From a84b1b674b50069d409942e78804856227411a4f Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Wed, 23 Mar 2022 10:17:17 +0200 Subject: [PATCH 01/23] ci: rework sandbox tests to use helm-chart --- .github/workflows/continuous.yaml | 294 ++++++++++++++------------- .github/workflows/image-builder.yaml | 102 ---------- build/ci/helm-deploy.sh | 21 ++ build/ci/values.yaml | 69 +++++++ build/ci/waitForSandbox.bash | 6 +- 5 files changed, 243 insertions(+), 249 deletions(-) delete mode 100644 .github/workflows/image-builder.yaml create mode 100644 build/ci/helm-deploy.sh create mode 100644 build/ci/values.yaml diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index 6d3ff42a34..dd341ade84 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -1,12 +1,115 @@ ---- -name: Continuous Suite +name: Continuous on: - - pull_request + push: + branches: + - "*" + pull_request: + branches: + - "*" jobs: + build-generic: + runs-on: ubuntu-latest + strategy: + matrix: + app: [ web, node ] + steps: + - uses: actions/checkout@v2 + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - name: Login to GCR + uses: docker/login-action@v1 + with: + registry: gcr.io + username: _json_key + password: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} + - name: Get branch name + id: branch-name + uses: tj-actions/branch-names@v5.1 + - name: Get current date + id: date + run: echo "::set-output name=date::$(date +'%Y%m%d%H%M')" + - name: Generate image metadata + id: meta + uses: docker/metadata-action@v3 + with: + images: | + gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-${{ matrix.app }}-${{ steps.branch-name.outputs.current_branch }} + # generate Docker tags based on the following events/attributes + tags: | + type=ref,event=branch + type=sha,enable=true,priority=100,prefix=sha-,suffix=-${{ steps.date.outputs.date }},format=short + type=sha + flavor: | + latest=true + - name: build and push + uses: docker/build-push-action@v2 + with: + cache-from: type=registry, ref=sefaria-${{ matrix.app }}/cache + cache-to: type=registry, ref=sefaria-${{ matrix.app }}/cache, mode=max + context: . + push: true + file: ./build/${{ matrix.app }}/Dockerfile + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + build-asset: + runs-on: ubuntu-latest + needs: build-generic + steps: + - uses: actions/checkout@v2 + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - name: Login to GCR + uses: docker/login-action@v1 + with: + registry: gcr.io + username: _json_key + password: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} + - name: Get branch name + id: branch-name + uses: tj-actions/branch-names@v5.1 + - name: Get current date + id: date + run: echo "::set-output name=date::$(date +'%Y%m%d%H%M')" + - name: Generate image metadata + id: meta + uses: docker/metadata-action@v3 + with: + images: | + gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-asset-${{ steps.branch-name.outputs.current_branch }} + # generate Docker tags based on the following events/attributes + tags: | + type=ref,event=branch + type=sha,enable=true,priority=100,prefix=sha-,suffix=-${{ steps.date.outputs.date }},format=short + type=sha + flavor: | + latest=true + - name: Set outputs + id: get-sha + run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" + - name: build and push + uses: docker/build-push-action@v2 + with: + cache-from: type=registry, ref=sefaria-asset/cache + cache-to: type=registry, ref=sefaria-asset/cache, mode=max + context: . + push: true + build-args: | + SRC_IMG=gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-web-${{ steps.branch-name.outputs.current_branch }}:sha-${{ steps.get-sha.outputs.sha_short }} + file: ./build/nginx/Dockerfile + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} +####### +# Below Tests only run on PR +####### jest-tests: name: "Jest" # This name is referenced when slacking status runs-on: ubuntu-latest + if: ${{ github.event_name == 'pull_request' }} steps: - name: Checkout Code uses: actions/checkout@v2 @@ -23,41 +126,39 @@ jobs: if: ${{ always() }} sandbox-deploy: + if: ${{ github.event_name == 'pull_request' }} runs-on: ubuntu-latest + needs: build-asset steps: - name: Checkout Code uses: actions/checkout@v2 - - - name: Setup Python 3.7 - uses: actions/setup-python@v1 - with: - python-version: '3.7' - - name: Authenticate GHA Runner to GCP - uses: google-github-actions/setup-gcloud@master + uses: google-github-actions/setup-gcloud@v0 with: service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} project_id: ${{ secrets.DEV_PROJECT }} - - - name: Define GITHUB_SHA_SHORT - run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV - - - name: Submit Build Job to Cloud Build - # This should use the 'arbitrary commit' build script - run: ./build/ci/create-ci-sandbox.bash + - name: Get branch name + id: branch-name + uses: tj-actions/branch-names@v5.1 + - name: Set outputs + id: get-sha + run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" + - name: Set up yq + uses: frenck/action-setup-yq@v1.1.1 + - name: setup helm + uses: azure/setup-helm@v1 + - name: Authenticate GHA Runner To Target Cluster + run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}} + - name: Deploy Sandbox + run: ./build/ci/helm-deploy.sh build/ci/values.yaml env: - GIT_COMMIT: "$GITHUB_SHA" - GKE_CLUSTER: "${{secrets.DEV_GKE_CLUSTER}}" - GKE_NAMESPACE: "${{secrets.DEV_SANDBOX_NAMESPACE}}" - GKE_REGION: "${{secrets.DEV_GKE_REGION}}" - MONGO_HOST: "${{secrets.DEV_MONGO_HOST}}" - POSTGRES_HOST: "${{secrets.DEV_POSTGRES_HOST}}" - SANDBOX_NAME: "${GITHUB_SHA}" - SANDBOX_SUBDOMAIN: "${{secrets.DEV_SANDBOX_SUBDOMAIN}}" - GCP_PROJECT: "${{secrets.DEV_GCP_PROJECT}}" - CONTAINER_IMAGE_TAG: "${{env.GITHUB_SHA_SHORT}}" + GIT_COMMIT: "${{ steps.get-sha.outputs.sha_short }}" + BRANCH_NAME: "${{ steps.branch-name.outputs.current_branch }}" + PROJECT_ID: "${{ secrets.DEV_PROJECT }}" + NAMESPACE: "${{secrets.DEV_SANDBOX_NAMESPACE}}" sandbox-ready: + if: ${{ github.event_name == 'pull_request' }} needs: sandbox-deploy runs-on: ubuntu-latest steps: @@ -71,6 +172,7 @@ jobs: WAIT_DURATION: "3000" selenium-sauce: + if: ${{ github.event_name == 'pull_request' }} name: "Selenium" # This name is referenced when slacking status needs: sandbox-ready runs-on: ubuntu-latest @@ -82,49 +184,37 @@ jobs: uses: actions/setup-python@v1 with: python-version: '3.7' - # Set Up Connection to Dev Mongo # 1. Auth to cluster # 2. Open encrypted connection - - uses: google-github-actions/setup-gcloud@master + - uses: google-github-actions/setup-gcloud@v0 with: service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} project_id: ${{ secrets.DEV_PROJECT }} - - name: Authenticate GHA Runner To Target Cluster run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}} - - name: Establish MongoDB Connection run: kubectl port-forward svc/mongo 27017:27017 & - - name: Await MongoDB Connection run: sleep 20 - - name: Confirm MongoDB Connection # The following command returns a success code if mongo is available, # and a failure code if it is not run: curl localhost:27017 - - name: Establish PostgreSQL Connection run: kubectl port-forward svc/postgres 5432:5432 & - - name: Await MongoDB Connection run: sleep 20 - - name: Confirm PostgreSQL Connection # if the PostgreSQL server is available, curl will fail with a '52' exit code # if it is NOT available, it will fail with a '7' exit code # run: curl localhost:5432; if [ $? -eq "52" ]; then exit 0; else exit 1; fi run: exitCode=$(curl localhost:5432; echo $?); if [ $exitCode -eq 52 ]; then exit 0; else exit 1; fi - - name: Define GITHUB_SHA_SHORT run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV - - # END SETUP - name: Install Python Packages run: pip3 install -r ./requirements.txt - - name: Run Test Suite run: env && python3 ./reader/browsertest/run_tests_on_github.py # ; echo $? shell: bash @@ -132,21 +222,21 @@ jobs: SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }} SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }} CI_RUN: "true" - CI_URL: https://${{env.GITHUB_SHA_SHORT}}.cauldron.sefaria.org + CI_URL: https://sandbox-${{env.GITHUB_SHA_SHORT}}.cauldron.sefaria.org SEFARIA_TEST_PASS: ${{ secrets.SEFARIA_APP_PASS }} SEFARIA_TEST_USER: ${{ secrets.SEFARIA_APP_USER }} PYTHONPATH: "." DJANGO_SETTINGS_MODULE: sefaria.settings MONGO_DB_NAME: sefaria-${{env.GITHUB_SHA_SHORT}} - - name: Authenticate GHA Runner to GCP - uses: google-github-actions/setup-gcloud@master + uses: google-github-actions/setup-gcloud@v0 with: service_account_key: ${{ secrets.GCS_BUILD_UPLOAD_KEY }} project_id: ${{ secrets.BUILD_UPLOAD_PROJECT }} if: ${{ always() }} pytest-job: + if: ${{ github.event_name == 'pull_request' }} name: "PyTest" # This name is referenced when slacking status needs: - sandbox-ready @@ -157,7 +247,7 @@ jobs: # Set Up Connection to Dev Mongo # 1. Auth to cluster # 2. Open encrypted connection - - uses: google-github-actions/setup-gcloud@master + - uses: google-github-actions/setup-gcloud@v0 with: service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} project_id: ${{ secrets.DEV_PROJECT }} @@ -221,108 +311,24 @@ jobs: steps: - name: Checkout uses: actions/checkout@v2 - - - uses: google-github-actions/setup-gcloud@master + - uses: google-github-actions/setup-gcloud@v0 with: service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} project_id: ${{ secrets.DEV_PROJECT }} - - - name: Delete sandbox after tests are finished - run: ./build/ci/destroy-ci-sandbox.bash + - name: Set outputs + id: get-sha + run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" + - name: setup helm + uses: azure/setup-helm@v1 + - name: Authenticate GHA Runner To Target Cluster + run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}} + - name: check helm + id: get-helm + run: echo "::set-output name=count::$(helm list -n $NAMESPACE | grep $NAME | wc -l)" env: - GKE_CLUSTER: "${{secrets.DEV_GKE_CLUSTER}}" - GCP_PROJECT: "${{secrets.DEV_GCP_PROJECT}}" - GKE_REGION: "${{secrets.DEV_GKE_REGION}}" - SANDBOX_SUBDOMAIN: "${{secrets.DEV_SANDBOX_SUBDOMAIN}}" - GKE_NAMESPACE: "${{secrets.DEV_SANDBOX_NAMESPACE}}" - MONGO_HOST: "${{secrets.DEV_MONGO_HOST}}" - -... + NAMESPACE: ${{ secrets.DEV_SANDBOX_NAMESPACE }} + NAME: sandbox-${{ steps.get-sha.outputs.sha_short }} + - name: Uninstall + run: helm delete sandbox-${{ steps.get-sha.outputs.sha_short }} -n ${{ secrets.DEV_SANDBOX_NAMESPACE }} --debug + if: steps.get-helm.outputs.count > 0 -# selenium-allsuites-local: -# # Start off with local firefox -# name: "Selenium: Local" # This name is referenced when slacking status -# needs: sandbox-ready -# runs-on: ubuntu-latest -# services: -# selenium: -# image: selenium/standalone-chrome:3.141.59 -# ports: [ "4444:4444" ] -# volumes: ["/dev/shm:/dev/shm"] -# steps: -# -# # BEGIN SETUP -# - name: Checkout Code -# uses: actions/checkout@v2 -# - name: Set Up Python 3 -# uses: actions/setup-python@v1 -# with: -# python-version: '3.7' -# -# # Set Up Connection to Dev Mongo -# # 1. Auth to cluster -# # 2. Open encrypted connection -# - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master -# with: -# service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} -# project_id: ${{ secrets.DEV_PROJECT }} -# -# - name: Authenticate GHA Runner To Target Cluster -# run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}} -# -# - name: Establish MongoDB Connection -# run: kubectl port-forward svc/mongo 27017:27017 & -# -# - name: Await MongoDB Connection -# run: sleep 20 -# -# - name: Confirm MongoDB Connection -# # The following command returns a success code if mongo is available, -# # and a failure code if it is not -# run: curl localhost:27017 -# -# - name: Establish PostgreSQL Connection -# run: kubectl port-forward svc/postgres 5432:5432 & -# -# - name: Await MongoDB Connection -# run: sleep 20 -# -# - name: Confirm PostgreSQL Connection -# # if the PostgreSQL server is available, curl will fail with a '52' exit code -# # if it is NOT available, it will fail with a '7' exit code -# # run: curl localhost:5432; if [ $? -eq "52" ]; then exit 0; else exit 1; fi -# run: exitCode=$(curl localhost:5432; echo $?); if [ $exitCode -eq 52 ]; then exit 0; else exit 1; fi -# -# - name: Define GITHUB_SHA_SHORT -# run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV -# -# # END SETUP -# - name: Install Python Packages -# run: pip3 install -r ./requirements.txt -# -# - name: Run PageLoad Suite -# run: python3 ./reader/browsertest/run_local_sel.py | tee /home/runner/selenium-allsuites-local.txt # --parallel ; echo $? -# shell: bash -# env: -# CI_RUN: "true" -# CI_URL: https://${{env.GITHUB_SHA_SHORT}}.cauldron.sefaria.org -# LOCAL_SELENIUM_URL: "http://localhost:4444/wd/hub" -# SEFARIA_TEST_PASS: ${{ secrets.SEFARIA_APP_PASS }} -# SEFARIA_TEST_USER: ${{ secrets.SEFARIA_APP_USER }} -# PYTHONPATH: "." -# DJANGO_SETTINGS_MODULE: sefaria.settings -# -# - name: Authenticate GHA Runner to GCP -# uses: GoogleCloudPlatform/github-actions/setup-gcloud@master -# with: -# service_account_key: ${{ secrets.GCS_BUILD_UPLOAD_KEY }} -# project_id: ${{ secrets.BUILD_UPLOAD_PROJECT }} -# if: ${{ always() }} -# -# - name: Define BUILD_RESULT_SUBDIR -# run: echo "BUILD_RESULT_SUBDIR=${GITHUB_SHA:0:8}" >> $GITHUB_ENV -# if: ${{ always() }} -# -# - name: Upload Build Results -# run: gsutil cp /home/runner/selenium-allsuites-local.txt gs://${{secrets.GCS_BUILD_UPLOAD_BUCKET}}/${{env.BUILD_RESULT_SUBDIR}}/selenium-allsuites-local.txt -# if: ${{ always() }} diff --git a/.github/workflows/image-builder.yaml b/.github/workflows/image-builder.yaml deleted file mode 100644 index 8250daba66..0000000000 --- a/.github/workflows/image-builder.yaml +++ /dev/null @@ -1,102 +0,0 @@ -name: Image builder -on: - push: - branches: - - "*" - -jobs: - build-generic: - runs-on: ubuntu-latest - strategy: - matrix: - app: [ web, node ] - steps: - - uses: actions/checkout@v2 - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - name: Login to GCR - uses: docker/login-action@v1 - with: - registry: gcr.io - username: _json_key - password: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} - - name: Get branch name - id: branch-name - uses: tj-actions/branch-names@v5.1 - - name: Get current date - id: date - run: echo "::set-output name=date::$(date +'%Y%m%d%H%M')" - - name: Generate image metadata - id: meta - uses: docker/metadata-action@v3 - with: - images: | - gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-${{ matrix.app }}-${{ steps.branch-name.outputs.current_branch }} - # generate Docker tags based on the following events/attributes - tags: | - type=ref,event=branch - type=sha,enable=true,priority=100,prefix=sha-,suffix=-${{ steps.date.outputs.date }},format=short - type=sha - flavor: | - latest=true - - name: build and push - uses: docker/build-push-action@v2 - with: - cache-from: type=registry, ref=sefaria-${{ matrix.app }}/cache - cache-to: type=registry, ref=sefaria-${{ matrix.app }}/cache, mode=max - context: . - push: true - file: ./build/${{ matrix.app }}/Dockerfile - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - build-asset: - runs-on: ubuntu-latest - needs: build-generic - steps: - - uses: actions/checkout@v2 - - name: Set up QEMU - uses: docker/setup-qemu-action@v1 - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 - - name: Login to GCR - uses: docker/login-action@v1 - with: - registry: gcr.io - username: _json_key - password: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} - - name: Get branch name - id: branch-name - uses: tj-actions/branch-names@v5.1 - - name: Get current date - id: date - run: echo "::set-output name=date::$(date +'%Y%m%d%H%M')" - - name: Generate image metadata - id: meta - uses: docker/metadata-action@v3 - with: - images: | - gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-asset-${{ steps.branch-name.outputs.current_branch }} - # generate Docker tags based on the following events/attributes - tags: | - type=ref,event=branch - type=sha,enable=true,priority=100,prefix=sha-,suffix=-${{ steps.date.outputs.date }},format=short - type=sha - flavor: | - latest=true - - name: Set outputs - id: get-sha - run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" - - name: build and push - uses: docker/build-push-action@v2 - with: - cache-from: type=registry, ref=sefaria-asset/cache - cache-to: type=registry, ref=sefaria-asset/cache, mode=max - context: . - push: true - build-args: | - SRC_IMG=gcr.io/${{ secrets.DEV_PROJECT }}/sefaria-web-${{ steps.branch-name.outputs.current_branch }}:sha-${{ steps.get-sha.outputs.sha_short }} - file: ./build/nginx/Dockerfile - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} diff --git a/build/ci/helm-deploy.sh b/build/ci/helm-deploy.sh new file mode 100644 index 0000000000..36cc3b1631 --- /dev/null +++ b/build/ci/helm-deploy.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +export WEB_IMAGE="gcr.io/$PROJECT_ID/sefaria-web-$BRANCH" +export NODE_IMAGE="gcr.io/$PROJECT_ID/sefaria-node-$BRANCH" +export ASSET_IMAGE="gcr.io/$PROJECT_ID/sefaria-asset-$BRANCH" +export TAG="sha-$GIT_COMMIT" +export NAME="sandbox-$GIT_COMMIT" + +yq e -i 'web.containerImage.imageRegistry = strenv(WEB_IMAGE)' $1 +yq e -i 'nodejs.containerImage.imageRegistry = strenv(NODE_IMAGE)' $1 +yq e -i 'nginx.containerImage.imageRegistry = strenv(ASSET_IMAGE)' $1 +yq e -i 'monitor.containerImage.imageRegistry = strenv(WEB_IMAGE)' $1 +yq e -i 'web.containerImage.tag = strenv(TAG)' $1 +yq e -i 'nodejs.containerImage.tag = strenv(TAG)' $1 +yq e -i 'nginx.containerImage.tag = strenv(TAG)' $1 +yq e -i 'monitor.containerImage.tag = strenv(TAG)' $1 +yq e -i 'deployEnv = strenv(NAME)' $1 +yq e -i 'localSettings.FRONT_END_URL = "https://"+strenv(NAME)+".cauldron.sefarai.org"' $1 + +helm upgrade -i $NAME ./helm-chart --namespace $NAMESPACE -f $1 --debug + diff --git a/build/ci/values.yaml b/build/ci/values.yaml new file mode 100644 index 0000000000..b3ce9d763a --- /dev/null +++ b/build/ci/values.yaml @@ -0,0 +1,69 @@ +sandbox: "true" +contentSandbox: "true" +deployEnv: +previousServicesCount: "1" +web: + containerImage: + imageRegistry: gcr.io/development-205018/sefaria-web-${BRANCH} + tag: + secrets: + googleClient: + ref: google-client-secret + logging: + ref: logging-secret + schoolLookup: + ref: school-lookup-data +redis: + containerImage: + imageRegistry: redis + tag: latest +nodejs: + containerImage: + imageRegistry: gcr.io/development-205018/sefaria-node-${BRANCH} + tag: +varnish: + containerImage: + imageRegistry: gcr.io/production-deployment/sefaria-varnish + tag: v6 + secrets: + varnish: + ref: varnish-secret-helm +ingress: + hosts: + - host: "{{ .Values.deployEnv }}.cauldron.sefaria.org" + path: /* + serviceName: nginx + port: 80 + secrets: + originTls: + ref: cauldron-wildcard-letsencrypt +nginx: + containerImage: + imageRegistry: gcr.io/development-205018/sefaria-asset-${BRANCH} + tag: +monitor: + containerImage: + imageRegistry: gcr.io/development-205018/sefaria-web-${BRANCH} + tag: +secrets: + localSettings: + ref: local-settings-secrets + backupManager: + ref: backup-manager + slackWebhook: + ref: slack-webhook-helm +localSettings: + DEBUG: false + DOMAIN_LANGUAGE: {} + MONGO_HOST: "mongo" + APSCHEDULER_NAME: "apscheduler-{{ .Values.deployEnv }}" + SEARCH_ADMIN: "http://elasticsearch-data:9200" + TURN_SERVER: '' + USE_CLOUDFLARE: false + FRONT_END_URL: "http://${NAME}.cauldron.sefaria.org" + OFFLINE: false + DOWN_FOR_MAINTENANCE: false + MAINTENANCE_MESSAGE: "Sefaria is down for scheduled maintenance. We expect to be back online within 15 minutes. Thank you for your patience." + GLOBAL_WARNING: false + GLOBAL_WARNING_MESSAGE: "Sefaria will be in Read-Only mode for scheduled maintenance from 4:45pm-6:45pm Pacific time. Edits will not be saved during that time." + diff --git a/build/ci/waitForSandbox.bash b/build/ci/waitForSandbox.bash index e68330eb21..5ab7bce164 100755 --- a/build/ci/waitForSandbox.bash +++ b/build/ci/waitForSandbox.bash @@ -4,8 +4,8 @@ # GITHUB_HASH waitDuration=${WAIT_DURATION:-900} -echo "Waiting for https://${GITHUB_SHA:0:6}.cauldron.sefaria.org/health-check to load for $waitDuration seconds" +echo "Waiting for https://sandbox-${GITHUB_SHA:0:6}.cauldron.sefaria.org/health-check to load for $waitDuration seconds" -timeout $waitDuration bash -c 'while [[ "$(curl -s -k -o /dev/null -w ''%{http_code}'' https://${GITHUB_SHA:0:6}.cauldron.sefaria.org/health-check)" != "200" ]]; do sleep 5; done' +timeout $waitDuration bash -c 'while [[ "$(curl -s -k -o /dev/null -w ''%{http_code}'' https://sandbox-${GITHUB_SHA:0:6}.cauldron.sefaria.org/health-check)" != "200" ]]; do sleep 5; done' -echo "Reached server. Proceeding." \ No newline at end of file +echo "Reached server. Proceeding." From f78dae106e9da3ba3bd5f8aa279e98c91eb9891d Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Thu, 24 Mar 2022 13:40:12 +0200 Subject: [PATCH 02/23] fix: use actual version of yq setup action --- .github/workflows/continuous.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index dd341ade84..66ae7a1154 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -144,7 +144,7 @@ jobs: id: get-sha run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" - name: Set up yq - uses: frenck/action-setup-yq@v1.1.1 + uses: frenck/action-setup-yq@v1 - name: setup helm uses: azure/setup-helm@v1 - name: Authenticate GHA Runner To Target Cluster From 2bd226b98c2204d074f1309a312f3658ae503ab2 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Thu, 24 Mar 2022 15:11:09 +0200 Subject: [PATCH 03/23] fix: set helm script execution mode --- build/ci/helm-deploy.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 build/ci/helm-deploy.sh diff --git a/build/ci/helm-deploy.sh b/build/ci/helm-deploy.sh old mode 100644 new mode 100755 From 1714625c624462a31ade476304255fbcd7e31417 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Thu, 24 Mar 2022 16:23:04 +0200 Subject: [PATCH 04/23] ci: don't duplicate build if push is also in PR --- .github/workflows/continuous.yaml | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index 66ae7a1154..4dd0eab390 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -8,8 +8,21 @@ on: - "*" jobs: + duplication-check: + runs-on: ubuntu-latest + outputs: + inPR: steps.check.outputs.number + steps: + - name: Check if push is in PR + id: check + uses: 8BitJonny/gh-get-current-pr@1.4.0 + with: + filterOutClosed: true + github-token: ${{ secrets.GITHUB_TOKEN }} build-generic: runs-on: ubuntu-latest + needs: duplication-check + if: ${{ github.event_name == 'pull_request' || ( github.event_name == 'push' && ! needs.duplication-check.outputs.inPR ) }} strategy: matrix: app: [ web, node ] @@ -56,7 +69,10 @@ jobs: labels: ${{ steps.meta.outputs.labels }} build-asset: runs-on: ubuntu-latest - needs: build-generic + needs: + - duplication-check + - build-generic + if: ${{ github.event_name == 'pull_request' || ( github.event_name == 'push' && ! needs.duplication-check.outputs.inPR ) }} steps: - uses: actions/checkout@v2 - name: Set up QEMU From 897f97c2428e5fe188667e49cedfeeca56657d9e Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Thu, 24 Mar 2022 16:38:40 +0200 Subject: [PATCH 05/23] ci: only always() run in PR --- .github/workflows/continuous.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index 4dd0eab390..657c2969ed 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -296,7 +296,7 @@ jobs: ending-notification: runs-on: ubuntu-latest - if: ${{ always() }} + if: ${{ always() && github.event_name == 'pull_request' }} needs: # - selenium-allsuites-local - selenium-sauce @@ -318,7 +318,7 @@ jobs: sandbox-cleanup: name: "Clean up CI Sandbox" - if: ${{ always() }} + if: ${{ always() && github.event_name == 'pull_request' }} needs: # - selenium-allsuites-local - selenium-sauce From f0160dcae6b1fbaa2fefbfc210ab1626bd67abc0 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Fri, 25 Mar 2022 10:15:54 +0200 Subject: [PATCH 06/23] chore: whitespace fixes --- .github/workflows/continuous.yaml | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index 657c2969ed..d081138407 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -140,7 +140,6 @@ jobs: - name: Handle Jest Test Results run: cat /home/runner/jestResults.json; STATUS=`jq ".numFailedTestSuites" /home/runner/jestResults.json`; exit $STATUS if: ${{ always() }} - sandbox-deploy: if: ${{ github.event_name == 'pull_request' }} runs-on: ubuntu-latest @@ -172,7 +171,6 @@ jobs: BRANCH_NAME: "${{ steps.branch-name.outputs.current_branch }}" PROJECT_ID: "${{ secrets.DEV_PROJECT }}" NAMESPACE: "${{secrets.DEV_SANDBOX_NAMESPACE}}" - sandbox-ready: if: ${{ github.event_name == 'pull_request' }} needs: sandbox-deploy @@ -186,7 +184,6 @@ jobs: run: ./build/ci/waitForSandbox.bash env: WAIT_DURATION: "3000" - selenium-sauce: if: ${{ github.event_name == 'pull_request' }} name: "Selenium" # This name is referenced when slacking status @@ -250,7 +247,6 @@ jobs: service_account_key: ${{ secrets.GCS_BUILD_UPLOAD_KEY }} project_id: ${{ secrets.BUILD_UPLOAD_PROJECT }} if: ${{ always() }} - pytest-job: if: ${{ github.event_name == 'pull_request' }} name: "PyTest" # This name is referenced when slacking status @@ -279,26 +275,21 @@ jobs: DEPLOY_ENV: ${{env.GITHUB_SHA_SHORT}} WEB_IMAGE_NAME: gcr.io/${{secrets.DEV_PROJECT}}/sefaria-web-dev WEB_IMAGE_TAG: ${{env.GITHUB_SHA_SHORT}} - - name: Wait For Job To Finish run: ./build/ci/waitForCIJob.bash timeout-minutes: 30 env: # dependent on GITHUB_RUN_ID, which is implicitly passed in TEST_NAME: pytest - - name: Get Logs From Cluster and propogate test result run: "kubectl logs --tail=-1 -l ci-run=$GITHUB_RUN_ID,test-name=pytest; LASTLINE=`kubectl logs --tail=1 -l ci-run=$GITHUB_RUN_ID,test-name=pytest`; STAT=${LASTLINE: -1}; exit $STAT" - - name: Cleanup pyTest Pod run: kubectl delete jobs -l ci-run=$GITHUB_RUN_ID,test-name=pytest if: always() - ending-notification: runs-on: ubuntu-latest if: ${{ always() && github.event_name == 'pull_request' }} needs: -# - selenium-allsuites-local - selenium-sauce - pytest-job steps: @@ -315,12 +306,10 @@ jobs: SLACK_TEST_FAILURE_WEBHOOK_URL: ${{secrets.SLACK_TEST_FAILURE_WEBHOOK_URL}} GITUSER_SLACK_MAP: ${{secrets.GITUSER_SLACK_MAP}} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - sandbox-cleanup: name: "Clean up CI Sandbox" if: ${{ always() && github.event_name == 'pull_request' }} needs: -# - selenium-allsuites-local - selenium-sauce - pytest-job runs-on: ubuntu-latest @@ -347,4 +336,3 @@ jobs: - name: Uninstall run: helm delete sandbox-${{ steps.get-sha.outputs.sha_short }} -n ${{ secrets.DEV_SANDBOX_NAMESPACE }} --debug if: steps.get-helm.outputs.count > 0 - From ec2f9199cc24bedd743c5af1c13c047b2730aebf Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Fri, 25 Mar 2022 11:15:54 +0200 Subject: [PATCH 07/23] ci: add debug to deploy script --- build/ci/helm-deploy.sh | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/build/ci/helm-deploy.sh b/build/ci/helm-deploy.sh index 36cc3b1631..8ac5a84934 100755 --- a/build/ci/helm-deploy.sh +++ b/build/ci/helm-deploy.sh @@ -1,4 +1,6 @@ #!/bin/bash +set -x +set -e export WEB_IMAGE="gcr.io/$PROJECT_ID/sefaria-web-$BRANCH" export NODE_IMAGE="gcr.io/$PROJECT_ID/sefaria-node-$BRANCH" @@ -6,16 +8,16 @@ export ASSET_IMAGE="gcr.io/$PROJECT_ID/sefaria-asset-$BRANCH" export TAG="sha-$GIT_COMMIT" export NAME="sandbox-$GIT_COMMIT" -yq e -i 'web.containerImage.imageRegistry = strenv(WEB_IMAGE)' $1 -yq e -i 'nodejs.containerImage.imageRegistry = strenv(NODE_IMAGE)' $1 -yq e -i 'nginx.containerImage.imageRegistry = strenv(ASSET_IMAGE)' $1 -yq e -i 'monitor.containerImage.imageRegistry = strenv(WEB_IMAGE)' $1 -yq e -i 'web.containerImage.tag = strenv(TAG)' $1 -yq e -i 'nodejs.containerImage.tag = strenv(TAG)' $1 -yq e -i 'nginx.containerImage.tag = strenv(TAG)' $1 -yq e -i 'monitor.containerImage.tag = strenv(TAG)' $1 -yq e -i 'deployEnv = strenv(NAME)' $1 -yq e -i 'localSettings.FRONT_END_URL = "https://"+strenv(NAME)+".cauldron.sefarai.org"' $1 +yq e -i '.web.containerImage.imageRegistry = strenv(WEB_IMAGE)' $1 +yq e -i '.nodejs.containerImage.imageRegistry = strenv(NODE_IMAGE)' $1 +yq e -i '.nginx.containerImage.imageRegistry = strenv(ASSET_IMAGE)' $1 +yq e -i '.monitor.containerImage.imageRegistry = strenv(WEB_IMAGE)' $1 +yq e -i '.web.containerImage.tag = strenv(TAG)' $1 +yq e -i '.nodejs.containerImage.tag = strenv(TAG)' $1 +yq e -i '.nginx.containerImage.tag = strenv(TAG)' $1 +yq e -i '.monitor.containerImage.tag = strenv(TAG)' $1 +yq e -i '.deployEnv = strenv(NAME)' $1 +yq e -i '.localSettings.FRONT_END_URL = "https://"+strenv(NAME)+".cauldron.sefarai.org"' $1 helm upgrade -i $NAME ./helm-chart --namespace $NAMESPACE -f $1 --debug From 10cff246a1b148ff22b5306f8e787ea53a5ea926 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Fri, 25 Mar 2022 13:36:34 +0200 Subject: [PATCH 08/23] fix: branch env var --- .github/workflows/continuous.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index d081138407..6d1ad4adad 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -168,7 +168,7 @@ jobs: run: ./build/ci/helm-deploy.sh build/ci/values.yaml env: GIT_COMMIT: "${{ steps.get-sha.outputs.sha_short }}" - BRANCH_NAME: "${{ steps.branch-name.outputs.current_branch }}" + BRANCH: "${{ steps.branch-name.outputs.current_branch }}" PROJECT_ID: "${{ secrets.DEV_PROJECT }}" NAMESPACE: "${{secrets.DEV_SANDBOX_NAMESPACE}}" sandbox-ready: From 20d7dfeb8dc25b60cda9b4bc377c1abacfab6ac4 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Mon, 28 Mar 2022 11:14:44 +0200 Subject: [PATCH 09/23] fix: increase timeout for deployment --- build/ci/helm-deploy.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/ci/helm-deploy.sh b/build/ci/helm-deploy.sh index 8ac5a84934..76eae5577c 100755 --- a/build/ci/helm-deploy.sh +++ b/build/ci/helm-deploy.sh @@ -19,5 +19,5 @@ yq e -i '.monitor.containerImage.tag = strenv(TAG)' $1 yq e -i '.deployEnv = strenv(NAME)' $1 yq e -i '.localSettings.FRONT_END_URL = "https://"+strenv(NAME)+".cauldron.sefarai.org"' $1 -helm upgrade -i $NAME ./helm-chart --namespace $NAMESPACE -f $1 --debug +helm upgrade -i $NAME ./helm-chart --namespace $NAMESPACE -f $1 --debug --timeout=30m0s From 9a9e660b75675d38c0f0091150f704e6041f058a Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Mon, 28 Mar 2022 12:34:21 +0200 Subject: [PATCH 10/23] fix: wait on correct ingress url --- .github/workflows/continuous.yaml | 5 ++++- build/ci/waitForSandbox.bash | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index 6d1ad4adad..d716686f44 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -178,12 +178,15 @@ jobs: steps: - name: Checkout uses: actions/checkout@v2 - + - name: Set outputs + id: get-sha + run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" - name: Wait for test sandbox to become available # https://gist.github.com/rgl/f90ff293d56dbb0a1e0f7e7e89a81f42 run: ./build/ci/waitForSandbox.bash env: WAIT_DURATION: "3000" + GIT_COMMIT: "${{ steps.get-sha.outputs.sha_short }}" selenium-sauce: if: ${{ github.event_name == 'pull_request' }} name: "Selenium" # This name is referenced when slacking status diff --git a/build/ci/waitForSandbox.bash b/build/ci/waitForSandbox.bash index 5ab7bce164..5b7011b555 100755 --- a/build/ci/waitForSandbox.bash +++ b/build/ci/waitForSandbox.bash @@ -4,8 +4,8 @@ # GITHUB_HASH waitDuration=${WAIT_DURATION:-900} -echo "Waiting for https://sandbox-${GITHUB_SHA:0:6}.cauldron.sefaria.org/health-check to load for $waitDuration seconds" +echo "Waiting for https://sandbox-${GIT_COMMIT}.cauldron.sefaria.org/health-check to load for $waitDuration seconds" -timeout $waitDuration bash -c 'while [[ "$(curl -s -k -o /dev/null -w ''%{http_code}'' https://sandbox-${GITHUB_SHA:0:6}.cauldron.sefaria.org/health-check)" != "200" ]]; do sleep 5; done' +timeout $waitDuration bash -c 'while [[ "$(curl -s -k -o /dev/null -w ''%{http_code}'' https://sandbox-${GIT_COMMIT}.cauldron.sefaria.org/health-check)" != "200" ]]; do sleep 5; done' echo "Reached server. Proceeding." From 32824e65b62e5635e88ec40717a488451089eaef Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Mon, 28 Mar 2022 12:40:06 +0200 Subject: [PATCH 11/23] fix: update test setup for new env --- .github/workflows/continuous.yaml | 19 ++++++++++--------- build/ci/pyTestPod.yaml | 12 ++++++------ 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index d716686f44..daee5a20d0 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -226,8 +226,9 @@ jobs: # if it is NOT available, it will fail with a '7' exit code # run: curl localhost:5432; if [ $? -eq "52" ]; then exit 0; else exit 1; fi run: exitCode=$(curl localhost:5432; echo $?); if [ $exitCode -eq 52 ]; then exit 0; else exit 1; fi - - name: Define GITHUB_SHA_SHORT - run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV + - name: Set outputs + id: get-sha + run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" # END SETUP - name: Install Python Packages run: pip3 install -r ./requirements.txt @@ -238,12 +239,12 @@ jobs: SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }} SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }} CI_RUN: "true" - CI_URL: https://sandbox-${{env.GITHUB_SHA_SHORT}}.cauldron.sefaria.org + CI_URL: https://sandbox-${{ steps.get-sha.outputs.sha_short }}.cauldron.sefaria.org SEFARIA_TEST_PASS: ${{ secrets.SEFARIA_APP_PASS }} SEFARIA_TEST_USER: ${{ secrets.SEFARIA_APP_USER }} PYTHONPATH: "." DJANGO_SETTINGS_MODULE: sefaria.settings - MONGO_DB_NAME: sefaria-${{env.GITHUB_SHA_SHORT}} + MONGO_DB_NAME: sefaria-${{ steps.get-sha.outputs.sha_short }} - name: Authenticate GHA Runner to GCP uses: google-github-actions/setup-gcloud@v0 with: @@ -266,18 +267,18 @@ jobs: with: service_account_key: ${{ secrets.DEV_CLOUDBUILD_SA_KEY }} project_id: ${{ secrets.DEV_PROJECT }} - - name: Authenticate GHA Runner To Target Cluster run: gcloud container clusters get-credentials ${{secrets.DEV_GKE_CLUSTER}} --zone ${{secrets.DEV_GKE_REGION}} --project ${{secrets.DEV_GCP_PROJECT}} - - name: Define GITHUB_SHA_SHORT - run: echo "GITHUB_SHA_SHORT=${GITHUB_SHA:0:6}" >> $GITHUB_ENV + - name: Set outputs + id: get-sha + run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" - name: Start Job run: envsubst '${GITHUB_RUN_ID},${DEPLOY_ENV},${WEB_IMAGE_NAME},${WEB_IMAGE_TAG},${TIMESTAMP}' < ./build/ci/pyTestPod.yaml | kubectl apply -f - env: # dependent on GITHUB_RUN_ID, which is implicitly passed in - DEPLOY_ENV: ${{env.GITHUB_SHA_SHORT}} + DEPLOY_ENV: ${{ steps.get-sha.outputs.sha_short }} WEB_IMAGE_NAME: gcr.io/${{secrets.DEV_PROJECT}}/sefaria-web-dev - WEB_IMAGE_TAG: ${{env.GITHUB_SHA_SHORT}} + WEB_IMAGE_TAG: ${{ steps.get-sha.outputs.sha_short }} - name: Wait For Job To Finish run: ./build/ci/waitForCIJob.bash timeout-minutes: 30 diff --git a/build/ci/pyTestPod.yaml b/build/ci/pyTestPod.yaml index 5deaa6f1e3..566af98091 100644 --- a/build/ci/pyTestPod.yaml +++ b/build/ci/pyTestPod.yaml @@ -73,22 +73,22 @@ spec: volumes: - name: local-settings secret: - secretName: local-settings-${DEPLOY_ENV} + secretName: local-settings - name: client-secret secret: - secretName: google-client-secret-${DEPLOY_ENV} + secretName: google-client-secret - name: backup-manager-secret # used to access google cloud secret: - secretName: backup-manager-secret-${DEPLOY_ENV} + secretName: backup-manager-secret - name: logging-secret secret: - secretName: logging-secret-${DEPLOY_ENV} + secretName: logging-secret - name: varnish-secret secret: - secretName: varnish-secret-${DEPLOY_ENV} + secretName: varnish-secret - name: school-lookup-data secret: - secretName: school-lookup-data-${DEPLOY_ENV} + secretName: school-lookup-data - name: logdir emptyDir: {} ... From 3c6f61fddc40816500ca5b249884a9a7673e82e7 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Mon, 28 Mar 2022 15:57:17 +0200 Subject: [PATCH 12/23] fix: use correct cm name for post-delete hook --- .github/workflows/continuous.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index daee5a20d0..aaf8179c6d 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -338,5 +338,5 @@ jobs: NAMESPACE: ${{ secrets.DEV_SANDBOX_NAMESPACE }} NAME: sandbox-${{ steps.get-sha.outputs.sha_short }} - name: Uninstall - run: helm delete sandbox-${{ steps.get-sha.outputs.sha_short }} -n ${{ secrets.DEV_SANDBOX_NAMESPACE }} --debug + run: helm delete sandbox-${{ steps.get-sha.outputs.sha_short }} -n ${{ secrets.DEV_SANDBOX_NAMESPACE }} --debug --timeout 10m0s if: steps.get-helm.outputs.count > 0 From cca1dee8b4f8547f2485982d257490adfa6a7322 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Mon, 28 Mar 2022 16:04:35 +0200 Subject: [PATCH 13/23] fix: increase pytest timeout --- .github/workflows/continuous.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index aaf8179c6d..65c206116b 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -281,7 +281,7 @@ jobs: WEB_IMAGE_TAG: ${{ steps.get-sha.outputs.sha_short }} - name: Wait For Job To Finish run: ./build/ci/waitForCIJob.bash - timeout-minutes: 30 + timeout-minutes: 60 env: # dependent on GITHUB_RUN_ID, which is implicitly passed in TEST_NAME: pytest From 0ac2cf8e284ef34f078328ee1ace9e3d04693c7a Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Tue, 29 Mar 2022 11:53:38 +0200 Subject: [PATCH 14/23] fix: env var in mongo destroy script --- helm-chart/templates/configmap/mongo-destroy.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/helm-chart/templates/configmap/mongo-destroy.yaml b/helm-chart/templates/configmap/mongo-destroy.yaml index e6e7f95919..e0f8a81091 100644 --- a/helm-chart/templates/configmap/mongo-destroy.yaml +++ b/helm-chart/templates/configmap/mongo-destroy.yaml @@ -16,11 +16,11 @@ data: set -e set -x - mongo --host MONGO_HOST sefaria-$SANDBOX_NAME < Date: Tue, 29 Mar 2022 11:55:50 +0200 Subject: [PATCH 15/23] ci: increase verbosity of wait script --- build/ci/waitForCIJob.bash | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/build/ci/waitForCIJob.bash b/build/ci/waitForCIJob.bash index a5efe0f338..94591230ff 100755 --- a/build/ci/waitForCIJob.bash +++ b/build/ci/waitForCIJob.bash @@ -1,5 +1,6 @@ #!/bin/bash set -e +set -x echo "Waiting for the test job to finish" echo "GitHub Run ID $GITHUB_RUN_ID" @@ -8,7 +9,10 @@ echo "GitHub Run ID $GITHUB_RUN_ID" while [[ $(kubectl get job -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} -o json | jq -r '.items[0].status.succeeded') != 1 ]] do - sleep 5; + kubectl get job -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} + kuebctl get pod -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} || true + kubectl logs -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} --tail 10 || true + sleep 30; done -echo "Job is complete" \ No newline at end of file +echo "Job is complete" From 49ad5b4108aedc039d52141780da981c9a0b199a Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Tue, 29 Mar 2022 14:58:34 +0200 Subject: [PATCH 16/23] ci: update pytest base image --- .github/workflows/continuous.yaml | 5 ++++- build/ci/waitForCIJob.bash | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index 65c206116b..97a2bf990f 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -272,12 +272,15 @@ jobs: - name: Set outputs id: get-sha run: echo "::set-output name=sha_short::$(git rev-parse --short HEAD)" + - name: Get branch name + id: branch-name + uses: tj-actions/branch-names@v5.1 - name: Start Job run: envsubst '${GITHUB_RUN_ID},${DEPLOY_ENV},${WEB_IMAGE_NAME},${WEB_IMAGE_TAG},${TIMESTAMP}' < ./build/ci/pyTestPod.yaml | kubectl apply -f - env: # dependent on GITHUB_RUN_ID, which is implicitly passed in DEPLOY_ENV: ${{ steps.get-sha.outputs.sha_short }} - WEB_IMAGE_NAME: gcr.io/${{secrets.DEV_PROJECT}}/sefaria-web-dev + WEB_IMAGE_NAME: gcr.io/${{secrets.DEV_PROJECT}}/sefaria-web-${{ steps.branch-name.outputs.current_branch }} WEB_IMAGE_TAG: ${{ steps.get-sha.outputs.sha_short }} - name: Wait For Job To Finish run: ./build/ci/waitForCIJob.bash diff --git a/build/ci/waitForCIJob.bash b/build/ci/waitForCIJob.bash index 94591230ff..8552e406cf 100755 --- a/build/ci/waitForCIJob.bash +++ b/build/ci/waitForCIJob.bash @@ -10,7 +10,7 @@ echo "GitHub Run ID $GITHUB_RUN_ID" while [[ $(kubectl get job -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} -o json | jq -r '.items[0].status.succeeded') != 1 ]] do kubectl get job -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} - kuebctl get pod -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} || true + kubectl get pod -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} || true kubectl logs -l ci-run=$GITHUB_RUN_ID,test-name=${TEST_NAME:-pytest} --tail 10 || true sleep 30; done From 15520c52c96458cf0b95c05bb368f5f9fd17f840 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Tue, 29 Mar 2022 15:32:46 +0200 Subject: [PATCH 17/23] fix: pytest env arguments --- .github/workflows/continuous.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index 97a2bf990f..f65427bcaf 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -279,9 +279,9 @@ jobs: run: envsubst '${GITHUB_RUN_ID},${DEPLOY_ENV},${WEB_IMAGE_NAME},${WEB_IMAGE_TAG},${TIMESTAMP}' < ./build/ci/pyTestPod.yaml | kubectl apply -f - env: # dependent on GITHUB_RUN_ID, which is implicitly passed in - DEPLOY_ENV: ${{ steps.get-sha.outputs.sha_short }} + DEPLOY_ENV: sandbox-${{ steps.get-sha.outputs.sha_short }} WEB_IMAGE_NAME: gcr.io/${{secrets.DEV_PROJECT}}/sefaria-web-${{ steps.branch-name.outputs.current_branch }} - WEB_IMAGE_TAG: ${{ steps.get-sha.outputs.sha_short }} + WEB_IMAGE_TAG: sha-${{ steps.get-sha.outputs.sha_short }} - name: Wait For Job To Finish run: ./build/ci/waitForCIJob.bash timeout-minutes: 60 From 66be27b065bb87142024f9773deaf78169e54851 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Tue, 29 Mar 2022 16:49:04 +0200 Subject: [PATCH 18/23] fix: update pytest to align with new local-setttings file --- build/ci/pyTestPod.yaml | 77 +++++++++++++++++++++++------------------ 1 file changed, 43 insertions(+), 34 deletions(-) diff --git a/build/ci/pyTestPod.yaml b/build/ci/pyTestPod.yaml index 566af98091..529f452875 100644 --- a/build/ci/pyTestPod.yaml +++ b/build/ci/pyTestPod.yaml @@ -35,6 +35,12 @@ spec: value: "node-${DEPLOY_ENV}" - name: VARNISH_HOST value: "varnish-${DEPLOY_ENV}" + envFrom: + - secretRef: + name: local-settings-secrets + optional: true + - configMapRef: + name: "local-settings-${DEPLOY_ENV}" ports: - containerPort: 80 protocol: TCP @@ -45,50 +51,53 @@ spec: limits: memory: "3Gi" cpu: "1000m" - volumeMounts: - # https://stackoverflow.com/questions/53491603/kubernetes-volumemounts-a-file-not-a-directory - - mountPath: /app/sefaria/local_settings.py - name: local-settings - subPath: local_settings.py - readOnly: true - - mountPath: /varnish-secret - name: varnish-secret - readOnly: true - - mountPath: /school-lookup-data - name: school-lookup-data - readOnly: true - - mountPath: /client-secret - name: client-secret - readOnly: true - - mountPath: /google-cloud-secret - name: backup-manager-secret - readOnly: true - - mountPath: /app/logging-secret.json - name: logging-secret - subPath: logging-secret.json - readOnly: true - - mountPath: /log - name: logdir + - mountPath: /app/sefaria/local_settings.py + name: local-settings + subPath: local_settings.py + readOnly: true + - mountPath: /varnish-secret + name: varnish-secret + readOnly: true + - mountPath: /school-lookup-data + name: school-lookup-data + readOnly: true + - mountPath: /client-secret + name: client-secret + readOnly: true + - mountPath: /google-cloud-secret + name: backup-manager-secret + readOnly: true + - mountPath: /app/logging-secret.json + name: logging-secret + subPath: logging-secret.json + readOnly: true + - name: gunicorn-config + mountPath: /app/gunicorn.conf.py + subPath: gunicorn.conf.py + readOnly: true volumes: - name: local-settings - secret: - secretName: local-settings + configMap: + name: "local-settings-${DEPLOY_ENV}" + items: + - key: local_settings.py + path: local_settings.py - name: client-secret secret: - secretName: google-client-secret + secretName: google-client-secret - name: backup-manager-secret # used to access google cloud secret: - secretName: backup-manager-secret + secretName: backup-manager - name: logging-secret secret: - secretName: logging-secret + secretName: logging-secret - name: varnish-secret secret: - secretName: varnish-secret - - name: school-lookup-data + secretName: varnish-secret-helm + - name: school-lookup-data secret: secretName: school-lookup-data - - name: logdir - emptyDir: {} -... + - name: gunicorn-config + configMap: + name: "gunicorn-config-${DEPLOY_ENV}" From 8804b3a1bad889530023a61588211b8474d960f9 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Fri, 1 Apr 2022 12:06:29 +0200 Subject: [PATCH 19/23] ci: pass GITHUB_SHORT_SHA to selenium --- .github/workflows/continuous.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index f65427bcaf..bad464f052 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -245,6 +245,7 @@ jobs: PYTHONPATH: "." DJANGO_SETTINGS_MODULE: sefaria.settings MONGO_DB_NAME: sefaria-${{ steps.get-sha.outputs.sha_short }} + GITHUB_SHA_SORT: ${{ steps.get-sha.outputs.sha_short }} - name: Authenticate GHA Runner to GCP uses: google-github-actions/setup-gcloud@v0 with: From a894b8ab322a8092619f23a5177b8058af41ee74 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Wed, 6 Apr 2022 16:00:16 +0200 Subject: [PATCH 20/23] fix: database name in selenium test --- .github/workflows/continuous.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/continuous.yaml b/.github/workflows/continuous.yaml index bad464f052..b3cb305e46 100644 --- a/.github/workflows/continuous.yaml +++ b/.github/workflows/continuous.yaml @@ -244,7 +244,7 @@ jobs: SEFARIA_TEST_USER: ${{ secrets.SEFARIA_APP_USER }} PYTHONPATH: "." DJANGO_SETTINGS_MODULE: sefaria.settings - MONGO_DB_NAME: sefaria-${{ steps.get-sha.outputs.sha_short }} + MONGO_DB_NAME: sefaria-sandbox-${{ steps.get-sha.outputs.sha_short }} GITHUB_SHA_SORT: ${{ steps.get-sha.outputs.sha_short }} - name: Authenticate GHA Runner to GCP uses: google-github-actions/setup-gcloud@v0 From 0dd0b1fef5dbb118b9439e666dc0cf71caf65d4d Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Wed, 13 Apr 2022 16:16:44 +0200 Subject: [PATCH 21/23] chore: bump helm-chart version --- helm-chart/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm-chart/Chart.yaml b/helm-chart/Chart.yaml index 41a06cd336..8547dac82a 100644 --- a/helm-chart/Chart.yaml +++ b/helm-chart/Chart.yaml @@ -1,7 +1,7 @@ --- apiVersion: v2 name: sefaria -version: v0.0.4 +version: v0.0.5 description: Chart to deploy complete Sefaria environment icon: https://raw.githubusercontent.com/Sefaria/Sefaria-Project/e757b59968adbc0d6845eaa1b420f934ad864d32/static/img/logo/icon.svg home: https://sefaria.org From bee16f10ae19321d52e612aae04b210e21e16ed2 Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Tue, 19 Apr 2022 15:53:54 +0200 Subject: [PATCH 22/23] ci: bump helm version --- .github/workflows/helm-tests.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/helm-tests.yaml b/.github/workflows/helm-tests.yaml index 4ca336e9ff..7e41fbcdb9 100644 --- a/.github/workflows/helm-tests.yaml +++ b/.github/workflows/helm-tests.yaml @@ -13,7 +13,7 @@ jobs: - name: Set up Helm uses: azure/setup-helm@v1 with: - version: v3.4.0 + version: v3.5.0 - name: Set up Python uses: actions/setup-python@v2 with: From 199cf6c42ada20050ee7ac012703a3503f001c0a Mon Sep 17 00:00:00 2001 From: Brendan Galloway Date: Mon, 25 Apr 2022 17:12:29 +0200 Subject: [PATCH 23/23] fix: typo in restore configmap --- helm-chart/templates/configmap/mongo-restore.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helm-chart/templates/configmap/mongo-restore.yaml b/helm-chart/templates/configmap/mongo-restore.yaml index 147536a200..f0dc00f6b2 100644 --- a/helm-chart/templates/configmap/mongo-restore.yaml +++ b/helm-chart/templates/configmap/mongo-restore.yaml @@ -17,5 +17,5 @@ data: set -x tar xzvf /storage/dump.tar.gz -C /storage - mongorestore --drop --host=$MONGO_HOST:27017 -v -d sefaria-{{ .Values.deployEnv }} --dir=/storage/dump/sefaria" + mongorestore --drop --host=$MONGO_HOST:27017 -v -d sefaria-{{ .Values.deployEnv }} --dir=/storage/dump/sefaria {{- end }}