diff --git a/.github/workflows/deploy-canary.yml b/.github/workflows/deploy-canary.yml index 5a30401ed2..05d26182b9 100644 --- a/.github/workflows/deploy-canary.yml +++ b/.github/workflows/deploy-canary.yml @@ -33,7 +33,12 @@ jobs: with: repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1 with: diff --git a/.github/workflows/ec2-integration-test.yml b/.github/workflows/ec2-integration-test.yml index b69494db59..897d95e4a0 100644 --- a/.github/workflows/ec2-integration-test.yml +++ b/.github/workflows/ec2-integration-test.yml @@ -40,9 +40,6 @@ on: type: string s3_integration_bucket: type: string - connection_port: - type: string - required: true jobs: EC2IntegrationTest: @@ -71,9 +68,9 @@ jobs: - name: Add Runner to Security Group uses: twosense/add-ip-to-ec2-security-group@v1.2 with: - security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} - port: ${{ inputs.connection_port }} - + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + - name: Cache if success id: cache_if_success diff --git a/.github/workflows/integration-test.yml b/.github/workflows/integration-test.yml index f4fa97ebf1..1f950bd8ef 100644 --- a/.github/workflows/integration-test.yml +++ b/.github/workflows/integration-test.yml @@ -126,46 +126,52 @@ jobs: echo "ec2_linux_itar_matrix: ${{ steps.set-matrix.outputs.ec2_linux_itar_matrix }}" echo "ec2_linux_china_matrix: ${{ steps.set-matrix.outputs.ec2_linux_china_matrix }}" - # CloudformationTest: - # needs: [GenerateTestMatrix] - # name: 'CFTest' - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - # path: test - - # - name: Set up Go 1.x - # uses: actions/setup-go@v2 - # with: - # go-version: ~1.22.2 - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: cf-integration-test - # uses: actions/cache@v2 - # with: - # path: go.mod - # key: "cf-integration-${{ github.sha }}-test" - - # - name: Test cf - # if: steps.ec2-linux-integration-test.outputs.cache-hit != 'true' - # run: | - # cd test/test/cloudformation - # go test -timeout 1h -package_path=s3://${S3_INTEGRATION_BUCKET}/integration-test/binary/${{ github.sha }}/linux/amd64/amazon-cloudwatch-agent.rpm -iam_role=${CF_IAM_ROLE} -key_name=${CF_KEY_NAME} -metric_name=mem_used_percent + CloudformationTest: + needs: [GenerateTestMatrix] + name: 'CFTest' + runs-on: ubuntu-latest + strategy: + fail-fast: false + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + path: test + + - name: Set up Go 1.x + uses: actions/setup-go@v2 + with: + go-version: ~1.22.2 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: cf-integration-test + uses: actions/cache@v2 + with: + path: go.mod + key: "cf-integration-${{ github.sha }}-test" + + - name: Test cf + if: steps.ec2-linux-integration-test.outputs.cache-hit != 'true' + run: | + cd test/test/cloudformation + go test -timeout 1h -package_path=s3://${S3_INTEGRATION_BUCKET}/integration-test/binary/${{ github.sha }}/linux/amd64/amazon-cloudwatch-agent.rpm -iam_role=${CF_IAM_ROLE} -key_name=${CF_KEY_NAME} -metric_name=mem_used_percent StartLocalStack: name: 'StartLocalStack' @@ -186,156 +192,162 @@ jobs: connection_port: ${{vars.LINUX_CONNECTION_PORT}} - # StartLocalStackITAR: - # name: 'StartLocalStackITAR' - # needs: [OutputEnvVariables] - # uses: ./.github/workflows/start-localstack.yml - # secrets: inherit - # permissions: - # id-token: write - # contents: read - # with: - # region: us-gov-east-1 - # test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} - # test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} - # terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_ITAR }} - # test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} - # github_sha: ${{github.sha}} - # s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_ITAR }} - - # StartLocalStackCN: - # name: 'StartLocalStackCN' - # needs: [ OutputEnvVariables ] - # uses: ./.github/workflows/start-localstack.yml - # secrets: inherit - # permissions: - # id-token: write - # contents: read - # with: - # region: cn-north-1 - # test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} - # test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} - # terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_CN }} - # test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} - # github_sha: ${{github.sha}} - # s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_CN }} - - - - # EC2NvidiaGPUIntegrationTest: - # needs: [ StartLocalStack, GenerateTestMatrix ] - # name: 'EC2NVIDIAGPUIntegrationTest' - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_gpu_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: ec2-linux-integration-test - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: ec2-nvidia-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} - - # - name: Echo Test Info - # run: echo run on ec2 instance os ${{ matrix.arrays.os }} arc ${{ matrix.arrays.arc }} test dir ${{ matrix.arrays.test_dir }} - - # - name: Verify Terraform version - # run: terraform --version - - # # nick-fields/retry@v2 starts at base dir - # - name: Terraform apply - # if: ${{ matrix.arrays.family == 'linux' && steps.ec2-nvidia-integration-test.outputs.cache-hit != 'true' }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 30 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ec2/linux - # fi - - # terraform init - # if terraform apply --auto-approve \ - # -var="ssh_key_value=${PRIVATE_KEY}" -var="github_test_repo=${{env.CWA_GITHUB_TEST_REPO_URL}}" \ - # -var="test_name=${{ matrix.arrays.os }}" \ - # -var="cwa_github_sha=${GITHUB_SHA}" -var="install_agent=${{ matrix.arrays.installAgentCommand }}" \ - # -var="github_test_repo_branch=${{env.CWA_GITHUB_TEST_REPO_BRANCH}}" \ - # -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ - # -var="user=${{ matrix.arrays.username }}" \ - # -var="ami=${{ matrix.arrays.ami }}" \ - # -var="ca_cert_path=${{ matrix.arrays.caCertPath }}" \ - # -var="arc=${{ matrix.arrays.arc }}" \ - # -var="binary_name=${{ matrix.arrays.binaryName }}" \ - # -var="local_stack_host_name=${{ needs.StartLocalStack.outputs.local_stack_host_name }}" \ - # -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ - # -var="ssh_key_name=${KEY_NAME}" \ - # -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - # - name: Terraform apply - # if: ${{ matrix.arrays.family == 'window' && steps.ec2-nvidia-integration-test.outputs.cache-hit != 'true' }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 30 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ec2/win - # fi - # terraform init - # if terraform apply --auto-approve \ - # -var="ssh_key_value=${PRIVATE_KEY}" -var="ssh_key_name=${KEY_NAME}" \ - # -var="github_repo=${{env.CWA_GITHUB_TEST_REPO_URL}}" \ - # -var="cwa_github_sha=${GITHUB_SHA}" -var="ami=${{ matrix.arrays.ami }}" \ - # -var="test_dir=${{ matrix.arrays.test_dir }}" \ - # -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ - # -var="github_test_repo=${{env.CWA_GITHUB_TEST_REPO_URL}}" \ - # -var="github_test_repo_branch=${{env.CWA_GITHUB_TEST_REPO_BRANCH}}" \ - # -var="s3_bucket=${S3_INTEGRATION_BUCKET}" ; then terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - # #This is here just in case workflow cancel - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # elif if "${{ matrix.arrays.os }}" == window; then - # cd terraform/ec2/win - # else - # cd terraform/ec2/linux - # fi - # terraform destroy --auto-approve + StartLocalStackITAR: + name: 'StartLocalStackITAR' + needs: [OutputEnvVariables] + uses: ./.github/workflows/start-localstack.yml + secrets: inherit + permissions: + id-token: write + contents: read + with: + region: us-gov-east-1 + test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} + test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} + terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_ITAR }} + test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} + github_sha: ${{github.sha}} + s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_ITAR }} + + StartLocalStackCN: + name: 'StartLocalStackCN' + needs: [ OutputEnvVariables ] + uses: ./.github/workflows/start-localstack.yml + secrets: inherit + permissions: + id-token: write + contents: read + with: + region: cn-north-1 + test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} + test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} + terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_CN }} + test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} + github_sha: ${{github.sha}} + s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_CN }} + + + + EC2NvidiaGPUIntegrationTest: + needs: [ StartLocalStack, GenerateTestMatrix ] + name: 'EC2NVIDIAGPUIntegrationTest' + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_gpu_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: ec2-linux-integration-test + uses: actions/cache@v3 + with: + path: go.mod + key: ec2-nvidia-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} + + - name: Echo Test Info + run: echo run on ec2 instance os ${{ matrix.arrays.os }} arc ${{ matrix.arrays.arc }} test dir ${{ matrix.arrays.test_dir }} + + - name: Verify Terraform version + run: terraform --version + + # nick-fields/retry@v2 starts at base dir + - name: Terraform apply + if: ${{ matrix.arrays.family == 'linux' && steps.ec2-nvidia-integration-test.outputs.cache-hit != 'true' }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 30 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ec2/linux + fi + + terraform init + if terraform apply --auto-approve \ + -var="ssh_key_value=${PRIVATE_KEY}" -var="github_test_repo=${{env.CWA_GITHUB_TEST_REPO_URL}}" \ + -var="test_name=${{ matrix.arrays.os }}" \ + -var="cwa_github_sha=${GITHUB_SHA}" -var="install_agent=${{ matrix.arrays.installAgentCommand }}" \ + -var="github_test_repo_branch=${{env.CWA_GITHUB_TEST_REPO_BRANCH}}" \ + -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ + -var="user=${{ matrix.arrays.username }}" \ + -var="ami=${{ matrix.arrays.ami }}" \ + -var="ca_cert_path=${{ matrix.arrays.caCertPath }}" \ + -var="arc=${{ matrix.arrays.arc }}" \ + -var="binary_name=${{ matrix.arrays.binaryName }}" \ + -var="local_stack_host_name=${{ needs.StartLocalStack.outputs.local_stack_host_name }}" \ + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ + -var="ssh_key_name=${KEY_NAME}" \ + -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + - name: Terraform apply + if: ${{ matrix.arrays.family == 'window' && steps.ec2-nvidia-integration-test.outputs.cache-hit != 'true' }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 30 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ec2/win + fi + terraform init + if terraform apply --auto-approve \ + -var="ssh_key_value=${PRIVATE_KEY}" -var="ssh_key_name=${KEY_NAME}" \ + -var="github_repo=${{env.CWA_GITHUB_TEST_REPO_URL}}" \ + -var="cwa_github_sha=${GITHUB_SHA}" -var="ami=${{ matrix.arrays.ami }}" \ + -var="test_dir=${{ matrix.arrays.test_dir }}" \ + -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ + -var="github_test_repo=${{env.CWA_GITHUB_TEST_REPO_URL}}" \ + -var="github_test_repo_branch=${{env.CWA_GITHUB_TEST_REPO_BRANCH}}" \ + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" ; then terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + #This is here just in case workflow cancel + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + elif if "${{ matrix.arrays.os }}" == window; then + cd terraform/ec2/win + else + cd terraform/ec2/linux + fi + terraform destroy --auto-approve OutputEnvVariables: needs: [CheckBuildTestArtifacts] @@ -385,224 +397,229 @@ jobs: region: us-west-2 terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE }} s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET }} - connection_port: ${{vars.LINUX_CONNECTION_PORT}} secrets: inherit - # EC2LinuxIntegrationTestITAR: - # needs: [ StartLocalStackITAR, GenerateTestMatrix, OutputEnvVariables ] - # name: 'EC2LinuxITAR' - # uses: ./.github/workflows/ec2-integration-test.yml - # with: - # github_sha: ${{github.sha}} - # test_dir: terraform/ec2/linux - # job_id: ec2-linux-integration-test - # test_props: ${{needs.GenerateTestMatrix.outputs.ec2_linux_itar_matrix}} - # test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} - # test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} - # test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} - # localstack_host: ${{needs.StartLocalStackITAR.outputs.local_stack_host_name}} - # region: us-gov-east-1 - # terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_ITAR }} - # s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_ITAR }} - # secrets: inherit - - # EC2LinuxIntegrationTestCN: - # needs: [ StartLocalStackCN, GenerateTestMatrix, OutputEnvVariables ] - # name: 'EC2LinuxCN' - # uses: ./.github/workflows/ec2-integration-test.yml - # with: - # github_sha: ${{github.sha}} - # test_dir: terraform/ec2/linux - # job_id: ec2-linux-integration-test - # test_props: ${{needs.GenerateTestMatrix.outputs.ec2_linux_china_matrix}} - # test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} - # test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} - # test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} - # localstack_host: ${{needs.StartLocalStackCN.outputs.local_stack_host_name}} - # region: cn-north-1 - # terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_CN }} - # s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_CN }} - # secrets: inherit - - - # LinuxOnPremIntegrationTest: - # needs: [StartLocalStack, GenerateTestMatrix, OutputEnvVariables] - # name: 'OnpremLinux' - # uses: ./.github/workflows/ec2-integration-test.yml - # with: - # github_sha: ${{github.sha}} - # test_dir: terraform/ec2/linux_onprem - # job_id: linux-onprem-integration-test - # test_props: ${{needs.GenerateTestMatrix.outputs.ec2_linux_onprem_matrix}} - # test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} - # test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} - # test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} - # localstack_host: ${{needs.StartLocalStack.outputs.local_stack_host_name}} - # region: us-west-2 - # secrets: inherit - - # EC2WinIntegrationTest: - # needs: [GenerateTestMatrix] - # name: 'EC2WinIntegrationTest' - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_windows_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: ec2-win-integration-test - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: ec2-win-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} - - # - name: Echo Test Info - # run: echo run on ec2 instance os ${{ matrix.arrays.os }} use ssm ${{ matrix.arrays.useSSM }} test ${{ matrix.arrays.test_dir }} - - # - name: Verify Terraform version - # run: terraform --version - - # # nick-fields/retry@v2 starts at base dir - # - name: Terraform apply - # if: steps.ec2-win-integration-test.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 30 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ec2/win - # fi - # terraform init - # if terraform apply --auto-approve \ - # -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ - # -var="ssh_key_value=${PRIVATE_KEY}" -var="ssh_key_name=${KEY_NAME}" \ - # -var="test_name=${{ matrix.arrays.os }}" \ - # -var="cwa_github_sha=${GITHUB_SHA}" \ - # -var="test_dir=${{ matrix.arrays.test_dir }}" \ - # -var="ami=${{ matrix.arrays.ami }}" \ - # -var="use_ssm=${{ matrix.arrays.useSSM }}" \ - # -var="s3_bucket=${S3_INTEGRATION_BUCKET}" ; then - # terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # #This is here just in case workflow cancel - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ec2/win - # fi - # terraform destroy --auto-approve - - # EC2DarwinIntegrationTest: - # needs: [GenerateTestMatrix] - # name: 'EC2DarwinIntegrationTest' - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_mac_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: ec2-mac-integration-test - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: ec2-mac-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} - - # - name: Echo OS - # run: echo run on ec2 instance os ${{ matrix.arrays.os }} - - # - name: Verify Terraform version - # run: terraform --version - - # # nick-fields/retry@v2 starts at base dir - # - name: Terraform apply - # if: steps.ec2-mac-integration-test.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 60 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ec2/mac - # fi - # terraform init - # if terraform apply --auto-approve \ - # -var="ssh_key_value=${PRIVATE_KEY}" -var="ssh_key_name=${KEY_NAME}" \ - # -var="arc=${{ matrix.arrays.arc }}" \ - # -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ - # -var="cwa_github_sha=${GITHUB_SHA}" -var="ami=${{ matrix.arrays.ami }}" \ - # -var="test_dir=${{ matrix.arrays.test_dir }}" \ - # -var="license_manager_arn=${{ env.LICENSE_MANAGER_ARN }}" \ - # -var="s3_bucket=${S3_INTEGRATION_BUCKET}" ; then - # terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # #This is here just in case workflow cancel - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ec2/mac - # fi - # terraform destroy --auto-approve + EC2LinuxIntegrationTestITAR: + needs: [ StartLocalStackITAR, GenerateTestMatrix, OutputEnvVariables ] + name: 'EC2LinuxITAR' + uses: ./.github/workflows/ec2-integration-test.yml + with: + github_sha: ${{github.sha}} + test_dir: terraform/ec2/linux + job_id: ec2-linux-integration-test + test_props: ${{needs.GenerateTestMatrix.outputs.ec2_linux_itar_matrix}} + test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} + test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} + test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} + localstack_host: ${{needs.StartLocalStackITAR.outputs.local_stack_host_name}} + region: us-gov-east-1 + terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_ITAR }} + s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_ITAR }} + secrets: inherit + + EC2LinuxIntegrationTestCN: + needs: [ StartLocalStackCN, GenerateTestMatrix, OutputEnvVariables ] + name: 'EC2LinuxCN' + uses: ./.github/workflows/ec2-integration-test.yml + with: + github_sha: ${{github.sha}} + test_dir: terraform/ec2/linux + job_id: ec2-linux-integration-test + test_props: ${{needs.GenerateTestMatrix.outputs.ec2_linux_china_matrix}} + test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} + test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} + test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} + localstack_host: ${{needs.StartLocalStackCN.outputs.local_stack_host_name}} + region: cn-north-1 + terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_CN }} + s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_CN }} + secrets: inherit + + + LinuxOnPremIntegrationTest: + needs: [StartLocalStack, GenerateTestMatrix, OutputEnvVariables] + name: 'OnpremLinux' + uses: ./.github/workflows/ec2-integration-test.yml + with: + github_sha: ${{github.sha}} + test_dir: terraform/ec2/linux_onprem + job_id: linux-onprem-integration-test + test_props: ${{needs.GenerateTestMatrix.outputs.ec2_linux_onprem_matrix}} + test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} + test_repo_url: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_URL }} + test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} + localstack_host: ${{needs.StartLocalStack.outputs.local_stack_host_name}} + region: us-west-2 + secrets: inherit + + EC2WinIntegrationTest: + needs: [GenerateTestMatrix] + name: 'EC2WinIntegrationTest' + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_windows_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Cache if success + id: ec2-win-integration-test + uses: actions/cache@v3 + with: + path: go.mod + key: ec2-win-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} + + - name: Echo Test Info + run: echo run on ec2 instance os ${{ matrix.arrays.os }} use ssm ${{ matrix.arrays.useSSM }} test ${{ matrix.arrays.test_dir }} + + - name: Verify Terraform version + run: terraform --version + + # nick-fields/retry@v2 starts at base dir + - name: Terraform apply + if: steps.ec2-win-integration-test.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 30 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ec2/win + fi + terraform init + if terraform apply --auto-approve \ + -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ + -var="ssh_key_value=${PRIVATE_KEY}" -var="ssh_key_name=${KEY_NAME}" \ + -var="test_name=${{ matrix.arrays.os }}" \ + -var="cwa_github_sha=${GITHUB_SHA}" \ + -var="test_dir=${{ matrix.arrays.test_dir }}" \ + -var="ami=${{ matrix.arrays.ami }}" \ + -var="use_ssm=${{ matrix.arrays.useSSM }}" \ + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" ; then + terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + #This is here just in case workflow cancel + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ec2/win + fi + terraform destroy --auto-approve + + EC2DarwinIntegrationTest: + needs: [GenerateTestMatrix] + name: 'EC2DarwinIntegrationTest' + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_mac_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: ec2-mac-integration-test + uses: actions/cache@v3 + with: + path: go.mod + key: ec2-mac-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} + + - name: Echo OS + run: echo run on ec2 instance os ${{ matrix.arrays.os }} + + - name: Verify Terraform version + run: terraform --version + + # nick-fields/retry@v2 starts at base dir + - name: Terraform apply + if: steps.ec2-mac-integration-test.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 60 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ec2/mac + fi + terraform init + if terraform apply --auto-approve \ + -var="ssh_key_value=${PRIVATE_KEY}" -var="ssh_key_name=${KEY_NAME}" \ + -var="arc=${{ matrix.arrays.arc }}" \ + -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ + -var="cwa_github_sha=${GITHUB_SHA}" -var="ami=${{ matrix.arrays.ami }}" \ + -var="test_dir=${{ matrix.arrays.test_dir }}" \ + -var="license_manager_arn=${{ env.LICENSE_MANAGER_ARN }}" \ + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" ; then + terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + #This is here just in case workflow cancel + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ec2/mac + fi + terraform destroy --auto-approve StopLocalStack: name: 'StopLocalStack' @@ -624,731 +641,785 @@ jobs: connection_port: ${{vars.LINUX_CONNECTION_PORT}} - # StopLocalStackITAR: - # name: 'StopLocalStackITAR' - # if: ${{ always() && needs.StartLocalStackITAR.result == 'success' }} - # needs: [ StartLocalStackITAR, EC2LinuxIntegrationTestITAR, OutputEnvVariables ] - # uses: ./.github/workflows/stop-localstack.yml - # secrets: inherit - # permissions: - # id-token: write - # contents: read - # with: - # region: us-gov-east-1 - # test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} - # test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} - # terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_ITAR }} - # github_sha: ${{github.sha}} - # s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_ITAR }} - - # StopLocalStackCN: - # name: 'StopLocalStackCN' - # if: ${{ always() && needs.StartLocalStackCN.result == 'success' }} - # needs: [ StartLocalStackCN, EC2LinuxIntegrationTestCN ] - # uses: ./.github/workflows/stop-localstack.yml - # secrets: inherit - # permissions: - # id-token: write - # contents: read - # with: - # region: cn-north-1 - # test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} - # test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} - # terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_CN }} - # github_sha: ${{github.sha}} - # s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_CN }} - - # ECSEC2IntegrationTest: - # name: 'ECSEC2IntegrationTest' - # runs-on: ubuntu-latest - # needs: [ GenerateTestMatrix ] - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ecs_ec2_launch_daemon_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: ecs-ec2-integration-test - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: ecs-ec2-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.test_dir }} - - # - name: Login ECR - # id: login-ecr - # if: steps.ecs-ec2-integration-test.outputs.cache-hit != 'true' - # uses: aws-actions/amazon-ecr-login@v2 - - # - name: Verify Terraform version - # if: steps.ecs-ec2-integration-test.outputs.cache-hit != 'true' - # run: terraform --version - - # - name: Terraform apply - # if: steps.ecs-ec2-integration-test.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 15 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ecs_ec2/daemon - # fi + StopLocalStackITAR: + name: 'StopLocalStackITAR' + if: ${{ always() && needs.StartLocalStackITAR.result == 'success' }} + needs: [ StartLocalStackITAR, EC2LinuxIntegrationTestITAR, OutputEnvVariables ] + uses: ./.github/workflows/stop-localstack.yml + secrets: inherit + permissions: + id-token: write + contents: read + with: + region: us-gov-east-1 + test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} + test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} + terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_ITAR }} + github_sha: ${{github.sha}} + s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_ITAR }} + + StopLocalStackCN: + name: 'StopLocalStackCN' + if: ${{ always() && needs.StartLocalStackCN.result == 'success' }} + needs: [ StartLocalStackCN, EC2LinuxIntegrationTestCN ] + uses: ./.github/workflows/stop-localstack.yml + secrets: inherit + permissions: + id-token: write + contents: read + with: + region: cn-north-1 + test_repo_name: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_NAME }} + test_repo_branch: ${{ needs.OutputEnvVariables.outputs.CWA_GITHUB_TEST_REPO_BRANCH }} + terraform_assume_role: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE_CN }} + github_sha: ${{github.sha}} + s3_integration_bucket: ${{ vars.S3_INTEGRATION_BUCKET_CN }} + + ECSEC2IntegrationTest: + name: 'ECSEC2IntegrationTest' + runs-on: ubuntu-latest + needs: [ GenerateTestMatrix ] + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ecs_ec2_launch_daemon_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: ecs-ec2-integration-test + uses: actions/cache@v3 + with: + path: go.mod + key: ecs-ec2-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.test_dir }} + + - name: Login ECR + id: login-ecr + if: steps.ecs-ec2-integration-test.outputs.cache-hit != 'true' + uses: aws-actions/amazon-ecr-login@v2 + + - name: Verify Terraform version + if: steps.ecs-ec2-integration-test.outputs.cache-hit != 'true' + run: terraform --version + + - name: Terraform apply + if: steps.ecs-ec2-integration-test.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 15 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ecs_ec2/daemon + fi - # terraform init - # if terraform apply --auto-approve\ - # -var="test_dir=${{ matrix.arrays.test_dir }}"\ - # -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ - # -var="cwagent_image_repo=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_INTEGRATION_TEST_REPO }}"\ - # -var="cwagent_image_tag=${{ github.sha }}"\ - # -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ - # -var="metadataEnabled=${{ matrix.arrays.metadataEnabled }}" \ - # -var="ami=${{ matrix.arrays.ami }}" ; then - # terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ecs_ec2/daemon - # fi - # terraform destroy --auto-approve - - # ECSFargateIntegrationTest: - # name: 'ECSFargateIntegrationTest' - # runs-on: ubuntu-latest - # needs: [GenerateTestMatrix] - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ecs_fargate_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: ecs-fargate-integration-test - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: ecs-fargate-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.test_dir }} - - # - name: Login ECR - # id: login-ecr - # if: steps.ecs-fargate-integration-test.outputs.cache-hit != 'true' - # uses: aws-actions/amazon-ecr-login@v2 - - # - name: Verify Terraform version - # if: steps.ecs-fargate-integration-test.outputs.cache-hit != 'true' - # run: terraform --version - - # - name: Terraform apply - # if: steps.ecs-fargate-integration-test.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 15 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ecs_fargate/linux - # fi + terraform init + if terraform apply --auto-approve\ + -var="test_dir=${{ matrix.arrays.test_dir }}"\ + -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ + -var="cwagent_image_repo=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_INTEGRATION_TEST_REPO }}"\ + -var="cwagent_image_tag=${{ github.sha }}"\ + -var="ec2_instance_type=${{ matrix.arrays.instanceType }}" \ + -var="metadataEnabled=${{ matrix.arrays.metadataEnabled }}" \ + -var="ami=${{ matrix.arrays.ami }}" ; then + terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ecs_ec2/daemon + fi + terraform destroy --auto-approve + + ECSFargateIntegrationTest: + name: 'ECSFargateIntegrationTest' + runs-on: ubuntu-latest + needs: [GenerateTestMatrix] + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ecs_fargate_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: ecs-fargate-integration-test + uses: actions/cache@v3 + with: + path: go.mod + key: ecs-fargate-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.test_dir }} + + - name: Login ECR + id: login-ecr + if: steps.ecs-fargate-integration-test.outputs.cache-hit != 'true' + uses: aws-actions/amazon-ecr-login@v2 + + - name: Verify Terraform version + if: steps.ecs-fargate-integration-test.outputs.cache-hit != 'true' + run: terraform --version + + - name: Terraform apply + if: steps.ecs-fargate-integration-test.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 15 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ecs_fargate/linux + fi - # terraform init - # if terraform apply --auto-approve\ - # -var="test_dir=${{ matrix.arrays.test_dir }}"\ - # -var="cwagent_image_repo=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_INTEGRATION_TEST_REPO }}"\ - # -var="cwagent_image_tag=${{ github.sha }}"; then - # terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/ecs_fargate/linux - # fi - # terraform destroy --auto-approve - - # EKSIntegrationTest: - # name: 'EKSIntegrationTest' - # runs-on: ubuntu-latest - # needs: [ GenerateTestMatrix ] - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.eks_daemon_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: eks-ec2-integration-test - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: ${{ matrix.arrays.terraform_dir }}-${{ matrix.arrays.k8sVersion }}-${{ matrix.arrays.instanceType }}-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.test_dir }} - - # - name: Login ECR - # id: login-ecr - # if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' - # uses: aws-actions/amazon-ecr-login@v2 - - # - name: Verify Terraform version - # if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' - # run: terraform --version - - # - name: Terraform apply - # if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 2 - # timeout_minutes: 90 # EKS takes about 20 minutes to spin up a cluster and service on the cluster - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/eks/daemon - # fi - - # terraform init - # if terraform apply --auto-approve \ - # -var="test_dir=${{ matrix.arrays.test_dir }}"\ - # -var="cwagent_image_repo=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_INTEGRATION_TEST_REPO }}" \ - # -var="cwagent_image_tag=${{ github.sha }}" \ - # -var="ami_type=${{ matrix.arrays.ami }}" \ - # -var="instance_type=${{ matrix.arrays.instanceType }}" \ - # -var="k8s_version=${{ matrix.arrays.k8sVersion }}"; then - # terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/eks/daemon - # fi - # terraform destroy --auto-approve - - # EKSPrometheusIntegrationTest: - # name: 'EKSPrometheusIntegrationTest' - # runs-on: ubuntu-latest - # needs: [ GenerateTestMatrix ] - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.eks_deployment_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: eks-ec2-integration-test - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: eks-ec2-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.test_dir }} - - # - name: Login ECR - # id: login-ecr - # if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' - # uses: aws-actions/amazon-ecr-login@v2 - - # - name: Verify Terraform version - # if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' - # run: terraform --version - - # - name: Terraform apply - # if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 60 # EKS takes about 20 minutes to spin up a cluster and service on the cluster - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/eks/deployment - # fi - - # terraform init - # if terraform apply --auto-approve \ - # -var="test_dir=${{ matrix.arrays.test_dir }}"\ - # -var="cwagent_image_repo=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_INTEGRATION_TEST_REPO }}" \ - # -var="cwagent_image_tag=${{ github.sha }}" \ - # -var="k8s_version=${{ matrix.arrays.k8s_version }}"; then - # terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/eks/deployment - # fi - # terraform destroy --auto-approve - - # PerformanceTrackingTest: - # name: "PerformanceTrackingTest" - # needs: [GenerateTestMatrix] - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_performance_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: performance-tracking - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: performance-tracking-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} - - # - name: Verify Terraform version - # if: steps.performance-tracking.outputs.cache-hit != 'true' - # run: terraform --version - - # - name: Terraform apply - # if: steps.performance-tracking.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 1 - # timeout_minutes: 60 - # retry_wait_seconds: 5 - # command: | - # cd terraform/performance - # terraform init - # if terraform apply --auto-approve \ - # -var="ssh_key_value=${PRIVATE_KEY}" \ - # -var="cwa_github_sha=${GITHUB_SHA}" \ - # -var="ami=${{ matrix.arrays.ami }}" \ - # -var="arc=${{ matrix.arrays.arc }}" \ - # -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ - # -var="ssh_key_name=${KEY_NAME}" \ - # -var="values_per_minute=${{ matrix.arrays.values_per_minute}}"\ - # -var="family=${{ matrix.arrays.family}}"\ - # -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: cd terraform/performance && terraform destroy --auto-approve - - # EC2WinPerformanceTest: - # name: "EC2WinPerformanceTest" - # needs: [ GenerateTestMatrix ] - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_windows_performance_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: performance-tracking - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: performance-tracking-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} - - # - name: Verify Terraform version - # if: steps.performance-tracking.outputs.cache-hit != 'true' - # run: terraform --version - - # - name: Terraform apply - # if: steps.performance-tracking.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 1 - # timeout_minutes: 60 - # retry_wait_seconds: 5 - # command: | - # cd terraform/performance - # terraform init - # if terraform apply --auto-approve \ - # -var="ssh_key_value=${PRIVATE_KEY}" \ - # -var="cwa_github_sha=${GITHUB_SHA}" \ - # -var="ami=${{ matrix.arrays.ami }}" \ - # -var="arc=${{ matrix.arrays.arc }}" \ - # -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ - # -var="ssh_key_name=${KEY_NAME}" \ - # -var="values_per_minute=${{ matrix.arrays.values_per_minute}}"\ - # -var="family=${{ matrix.arrays.family}}"\ - # -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: cd terraform/performance && terraform destroy --auto-approve - - # StressTrackingTest: - # name: "StressTrackingTest" - # needs: [GenerateTestMatrix] - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_stress_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: stress-tracking - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: stress-tracking-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} - - # - name: Verify Terraform version - # if: steps.stress-tracking.outputs.cache-hit != 'true' - # run: terraform --version - - # - name: Echo Test Info - # run: echo run on ec2 instance os ${{ matrix.arrays.os }} arc ${{ matrix.arrays.arc }} test dir ${{ matrix.arrays.test_dir }} values per minute ${{ matrix.arrays.values_per_minute }} - - # - name: Terraform apply - # if: steps.stress-tracking.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 1 - # timeout_minutes: 60 - # retry_wait_seconds: 5 - # command: | - # cd terraform/stress - # terraform init - # if terraform apply --auto-approve \ - # -var="ssh_key_value=${PRIVATE_KEY}" \ - # -var="cwa_github_sha=${GITHUB_SHA}" \ - # -var="ami=${{ matrix.arrays.ami }}" \ - # -var="arc=${{ matrix.arrays.arc }}" \ - # -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ - # -var="ssh_key_name=${KEY_NAME}" \ - # -var="values_per_minute=${{ matrix.arrays.values_per_minute}}"\ - # -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: cd terraform/stress && terraform destroy --auto-approve - - # EC2WinStressTrackingTest: - # name: "EC2WinStressTrackingTest" - # needs: [GenerateTestMatrix] - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_windows_stress_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - # - name: Cache if success - # id: ec2-win-stress-tracking-test - # uses: actions/cache@v3 - # with: - # path: go.mod - # key: ec2-win-stress-tracking-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} - - # - name: Verify Terraform version - # if: steps.ec2-win-stress-tracking-test.outputs.cache-hit != 'true' - # run: terraform --version - - # - name: Echo Test Info - # run: echo run on ec2 instance os ${{ matrix.arrays.os }} arc ${{ matrix.arrays.arc }} test dir ${{ matrix.arrays.test_dir }} values per minute ${{ matrix.arrays.values_per_minute }} - - # - name: Terraform apply - # if: steps.ec2-win-stress-tracking-test.outputs.cache-hit != 'true' - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 1 - # timeout_minutes: 60 - # retry_wait_seconds: 5 - # command: | - # cd terraform/stress - # terraform init - # if terraform apply --auto-approve \ - # -var="ssh_key_value=${PRIVATE_KEY}" \ - # -var="cwa_github_sha=${GITHUB_SHA}" \ - # -var="ami=${{ matrix.arrays.ami }}" \ - # -var="arc=${{ matrix.arrays.arc }}" \ - # -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ - # -var="ssh_key_name=${KEY_NAME}" \ - # -var="values_per_minute=${{ matrix.arrays.values_per_minute}}"\ - # -var="family=${{ matrix.arrays.family}}"\ - # -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve - # else - # terraform destroy -auto-approve && exit 1 - # fi - - # - name: Terraform destroy - # if: ${{ cancelled() || failure() }} - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: cd terraform/stress && terraform destroy --auto-approve - - # GPUEndToEndTest: - # name: "GPU E2E Test" - # needs: [ GenerateTestMatrix, OutputEnvVariables ] - # runs-on: ubuntu-latest - # strategy: - # fail-fast: false - # matrix: - # arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.eks_addon_matrix) }} - # permissions: - # id-token: write - # contents: read - # steps: - # - uses: actions/checkout@v3 - # with: - # repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} - # ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} - - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} - # aws-region: us-west-2 - # role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} - - - # - name: Verify Terraform version - # run: terraform --version - - - # - name: Terraform apply and setup - # run: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/eks/addon/gpu - # fi + terraform init + if terraform apply --auto-approve\ + -var="test_dir=${{ matrix.arrays.test_dir }}"\ + -var="cwagent_image_repo=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_INTEGRATION_TEST_REPO }}"\ + -var="cwagent_image_tag=${{ github.sha }}"; then + terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/ecs_fargate/linux + fi + terraform destroy --auto-approve + + EKSIntegrationTest: + name: 'EKSIntegrationTest' + runs-on: ubuntu-latest + needs: [ GenerateTestMatrix ] + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.eks_daemon_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: eks-ec2-integration-test + uses: actions/cache@v3 + with: + path: go.mod + key: ${{ matrix.arrays.terraform_dir }}-${{ matrix.arrays.k8sVersion }}-${{ matrix.arrays.instanceType }}-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.test_dir }} + + - name: Login ECR + id: login-ecr + if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' + uses: aws-actions/amazon-ecr-login@v2 + + - name: Verify Terraform version + if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' + run: terraform --version + + - name: Terraform apply + if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 2 + timeout_minutes: 90 # EKS takes about 20 minutes to spin up a cluster and service on the cluster + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/eks/daemon + fi + + terraform init + if terraform apply --auto-approve \ + -var="test_dir=${{ matrix.arrays.test_dir }}"\ + -var="cwagent_image_repo=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_INTEGRATION_TEST_REPO }}" \ + -var="cwagent_image_tag=${{ github.sha }}" \ + -var="ami_type=${{ matrix.arrays.ami }}" \ + -var="instance_type=${{ matrix.arrays.instanceType }}" \ + -var="k8s_version=${{ matrix.arrays.k8sVersion }}"; then + terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/eks/daemon + fi + terraform destroy --auto-approve + + EKSPrometheusIntegrationTest: + name: 'EKSPrometheusIntegrationTest' + runs-on: ubuntu-latest + needs: [ GenerateTestMatrix ] + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.eks_deployment_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: eks-ec2-integration-test + uses: actions/cache@v3 + with: + path: go.mod + key: eks-ec2-integration-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.test_dir }} + + - name: Login ECR + id: login-ecr + if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' + uses: aws-actions/amazon-ecr-login@v2 + + - name: Verify Terraform version + if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' + run: terraform --version + + - name: Terraform apply + if: steps.eks-ec2-integration-test.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 60 # EKS takes about 20 minutes to spin up a cluster and service on the cluster + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/eks/deployment + fi + + terraform init + if terraform apply --auto-approve \ + -var="test_dir=${{ matrix.arrays.test_dir }}"\ + -var="cwagent_image_repo=${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_INTEGRATION_TEST_REPO }}" \ + -var="cwagent_image_tag=${{ github.sha }}" \ + -var="k8s_version=${{ matrix.arrays.k8s_version }}"; then + terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/eks/deployment + fi + terraform destroy --auto-approve + + PerformanceTrackingTest: + name: "PerformanceTrackingTest" + needs: [GenerateTestMatrix] + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_performance_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: performance-tracking + uses: actions/cache@v3 + with: + path: go.mod + key: performance-tracking-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} + + - name: Verify Terraform version + if: steps.performance-tracking.outputs.cache-hit != 'true' + run: terraform --version + + - name: Terraform apply + if: steps.performance-tracking.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 1 + timeout_minutes: 60 + retry_wait_seconds: 5 + command: | + cd terraform/performance + terraform init + if terraform apply --auto-approve \ + -var="ssh_key_value=${PRIVATE_KEY}" \ + -var="cwa_github_sha=${GITHUB_SHA}" \ + -var="ami=${{ matrix.arrays.ami }}" \ + -var="arc=${{ matrix.arrays.arc }}" \ + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ + -var="ssh_key_name=${KEY_NAME}" \ + -var="values_per_minute=${{ matrix.arrays.values_per_minute}}"\ + -var="family=${{ matrix.arrays.family}}"\ + -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: cd terraform/performance && terraform destroy --auto-approve + + EC2WinPerformanceTest: + name: "EC2WinPerformanceTest" + needs: [ GenerateTestMatrix ] + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_windows_performance_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: performance-tracking + uses: actions/cache@v3 + with: + path: go.mod + key: performance-tracking-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} + + - name: Verify Terraform version + if: steps.performance-tracking.outputs.cache-hit != 'true' + run: terraform --version + + - name: Terraform apply + if: steps.performance-tracking.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 1 + timeout_minutes: 60 + retry_wait_seconds: 5 + command: | + cd terraform/performance + terraform init + if terraform apply --auto-approve \ + -var="ssh_key_value=${PRIVATE_KEY}" \ + -var="cwa_github_sha=${GITHUB_SHA}" \ + -var="ami=${{ matrix.arrays.ami }}" \ + -var="arc=${{ matrix.arrays.arc }}" \ + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ + -var="ssh_key_name=${KEY_NAME}" \ + -var="values_per_minute=${{ matrix.arrays.values_per_minute}}"\ + -var="family=${{ matrix.arrays.family}}"\ + -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: cd terraform/performance && terraform destroy --auto-approve + + StressTrackingTest: + name: "StressTrackingTest" + needs: [GenerateTestMatrix] + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_stress_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: stress-tracking + uses: actions/cache@v3 + with: + path: go.mod + key: stress-tracking-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} + + - name: Verify Terraform version + if: steps.stress-tracking.outputs.cache-hit != 'true' + run: terraform --version + + - name: Echo Test Info + run: echo run on ec2 instance os ${{ matrix.arrays.os }} arc ${{ matrix.arrays.arc }} test dir ${{ matrix.arrays.test_dir }} values per minute ${{ matrix.arrays.values_per_minute }} + + - name: Terraform apply + if: steps.stress-tracking.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 1 + timeout_minutes: 60 + retry_wait_seconds: 5 + command: | + cd terraform/stress + terraform init + if terraform apply --auto-approve \ + -var="ssh_key_value=${PRIVATE_KEY}" \ + -var="cwa_github_sha=${GITHUB_SHA}" \ + -var="ami=${{ matrix.arrays.ami }}" \ + -var="arc=${{ matrix.arrays.arc }}" \ + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ + -var="ssh_key_name=${KEY_NAME}" \ + -var="values_per_minute=${{ matrix.arrays.values_per_minute}}"\ + -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: cd terraform/stress && terraform destroy --auto-approve + + EC2WinStressTrackingTest: + name: "EC2WinStressTrackingTest" + needs: [GenerateTestMatrix] + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.ec2_windows_stress_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + - name: Cache if success + id: ec2-win-stress-tracking-test + uses: actions/cache@v3 + with: + path: go.mod + key: ec2-win-stress-tracking-test-${{ github.sha }}-${{ matrix.arrays.os }}-${{ matrix.arrays.arc }}-${{ matrix.arrays.test_dir }} + + - name: Verify Terraform version + if: steps.ec2-win-stress-tracking-test.outputs.cache-hit != 'true' + run: terraform --version + + - name: Echo Test Info + run: echo run on ec2 instance os ${{ matrix.arrays.os }} arc ${{ matrix.arrays.arc }} test dir ${{ matrix.arrays.test_dir }} values per minute ${{ matrix.arrays.values_per_minute }} + + - name: Terraform apply + if: steps.ec2-win-stress-tracking-test.outputs.cache-hit != 'true' + uses: nick-fields/retry@v2 + with: + max_attempts: 1 + timeout_minutes: 60 + retry_wait_seconds: 5 + command: | + cd terraform/stress + terraform init + if terraform apply --auto-approve \ + -var="ssh_key_value=${PRIVATE_KEY}" \ + -var="cwa_github_sha=${GITHUB_SHA}" \ + -var="ami=${{ matrix.arrays.ami }}" \ + -var="arc=${{ matrix.arrays.arc }}" \ + -var="s3_bucket=${S3_INTEGRATION_BUCKET}" \ + -var="ssh_key_name=${KEY_NAME}" \ + -var="values_per_minute=${{ matrix.arrays.values_per_minute}}"\ + -var="family=${{ matrix.arrays.family}}"\ + -var="test_dir=${{ matrix.arrays.test_dir }}" ; then terraform destroy -auto-approve + else + terraform destroy -auto-approve && exit 1 + fi + + - name: Terraform destroy + if: ${{ cancelled() || failure() }} + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: cd terraform/stress && terraform destroy --auto-approve + + GPUEndToEndTest: + name: "GPU E2E Test" + needs: [ GenerateTestMatrix, OutputEnvVariables ] + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + arrays: ${{ fromJson(needs.GenerateTestMatrix.outputs.eks_addon_matrix) }} + permissions: + id-token: write + contents: read + steps: + - uses: actions/checkout@v3 + with: + repository: ${{env.CWA_GITHUB_TEST_REPO_NAME}} + ref: ${{env.CWA_GITHUB_TEST_REPO_BRANCH}} + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} + aws-region: us-west-2 + role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }} + + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + + + - name: Verify Terraform version + run: terraform --version + + + - name: Terraform apply and setup + run: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/eks/addon/gpu + fi - # terraform init - # if terraform apply --auto-approve \ - # -var="beta=true" \ - # -var="ami_type=${{ matrix.arrays.ami }}" \ - # -var="instance_type=${{ matrix.arrays.instanceType }}" \ - # -var="k8s_version=${{ matrix.arrays.k8sVersion }}"; then - # echo "Terraform apply successful." + terraform init + if terraform apply --auto-approve \ + -var="beta=true" \ + -var="ami_type=${{ matrix.arrays.ami }}" \ + -var="instance_type=${{ matrix.arrays.instanceType }}" \ + -var="k8s_version=${{ matrix.arrays.k8sVersion }}"; then + echo "Terraform apply successful." - # # Capture the output - # echo "Getting EKS cluster name" - # EKS_CLUSTER_NAME=$(terraform output -raw eks_cluster_name) - # echo "Cluster name is ${EKS_CLUSTER_NAME}" - # kubectl create -f https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/v0.17.0/deployments/static/nvidia-device-plugin.yml - # kubectl patch amazoncloudwatchagents -n amazon-cloudwatch cloudwatch-agent --type='json' -p='[{"op": "replace", "path": "/spec/image", "value": ${{ secrets.AWS_ECR_PRIVATE_REGISTRY }}/${{ env.ECR_INTEGRATION_TEST_REPO }}:${{ github.sha }}}]' - # kubectl rollout status daemonset nvidia-device-plugin-daemonset -n kube-system --timeout 10s - # kubectl apply -f ./gpuBurner.yaml - # else - # terraform destroy -var="beta=${{ github.event.inputs.run_in_beta }}" -auto-approve && exit 1 - # fi - - # - name: Run Go tests with retry - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 5 - # timeout_minutes: 60 - # retry_wait_seconds: 30 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/eks/addon/gpu - # fi - # echo "Getting EKS cluster name" - # EKS_CLUSTER_NAME=$(terraform output -raw eks_cluster_name) - # echo "Cluster name is ${EKS_CLUSTER_NAME}" - - # if go test ${{ matrix.arrays.test_dir }} -eksClusterName ${EKS_CLUSTER_NAME} -computeType=EKS -v -eksDeploymentStrategy=DAEMON -eksGpuType=nvidia -useE2EMetrics; then - # echo "Tests passed" - # else - # echo "Tests failed" - # exit 1 - # fi - - # - name: Terraform destroy - # if: always() - # uses: nick-fields/retry@v2 - # with: - # max_attempts: 3 - # timeout_minutes: 8 - # retry_wait_seconds: 5 - # command: | - # if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then - # cd "${{ matrix.arrays.terraform_dir }}" - # else - # cd terraform/eks/addon/gpu - # fi - # terraform destroy -var="beta=${{ github.event.inputs.run_in_beta }}" -auto-approve + # Capture the output + echo "Getting EKS cluster name" + EKS_CLUSTER_NAME=$(terraform output -raw eks_cluster_name) + echo "Cluster name is ${EKS_CLUSTER_NAME}" + kubectl create -f https://raw.githubusercontent.com/NVIDIA/k8s-device-plugin/v0.17.0/deployments/static/nvidia-device-plugin.yml + kubectl patch amazoncloudwatchagents -n amazon-cloudwatch cloudwatch-agent --type='json' -p='[{"op": "replace", "path": "/spec/image", "value": ${{ secrets.AWS_ECR_PRIVATE_REGISTRY }}/${{ env.ECR_INTEGRATION_TEST_REPO }}:${{ github.sha }}}]' + kubectl rollout status daemonset nvidia-device-plugin-daemonset -n kube-system --timeout 10s + kubectl apply -f ./gpuBurner.yaml + else + terraform destroy -var="beta=${{ github.event.inputs.run_in_beta }}" -auto-approve && exit 1 + fi + + - name: Run Go tests with retry + uses: nick-fields/retry@v2 + with: + max_attempts: 5 + timeout_minutes: 60 + retry_wait_seconds: 30 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/eks/addon/gpu + fi + echo "Getting EKS cluster name" + EKS_CLUSTER_NAME=$(terraform output -raw eks_cluster_name) + echo "Cluster name is ${EKS_CLUSTER_NAME}" + + if go test ${{ matrix.arrays.test_dir }} -eksClusterName ${EKS_CLUSTER_NAME} -computeType=EKS -v -eksDeploymentStrategy=DAEMON -eksGpuType=nvidia -useE2EMetrics; then + echo "Tests passed" + else + echo "Tests failed" + exit 1 + fi + + - name: Terraform destroy + if: always() + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 8 + retry_wait_seconds: 5 + command: | + if [ "${{ matrix.arrays.terraform_dir }}" != "" ]; then + cd "${{ matrix.arrays.terraform_dir }}" + else + cd terraform/eks/addon/gpu + fi + terraform destroy -var="beta=${{ github.event.inputs.run_in_beta }}" -auto-approve diff --git a/.github/workflows/soak-test.yml b/.github/workflows/soak-test.yml index abb9529cdc..5e43f1b9b7 100644 --- a/.github/workflows/soak-test.yml +++ b/.github/workflows/soak-test.yml @@ -78,7 +78,12 @@ jobs: with: role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE }} aws-region: us-west-2 - + - name: Add Runner to Security Group + uses: twosense/add-ip-to-ec2-security-group@v1.2 + with: + security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + # @TODO we can add a matrix in the future but for for now, we will only deploy to AL2. - name: Terraform apply uses: nick-fields/retry@v2 diff --git a/.github/workflows/start-localstack.yml b/.github/workflows/start-localstack.yml index 714db0431d..6b05ea93ad 100644 --- a/.github/workflows/start-localstack.yml +++ b/.github/workflows/start-localstack.yml @@ -28,9 +28,6 @@ on: type: string s3_integration_bucket: type: string - connection_port: - type: string - required: true outputs: local_stack_host_name: value: ${{ jobs.StartLocalStack.outputs.local_stack_host_name }} @@ -65,7 +62,8 @@ jobs: uses: twosense/add-ip-to-ec2-security-group@v1.2 with: security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} - port: ${{ inputs.connection_port }} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + - name: Echo Localstack Config run: echo repo name ${{inputs.test_repo_name}} repo branch ${{ inputs.test_repo_branch }} region ${{ inputs.region }} diff --git a/.github/workflows/stop-localstack.yml b/.github/workflows/stop-localstack.yml index f561832b4d..a2c62ac36d 100644 --- a/.github/workflows/stop-localstack.yml +++ b/.github/workflows/stop-localstack.yml @@ -25,9 +25,6 @@ on: type: string s3_integration_bucket: type: string - connection_port: - type: string - required: true jobs: StopLocalStack: @@ -57,7 +54,8 @@ jobs: uses: twosense/add-ip-to-ec2-security-group@v1.2 with: security-group-id: ${{ secrets.AWS_TERRAFORM_SECURITY_GROUP_ID}} - port: ${{ inputs.connection_port }} + port: ${{ runner.os == 'Windows' && vars.WIN_CONNECTION_PORT || vars.LINUX_CONNECTION_PORT }} + - name: Copy state run: aws s3 cp s3://${{inputs.s3_integration_bucket}}/integration-test/local-stack-terraform-state/${{inputs.github_sha}}/terraform.tfstate .