive - run: | - docker image prune -a -f - - # ----------------------------------------------------------------- - # STAGING - # ----------------------------------------------------------------- - staging: - name: Deploy to Staging - if: ${{ !failure() && !cancelled() && (github.event.inputs.deploy == 'Staging Only' || github.event.inputs.deploy == 'Staging + Prod' || github.ref_name == 'release') }} - needs: [prepare, release] - runs-on: ubuntu-latest - environment: - name: staging - env: - PKG_VERSION: ${{needs.prepare.outputs.pkg_version}} - - steps: - - name: Deploy to staging - uses: the-actions-org/workflow-dispatch@v4 - with: - workflow: deploy.yml - repo: ietf-tools/infra-k8s - ref: main - token: ${{ secrets.GH_INFRA_K8S_TOKEN }} - inputs: '{ "environment":"${{ secrets.GHA_K8S_CLUSTER }}", "app":"datatracker", "appVersion":"${{ env.PKG_VERSION }}", "remoteRef":"${{ github.sha }}" }' - wait-for-completion: true - wait-for-completion-timeout: 10m - wait-for-completion-interval: 30s - display-workflow-run-url: false - - # ----------------------------------------------------------------- - # PROD - # ----------------------------------------------------------------- - prod: - name: Deploy to Production - if: ${{ !failure() && !cancelled() && (github.event.inputs.deploy == 'Staging + Prod' || github.ref_name == 'release') }} - needs: [prepare, staging] - runs-on: ubuntu-latest - environment: - name: production - env: - PKG_VERSION: ${{needs.prepare.outputs.pkg_version}} - - steps: - - name: Deploy to production - uses: the-actions-org/workflow-dispatch@v4 - with: - workflow: deploy.yml - repo: ietf-tools/infra-k8s - ref: main - token: ${{ secrets.GH_INFRA_K8S_TOKEN }} - inputs: '{ "environment":"${{ secrets.GHA_K8S_CLUSTER }}", "app":"datatracker", "appVersion":"${{ env.PKG_VERSION }}", "remoteRef":"${{ github.sha }}" }' - wait-for-completion: true - wait-for-completion-timeout: 10m - wait-for-completion-interval: 30s - display-workflow-run-url: false diff --git a/.github/workflows/ci-run-tests.yml b/.github/workflows/ci-run-tests.yml deleted file mode 100644 index 9121bf8aea..0000000000 --- a/.github/workflows/ci-run-tests.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: PR - Run All Tests - -on: - pull_request: - branches: - - 'main' - - 'feat/rfc' - paths: - - 'client/**' - - 'ietf/**' - - 'playwright/**' - - 'requirements.txt' - - 'package.json' - -jobs: - tests: - uses: ./.github/workflows/tests.yml - with: - ignoreLowerCoverage: false \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml deleted file mode 100644 index 3444c03b5e..0000000000 --- a/.github/workflows/codeql-analysis.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: CodeQL Analysis - -on: - # push: - # branches: [ main ] - # pull_request: - # branches: [ main ] - schedule: - - cron: '23 1 * * 1' - -jobs: - analyze: - name: Analyze - runs-on: ubuntu-latest - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'javascript', 'python' ] - # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] - # Learn more about CodeQL language support at https://git.io/codeql-language-support - - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml deleted file mode 100644 index 6d0683c471..0000000000 --- a/.github/workflows/dependency-review.yml +++ /dev/null @@ -1,22 +0,0 @@ -# Dependency Review Action -# -# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging. -# -# Source repository: https://github.com/actions/dependency-review-action -# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement -name: 'Dependency Review' -on: [pull_request] - -permissions: - contents: read - -jobs: - dependency-review: - runs-on: ubuntu-latest - steps: - - name: 'Checkout Repository' - uses: actions/checkout@v4 - - name: 'Dependency Review' - uses: actions/dependency-review-action@v4 - with: - vulnerability-check: false diff --git a/.github/workflows/dev-assets-sync-nightly.yml b/.github/workflows/dev-assets-sync-nightly.yml deleted file mode 100644 index a7fe67f012..0000000000 --- a/.github/workflows/dev-assets-sync-nightly.yml +++ /dev/null @@ -1,63 +0,0 @@ -# GITHUB ACTIONS - WORKFLOW - -# RSync the assets in the shared assets volume - -name: Nightly Dev Shared Assets Sync - -# Controls when the workflow will run -on: - # Run every night - schedule: - - cron: '0 1 * * *' - - # Run on app-rsync-extras.sh changes - push: - branches: - - main - paths: - - 'docker/scripts/app-rsync-extras.sh' - - # Allows you to run this workflow manually from the Actions tab - workflow_dispatch: - -jobs: - build: - name: Build Docker Image - runs-on: ubuntu-latest - if: ${{ github.event_name != 'schedule' }} - permissions: - contents: read - packages: write - steps: - - uses: actions/checkout@v4 - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Docker Build & Push - uses: docker/build-push-action@v6 - env: - DOCKER_BUILD_NO_SUMMARY: true - with: - context: . - file: dev/shared-assets-sync/Dockerfile - push: true - tags: ghcr.io/ietf-tools/datatracker-rsync-assets:latest - - sync: - name: Run assets rsync - if: ${{ always() }} - runs-on: [self-hosted, dev-server] - needs: [build] - steps: - - name: Run rsync - env: - DEBIAN_FRONTEND: noninteractive - run: | - docker pull ghcr.io/ietf-tools/datatracker-rsync-assets:latest - docker run --rm -v dt-assets:/assets ghcr.io/ietf-tools/datatracker-rsync-assets:latest - docker image prune -a -f diff --git a/.github/workflows/lock-threads.yml b/.github/workflows/lock-threads.yml deleted file mode 100644 index 22652dab88..0000000000 --- a/.github/workflows/lock-threads.yml +++ /dev/null @@ -1,24 +0,0 @@ -name: Lock Threads - -on: - schedule: - - cron: '0 0 * * *' - workflow_dispatch: - -permissions: - issues: write - pull-requests: write - -concurrency: - group: lock - -jobs: - action: - runs-on: ubuntu-latest - steps: - - uses: ietf-tools/lock-threads@v3.1.1 - with: - github-token: ${{ github.token }} - issue-inactive-days: 7 - pr-inactive-days: 3 - log-output: true diff --git a/.github/workflows/sandbox-refresh.yml b/.github/workflows/sandbox-refresh.yml deleted file mode 100644 index 3ddb119e4f..0000000000 --- a/.github/workflows/sandbox-refresh.yml +++ /dev/null @@ -1,35 +0,0 @@ -name: Sandbox Refresh - -on: - # Run every night - schedule: - - cron: '0 9 * * *' - - workflow_dispatch: - -jobs: - main: - name: Refresh DBs - runs-on: [self-hosted, dev-server] - permissions: - contents: read - - steps: - - uses: actions/checkout@v4 - - - name: Refresh DBs - env: - DEBIAN_FRONTEND: noninteractive - run: | - echo "Install Deploy to Container CLI dependencies..." - cd dev/deploy-to-container - npm ci - cd ../.. - echo "Start Refresh..." - node ./dev/deploy-to-container/refresh.js - - - name: Cleanup old docker resources - env: - DEBIAN_FRONTEND: noninteractive - run: | - docker image prune -a -f diff --git a/.github/workflows/tests-az.yml b/.github/workflows/tests-az.yml deleted file mode 100644 index bfd1fdd584..0000000000 --- a/.github/workflows/tests-az.yml +++ /dev/null @@ -1,109 +0,0 @@ -name: Tests (Azure Test) - -on: - workflow_dispatch: - -jobs: - main: - name: Run Tests on Azure temp VM - runs-on: ubuntu-latest - - permissions: - contents: read - - steps: - - name: Launch VM on Azure - id: azlaunch - run: | - echo "Authenticating to Azure..." - az login --service-principal -u ${{ secrets.AZ_TESTS_APP_ID }} -p ${{ secrets.AZ_TESTS_PWD }} --tenant ${{ secrets.AZ_TESTS_TENANT_ID }} - echo "Creating VM..." - vminfo=$(az vm create \ - --resource-group ghaDatatrackerTests \ - --name tmpGhaVM2 \ - --image Ubuntu2204 \ - --admin-username azureuser \ - --generate-ssh-keys \ - --priority Spot \ - --size Standard_D4as_v5 \ - --max-price -1 \ - --os-disk-size-gb 30 \ - --eviction-policy Delete \ - --nic-delete-option Delete \ - --output tsv \ - --query "publicIpAddress") - echo "ipaddr=$vminfo" >> "$GITHUB_OUTPUT" - echo "VM Public IP: $vminfo" - cat ~/.ssh/id_rsa > ${{ github.workspace }}/prvkey.key - ssh-keyscan -t rsa $vminfo >> ~/.ssh/known_hosts - - - name: Remote SSH into VM - uses: appleboy/ssh-action@029f5b4aeeeb58fdfe1410a5d17f967dacf36262 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - host: ${{ steps.azlaunch.outputs.ipaddr }} - port: 22 - username: azureuser - command_timeout: 60m - key_path: ${{ github.workspace }}/prvkey.key - envs: GITHUB_TOKEN - script_stop: true - script: | - export DEBIAN_FRONTEND=noninteractive - lsb_release -a - sudo apt-get update - sudo apt-get upgrade -y - - echo "Installing Docker..." - curl -fsSL https://get.docker.com -o get-docker.sh - sudo sh get-docker.sh - - echo "Starting Containers..." - sudo docker network create dtnet - sudo docker run -d --name db --network=dtnet ghcr.io/ietf-tools/datatracker-db:latest & - sudo docker run -d --name app --network=dtnet ghcr.io/ietf-tools/datatracker-app-base:latest sleep infinity & - wait - - echo "Cloning datatracker repo..." - sudo docker exec app git clone --depth=1 https://github.com/ietf-tools/datatracker.git . - echo "Prepare tests..." - sudo docker exec app chmod +x ./dev/tests/prepare.sh - sudo docker exec app sh ./dev/tests/prepare.sh - echo "Running checks..." - sudo docker exec app ietf/manage.py check - sudo docker exec app ietf/manage.py migrate --fake-initial - echo "Running tests..." - sudo docker exec app ietf/manage.py test -v2 --validate-html-harder --settings=settings_test - - - name: Destroy VM + resources - if: always() - shell: pwsh - run: | - echo "Destroying VM..." - az vm delete -g ghaDatatrackerTests -n tmpGhaVM2 --yes --force-deletion true - - $resourceOrderRemovalOrder = [ordered]@{ - "Microsoft.Compute/virtualMachines" = 0 - "Microsoft.Compute/disks" = 1 - "Microsoft.Network/networkInterfaces" = 2 - "Microsoft.Network/publicIpAddresses" = 3 - "Microsoft.Network/networkSecurityGroups" = 4 - "Microsoft.Network/virtualNetworks" = 5 - } - echo "Fetching remaining resources..." - $resources = az resource list --resource-group ghaDatatrackerTests | ConvertFrom-Json - - $orderedResources = $resources - | Sort-Object @{ - Expression = {$resourceOrderRemovalOrder[$_.type]} - Descending = $False - } - - echo "Deleting remaining resources..." - $orderedResources | ForEach-Object { - az resource delete --resource-group ghaDatatrackerTests --ids $_.id --verbose - } - - echo "Logout from Azure..." - az logout diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml deleted file mode 100644 index 616ffdcc63..0000000000 --- a/.github/workflows/tests.yml +++ /dev/null @@ -1,171 +0,0 @@ -name: Reusable Tests Workflow - -on: - workflow_call: - inputs: - ignoreLowerCoverage: - description: 'Ignore Lower Coverage' - default: false - required: true - type: boolean - -jobs: - tests-python: - name: Python Tests - runs-on: ubuntu-latest - container: ghcr.io/ietf-tools/datatracker-app-base:latest - - services: - db: - image: ghcr.io/ietf-tools/datatracker-db:latest - - steps: - - uses: actions/checkout@v4 - - - name: Prepare for tests - run: | - chmod +x ./dev/tests/prepare.sh - sh ./dev/tests/prepare.sh - - - name: Ensure DB is ready - run: | - /usr/local/bin/wait-for db:5432 -- echo "DB ready" - - - name: Run all tests - shell: bash - run: | - echo "Running checks..." - ./ietf/manage.py check - ./ietf/manage.py migrate --fake-initial - echo "Validating migrations..." - if ! ( ietf/manage.py makemigrations --dry-run --check --verbosity 3 ) ; then - echo "Model changes without migrations found." - exit 1 - fi - echo "Running tests..." - if [[ "x${{ github.event.inputs.ignoreLowerCoverage }}" == "xtrue" ]]; then - echo "Lower coverage failures will be ignored." - HOME=/root ./ietf/manage.py test -v2 --validate-html-harder --settings=settings_test --ignore-lower-coverage - else - HOME=/root ./ietf/manage.py test -v2 --validate-html-harder --settings=settings_test - fi - coverage xml - - - name: Upload geckodriver.log - uses: actions/upload-artifact@v4 - if: ${{ failure() }} - with: - name: geckodriverlog - path: geckodriver.log - - - name: Upload Coverage Results to Codecov - uses: codecov/codecov-action@v4.5.0 - with: - files: coverage.xml - - - name: Convert Coverage Results - if: ${{ always() }} - run: | - mv latest-coverage.json coverage.json - - - name: Upload Coverage Results as Build Artifact - uses: actions/upload-artifact@v4 - if: ${{ always() }} - with: - name: coverage - path: coverage.json - - tests-playwright: - name: Playwright Tests - runs-on: macos-latest - strategy: - fail-fast: false - matrix: - project: [chromium, firefox] - - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-node@v4 - with: - node-version: '18' - - - name: Run all tests - run: | - echo "Installing dependencies..." - yarn - echo "Installing Playwright..." - cd playwright - mkdir test-results - npm ci - npx playwright install --with-deps ${{ matrix.project }} - echo "Running tests..." - npx playwright test --project=${{ matrix.project }} - - - name: Upload Report - uses: actions/upload-artifact@v4 - if: ${{ always() }} - continue-on-error: true - with: - name: playwright-results-${{ matrix.project }} - path: playwright/test-results/ - if-no-files-found: ignore - - tests-playwright-legacy: - name: Playwright Legacy Tests - runs-on: ubuntu-latest - container: ghcr.io/ietf-tools/datatracker-app-base:latest - strategy: - fail-fast: false - matrix: - project: [chromium, firefox] - - services: - db: - image: ghcr.io/ietf-tools/datatracker-db:latest - - steps: - - uses: actions/checkout@v4 - - - name: Prepare for tests - run: | - chmod +x ./dev/tests/prepare.sh - sh ./dev/tests/prepare.sh - - - name: Ensure DB is ready - run: | - /usr/local/bin/wait-for db:5432 -- echo "DB ready" - - - name: Start Datatracker - run: | - echo "Running checks..." - ./ietf/manage.py check - ./ietf/manage.py migrate --fake-initial - echo "Starting datatracker..." - ./ietf/manage.py runserver 0.0.0.0:8000 --settings=settings_local & - echo "Waiting for datatracker to be ready..." - /usr/local/bin/wait-for localhost:8000 -- echo "Datatracker ready" - - - name: Run all tests - env: - # Required to get firefox to run as root: - HOME: "" - run: | - echo "Installing dependencies..." - yarn - echo "Installing Playwright..." - cd playwright - mkdir test-results - npm ci - npx playwright install --with-deps ${{ matrix.project }} - echo "Running tests..." - npx playwright test --project=${{ matrix.project }} -c playwright-legacy.config.js - - - name: Upload Report - uses: actions/upload-artifact@v4 - if: ${{ always() }} - continue-on-error: true - with: - name: playwright-legacy-results-${{ matrix.project }} - path: playwright/test-results/ - if-no-files-found: ignore