Splitting functional tests as cloud and non-cloud #54
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ------------------------------------------------------------ | |
# Copyright 2023 The Radius Authors. | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
# ------------------------------------------------------------ | |
name: Functional Tests (with Non-Cloud Resources) | |
permissions: | |
id-token: write # Required for requesting the JWT | |
contents: read # Required for listing the commits | |
packages: write # Required for uploading the package | |
checks: write # Required for creating a check run | |
on: | |
# Enable manual trigger | |
workflow_dispatch: | |
schedule: | |
# Run every 4 hours on weekdays. | |
- cron: "30 0,4,8,12,16,20 * * 1-5" | |
# Run every 12 hours on weekends. | |
- cron: "30 0,12 * * 0,6" | |
# Dispatch on external events | |
repository_dispatch: | |
types: [de-functional-test] | |
push: | |
branches: | |
- main | |
- release/* | |
tags: | |
- v* | |
pull_request: | |
branches: | |
- main | |
- features/* | |
- release/* | |
env: | |
# Go version | |
GOVER: "1.22.2" | |
# Helm version | |
HELM_VER: "v3.12.0" | |
# KinD cluster version | |
KIND_VER: "v0.20.0" | |
# Dapr version | |
DAPR_VER: "1.12.0" | |
# Dapr dashboard version | |
DAPR_DASHBOARD_VER: "0.14.0" | |
# Kubectl version | |
KUBECTL_VER: "v1.25.0" | |
# Container registry for storing container images | |
CONTAINER_REGISTRY: "localhost:5001" | |
# Container registry for storing Bicep recipe artifacts | |
BICEP_RECIPE_REGISTRY: "localhost:5001" | |
# The name of the Radius registry | |
LOCAL_REGISTRY_NAME: "radius-registry" | |
# The port of the Radius registry | |
LOCAL_REGISTRY_PORT: "5001" | |
# The radius functional test timeout | |
FUNCTIONALTEST_TIMEOUT: 30m | |
# The base directory for storing test logs | |
RADIUS_CONTAINER_LOG_BASE: dist/container_logs | |
# The Radius helm chart location. | |
RADIUS_CHART_LOCATION: deploy/Chart/ | |
# The current GitHub action link | |
ACTION_LINK: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
# Server where terraform test modules are deployed | |
TF_RECIPE_MODULE_SERVER_URL: "http://tf-module-server.radius-test-tf-module-server.svc.cluster.local" | |
# Private Git repository where terraform module for testing is stored. | |
TF_RECIPE_PRIVATE_GIT_SOURCE: "git::https://github.com/radius-project/terraform-private-modules//kubernetes-redis" | |
# The number of failed tests to report. | |
ISSUE_CREATE_THRESHOLD: 2 | |
jobs: | |
build: | |
name: Build Radius for test | |
runs-on: ubuntu-latest | |
env: | |
DE_IMAGE: "ghcr.io/radius-project/deployment-engine" | |
DE_TAG: "latest" | |
outputs: | |
REL_VERSION: ${{ steps.gen-id.outputs.REL_VERSION }} | |
DE_IMAGE: ${{ steps.gen-id.outputs.DE_IMAGE }} | |
DE_TAG: ${{ steps.gen-id.outputs.DE_TAG }} | |
steps: | |
- name: Set DE image and tag (repository_dispatch from de-functional-test) | |
if: github.event_name == 'repository_dispatch' | |
uses: actions/github-script@v7 | |
with: | |
github-token: ${{ secrets.GH_RAD_CI_BOT_PAT }} | |
script: | | |
const clientPayload = context.payload.client_payload; | |
if (clientPayload && clientPayload.event_type === `de-functional-test`) { | |
var fs = require('fs'); | |
// Set environment variables | |
fs.appendFileSync(process.env.GITHUB_ENV, | |
`DE_IMAGE=${clientPayload.de_image}\n`+ | |
`DE_TAG=${clientPayload.de_tag}\n`+ | |
`CHECKOUT_REPO=${{ github.repository }}\n`+ | |
`CHECKOUT_REF=refs/heads/main` | |
); | |
} | |
- name: Check out code | |
uses: actions/checkout@v4 | |
with: | |
repository: ${{ env.CHECKOUT_REPO }} | |
ref: ${{ env.CHECKOUT_REF }} | |
- name: Generate ID for release | |
id: gen-id | |
run: | | |
BASE_STR="RADIUS|${GITHUB_SHA}|${GITHUB_SERVER_URL}|${GITHUB_REPOSITORY}|${GITHUB_RUN_ID}|${GITHUB_RUN_ATTEMPT}" | |
if [ "$GITHUB_EVENT_NAME" == "schedule" ]; then | |
# Add run number to randomize unique id for scheduled runs. | |
BASE_STR="${GITHUB_RUN_NUMBER}|${BASE_STR}" | |
fi | |
UNIQUE_ID=func$(echo $BASE_STR | sha1sum | head -c 10) | |
echo "REL_VERSION=pr-${UNIQUE_ID}" >> $GITHUB_ENV | |
# Set output variables to be used in the other jobs | |
echo "REL_VERSION=pr-${UNIQUE_ID}" >> $GITHUB_OUTPUT | |
echo "DE_IMAGE=${{ env.DE_IMAGE }}" >> $GITHUB_OUTPUT | |
echo "DE_TAG=${{ env.DE_TAG }}" >> $GITHUB_OUTPUT | |
tests: | |
name: Run ${{ matrix.name }} functional tests | |
needs: build | |
strategy: | |
fail-fast: true | |
matrix: | |
os: [ubuntu-latest] | |
name: | |
[ | |
cli-noncloud, | |
corerp-noncloud, | |
daprrp-noncloud, | |
kubernetes-noncloud, | |
msgrp-noncloud, | |
samples-noncloud, | |
ucp-noncloud, | |
datastoresrp-noncloud, | |
] | |
runs-on: ${{ matrix.os }} | |
env: | |
REL_VERSION: ${{ needs.build.outputs.REL_VERSION }} | |
BICEP_RECIPE_TAG_VERSION: ${{ needs.build.outputs.REL_VERSION }} | |
DE_IMAGE: ${{ needs.build.outputs.DE_IMAGE }} | |
DE_TAG: ${{ needs.build.outputs.DE_TAG }} | |
steps: | |
- name: Set up checkout target (scheduled) | |
if: github.event_name == 'schedule' | |
run: | | |
echo "CHECKOUT_REPO=${{ github.repository }}" >> $GITHUB_ENV | |
echo "CHECKOUT_REF=refs/heads/main" >> $GITHUB_ENV | |
- name: Set up checkout target (pull_request) | |
if: github.event_name == 'pull_request' | |
run: | | |
echo "CHECKOUT_REPO=${{ github.repository }}" >> $GITHUB_ENV | |
echo "CHECKOUT_REF=${{ github.ref }}" >> $GITHUB_ENV | |
echo "PR_NUMBER=${{ github.event.pull_request.number }}" >> $GITHUB_ENV | |
- name: Use custom actions | |
uses: actions/checkout@v4 | |
- name: Checkout samples repo | |
uses: actions/checkout@v4 | |
if: matrix.name == 'samples-noncloud' | |
with: | |
repository: radius-project/samples | |
ref: refs/heads/edge | |
path: samples | |
- name: Set up Go ${{ env.GOVER }} | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GOVER }} | |
- name: Get Go Cache path | |
id: go-cache-paths | |
run: | | |
echo "go-build=$(go env GOCACHE)" >> $GITHUB_OUTPUT | |
sudo rm -rf $(go env GOCACHE) | |
echo "go-mod=$(go env GOMODCACHE)" >> $GITHUB_OUTPUT | |
sudo rm -rf $(go env GOMODCACHE) | |
- uses: actions/cache@v4 | |
with: | |
path: | | |
${{ steps.go-cache-paths.outputs.go-build }} | |
${{ steps.go-cache-paths.outputs.go-mod }} | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: Set up local Docker registry | |
run: | | |
certs_dir="${HOME}/certs" | |
mkdir -p "${certs_dir}" | |
openssl req -newkey rsa:4096 -nodes -sha256 -keyout "${certs_dir}/domain.key" -x509 -days 365 -out "${certs_dir}/domain.crt" -subj "/CN=localhost" | |
if [ "$(docker inspect -f '{{.State.Running}}' "${{ env.LOCAL_REGISTRY_NAME }}" 2>/dev/null || true)" != 'true' ]; then | |
docker run \ | |
-d --restart=always -p "127.0.0.1:${{ env.LOCAL_REGISTRY_PORT }}:5000" --network bridge --name "${{ env.LOCAL_REGISTRY_NAME }}" \ | |
-v "${certs_dir}:/certs" \ | |
-e REGISTRY_HTTP_ADDR="0.0.0.0:5000" \ | |
-e REGISTRY_HTTP_TLS_CERTIFICATE="/certs/domain.crt" \ | |
-e REGISTRY_HTTP_TLS_KEY="/certs/domain.key" \ | |
registry:2 | |
fi | |
- name: Configure Docker to trust the self-signed certificate | |
run: | | |
certs_dir="${HOME}/certs" | |
sudo mkdir -p /etc/docker/certs.d/localhost:5001 | |
sudo cp "${certs_dir}/domain.crt" /etc/docker/certs.d/localhost:5001/ca.crt | |
- name: Build and Push container images | |
run: | | |
make build && make docker-build && make docker-push | |
env: | |
DOCKER_REGISTRY: ${{ env.CONTAINER_REGISTRY }} | |
DOCKER_TAG_VERSION: ${{ env.REL_VERSION }} | |
- name: Install rad CLI | |
run: | | |
mkdir ./bin | |
cp ./dist/linux_amd64/release/rad ./bin/rad | |
chmod +x ./bin/rad | |
export PATH=$GITHUB_WORKSPACE/bin:$PATH | |
which rad || { echo "cannot find rad"; exit 1; } | |
rad bicep download | |
rad version | |
- uses: azure/setup-helm@v4 | |
with: | |
version: ${{ env.HELM_VER }} | |
- name: Create KinD cluster | |
run: | | |
curl -sSLo "kind" "https://github.com/kubernetes-sigs/kind/releases/download/${{ env.KIND_VER }}/kind-linux-amd64" | |
chmod +x ./kind | |
# Create kind cluster with containerd registry config dir enabled | |
cat <<EOF | ./kind create cluster --name radius --config=- | |
kind: Cluster | |
apiVersion: kind.x-k8s.io/v1alpha4 | |
containerdConfigPatches: | |
- |- | |
[plugins."io.containerd.grpc.v1.cri".registry] | |
config_path = "/etc/containerd/certs.d" | |
EOF | |
certs_dir="${HOME}/certs" | |
# Add the registry config to the nodes | |
REGISTRY_DIR="/etc/containerd/certs.d/localhost:${{ env.LOCAL_REGISTRY_PORT }}" | |
for node in $(./kind get nodes --name radius); do | |
docker exec "${node}" mkdir -p "${REGISTRY_DIR}" | |
cat <<EOF | docker exec -i "${node}" cp /dev/stdin "${REGISTRY_DIR}/hosts.toml" | |
[host."https://${{ env.LOCAL_REGISTRY_NAME }}:${{ env.LOCAL_REGISTRY_PORT }}"] | |
ca = "/etc/containerd/certs.d/localhost:${{ env.LOCAL_REGISTRY_PORT }}/ca.crt" | |
EOF | |
echo "Copying certs to node: ${node}" | |
# Copy the SSL certificate to the node | |
docker cp ${certs_dir}/domain.crt "${node}:${REGISTRY_DIR}/ca.crt" | |
done | |
# Connect the registry to the cluster network if not already connected | |
if [ "$(docker inspect -f='{{json .NetworkSettings.Networks.kind}}' "${{ env.LOCAL_REGISTRY_NAME }}")" = 'null' ]; then | |
echo "Connecting registry to cluster network" | |
docker network connect "kind" "${{ env.LOCAL_REGISTRY_NAME }}" | |
fi | |
# Document the local registry | |
cat <<EOF | kubectl apply -f - | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: local-registry-hosting | |
namespace: kube-public | |
data: | |
localRegistryHosting.v1: | | |
host: "localhost:${{ env.LOCAL_REGISTRY_PORT }}" | |
help: "https://kind.sigs.k8s.io/docs/user/local-registry/" | |
EOF | |
# References | |
# https://kind.sigs.k8s.io/docs/user/local-registry/ | |
- name: Install dapr into cluster | |
run: | | |
wget -q https://raw.githubusercontent.com/dapr/cli/master/install/install.sh -O - | /bin/bash -s ${{ env.DAPR_VER }} | |
dapr init -k --wait --timeout 600 --runtime-version ${{ env.DAPR_VER }} --dashboard-version ${{ env.DAPR_DASHBOARD_VER }} | |
- name: Install Radius | |
run: | | |
export PATH=$GITHUB_WORKSPACE/bin:$PATH | |
which rad || { echo "cannot find rad"; exit 1; } | |
# Check if Radius release exists and delete it if found | |
if helm status radius -n radius-system >/dev/null 2>&1; then | |
echo "The release 'radius' exists. Deleting the release..." | |
helm delete radius -n radius-system | |
if [ $? -eq 0 ]; then | |
echo "Release 'radius' deleted successfully." | |
else | |
echo "Failed to delete the release 'radius'." | |
exit 1 | |
fi | |
else | |
echo "Radius release not found. Proceeding with installation." | |
fi | |
echo "*** Installing Radius to Kubernetes ***" | |
rad install kubernetes \ | |
--chart ${{ env.RADIUS_CHART_LOCATION }} \ | |
--set rp.image=${{ env.LOCAL_REGISTRY_NAME }}/applications-rp,rp.tag=${{ env.REL_VERSION }},controller.image=${{ env.LOCAL_REGISTRY_NAME }}/controller,controller.tag=${{ env.REL_VERSION }},ucp.image=${{ env.LOCAL_REGISTRY_NAME }}/ucpd,ucp.tag=${{ env.REL_VERSION }},de.image=${{ env.DE_IMAGE }},de.tag=${{ env.DE_TAG }} | |
echo "*** Create workspace, group and environment for test ***" | |
rad workspace create kubernetes | |
rad group create kind-radius | |
rad group switch kind-radius | |
# The functional test is designed to use default namespace. So you must create the environment for default namespace. | |
rad env create kind-radius --namespace default | |
rad env switch kind-radius | |
- name: Publish Terraform test recipes | |
run: | | |
make publish-test-terraform-recipes | |
- name: Publish Bicep Test Recipes | |
run: | | |
export PATH=$GITHUB_WORKSPACE/bin:$PATH | |
which rad || { echo "cannot find rad"; exit 1; } | |
make publish-test-bicep-recipes | |
env: | |
BICEP_RECIPE_TAG_VERSION: ${{ env.REL_VERSION }} | |
LOCAL_REGISTRY: true | |
- name: Run functional tests | |
run: | | |
# Ensure rad cli is in path before running tests. | |
export PATH=$GITHUB_WORKSPACE/bin:$PATH | |
# Make directory to capture functional test results | |
mkdir -p ./dist/functional_test | |
cd $GITHUB_WORKSPACE | |
which rad || { echo "cannot find rad"; exit 1; } | |
make test-functional-${{ matrix.name }} | |
env: | |
DOCKER_REGISTRY: ${{ env.CONTAINER_REGISTRY }} | |
TEST_TIMEOUT: ${{ env.FUNCTIONALTEST_TIMEOUT }} | |
RADIUS_CONTAINER_LOG_PATH: ${{ github.workspace }}/${{ env.RADIUS_CONTAINER_LOG_BASE }} | |
RADIUS_SAMPLES_REPO_ROOT: ${{ github.workspace }}/samples | |
BICEP_RECIPE_REGISTRY: ${{ env.BICEP_RECIPE_REGISTRY }} | |
BICEP_RECIPE_TAG_VERSION: ${{ env.BICEP_RECIPE_TAG_VERSION }} | |
GOTESTSUM_OPTS: "--junitfile ./dist/functional_test/results.xml" | |
- name: Process Functional Test Results | |
uses: ./.github/actions/process-test-results | |
# In case of failure, upload functional_test_results to artifacts so that they are not erased by subsequent runs. | |
if: failure() && github.repository == 'radius-project/radius' | |
with: | |
test_group_name: "Functional Tests - ${{ matrix.name }}" | |
artifact_name: "functional_test_results_${{ matrix.name }}" | |
result_directory: "dist/functional_test/" | |
- uses: azure/setup-kubectl@v4 | |
if: always() | |
with: | |
version: ${{ env.KUBECTL_VER }} | |
- name: Collect detailed Radius logs and events | |
id: radius-logs-events | |
if: always() | |
run: | | |
# Create Radius logs directory | |
mkdir -p func-nc/radius-logs-events/${{ matrix.name }} | |
# Get pod logs and save to file | |
namespace="radius-system" | |
pod_names=($(kubectl get pods -n $namespace -o jsonpath='{.items[*].metadata.name}')) | |
for pod_name in "${pod_names[@]}"; do | |
kubectl logs $pod_name -n $namespace > func-nc/radius-logs-events/${{ matrix.name }}/${pod_name}.txt | |
done | |
echo "Pod logs saved to func-nc/radius-logs-events/${{ matrix.name }}/" | |
# Get kubernetes events and save to file | |
kubectl get events -n $namespace > func-nc/radius-logs-events/${{ matrix.name }}/events.txt | |
- name: Upload Pod logs for failed tests | |
uses: actions/upload-artifact@v4 | |
if: always() && steps.radius-logs-events.outcome == 'success' | |
with: | |
name: ${{ matrix.name }}-radius-pod-logs | |
path: func-nc/radius-logs-events/${{ matrix.name }} | |
retention-days: 30 | |
if-no-files-found: error | |
- name: Collect Pod details | |
if: always() | |
run: | | |
POD_STATE_LOG_FILENAME='${{ env.RADIUS_CONTAINER_LOG_BASE }}/${{ matrix.name }}-tests-pod-states.log' | |
mkdir -p $(dirname $POD_STATE_LOG_FILENAME) | |
echo "kubectl get pods -A" >> $POD_STATE_LOG_FILENAME | |
kubectl get pods -A >> $POD_STATE_LOG_FILENAME | |
echo "kubectl describe pods -A" >> $POD_STATE_LOG_FILENAME | |
kubectl describe pods -A >> $POD_STATE_LOG_FILENAME | |
- name: Upload container logs | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ matrix.name }}_container_logs | |
path: ./${{ env.RADIUS_CONTAINER_LOG_BASE }} | |
- name: Get Terraform recipe publishing logs | |
if: always() | |
run: | | |
# Create pod-logs directory | |
mkdir -p recipes/pod-logs | |
# Get pod logs and save to file | |
namespace="radius-test-tf-module-server" | |
label="app.kubernetes.io/name=tf-module-server" | |
pod_names=($(kubectl get pods -l $label -n $namespace -o jsonpath='{.items[*].metadata.name}')) | |
for pod_name in "${pod_names[@]}"; do | |
kubectl logs $pod_name -n $namespace > recipes/pod-logs/${pod_name}.txt | |
done | |
echo "Pod logs saved to recipes/pod-logs/" | |
# Get kubernetes events and save to file | |
kubectl get events -n $namespace > recipes/pod-logs/events.txt | |
- name: Upload Terraform recipe publishing logs | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: ${{ matrix.name }}_recipes-pod-logs | |
path: recipes/pod-logs | |
if-no-files-found: error | |
report-failure: | |
name: Report test failure | |
needs: [build, tests] | |
runs-on: ubuntu-latest | |
if: failure() && github.event_name == 'schedule' && github.repository == 'radius-project/radius' | |
steps: | |
- name: Count recently failed tests | |
id: count_failures | |
uses: actions/github-script@v7 | |
with: | |
script: | | |
response = await github.rest.actions.listWorkflowRuns({ | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
workflow_id: 'functional-test-noncloud.yaml', | |
event: 'schedule', | |
per_page: 10 | |
}); | |
failureCount = 1; | |
for (const run of response.data.workflow_runs) { | |
if (run.conclusion === 'failure') { | |
failureCount++; | |
} else { | |
break; | |
} | |
} | |
return failureCount; | |
- name: Create failure issue for failing scheduled run | |
uses: actions/github-script@v7 | |
# Only create an issue if there are (env.ISSUE_CREATE_THRESHOLD) failures of the recent tests. | |
if: steps.count_failures.outputs.result >= env.ISSUE_CREATE_THRESHOLD | |
with: | |
github-token: ${{ secrets.GH_RAD_CI_BOT_PAT }} | |
script: | | |
github.rest.issues.create({ | |
...context.repo, | |
title: `Scheduled functional test (noncloud) failed - Run ID: ${context.runId}`, | |
labels: ['bug', 'test-failure'], | |
body: `## Bug information \n\nThis bug is generated automatically if the scheduled functional test fails at least ${process.env.ISSUE_CREATE_THRESHOLD} times in a row. The Radius functional test operates on a schedule of every 4 hours during weekdays and every 12 hours over the weekend. It's important to understand that the test may fail due to workflow infrastructure issues, like network problems, rather than the flakiness of the test itself. For the further investigation, please visit [here](${process.env.ACTION_LINK}).` | |
}) |