Skip to content

infra: automate koji build and bodhi update actions with packit #7847

infra: automate koji build and bodhi update actions with packit

infra: automate koji build and bodhi update actions with packit #7847

# ======================================
# WARNING!
# THIS FILE IS GENERATED FROM A TEMPLATE
# DO NOT EDIT THIS FILE MANUALLY!
# ======================================
# The template is located in: kickstart-tests.yml.j2
# Run kickstart tests in a PR triggered by a "/kickstart-test <launch args>" comment from an organization member.
name: kickstart-tests
on:
issue_comment:
types: [created]
permissions:
contents: read
statuses: write
jobs:
pr-info:
if: startsWith(github.event.comment.body, '/kickstart-test')
runs-on: ubuntu-latest
steps:
- name: Query comment author repository permissions
uses: octokit/[email protected]
id: user_permission
with:
route: GET /repos/${{ github.repository }}/collaborators/${{ github.event.sender.login }}/permission
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# restrict running of tests to users with admin or write permission for the repository
# see https://docs.github.com/en/free-pro-team@latest/rest/reference/repos#get-repository-permissions-for-a-user
# store output if user is allowed in allowed_user job output so it has to be checked in downstream job
- name: Check if user does have correct permissions
if: contains('admin write', fromJson(steps.user_permission.outputs.data).permission)
id: check_user_perm
run: |
echo "User '${{ github.event.sender.login }}' has permission '${{ fromJson(steps.user_permission.outputs.data).permission }}' allowed values: 'admin', 'write'"
echo "allowed_user=true" >> $GITHUB_OUTPUT
- name: Get information for pull request
uses: octokit/[email protected]
id: pr_api
with:
route: GET /repos/${{ github.repository }}/pulls/${{ github.event.issue.number }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Parse launch arguments
id: parse_launch_args
# Do not use comment body directly in the shell command to avoid possible code injection.
env:
BODY: ${{ github.event.comment.body }}
run: |
# extract first line and cut out the "/kickstart-tests" first word
LAUNCH_ARGS=$(echo "$BODY" | sed -n '1 s/^[^ ]* *//p' | sed 's/[[:space:]]*$//')
echo "launch arguments are: $LAUNCH_ARGS"
echo "launch_args=${LAUNCH_ARGS}" >> $GITHUB_OUTPUT
- name: Set KS test arguments
id: ks_test_args
run: |
set -eux
TARGET_BRANCH="${{ fromJson(steps.pr_api.outputs.data).base.ref }}"
if [ "$TARGET_BRANCH" == "master" ]; then
echo "skip_tests=skip-on-fedora" >> $GITHUB_OUTPUT
echo "platform=fedora_rawhide" >> $GITHUB_OUTPUT
elif echo "$TARGET_BRANCH" | grep -qE "fedora-[[:digit:]]+$"; then
echo "skip_tests=skip-on-fedora" >> $GITHUB_OUTPUT
echo "platform=fedora_rawhide" >> $GITHUB_OUTPUT
elif echo "$TARGET_BRANCH" | grep -qE "rhel-8(\.[[:digit:]]+)?$"; then
echo "skip_tests=skip-on-rhel,skip-on-rhel-8" >> $GITHUB_OUTPUT
echo "platform=rhel8" >> $GITHUB_OUTPUT
elif echo "$TARGET_BRANCH" | grep -qE "rhel-9(\.[[:digit:]]+)?$"; then
echo "skip_tests=skip-on-rhel,skip-on-rhel-9" >> $GITHUB_OUTPUT
echo "platform=rhel9" >> $GITHUB_OUTPUT
else
echo "Branch $TARGET_BRANCH is not supported by kickstart tests yet!"
exit 1
fi
outputs:
allowed_user: ${{ steps.check_user_perm.outputs.allowed_user }}
base_ref: ${{ fromJson(steps.pr_api.outputs.data).base.ref }}
sha: ${{ fromJson(steps.pr_api.outputs.data).head.sha }}
launch_args: ${{ steps.parse_launch_args.outputs.launch_args }}
skip_tests: ${{ steps.ks_test_args.outputs.skip_tests }}
platform: ${{ steps.ks_test_args.outputs.platform }}
run:
needs: pr-info
# only do this for Fedora for now; once we have RHEL 8/9 boot.iso builds working, also support these
if: needs.pr-info.outputs.allowed_user == 'true' && needs.pr-info.outputs.launch_args != '' && ! contains(github.event.comment.body, '--waive')
runs-on: [self-hosted, kstest]
timeout-minutes: 300
env:
STATUS_NAME: kickstart-test
TARGET_BRANCH: ${{ needs.pr-info.outputs.base_ref }}
CONTAINER_TAG: 'lorax'
ISO_BUILD_CONTAINER_NAME: 'quay.io/rhinstaller/anaconda-iso-creator'
RPM_BUILD_CONTAINER_NAME: 'quay.io/rhinstaller/anaconda-rpm'
SKIP_KS_TESTS: ${{ needs.pr-info.outputs.skip_tests }}
TEST_JOBS: 16
steps:
# we post statuses manually as this does not run from a pull_request event
# https://developer.github.com/v3/repos/statuses/#create-a-status
- name: Create in-progress status
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: '${{ env.STATUS_NAME }} ${{ needs.pr-info.outputs.launch_args }}'
description: 'gathering repositories [${{ runner.name }}]'
state: pending
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# self-hosted runners don't do this automatically; also useful to keep stuff around for debugging
# need to run sudo as the launch script and the container create root/other user owned files
- name: Clean up previous run
run: |
sudo podman ps -q --all --filter='ancestor=kstest-runner' | xargs -tr sudo podman rm -f
sudo podman volume rm --all || true
sudo rm -rf * .git
- name: Clone repository
uses: actions/checkout@v4
with:
ref: ${{ needs.pr-info.outputs.sha }}
fetch-depth: 0
path: anaconda
- name: Rebase to current ${{ env.TARGET_BRANCH }}
working-directory: ./anaconda
run: |
git config user.name github-actions
git config user.email [email protected]
git log --oneline -1 origin/${{ env.TARGET_BRANCH }}
git rebase origin/${{ env.TARGET_BRANCH }}
- name: Check out kickstart-tests
uses: actions/checkout@v4
with:
repository: rhinstaller/kickstart-tests
path: kickstart-tests
- name: Generate test cases
working-directory: ./kickstart-tests
run: scripts/generate-testcases.py -t ./testlib/test_cases/kstest-template.tc.yaml.j2 . -o ./testlib/test_cases
- name: Clone Permian repository
uses: actions/checkout@v4
with:
repository: rhinstaller/permian
path: permian
ref: main
- name: Clone tplib repository
uses: actions/checkout@v4
with:
repository: rhinstaller/tplib
path: tplib
- name: Ensure http proxy is running
run: sudo kickstart-tests/containers/squid.sh start
# This is really fast, but does not catch file removals or dracut changes
# maybe this becomes opt-in via a magic comment for efficiency reasons?
# if you use this, add `--updates ../updates.img` to the launch command line below
#- name: Build updates.img
# run: |
# scripts/makeupdates
# gzip -cd updates.img | cpio -tv
- name: Update container images used here
run: |
sudo podman pull quay.io/rhinstaller/kstest-runner:latest
- name: Post status building artifacts
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: '${{ env.STATUS_NAME }} ${{ needs.pr-info.outputs.launch_args }}'
description: 'building artifacts [${{ runner.name }}]'
state: pending
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Build anaconda-iso-creator container image
working-directory: ./anaconda
run: |
# set static tag to avoid complications when looking what tag is used
sudo make -f ./Makefile.am anaconda-iso-creator-build CI_TAG=$CONTAINER_TAG
- name: Build anaconda-rpm container (for RPM build)
working-directory: ./anaconda
run: |
# set static tag to avoid complications when looking what tag is used
make -f ./Makefile.am anaconda-rpm-build CI_TAG=$CONTAINER_TAG
- name: Build Anaconda RPM files
working-directory: ./anaconda
run: |
# output of the build will be stored in ./result/build/01-rpm-build/*.rpm
make -f ./Makefile.am container-rpms-scratch CI_TAG=$CONTAINER_TAG
mkdir -p ${{ github.workspace }}/kickstart-tests/data/additional_repo/
cp -av ./result/build/01-rpm-build/*.rpm ${{ github.workspace }}/kickstart-tests/data/additional_repo/
- name: Build boot.iso
run: |
mkdir -p images
# /var/tmp tmpfs speeds up lorax and avoids https://bugzilla.redhat.com/show_bug.cgi?id=1906364
sudo podman run -i --rm --privileged \
--tmpfs /var/tmp:rw,mode=1777 \
-v ${{ github.workspace }}/kickstart-tests/data/additional_repo:/anaconda-rpms:ro \
-v ${{ github.workspace }}/images:/images:z \
$ISO_BUILD_CONTAINER_NAME:$CONTAINER_TAG
- name: Clean up after lorax
if: always()
run: |
# remove container images together with the container
sudo podman rmi -f $ISO_BUILD_CONTAINER_NAME:$CONTAINER_TAG || true
sudo podman rmi -f $RPM_BUILD_CONTAINER_NAME:$CONTAINER_TAG || true
- name: Generate query arguments for "${{ needs.pr-info.outputs.launch_args }}"
id: generate_query
working-directory: ./kickstart-tests
run: |
set -eux
source ./containers/runner/skip-testtypes
PERMIAN_QUERY=$(scripts/generate-permian-query.py \
--skip-testtypes $SKIP_TESTTYPES_ANACONDA_PR \
--skip-testtypes ${{ needs.pr-info.outputs.skip_tests }} \
${{ needs.pr-info.outputs.launch_args }} )
if [ $? == 0 ]; then
echo "query=$PERMIAN_QUERY" >> $GITHUB_OUTPUT
else
echo "Parsing of the request arguments failed"
exit 1
fi
- name: Create Permian settings file
working-directory: ./permian
run: |
cat <<EOF > settings.ini
[kickstart_test]
kstest_local_repo=${{ github.workspace }}/kickstart-tests
[library]
directPath=${{ github.workspace }}/kickstart-tests/testlib
EOF
- name: Post status running tests
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: '${{ env.STATUS_NAME }} ${{ needs.pr-info.outputs.launch_args }}'
description: 'running tests [${{ runner.name }}]'
state: pending
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Run kickstart tests in container
working-directory: ./permian
run: |
sudo --preserve-env=TEST_JOBS \
PYTHONPATH=${PYTHONPATH:-}:${{ github.workspace }}/tplib \
./run_subset --debug-log permian.log \
--settings settings.ini \
--override workflows.dry_run=False \
--testcase-query '${{ steps.generate_query.outputs.query }}' \
run_event '{
"type":"everything",
"everything_testplan":{
"configurations":[{"architecture":"x86_64"}],
"point_person":"[email protected]"
},
"bootIso":{"x86_64":"file://${{ github.workspace }}/images/boot.iso"},
"kstestParams":{"platform":"${{ needs.pr-info.outputs.platform }}"}
}'
# Permian hides the exit code of launcher, so error out this step manually based on logs
rc=$( awk '/Runner return code: /{ print $4 }' permian.log)
if [ -n "$rc" ]; then
exit $rc
else
exit 111
fi
# Needed so that other jobs are able to clean the working dir
# FIXME: we should investigate running permian/launch sudo-less
- name: Make artefacts created by sudo cleanable
if: always()
run:
sudo chown -R github:github .
- name: Collect logs
if: always()
uses: actions/upload-artifact@v3
with:
name: 'logs'
# skip the /anaconda subdirectories, too large
path: |
kickstart-tests/data/logs/kstest.log
kickstart-tests/data/logs/kstest-*/*.log
kickstart-tests/data/additional_repo/*.rpm
permian/permian.log
- name: Set result status
if: always()
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: '${{ env.STATUS_NAME }} ${{ needs.pr-info.outputs.launch_args }}'
description: 'finished [${{ runner.name }}]'
state: ${{ job.status }}
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
waive:
runs-on: ubuntu-latest
needs: pr-info
if: needs.pr-info.outputs.allowed_user == 'true' && contains(github.event.comment.body, '--waive')
steps:
- name: Get the waiving reason
id: get_reason
env:
BODY: ${{ github.event.comment.body }}
run: |
REASON=$(echo "$BODY" | sed -e "s#/kickstart-test --waive ##" | sed 's/[[:space:]]*$//')
echo "reason=Waived, $REASON" >> $GITHUB_OUTPUT
- name: Set status
uses: octokit/[email protected]
with:
route: 'POST /repos/${{ github.repository }}/statuses/${{ needs.pr-info.outputs.sha }}'
context: 'kickstart-test --testtype smoke'
description: '${{ steps.get_reason.outputs.reason }}'
state: ${{ job.status }}
target_url: 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}