--- name: CI env: LC_ALL: "C.UTF-8" # prevent ERROR: Ansible could not initialize the preferred locale: unsupported locale setting CI_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} DEV_DOCKER_OWNER: ${{ github.repository_owner }} COMPOSE_TAG: ${{ github.base_ref || 'devel' }} UPSTREAM_REPOSITORY_ID: 91594105 on: pull_request: push: branches: - devel # needed to publish code coverage post-merge jobs: common-tests: name: ${{ matrix.tests.name }} runs-on: ubuntu-latest timeout-minutes: 60 permissions: packages: write contents: read strategy: fail-fast: false matrix: tests: - name: api-test command: /start_tests.sh test_coverage coverage-upload-name: "" - name: api-migrations command: /start_tests.sh test_migrations coverage-upload-name: "" - name: api-lint command: /var/lib/awx/venv/awx/bin/tox -e linters coverage-upload-name: "" - name: api-swagger command: /start_tests.sh swagger coverage-upload-name: "" - name: awx-collection command: /start_tests.sh test_collection_all coverage-upload-name: "awx-collection" - name: api-schema command: >- /start_tests.sh detect-schema-change SCHEMA_DIFF_BASE_BRANCH=${{ github.event.pull_request.base.ref || github.ref_name }} coverage-upload-name: "" steps: - uses: actions/checkout@v4 with: show-progress: false - name: Build awx_devel image for running checks uses: ./.github/actions/awx_devel_image with: github-token: ${{ secrets.GITHUB_TOKEN }} - name: Run check ${{ matrix.tests.name }} id: make-run run: >- AWX_DOCKER_ARGS='-e GITHUB_ACTIONS -e GITHUB_OUTPUT -v "${GITHUB_OUTPUT}:${GITHUB_OUTPUT}:rw,Z"' AWX_DOCKER_CMD='${{ matrix.tests.command }}' make docker-runner - name: Upload test coverage to Codecov if: >- !cancelled() && steps.make-run.outputs.cov-report-files != '' uses: codecov/codecov-action@v4 with: fail_ci_if_error: >- ${{ toJSON(env.UPSTREAM_REPOSITORY_ID == github.repository_id) }} files: >- ${{ steps.make-run.outputs.cov-report-files }} flags: >- CI-GHA, pytest, OS-${{ runner.os }} token: ${{ secrets.CODECOV_TOKEN }} - name: Upload test results to Codecov if: >- !cancelled() && steps.make-run.outputs.test-result-files != '' uses: codecov/test-results-action@v1 with: fail_ci_if_error: >- ${{ toJSON(env.UPSTREAM_REPOSITORY_ID == github.repository_id) }} files: >- ${{ steps.make-run.outputs.test-result-files }} flags: >- CI-GHA, pytest, OS-${{ runner.os }} token: ${{ secrets.CODECOV_TOKEN }} - name: Upload awx jUnit test reports if: >- !cancelled() && steps.make-run.outputs.test-result-files != '' && github.event_name == 'push' && env.UPSTREAM_REPOSITORY_ID == github.repository_id && github.ref_name == github.event.repository.default_branch run: | for junit_file in $(echo '${{ steps.make-run.outputs.test-result-files }}' | sed 's/,/ /') do curl \ -v \ --user "${{ vars.PDE_ORG_RESULTS_AGGREGATOR_UPLOAD_USER }}:${{ secrets.PDE_ORG_RESULTS_UPLOAD_PASSWORD }}" \ --form "xunit_xml=@${junit_file}" \ --form "component_name=${{ matrix.tests.coverage-upload-name || 'awx' }}" \ --form "git_commit_sha=${{ github.sha }}" \ --form "git_repository_url=https://github.com/${{ github.repository }}" \ "${{ vars.PDE_ORG_RESULTS_AGGREGATOR_UPLOAD_URL }}/api/results/upload/" done dev-env: runs-on: ubuntu-latest timeout-minutes: 60 steps: - uses: actions/checkout@v4 with: show-progress: false - uses: actions/setup-python@v5 with: python-version: '3.x' - uses: ./.github/actions/run_awx_devel id: awx with: build-ui: false github-token: ${{ secrets.GITHUB_TOKEN }} - name: Run smoke test run: ansible-playbook tools/docker-compose/ansible/smoke-test.yml -v awx-operator: runs-on: ubuntu-latest timeout-minutes: 60 env: DEBUG_OUTPUT_DIR: /tmp/awx_operator_molecule_test steps: - name: Checkout awx uses: actions/checkout@v4 with: show-progress: false path: awx - name: Checkout awx-operator uses: actions/checkout@v4 with: show-progress: false\ repository: ansible/awx-operator path: awx-operator - name: Get python version from Makefile working-directory: awx run: echo py_version=`make PYTHON_VERSION` >> $GITHUB_ENV - name: Install python ${{ env.py_version }} uses: actions/setup-python@v4 with: python-version: ${{ env.py_version }} - name: Install playbook dependencies run: | python3 -m pip install docker - name: Build AWX image working-directory: awx run: | VERSION=`make version-for-buildyml` make awx-kube-build env: COMPOSE_TAG: ci DEV_DOCKER_TAG_BASE: local HEADLESS: yes - name: Run test deployment with awx-operator working-directory: awx-operator run: | python3 -m pip install -r molecule/requirements.txt python3 -m pip install PyYAML # for awx/tools/scripts/rewrite-awx-operator-requirements.py $(realpath ../awx/tools/scripts/rewrite-awx-operator-requirements.py) molecule/requirements.yml $(realpath ../awx) ansible-galaxy collection install -r molecule/requirements.yml sudo rm -f $(which kustomize) make kustomize KUSTOMIZE_PATH=$(readlink -f bin/kustomize) molecule -v test -s kind -- --skip-tags=replicas env: AWX_TEST_IMAGE: local/awx AWX_TEST_VERSION: ci AWX_EE_TEST_IMAGE: quay.io/ansible/awx-ee:latest STORE_DEBUG_OUTPUT: true - name: Upload debug output if: failure() uses: actions/upload-artifact@v3 with: name: awx-operator-debug-output path: ${{ env.DEBUG_OUTPUT_DIR }} collection-sanity: name: awx_collection sanity runs-on: ubuntu-latest timeout-minutes: 30 strategy: fail-fast: false matrix: ansible: - stable-2.17 # - devel steps: - name: Perform sanity testing uses: ansible-community/ansible-test-gh-action@release/v1 with: ansible-core-version: ${{ matrix.ansible }} codecov-token: ${{ secrets.CODECOV_TOKEN }} collection-root: awx_collection pre-test-cmd: >- ansible-playbook -i localhost, tools/template_galaxy.yml -e collection_package=awx -e collection_namespace=awx -e collection_version=1.0.0 -e '{"awx_template_version": false}' testing-type: sanity - name: Upload awx jUnit test reports to the unified dashboard if: >- !cancelled() && steps.make-run.outputs.test-result-files != '' && github.event_name == 'push' && env.UPSTREAM_REPOSITORY_ID == github.repository_id && github.ref_name == github.event.repository.default_branch run: | for junit_file in $(echo '${{ steps.make-run.outputs.test-result-files }}' | sed 's/,/ /') do curl \ -v \ --user "${{ vars.PDE_ORG_RESULTS_AGGREGATOR_UPLOAD_USER }}:${{ secrets.PDE_ORG_RESULTS_UPLOAD_PASSWORD }}" \ --form "xunit_xml=@${junit_file}" \ --form "component_name=awx" \ --form "git_commit_sha=${{ github.sha }}" \ --form "git_repository_url=https://github.com/${{ github.repository }}" \ "${{ vars.PDE_ORG_RESULTS_AGGREGATOR_UPLOAD_URL }}/api/results/upload/" done collection-integration: name: awx_collection integration runs-on: ubuntu-latest timeout-minutes: 60 strategy: fail-fast: false matrix: target-regex: - name: a-h regex: ^[a-h] - name: i-p regex: ^[i-p] - name: r-z0-9 regex: ^[r-z0-9] steps: - uses: actions/checkout@v4 with: show-progress: false - uses: actions/setup-python@v5 with: python-version: '3.x' - uses: ./.github/actions/run_awx_devel id: awx with: build-ui: false github-token: ${{ secrets.GITHUB_TOKEN }} - name: Install dependencies for running tests run: | python3 -m pip install -e ./awxkit/ python3 -m pip install -r awx_collection/requirements.txt - name: Run integration tests id: make-run run: | echo "::remove-matcher owner=python::" # Disable annoying annotations from setup-python echo '[general]' > ~/.tower_cli.cfg echo 'host = https://${{ steps.awx.outputs.ip }}:8043' >> ~/.tower_cli.cfg echo 'username = admin' >> ~/.tower_cli.cfg echo 'password = password' >> ~/.tower_cli.cfg echo 'verify_ssl = false' >> ~/.tower_cli.cfg TARGETS="$(ls awx_collection/tests/integration/targets | grep '${{ matrix.target-regex.regex }}' | tr '\n' ' ')" make COLLECTION_VERSION=100.100.100-git COLLECTION_TEST_TARGET="--requirements $TARGETS" test_collection_integration env: ANSIBLE_TEST_PREFER_PODMAN: 1 - name: Upload test coverage to Codecov if: >- !cancelled() && steps.make-run.outputs.cov-report-files != '' uses: codecov/codecov-action@v4 with: fail_ci_if_error: >- ${{ toJSON(env.UPSTREAM_REPOSITORY_ID == github.repository_id) }} files: >- ${{ steps.make-run.outputs.cov-report-files }} flags: >- CI-GHA, ansible-test, integration, OS-${{ runner.os }} token: ${{ secrets.CODECOV_TOKEN }} # Upload coverage report as artifact - uses: actions/upload-artifact@v3 if: always() with: name: coverage-${{ matrix.target-regex.name }} path: ~/.ansible/collections/ansible_collections/awx/awx/tests/output/coverage/ - uses: ./.github/actions/upload_awx_devel_logs if: always() with: log-filename: collection-integration-${{ matrix.target-regex.name }}.log collection-integration-coverage-combine: name: combine awx_collection integration coverage runs-on: ubuntu-latest timeout-minutes: 10 needs: - collection-integration strategy: fail-fast: false steps: - uses: actions/checkout@v4 with: show-progress: false - uses: actions/setup-python@v5 with: python-version: '3.x' - name: Upgrade ansible-core run: python3 -m pip install --upgrade ansible-core - name: Download coverage artifacts uses: actions/download-artifact@v3 with: path: coverage - name: Combine coverage run: | make COLLECTION_VERSION=100.100.100-git install_collection mkdir -p ~/.ansible/collections/ansible_collections/awx/awx/tests/output/coverage cd coverage for i in coverage-*; do cp -rv $i/* ~/.ansible/collections/ansible_collections/awx/awx/tests/output/coverage/ done cd ~/.ansible/collections/ansible_collections/awx/awx ansible-test coverage combine --requirements ansible-test coverage html echo '## AWX Collection Integration Coverage' >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY ansible-test coverage report >> $GITHUB_STEP_SUMMARY echo '```' >> $GITHUB_STEP_SUMMARY echo >> $GITHUB_STEP_SUMMARY echo '## AWX Collection Integration Coverage HTML' >> $GITHUB_STEP_SUMMARY echo 'Download the HTML artifacts to view the coverage report.' >> $GITHUB_STEP_SUMMARY # This is a huge hack, there's no official action for removing artifacts currently. # Also ACTIONS_RUNTIME_URL and ACTIONS_RUNTIME_TOKEN aren't available in normal run # steps, so we have to use github-script to get them. # # The advantage of doing this, though, is that we save on artifact storage space. - name: Get secret artifact runtime URL uses: actions/github-script@v6 id: get-runtime-url with: result-encoding: string script: | const { ACTIONS_RUNTIME_URL } = process.env; return ACTIONS_RUNTIME_URL; - name: Get secret artifact runtime token uses: actions/github-script@v6 id: get-runtime-token with: result-encoding: string script: | const { ACTIONS_RUNTIME_TOKEN } = process.env; return ACTIONS_RUNTIME_TOKEN; - name: Remove intermediary artifacts env: ACTIONS_RUNTIME_URL: ${{ steps.get-runtime-url.outputs.result }} ACTIONS_RUNTIME_TOKEN: ${{ steps.get-runtime-token.outputs.result }} run: | echo "::add-mask::${ACTIONS_RUNTIME_TOKEN}" artifacts=$( curl -H "Authorization: Bearer $ACTIONS_RUNTIME_TOKEN" \ ${ACTIONS_RUNTIME_URL}_apis/pipelines/workflows/${{ github.run_id }}/artifacts?api-version=6.0-preview \ | jq -r '.value | .[] | select(.name | startswith("coverage-")) | .url' ) for artifact in $artifacts; do curl -i -X DELETE -H "Accept: application/json;api-version=6.0-preview" -H "Authorization: Bearer $ACTIONS_RUNTIME_TOKEN" "$artifact" done - name: Upload coverage report as artifact uses: actions/upload-artifact@v3 with: name: awx-collection-integration-coverage-html path: ~/.ansible/collections/ansible_collections/awx/awx/tests/output/reports/coverage