chore: disables renovate and cron-job workflows #80
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: weekly-registry1-flavor-test | |
| on: | |
| # schedule: | |
| # - cron: "0 8 * * 0" # Run every Sunday at 12 AM PST | |
| workflow_dispatch: # trigger manually as needed | |
| pull_request: | |
| types: | |
| - opened # default trigger | |
| - reopened # default trigger | |
| - synchronize # default trigger | |
| - ready_for_review # don't run on draft PRs | |
| - milestoned # allows us to trigger on bot PRs | |
| paths: | |
| - .github/workflows/weekly-registry1-flavor-test.yaml | |
| - bundles/latest/** | |
| concurrency: | |
| group: weekly-registry1-flavor-test-${{ github.ref }} | |
| cancel-in-progress: true | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| registry1-flavor-test: | |
| runs-on: ai-ubuntu-big-boy-8-core | |
| name: weekly_registry1_flavor_test | |
| if: ${{ !github.event.pull_request.draft }} | |
| permissions: | |
| contents: read | |
| packages: read | |
| id-token: write # This is needed for OIDC federation. | |
| steps: | |
| # Checkout main just to see the latest release in the release-please manifest | |
| - name: Checkout Repo (main) | |
| uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
| with: | |
| ref: main | |
| - name: Get Latest Release Version | |
| id: get_version | |
| run: | | |
| LFAI_VERSION=$(jq -r '.["."]' .github/.release-please-manifest.json) | |
| echo "LFAI_VERSION=$LFAI_VERSION" >> $GITHUB_OUTPUT | |
| ################ | |
| # LATEST RELEASE | |
| ################ | |
| - name: Checkout Repo | |
| uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 | |
| with: | |
| fetch-tags: true | |
| ref: v${{ steps.get_version.outputs.LFAI_VERSION }} | |
| - name: Setup UDS Environment | |
| uses: defenseunicorns/uds-common/.github/actions/setup@24c8a2a48eeb33773b76b3587c489cb17496c9e0 # v0.12.0 | |
| with: | |
| registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }} | |
| registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }} | |
| ghToken: ${{ secrets.GITHUB_TOKEN }} | |
| chainguardIdentity: ${{ secrets.CHAINGUARD_IDENTITY }} | |
| - name: Setup Python | |
| uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c #v5.0.0 | |
| with: | |
| python-version-file: "pyproject.toml" | |
| - name: Install Python Dependencies | |
| run: pip install ".[dev]" "src/leapfrogai_api" "src/leapfrogai_sdk" --no-cache-dir | |
| - name: Mutation of the Zarf Packages | |
| run: | | |
| uds zarf tools yq -i ' | |
| .components[].images[0] |= sub(":v[0-9\.]+$", ":v${{ steps.get_version.outputs.LFAI_VERSION }}") | |
| ' packages/api/zarf.yaml | |
| uds zarf tools yq -i '.api.image.tag = "v${{ steps.get_version.outputs.LFAI_VERSION }}"' packages/api/values/registry1-values.yaml | |
| - name: Print the Modified Zarf Packages | |
| run: | | |
| cat packages/api/zarf.yaml | |
| cat packages/api/values/registry1-values.yaml | |
| - name: Create Registry1 Zarf Packages | |
| run: | | |
| uds zarf package create packages/api --set image_version="${{ steps.get_version.outputs.LFAI_VERSION }}" --flavor registry1 -a amd64 --confirm | |
| # Mutate UDS bundle definition to use Registry1 packages | |
| # Mutate non-Registry1 packages to be the current tagged version | |
| - name: Mutation of the UDS Bundle | |
| run: | | |
| uds zarf tools yq -i '.metadata.version = "registry1"' bundles/latest/cpu/uds-bundle.yaml | |
| uds zarf tools yq -i '.packages[].ref |= sub("^[^ ]+-upstream$", "${{ steps.get_version.outputs.LFAI_VERSION }}-upstream")' bundles/latest/cpu/uds-bundle.yaml | |
| uds zarf tools yq -i '.packages[1] |= del(.repository)' bundles/latest/cpu/uds-bundle.yaml | |
| uds zarf tools yq -i '.packages[1] |= .ref = "${{ steps.get_version.outputs.LFAI_VERSION }}"' bundles/latest/cpu/uds-bundle.yaml | |
| uds zarf tools yq -i '.packages[1] |= .path = "../../../"' bundles/latest/cpu/uds-bundle.yaml | |
| - name: Print the Modified UDS Bundle | |
| run: | | |
| cat bundles/latest/cpu/uds-config.yaml | |
| cat bundles/latest/cpu/uds-bundle.yaml | |
| - name: Create UDS Cluster | |
| shell: bash | |
| run: | | |
| UDS_CONFIG=.github/config/uds-config.yaml make create-uds-cpu-cluster | |
| - name: Create and Deploy Registry1 Bundle | |
| run: | | |
| cd bundles/latest/cpu | |
| uds create . --confirm && \ | |
| uds deploy uds-bundle-leapfrogai-amd64-registry1.tar.zst --confirm --no-progress --log-level debug && \ | |
| rm -rf uds-bundle-leapfrogai-amd64-registry1.tar.zst && \ | |
| docker system prune -af | |
| - name: Generate Secrets | |
| id: generate_secrets | |
| run: | | |
| ANON_KEY=$(uds zarf tools kubectl get secret supabase-bootstrap-jwt -n leapfrogai -o jsonpath='{.data.anon-key}' | base64 -d) | |
| echo "::add-mask::$ANON_KEY" | |
| echo "ANON_KEY=$ANON_KEY" >> $GITHUB_OUTPUT | |
| FAKE_PASSWORD=$(cat <(openssl rand -base64 32 | tr -dc 'a-zA-Z0-9!@#$%^&*()_+-=[]{}|;:,.<>?' | head -c 20) <(echo '!@1Aa') | fold -w1 | shuf | tr -d '\n') | |
| echo "::add-mask::$FAKE_PASSWORD" | |
| echo "FAKE_PASSWORD=$FAKE_PASSWORD" >> $GITHUB_OUTPUT | |
| SERVICE_KEY=$(uds zarf tools kubectl get secret -n leapfrogai supabase-bootstrap-jwt -o jsonpath={.data.service-key} | base64 -d) | |
| echo "::add-mask::$SERVICE_KEY" | |
| echo "SERVICE_KEY=$SERVICE_KEY" >> $GITHUB_OUTPUT | |
| - name: Verify Secrets | |
| run: | | |
| echo "FAKE_PASSWORD is set: ${{ steps.generate_secrets.outputs.FAKE_PASSWORD != '' }}" | |
| echo "ANON_KEY is set: ${{ steps.generate_secrets.outputs.ANON_KEY != '' }}" | |
| echo "SERVICE_KEY is set: ${{ steps.generate_secrets.outputs.SERVICE_KEY != '' }}" | |
| # Backends | |
| - name: Run Backend E2E Tests | |
| env: | |
| ANON_KEY: ${{ steps.generate_secrets.outputs.ANON_KEY }} | |
| SERVICE_KEY: ${{ steps.generate_secrets.outputs.SERVICE_KEY }} | |
| LEAPFROGAI_MODEL: llama-cpp-python | |
| run: | | |
| python -m pytest -vvv -s ./tests/e2e | |
| - name: Setup Playwright | |
| run: | | |
| npm --prefix src/leapfrogai_ui ci | |
| npx --prefix src/leapfrogai_ui playwright install | |
| - name: Run Playwright E2E Tests | |
| env: | |
| SERVICE_ROLE_KEY: ${{ steps.generate_secrets.outputs.SERVICE_KEY }} | |
| FAKE_E2E_USER_PASSWORD: ${{ steps.generate_secrets.outputs.FAKE_PASSWORD }} | |
| ANON_KEY: ${{ steps.generate_secrets.outputs.ANON_KEY }} | |
| run: | | |
| chmod +x ./.github/scripts/createUser.sh | |
| ./.github/scripts/createUser.sh | |
| cp src/leapfrogai_ui/.env.example src/leapfrogai_ui/.env | |
| mkdir -p playwright/auth | |
| touch playwright/auth.user.json | |
| SERVICE_ROLE_KEY=$SERVICE_ROLE_KEY TEST_ENV=CI USERNAME=doug PASSWORD=$FAKE_E2E_USER_PASSWORD PUBLIC_SUPABASE_ANON_KEY=$ANON_KEY DEFAULT_MODEL=llama-cpp-python npm --prefix src/leapfrogai_ui run test:integration:ci | |
| - name: Archive Playwright Report | |
| uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 | |
| if: ${{ !cancelled() }} | |
| with: | |
| name: playwright-report | |
| path: src/leapfrogai_ui/e2e-report/ | |
| retention-days: 30 | |
| - name: Get Cluster Debug Information | |
| id: debug | |
| if: ${{ !cancelled() }} | |
| uses: defenseunicorns/uds-common/.github/actions/debug-output@e3008473beab00b12a94f9fcc7340124338d5c08 # v0.13.1 | |
| - name: Get Cluster Debug Information | |
| if: ${{ !cancelled() && steps.debug.conclusion == 'success' }} | |
| uses: defenseunicorns/uds-common/.github/actions/save-logs@e3008473beab00b12a94f9fcc7340124338d5c08 # v0.13.1 |