Mac Workflows initial concept with podman-e2e-mac workflow, scheduler and template

.github/workflows/desktop-e2e-podman-windows-matrix.yaml

@@ -29,6 +29,11 @@ on:
         description: 'Podman folder version in archive'
         type: 'string'
         required: true
+      env_vars:
+        default: 'VAR1=xxx,VAR2=true,VAR3=15,VAR4="Pass me along"'
+        description: 'Env. Variables passed into target machine'
+        type: 'string'
+        required: true
 
 jobs:
   windows:
@@ -118,7 +123,7 @@ jobs:
           -e DEBUG=true \
           -v $PWD:/data:z \
           quay.io/odockal/pde2e-builder:v0.0.1-windows  \
-              pd-e2e/run.ps1 \
+              pd-e2e/builder.ps1 \
                 -targetFolder pd-e2e \
                 -resultsFolder results \
                 -fork ${{ env.FORK }} \
@@ -138,7 +143,7 @@ jobs:
           -e DEBUG=true \
           -v $PWD:/data:z \
           quay.io/odockal/pde2e-podman:v0.0.1-windows  \
-            pd-e2e/run.ps1 \
+            pd-e2e/podman.ps1 \
               -downloadUrl "${{ github.event.inputs.podman_remote_url }}" \
               -version "${{ github.event.inputs.podman_version }}" \
               -targetFolder pd-e2e \
@@ -154,6 +159,8 @@ jobs:
       env:
         PODMANDESKTOP_CI_BOT_TOKEN: ${{ secrets.PODMANDESKTOP_CI_BOT_TOKEN }}
       run: |
+        # echo "PODMANDESKTOP_CI_BOT_TOKEN=${PODMANDESKTOP_CI_BOT_TOKEN}" > secrets.txt
+        echo "PODMANDESKTOP_CI_BOT_TOKEN=xxxxxxxx" > secrets.txt
         podman run -d --name pde2e-runner-run \
           -e TARGET_HOST=$(cat host) \
           -e TARGET_HOST_USERNAME=$(cat username) \
@@ -163,8 +170,9 @@ jobs:
           -e OUTPUT_FOLDER=/data \
           -e DEBUG=true \
           -v $PWD:/data:z \
+          -v $PWD/secrets.txt:/opt/pde2e-runner/secrets.txt:z \
           quay.io/odockal/pde2e-runner:v0.0.1-windows  \
-              pd-e2e/run.ps1 \
+              pd-e2e/runner.ps1 \
                 -targetFolder pd-e2e \
                 -resultsFolder results \
                 -podmanPath $(cat results/podman-location.log) \
@@ -174,7 +182,9 @@ jobs:
                 -initialize 1 \
                 -start 1 \
                 -rootful ${{ matrix.rootful }} \
-                -userNetworking ${{ matrix.user-networking }}
+                -userNetworking ${{ matrix.user-networking }} \
+                -envVars "{{ github.event.inputs.env_vars }}" \
+                -secretFile secrets.txt
         # check logs
         podman logs -f pde2e-runner-run
 

.github/workflows/desktop-e2e-test-job-windows.yaml

@@ -50,7 +50,7 @@ on:
         type: 'string'
         required: true
       env_vars:
-        default: 'VAR1=xxx,VAR2=true,VAR3=15'
+        default: 'VAR1=xxx,VAR2=true,VAR3=15,VAR4="Pass me along"'
         description: 'Env. Variables passed into target machine'
         type: 'string'
         required: true
@@ -134,7 +134,7 @@ jobs:
           -e DEBUG=true \
           -v $PWD:/data:z \
           quay.io/odockal/pde2e-builder:v0.0.1-windows  \
-              pd-e2e/run.ps1 \
+              pd-e2e/builder.ps1 \
                 -targetFolder pd-e2e \
                 -resultsFolder results \
                 -fork ${{ env.FORK }} \
@@ -154,7 +154,7 @@ jobs:
           -e DEBUG=true \
           -v $PWD:/data:z \
           quay.io/odockal/pde2e-podman:v0.0.1-windows  \
-            pd-e2e/run.ps1 \
+            pd-e2e/podman.ps1 \
               -downloadUrl "${{ github.event.inputs.podman_remote_url }}" \
               -version "${{ github.event.inputs.podman_version }}" \
               -targetFolder pd-e2e \
@@ -170,6 +170,7 @@ jobs:
       env:
         TEST_SECRET: "MySUPERSecret"
       run: |
+        echo "TEST_SECRET=${TEST_SECRET}" > secrets.txt
         podman run -d --name pde2e-runner-run \
           -e TARGET_HOST=$(cat host) \
           -e TARGET_HOST_USERNAME=$(cat username) \
@@ -179,8 +180,9 @@ jobs:
           -e OUTPUT_FOLDER=/data \
           -e DEBUG=true \
           -v $PWD:/data:z \
+          -v $PWD/secrets.txt:/opt/pde2e-runner/secrets.txt:z \
           quay.io/odockal/pde2e-runner:v0.0.1-windows  \
-              pd-e2e/run.ps1 \
+              pd-e2e/runner.ps1 \
                 -targetFolder pd-e2e \
                 -resultsFolder results \
                 -podmanPath $(cat results/podman-location.log) \
@@ -192,7 +194,7 @@ jobs:
                 -start "${{ github.event.inputs.podman_start }}" \
                 -userNetworking ${{ github.event.inputs.podman_networking }} \
                 -envVars "{{ github.event.inputs.env_vars }}" \
-                -registrySecret $TEST_SECRET
+                -secretFile secrets.txt
         # check logs
         podman logs -f pde2e-runner-run
 

.github/workflows/mac-dummy-template.yaml

@@ -0,0 +1,37 @@
+# This example workflow represents an independent dummy workflow serves as a template for
+# other possible workflows getting information for creating a Mac host from its parent scheduler job
+name: Dummy Mac Template Job
+
+on:
+  workflow_call:
+    secrets:
+      env_vars:
+        required: true
+
+jobs:
+  dummy-mac-job:
+    runs-on: ubuntu-latest
+    timeout-minutes: 5
+
+    steps:
+      - name: Decode credentials as environment variables
+        env:
+          env_vars: ${{ secrets.env_vars }}
+        run: |
+          for i in $env_vars; do
+            i=$(echo $i | sed 's/=.*//g')=$(echo ${i#*=} | base64 -di | base64 -di)
+            echo ::add-mask::${i#*=}
+            printf '%s\n' "$i" >> $GITHUB_ENV
+          done
+      - name: Validate credentials
+        run: |
+          # Secrets are now available as masked environment variable.
+          echo $HOST_ID # or ${{ env.HOST_ID }}
+
+      - name: Run tests
+        run: |
+          echo "Testing like a devil"
+
+      - name: Archive artifacts
+        run: |
+          echo "archiving..."

.github/workflows/mac-scheduler.yaml

@@ -0,0 +1,100 @@
+# Idea of this Mac based workflows is as follows:
+# Main job (this one), controlls the schedulling of the associated jobs. 
+# It also creates an initial request for a host machine on AWS and grants the access to the machine to the particular jobs.
+# Associated jobs has their own scheduller that must be agreed upon outside of this job. 
+# Once the external job is started, it requires this job to get access to the secrets require to connect to the machine using qenvs project
+# At the end of the day, another schedulled trigger runs a clean up job that will destroy the instance and free up resources.
+
+# Questions
+# 1. Should we rely on providing a concrete time frames to a various jobs/teams to make use of the machine?
+# 2. Jobs could be run in a sequence, one after another. Every job would need to have a timeout set so we can execute all in 24 hours
+# 3. How can we make use of an access information if the jobs are done and we still have a dedicated time on the machine?
+# 4. What teams to include? This sound like totally different project/repo
+
+
+# Solution of passing secrets is based on https://github.com/orgs/community/discussions/13082
+
+name: Mac Workflow Scheduler
+
+# env:
+#   CRON_START: '1 10 * * 4' # “At 10:01 on Thursday.”
+#   CRON_END: '10 10 * * 4' # “At 10:10 on Thursday.”
+
+# on:
+#   schedule: 
+#   - cron: '1 10 * * 4' # “At 10:01 on Thursday.”
+#   - cron: '10 10 * * 4' # “At 10:10 on Thursday.”
+
+on:
+  workflow_dispatch:
+
+jobs:
+  createHostJob:
+    runs-on: ubuntu-latest
+    # if: ${{ github.event_name == 'schedule' && github.event.inputs.cron == ${{ env.CRON_START }} }}
+
+    outputs:
+      host_id: ${{ steps.set_secret.outputs.host_id }}
+
+    steps:
+      - name: Create a host on AWS
+        # run: |
+          # Create host only - How to get host ID?
+          # podman run -d --name mac-host-create --rm \
+          # -v ${PWD}:/workspace:z \
+          # -e AWS_ACCESS_KEY_ID=${{ AWS_ACCESS_KEY_ID }} \
+          # -e AWS_SECRET_ACCESS_KEY='${{ AWS_SECRET_ACCESS_KEY }}' \
+          # -e AWS_DEFAULT_REGION=us-east-1 \
+          # quay.io/rhqp/qenvs:${{ matrix.qenvs-version }} aws \
+          #   mac create \
+          #     --host-only
+          #     --project-name mac-desktop \
+          #     --backed-url file:///workspace \
+          #     --conn-details-output /workspace \
+          # # Check logs 
+          # podman logs -f mac-host-create
+          # Simulate step that creates dedicatedHostID
+        run: |
+          # requires sudo! mkdir /workspace
+          mkdir workspace
+          echo "asd123-asd11-44556" >> $GITHUB_WORKSPACE/workspace/dedicatedHostID
+          # Read Host ID, encrypt it and pass it to the gha outputs
+          echo "Host ID: $(cat $GITHUB_WORKSPACE/workspace/dedicatedHostID)"
+
+      - name: Output encoded secrets
+        id: set_secret
+        run: |
+          host_id=$(cat $GITHUB_WORKSPACE/workspace/dedicatedHostID | base64 -w0 | base64 -w0)
+          echo "host_id is $host_id"
+          echo "host_id=$host_id" >> $GITHUB_OUTPUT
+
+  podman-e2e:
+    uses: ./.github/workflows/podman-e2e-mac.yaml
+    needs: createHostJob
+    secrets:
+      env_vars: |
+        HOST_ID=${{ needs.createHostJob.outputs.host_id }}
+
+  mac-template: 
+    uses: ./.github/workflows/mac-dummy-template.yaml
+    needs: createHostJob
+    secrets:
+      env_vars: |
+        HOST_ID=${{ needs.createHostJob.outputs.host_id }}
+
+  cleanUpJob:
+    runs-on: ubuntu-latest
+    needs: [createHostJob, podman-e2e, mac-template]
+    env:
+      env_vars: |
+        HOST_ID: ${{ needs.createHostJob.outputs.host_id }}
+    # if: ${{ github.event_name == 'schedule' && github.event.inputs.cron == ${{ env.CRON_END }} }}
+
+    # outputs:
+    #   host: ${{ steps.createHostJob.outputs.host }}
+
+    steps:
+      - name: Running Clean up Action
+        run: |
+          echo "Final job is running with HOST_ID=${{ needs.createHostJob.outputs.HOST_ID }}"
+          echo "Bye bye"

.github/workflows/podman-desktop-e2e-nightly-windows.yaml

@@ -20,6 +20,11 @@ on:
         description: 'npm target to run tests'
         type: string
         required: true
+      env_vars:
+        default: 'VAR1=xxx,VAR2=true,VAR3=15,VAR4="Pass me along"'
+        description: 'Env. Variables passed into target machine'
+        type: 'string'
+        required: true
 
 jobs:
   windows:
@@ -104,7 +109,7 @@ jobs:
           -e DEBUG=true \
           -v $PWD:/data:z \
           quay.io/odockal/pde2e-builder:v0.0.1-windows  \
-              pd-e2e/run.ps1 \
+              pd-e2e/builder.ps1 \
                 -targetFolder pd-e2e \
                 -resultsFolder results \
                 -fork ${{ env.FORK }} \
@@ -124,7 +129,7 @@ jobs:
           -e DEBUG=true \
           -v $PWD:/data:z \
           quay.io/odockal/pde2e-podman:v0.0.1-windows  \
-            pd-e2e/run.ps1 \
+            pd-e2e/podman.ps1 \
               -downloadUrl "https://api.cirrus-ci.com/v1/artifact/github/containers/podman/Artifacts/binary/podman-remote-release-windows_amd64.zip" \
               -version '5.0.0-dev' \
               -targetFolder pd-e2e \
@@ -140,6 +145,8 @@ jobs:
       env:
         PODMANDESKTOP_CI_BOT_TOKEN: ${{ secrets.PODMANDESKTOP_CI_BOT_TOKEN }}
       run: |
+        # echo "PODMANDESKTOP_CI_BOT_TOKEN=${PODMANDESKTOP_CI_BOT_TOKEN}" > secrets.txt
+        echo "PODMANDESKTOP_CI_BOT_TOKEN=xxxxxxxx" > secrets.txt
         podman run -d --name pde2e-runner-run \
           -e TARGET_HOST=$(cat host) \
           -e TARGET_HOST_USERNAME=$(cat username) \
@@ -149,8 +156,9 @@ jobs:
           -e OUTPUT_FOLDER=/data \
           -e DEBUG=true \
           -v $PWD:/data:z \
+          -v $PWD/secrets.txt:/opt/pde2e-runner/secrets.txt:z \
           quay.io/odockal/pde2e-runner:v0.0.1-windows  \
-              pd-e2e/run.ps1 \
+              pd-e2e/runner.ps1 \
                 -targetFolder pd-e2e \
                 -resultsFolder results \
                 -podmanPath $(cat results/podman-location.log) \
@@ -159,7 +167,9 @@ jobs:
                 -npmTarget ${{ env.NPM_TARGET }} \
                 -initialize 1 \
                 -start 1 \
-                -rootful 0
+                -rootful 0 \
+                -envVars "{{ github.event.inputs.env_vars }}" \
+                -secretFile secrets.txt
         # check logs
         podman logs -f pde2e-runner-run
 

.github/workflows/podman-desktop-e2e-windows.yaml

@@ -104,7 +104,7 @@ jobs:
           -e DEBUG=true \
           -v $PWD:/data:z \
           quay.io/odockal/pde2e-builder:v0.0.1-windows  \
-              pd-e2e/run.ps1 \
+              pd-e2e/builder.ps1 \
                   -targetFolder pd-e2e \
                   -resultsFolder results \
                   -fork ${{ env.FORK }} \
@@ -138,6 +138,8 @@ jobs:
       env:
         PODMANDESKTOP_CI_BOT_TOKEN: ${{ secrets.PODMANDESKTOP_CI_BOT_TOKEN }}
       run: |
+        # echo "PODMANDESKTOP_CI_BOT_TOKEN=${PODMANDESKTOP_CI_BOT_TOKEN}" > secrets.txt
+        echo "PODMANDESKTOP_CI_BOT_TOKEN=xxxxxxxx" > secrets.txt
         podman run -d --name pde2e-runner-run \
           -e TARGET_HOST=$(cat host) \
           -e TARGET_HOST_USERNAME=$(cat username) \
@@ -147,13 +149,16 @@ jobs:
           -e OUTPUT_FOLDER=/data \
           -e DEBUG=true \
           -v $PWD:/data:z \
+          -v $PWD/secrets.txt:/opt/pde2e-runner/secrets.txt:z \
           quay.io/odockal/pde2e-runner:v0.0.1-windows  \
-              pd-e2e/run.ps1 \
+              pd-e2e/runner.ps1 \
                   -targetFolder pd-e2e \
                   -resultsFolder results \
                   -fork ${{ env.FORK }} \
                   -branch ${{ env.BRANCH }} \
-                  -npmTarget ${{ env.NPM_TARGET }}
+                  -npmTarget ${{ env.NPM_TARGET }} \
+                  -envVars "{{ github.event.inputs.env_vars }}" \
+                  -secretFile secrets.txt
         # check logs
         podman logs -f pde2e-runner-run