Skip to content

Commit

Permalink
Auto generated from templates by gromit
Browse files Browse the repository at this point in the history
  • Loading branch information
Gromit committed Nov 17, 2023
1 parent d7dfaa4 commit bc674f0
Show file tree
Hide file tree
Showing 9 changed files with 207 additions and 35 deletions.
2 changes: 1 addition & 1 deletion .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@

# Generated by: gromit policy
# Generated on: Fri Oct 27 04:05:19 UTC 2023
# Generated on: Fri Nov 17 08:36:00 UTC 2023

version: 2
updates:
Expand Down
222 changes: 198 additions & 24 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Generated by: gromit policy
# Generated on: Fri Oct 27 04:05:19 UTC 2023
# Generated on: Fri Nov 17 08:36:00 UTC 2023

# Distribution channels covered by this workflow
# - Ubuntu and Debian
Expand Down Expand Up @@ -52,26 +52,26 @@ jobs:
git config --global url."https://${TOKEN}@github.com".insteadOf "https://github.com"
- name: Checkout of tyk-pump
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
fetch-depth: 1

- name: "Add Git safe.directory"
run: git config --global --add safe.directory $GITHUB_WORKSPACE

- uses: docker/setup-qemu-action@v2
- uses: docker/setup-qemu-action@v3

- uses: docker/setup-buildx-action@v2
- uses: docker/setup-buildx-action@v3

- name: Login to DockerHub
if: startsWith(github.ref, 'refs/tags')
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Login to Cloudsmith
if: startsWith(github.ref, 'refs/tags')
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: docker.tyk.io
username: ${{ secrets.CLOUDSMITH_USERNAME }}
Expand Down Expand Up @@ -111,7 +111,7 @@ jobs:
DEBVERS: ${{ matrix.debvers }}
RPMVERS: ${{ matrix.rpmvers }}
PACKAGECLOUD_TOKEN: ${{ secrets.PACKAGECLOUD_TOKEN }}
- uses: aws-actions/configure-aws-credentials@v2
- uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::754489498669:role/ecr_rw_tyk
role-session-name: cipush
Expand All @@ -126,7 +126,7 @@ jobs:

- name: Docker metadata for CI
id: metadata
uses: docker/metadata-action@v4
uses: docker/metadata-action@v5
with:
images: ${{ steps.ecr.outputs.registry }}/tyk-pump
flavor: |
Expand Down Expand Up @@ -154,6 +154,7 @@ jobs:
done
- uses: actions/upload-artifact@v3
if: ${{ matrix.golang_cross == '1.19-bullseye' }}
with:
name: deb
retention-days: 1
Expand All @@ -162,14 +163,188 @@ jobs:
!dist/*PAYG*.deb
- uses: actions/upload-artifact@v3
if: ${{ matrix.golang_cross == '1.19-bullseye' }}
with:
name: rpm
retention-days: 1
path: |
dist/*.rpm
!dist/*PAYG*.rpm
!dist/*PAYG*.rpm
api-tests:
needs: goreleaser
runs-on: ubuntu-latest
permissions:
id-token: write # This is required for requesting the JWT
contents: read # This is required for actions/checkout
strategy:
fail-fast: false
matrix:
conf: [ "sha256", "murmur64" ]
db: [ "mongo44", "postgres15" ]
include:
- db: postgres15
markers: "and not sql"
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 1
submodules: false

- uses: aws-actions/configure-aws-credentials@v2
with:
role-to-assume: arn:aws:iam::754489498669:role/ecr_rw_tyk
role-session-name: cipush
aws-region: eu-central-1

- id: ecr
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: 'true'

# Only ${{ github.actor }} has access
# See https://github.com/mxschmitt/action-tmate#use-registered-public-ssh-keys
- name: Setup tmate session only in debug mode
uses: mxschmitt/action-tmate@v3
if: ${{ runner.debug == '1' }}
with:
detached: true
limit-access-to-actor: true

- name: fetch env from tyk-ci
env:
GH_TOKEN: ${{ github.token }}
run: |
gh release download v1.2 --repo github.com/TykTechnologies/tyk-ci -O env.tgz
tar xzvf env.tgz
- name: env up
shell: bash
working-directory: auto
id: env_up
env:
t: ${{ needs.goreleaser.outputs.tags }}
pull_policy: 'if_not_present'
# gw and dash use the same branch names
gw_dash_image_tag: ${{ ( (github.repository == 'TykTechnologies/tyk' || github.repository == 'TykTechnologies/tyk-analytics') && startsWith(github.ref_name, 'release-') ) && github.ref_name || 'master' }}
pump_image_tag: ${{ ( github.repository == 'TykTechnologies/tyk-pump' && startsWith(github.ref_name, 'release-') ) && github.ref_name || 'master' }}
sink_image_tag: ${{ ( github.repository == 'TykTechnologies/tyk-sink' && startsWith(github.ref_name, 'release-') ) && github.ref_name || 'master' }}
GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }}
TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }}
TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }}
run: |
echo CI tags: $t
tags=($t)
echo First tag: ${tags[0]}
# Start customising the env
echo "registry=${{ steps.ecr.outputs.registry }}
tyk_image=\${registry}/tyk:${gw_dash_image_tag}
tyk_analytics_image=\${registry}/tyk-analytics:${gw_dash_image_tag}
tyk_sink_image=\${registry}/tyk-sink:${sink_image_tag}
tyk_pump_image=\${registry}/tyk-pump:${pump_image_tag}
# override default above with just built tag
tyk_pump_image=${tags[0]}
# base dir for config files
confs_dir=./pro-ha
# pick database to use
env_file=local-${{ matrix.db }}.env
" > versions.env
# Add Tyk component config variations to $env_file
cat confs/${{ matrix.conf }}.env >> local-${{ matrix.db }}.env
# bring up env, the project name is important
docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile master-datacenter up --quiet-pull -d
./dash-bootstrap.sh http://localhost:3000
docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml --env-file versions.env --profile slave-datacenter up --quiet-pull -d
- name: Run tests
working-directory: tyk-automated-tests/ci/auto
id: test_execution
run: |
docker run --rm --network auto_default --env-file pytest.env \
${{ steps.ecr.outputs.registry }}/tyk-automated-tests:${{ startsWith(github.ref_name, 'release-') && github.ref_name || 'master' }} \
pytest -c pytest_ci.ini --ci -m "not local and not dind ${{ matrix.markers }}"
# TODO: PR comment, using just one comment and updating, not a new comment each time
- name: Set test result
id: test_result
if: always() && steps.test_execution.outcome != 'success'
run: echo "pytest_run=${{ steps.test_execution.outcome }}" >> $GITHUB_OUTPUT

- name: Archive Integration tests report
if: ${{ always() }}
uses: actions/upload-artifact@v2
with:
name: api-test-report
path: ${{ github.workspace }}/reports

- name: Fetch commit author
if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }}
run: echo "GIT_USER_EMAIL=$(git show -s --format='%ae' HEAD)" >> $GITHUB_ENV

- name: Fetch slack user
if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }}
id: fetch_slack_user
uses: TykTechnologies/github-actions/.github/actions/github-to-slack@main
with:
github_email: ${{ env.GIT_USER_EMAIL }}

- name: Notify slack
if: ${{ steps.test_execution.outcome != 'success' && !github.event.pull_request.draft }}
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.API_TEST_ALERT_SLACK_WEBHOOK }}
SLACK_COLOR: ${{ job.status }}
SLACK_TITLE: "Result: ${{ steps.test_execution.outcome }}"
SLACK_USERNAME: API INTEGRATION TESTS
SLACK_MESSAGE: "*Test*: ${{ matrix.db }}-${{ matrix.conf }}, *Author*: ${{ steps.fetch_slack_user.outputs.slack-user-name }}"
SLACK_FOOTER: "<https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}|SEE EXECUTION DETAILS HERE>"

- name: Comment on PR
if: ${{ always() && !github.event.pull_request.draft }}
uses: mshick/add-pr-comment@v2
with:
message: |
**API tests result - ${{ matrix.db }}-${{ matrix.conf }} env: ${{ steps.test_execution.outcome }}** ${{ env.STATUS }}
Branch used: ${{ github.ref }}
Commit: ${{ github.event.after }} ${{ github.event.commits[0].message }}
Triggered by: ${{ github.event_name }} (@${{ github.actor }})
[Execution page](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})
repo-token: ${{ secrets.ORG_GH_TOKEN }}
message-id: ${{ matrix.db }}-${{ matrix.conf }}
env:
STATUS: "${{ steps.test_execution.outcome == 'success' && ':white_check_mark:' || ':no_entry_sign:' }}"

- name: Getting gateway logs on failure
if: ${{ failure() }}
run: docker logs tyk

- name: Getting dashboard logs on failure
if: ${{ failure() }}
run: docker logs tyk-analytics

xray:
needs: api-tests
runs-on: ubuntu-latest
if: always() && github.event_name == 'push'

steps:
- name: Checkout of tyk-automated-tests
uses: actions/checkout@v3
with:
repository: TykTechnologies/tyk-automated-tests
token: ${{ secrets.ORG_GH_TOKEN }}
ref: ${{ startsWith(github.ref_name, 'release-') && github.ref_name || 'master' }}
path: tyk-automated-tests

- name: Xray update
run: |
./update_xray.sh
working-directory: tyk-automated-tests
env:
TEST: "QA-1307"
STATUS: ${{ needs.api-tests.outputs.api_test_result || 'success' }}
CLIENT_ID: ${{secrets.XRAY_CLIENT_ID}}
CLIENT_SECRET: ${{secrets.XRAY_CLIENT_SECRET}}
BRANCH: ${{ github.ref }}


upgrade-deb:
if: startsWith(github.ref, 'refs/tags')
Expand All @@ -192,17 +367,17 @@ jobs:
- debian:bookworm

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 1

- uses: actions/download-artifact@v3
with:
name: deb

- uses: docker/setup-qemu-action@v2
- uses: docker/setup-qemu-action@v3

- uses: docker/setup-buildx-action@v2
- uses: docker/setup-buildx-action@v3

- name: generate dockerfile
run: |
Expand All @@ -215,7 +390,7 @@ jobs:
' > Dockerfile
- name: install on ${{ matrix.distro }}
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: "."
platforms: linux/${{ matrix.arch }}
Expand All @@ -238,15 +413,15 @@ jobs:
- registry.access.redhat.com/ubi9/ubi

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 1

- uses: actions/download-artifact@v3
with:
name: rpm

- uses: docker/setup-buildx-action@v2
- uses: docker/setup-buildx-action@v3

- name: generate dockerfile
run: |
Expand All @@ -260,12 +435,11 @@ jobs:
' > Dockerfile
- name: install on ${{ matrix.distro }}
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: "."
file: Dockerfile
push: false

smoke-tests:
needs:
- goreleaser
Expand All @@ -275,7 +449,7 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 1

Expand All @@ -285,15 +459,15 @@ jobs:
role-session-name: cipush
aws-region: eu-central-1

- uses: aws-actions/amazon-ecr-login@v1
id: ecr
- id: ecr
uses: aws-actions/amazon-ecr-login@v1
with:
mask-password: 'true'

- name: Run ci/tests
shell: bash
env:
GITHUB_TAG: ${{ github.ref }}
GITHUB_TAG: ${{ github.ref }} /* mdcb or dash */
run: |
set -eaxo pipefail
if [ ! -d smoke-tests ]; then
Expand All @@ -308,7 +482,7 @@ jobs:
echo Attempting to test $d
if [ -d $d ] && [ -e $d/test.sh ]; then
cd $d
./test.sh ${{ steps.ecr.outputs.registry }}/tyk-pump:sha-${{ github.sha }}
./test.sh ${{ steps.ecr.outputs.registry }}/{{ .Name }}:sha-${{ github.sha }}
cd -
fi
done
Expand All @@ -317,7 +491,7 @@ jobs:
echo Attempting to test $d
if [ -d $d ] && [ -e $d/test.sh ]; then
cd $d
./test.sh ${{ steps.ecr.outputs.registry }}/tyk-pump:sha-${{ github.sha }}
./test.sh ${{ steps.ecr.outputs.registry }}/{{ .Name }}:sha-${{ github.sha }}
cd -
fi
done
Expand Down
6 changes: 2 additions & 4 deletions ci/Dockerfile.std
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Generated by: gromit policy
# Generated on: Fri Oct 27 04:05:19 UTC 2023
# Generated on: Fri Nov 17 08:36:00 UTC 2023

FROM debian:bullseye-slim
ARG TARGETARCH
Expand All @@ -18,8 +18,7 @@ RUN rm -rf /root/.cache \
&& apt-get -y autoremove \
&& apt-get clean \
&& rm -rf /usr/include/* \
&& find /usr/lib -type f -name '*.a' -delete \
&& find /usr/lib -type f -name '*.o' -delete
&& find /usr/lib -type f -name '*.a' -o -name '*.o' -delete

# Comment this to test in dev
COPY *${TARGETARCH}.deb /
Expand All @@ -34,5 +33,4 @@ WORKDIR /opt/tyk-pump/
# Uncomment this to test in dev
# COPY tyk-pump .
ENTRYPOINT ["/opt/tyk-pump/tyk-pump" ]

CMD [ "--conf=/opt/tyk-pump/pump.conf" ]
Loading

0 comments on commit bc674f0

Please sign in to comment.