From 911751d0c1d22d1ebeb94a95a91720b44820fd33 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 8 Oct 2017 13:15:06 +0000 Subject: [PATCH 01/14] Remove docs-only support in CI - docs moved to Netlify --- bin/circle-dependencies-post | 22 ++++++++----------- bin/circle-dependencies-post-sources | 33 ++-------------------------- bin/circle-deploy-master | 14 +++++------- bin/circle-teardown-pre | 12 ++++------ bin/circle-test-pre | 27 ++++++++++------------- bin/circle-test-smoke | 27 ++++++++++------------- bin/circle-test-teardown | 8 ++----- bin/circle-test-unit | 10 +++------ bin/provision_test_vms.sh | 30 +++++++++++-------------- 9 files changed, 62 insertions(+), 121 deletions(-) diff --git a/bin/circle-dependencies-post b/bin/circle-dependencies-post index 1b705fc638..e196ca3f41 100755 --- a/bin/circle-dependencies-post +++ b/bin/circle-dependencies-post @@ -2,16 +2,12 @@ set -e -source "$STATE" - -if [ -n "$TEST_AND_PUBLISH" ]; then - cd "$SRCDIR" - git submodule update --init - cd "$SRCDIR/build" - ../tools/rebuild-image weaveworks/weavebuild . Dockerfile build.sh - touch "$SRCDIR/.build.uptodate" - sudo chown -R ubuntu /usr/local/go - cd "$SRCDIR" - make testrunner - make COVERAGE=true RM= exes all -fi +cd "$SRCDIR" +git submodule update --init +cd "$SRCDIR/build" +../tools/rebuild-image weaveworks/weavebuild . Dockerfile build.sh +touch "$SRCDIR/.build.uptodate" +sudo chown -R ubuntu /usr/local/go +cd "$SRCDIR" +make testrunner +make COVERAGE=true RM= exes all diff --git a/bin/circle-dependencies-post-sources b/bin/circle-dependencies-post-sources index f6875ced92..8723f11640 100755 --- a/bin/circle-dependencies-post-sources +++ b/bin/circle-dependencies-post-sources @@ -2,35 +2,6 @@ set -e -echo "TEST_AND_PUBLISH=1" >"$STATE" - -# Avoid doing a full build if we can. Note if the PR doesn't exist -# when the build is kicked off, we can't run this check so we do a -# full build. Subsequent pushes to the same branch will have the desired behaviour -if [ -n "$CI_PULL_REQUEST" -a "$CI_PULL_REQUEST" = "$CI_PULL_REQUESTS" ]; then - if PR=$(echo "$CI_PULL_REQUEST" | grep -oP '(?<=^https://github.com/weaveworks/weave/pull/)[0-9]+$'); then - echo "GH_PR=$PR" >>"$STATE" - if FILES=$(curl -s "https://api.github.com/repos/weaveworks/weave/pulls/$PR/files" | jq -r '.[]|.filename'); then - echo "PR touches [$FILES]" - if ! echo "$FILES" | grep -v ^site/; then - echo "PR contains site changes only - skipping tests" - echo "TEST_AND_PUBLISH=" >>"$STATE" - else - echo "PR contains non-site changes - running tests" - fi - else - echo "Unable to get files for PR $PR" >&2 - fi - else - echo "Unable to extract PR number from $CI_PULL_REQUEST" >&2 - fi -fi - -source "$STATE" - mkdir -p "$(dirname "$SRCDIR")" && cp -r "$(pwd)/" "$SRCDIR" - -if [ -n "$TEST_AND_PUBLISH" ]; then - cd "$SRCDIR" - git submodule update --init -fi +cd "$SRCDIR" +git submodule update --init diff --git a/bin/circle-deploy-master b/bin/circle-deploy-master index 4c0efb5678..b969bde3d2 100755 --- a/bin/circle-deploy-master +++ b/bin/circle-deploy-master @@ -2,12 +2,8 @@ set -e -source "$STATE" - -if [ -n "$TEST_AND_PUBLISH" ] ; then - docker login -e $DOCKER_EMAIL -u $DOCKER_USER -p $DOCKER_PASS - cd $SRCDIR - make clean-bin - # CircleCI doesn't let us install the qemu module to do ARM docker builds - make publish ALL_ARCHITECTURES=amd64 UPDATE_LATEST=latest-only -fi +docker login -e $DOCKER_EMAIL -u $DOCKER_USER -p $DOCKER_PASS +cd $SRCDIR +make clean-bin +# CircleCI doesn't let us install the qemu module to do ARM docker builds +make publish ALL_ARCHITECTURES=amd64 UPDATE_LATEST=latest-only diff --git a/bin/circle-teardown-pre b/bin/circle-teardown-pre index d11b1111f4..d4ac8e3cda 100755 --- a/bin/circle-teardown-pre +++ b/bin/circle-teardown-pre @@ -2,12 +2,8 @@ set -e -source "$STATE" - -if [ -n "$TEST_AND_PUBLISH" ] ; then - if [ "$CIRCLE_NODE_INDEX" = "0" ] ; then - go get github.com/mattn/goveralls - goveralls -repotoken $COVERALLS_REPO_TOKEN -coverprofile=$SRCDIR/test/profile.cov -service=circleci - cd $SRCDIR/test; cp coverage.* $CIRCLE_ARTIFACTS - fi +if [ "$CIRCLE_NODE_INDEX" = "0" ] ; then + go get github.com/mattn/goveralls + goveralls -repotoken $COVERALLS_REPO_TOKEN -coverprofile=$SRCDIR/test/profile.cov -service=circleci + cd $SRCDIR/test; cp coverage.* $CIRCLE_ARTIFACTS fi diff --git a/bin/circle-test-pre b/bin/circle-test-pre index 67254cf927..1fa0dc49d2 100755 --- a/bin/circle-test-pre +++ b/bin/circle-test-pre @@ -9,22 +9,19 @@ function signal_failure() { } trap signal_failure ERR -source "$STATE" source "$(dirname "$0")/wait_for.sh" -if [ -n "$TEST_AND_PUBLISH" ]; then - [ -n "$SECRET_KEY" ] || { - echo "Cannot run smoke tests: no secret key" - exit 1 - } +[ -n "$SECRET_KEY" ] || { + echo "Cannot run smoke tests: no secret key" + exit 1 +} - # Provisioning from image typically take 90 seconds, - # but if we are creating a GCP image, it can take more than 10 minutes: - wait_for 900 "$TEST_VMS_PROV_AND_CONF_LOCK_FILE" +# Provisioning from image typically take 90 seconds, +# but if we are creating a GCP image, it can take more than 10 minutes: +wait_for 900 "$TEST_VMS_PROV_AND_CONF_LOCK_FILE" - # Upload built binaries to testing VMs: - cd "$SRCDIR/test" # Ensures we generate Terraform state files in the right folder, for later use by integration tests. - ./run-integration-tests.sh setup >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 - echo "OK" >"$TEST_VMS_READY_LOCK_FILE" - echo "Test VMs now ready. $(date)." >>"$TEST_VMS_SETUP_OUTPUT_FILE" -fi +# Upload built binaries to testing VMs: +cd "$SRCDIR/test" # Ensures we generate Terraform state files in the right folder, for later use by integration tests. +./run-integration-tests.sh setup >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 +echo "OK" >"$TEST_VMS_READY_LOCK_FILE" +echo "Test VMs now ready. $(date)." >>"$TEST_VMS_SETUP_OUTPUT_FILE" diff --git a/bin/circle-test-smoke b/bin/circle-test-smoke index 250841ebe7..8f2cf5f3bc 100755 --- a/bin/circle-test-smoke +++ b/bin/circle-test-smoke @@ -2,22 +2,19 @@ set -e -source "$STATE" source "$(dirname "$0")/wait_for.sh" -if [ -n "$TEST_AND_PUBLISH" ]; then - [ -n "$SECRET_KEY" ] || { - echo "Cannot run smoke tests: no secret key" - exit 1 - } +[ -n "$SECRET_KEY" ] || { + echo "Cannot run smoke tests: no secret key" + exit 1 +} - # Provisioning from image typically take 90 seconds, - # but if we are creating a GCP image, it can take more than 10 minutes: - wait_for 900 "$TEST_VMS_READY_LOCK_FILE" +# Provisioning from image typically take 90 seconds, +# but if we are creating a GCP image, it can take more than 10 minutes: +wait_for 900 "$TEST_VMS_READY_LOCK_FILE" - # Run integration tests: - export COVERAGE=true - export WEAVE_NET_SANITY_CHECKS_FILES="$CIRCLE_ARTIFACTS/weave_net_sanity_check_*.log" - cd "$SRCDIR/test" # Ensures we generate code coverage files in the right folder, and use the Terraform state of previously provisionned VMs. - ./run-integration-tests.sh test -fi +# Run integration tests: +export COVERAGE=true +export WEAVE_NET_SANITY_CHECKS_FILES="$CIRCLE_ARTIFACTS/weave_net_sanity_check_*.log" +cd "$SRCDIR/test" # Ensures we generate code coverage files in the right folder, and use the Terraform state of previously provisionned VMs. +./run-integration-tests.sh test diff --git a/bin/circle-test-teardown b/bin/circle-test-teardown index c2e6ae25fa..d998a3c737 100755 --- a/bin/circle-test-teardown +++ b/bin/circle-test-teardown @@ -2,9 +2,5 @@ set -e -source "$STATE" - -if [ -n "$TEST_AND_PUBLISH" ] ; then - cd $SRCDIR/test - test "$CIRCLE_NODE_INDEX" != "0" || (cd $SRCDIR/test; ./gen_coverage_reports.sh) -fi +cd $SRCDIR/test +test "$CIRCLE_NODE_INDEX" != "0" || (cd $SRCDIR/test; ./gen_coverage_reports.sh) diff --git a/bin/circle-test-unit b/bin/circle-test-unit index b9ac9a5dc1..f6a0433b19 100755 --- a/bin/circle-test-unit +++ b/bin/circle-test-unit @@ -2,10 +2,6 @@ set -e -source "$STATE" - -if [ -n "$TEST_AND_PUBLISH" ] ; then - cd $SRCDIR - make DEBUG=1 lint - COVERDIR=test/coverage make RM= tests -fi +cd $SRCDIR +make DEBUG=1 lint +COVERDIR=test/coverage make RM= tests diff --git a/bin/provision_test_vms.sh b/bin/provision_test_vms.sh index b5641cf629..70978f1413 100755 --- a/bin/provision_test_vms.sh +++ b/bin/provision_test_vms.sh @@ -9,8 +9,6 @@ function signal_failure() { } trap signal_failure ERR -source "$STATE" - function install_terraform() { curl -fsS https://releases.hashicorp.com/terraform/0.8.5/terraform_0.8.5_linux_amd64.zip | gunzip >terraform && chmod +x terraform && sudo mv terraform /usr/bin } @@ -23,21 +21,19 @@ function install_ansible() { export PATH="$PATH:$HOME/.local/bin" } -if [ -n "$TEST_AND_PUBLISH" ]; then - [ -n "$SECRET_KEY" ] || { - echo "Cannot run smoke tests: no secret key" - exit 1 - } +[ -n "$SECRET_KEY" ] || { + echo "Cannot run smoke tests: no secret key" + exit 1 +} - install_terraform >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 - install_ansible >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 +install_terraform >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 +install_ansible >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 - # Only attempt to create GCP image in first container, wait for it to be created otherwise: - [ "$CIRCLE_NODE_INDEX" != "0" ] && export CREATE_IMAGE=0 +# Only attempt to create GCP image in first container, wait for it to be created otherwise: +[ "$CIRCLE_NODE_INDEX" != "0" ] && export CREATE_IMAGE=0 - # Provision and configure testing VMs: - cd "$SRCDIR/test" # Ensures we generate Terraform state files in the right folder, for later use by integration tests. - ./run-integration-tests.sh configure >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 - echo "OK" >"$TEST_VMS_PROV_AND_CONF_LOCK_FILE" - echo "Test VMs now provisioned and configured. $(date)." >>"$TEST_VMS_SETUP_OUTPUT_FILE" -fi +# Provision and configure testing VMs: +cd "$SRCDIR/test" # Ensures we generate Terraform state files in the right folder, for later use by integration tests. +./run-integration-tests.sh configure >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 +echo "OK" >"$TEST_VMS_PROV_AND_CONF_LOCK_FILE" +echo "Test VMs now provisioned and configured. $(date)." >>"$TEST_VMS_SETUP_OUTPUT_FILE" From 3699f89b984acaf275914decc576d90122909ba7 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 29 Jul 2018 15:42:28 +0000 Subject: [PATCH 02/14] Add docker command to build container --- build/Dockerfile | 3 +++ 1 file changed, 3 insertions(+) diff --git a/build/Dockerfile b/build/Dockerfile index 67e9c33911..b4789066eb 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -86,5 +86,8 @@ RUN curl -sSL http://www.tcpdump.org/release/libpcap-${LIBPCAP_CROSS_VERSION}.ta && ln -sf libpcap.so.${MAJOR_VER} /usr/local/lib/libpcap.so \ && make clean; done +# Install Docker +RUN curl -fsSL get.docker.com | VERSION=18.06.0-ce /bin/sh + COPY build.sh / ENTRYPOINT ["sh", "/build.sh"] From 76ee9874d6dc928550eb95f4efc2af42db9c48f4 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 29 Jul 2018 16:16:52 +0000 Subject: [PATCH 03/14] Add coverage commands to build image --- build/Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build/Dockerfile b/build/Dockerfile index b4789066eb..163881843b 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -50,6 +50,8 @@ RUN curl -fsSLo shfmt https://github.com/mvdan/sh/releases/download/v1.3.0/shfmt # Install common Go tools RUN go get \ + github.com/weaveworks/build-tools/cover \ + github.com/mattn/goveralls \ github.com/golang/lint/golint \ github.com/fzipp/gocyclo \ github.com/fatih/hclfmt \ From 0164d245832399c369eeac82c5549e1bc5eed6d7 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 29 Jul 2018 15:45:13 +0000 Subject: [PATCH 04/14] Tag build image with current git commit --- Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 770ba4d186..6351d35977 100644 --- a/Makefile +++ b/Makefile @@ -246,6 +246,7 @@ endif # It also makes sure the multiarch hooks are reqistered in the kernel so the QEMU emulation works $(BUILD_UPTODATE): build/* $(SUDO) docker build -t $(BUILD_IMAGE) build/ + $(SUDO) docker tag $(BUILD_IMAGE) $(BUILD_IMAGE):$(shell tools/image-tag) $(SUDO) docker run --rm --privileged multiarch/qemu-user-static:register --reset touch $@ From fc77e33d1d2c5b406d986f12f8e7f64e739ec85d Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 8 Oct 2017 13:07:15 +0000 Subject: [PATCH 05/14] Move circleci config to 2.0 location --- circle.yml => .circleci/config.yml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename circle.yml => .circleci/config.yml (100%) diff --git a/circle.yml b/.circleci/config.yml similarity index 100% rename from circle.yml rename to .circleci/config.yml From 8620d0ae4fd394c1906e8620fd9335fcf7d0c2d6 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 8 Oct 2017 13:07:33 +0000 Subject: [PATCH 06/14] Change CircleCI config to 2.0 version Environment variables are moved out to a script, because CircleCI 2.0 does not support expansion of '$foo' in 'env' section. --- .circleci/config.yml | 117 +++++++++++++++++--------------------- bin/circle-destroy-vms | 7 +++ bin/circle-env | 12 ++++ bin/circle-test-pre | 2 + bin/circle-test-smoke | 2 + bin/provision_test_vms.sh | 3 +- 6 files changed, 76 insertions(+), 67 deletions(-) create mode 100755 bin/circle-destroy-vms create mode 100644 bin/circle-env diff --git a/.circleci/config.yml b/.circleci/config.yml index e1cd09834b..2e687623be 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,66 +1,51 @@ -general: - branches: - ignore: - - gh\-pages - -machine: - pre: - - curl -sSL https://s3.amazonaws.com/circle-downloads/install-circleci-docker.sh | bash -s -- 1.10.0 - services: - - docker - environment: - GOPATH: /home/ubuntu:$GOPATH - SRCDIR: /home/ubuntu/src/github.com/weaveworks/weave - PATH: $PATH:$HOME/.local/bin:/opt/google-cloud-sdk/bin - CLOUDSDK_CORE_DISABLE_PROMPTS: 1 - STATE: /home/ubuntu/state.env - # Base name of VMs for integration tests: - NAME: test-$CIRCLE_BUILD_NUM-$CIRCLE_NODE_INDEX - TEST_VMS_SETUP_OUTPUT_FILE: $CIRCLE_ARTIFACTS/test_vms_setup_output.txt - TEST_VMS_PROV_AND_CONF_LOCK_FILE: $CIRCLE_ARTIFACTS/test_vms_provisioned_and_configured.txt - TEST_VMS_READY_LOCK_FILE: $CIRCLE_ARTIFACTS/test_vms_ready.txt - # Google Cloud Platorm images for integration tests: - USE_IMAGE: 1 - DISK_NAME_PREFIX: test-$CIRCLE_BUILD_NUM-0 - -dependencies: - cache_directories: - - "~/docker" - post: - - bin/circle-dependencies-post-sources - # Provision & configure testing VMs: - - "while [ ! -d $SRCDIR ]; do sleep 1; done; $SRCDIR/bin/provision_test_vms.sh": - parallel: true - background: true - - bin/circle-dependencies-post - -test: - pre: - - "$SRCDIR/bin/circle-test-pre": - parallel: true - background: true - override: - - "$SRCDIR/bin/circle-test-unit": - parallel: true - - "$SRCDIR/bin/circle-test-smoke": - parallel: true - timeout: 360 - post: - - "$SRCDIR/bin/circle-test-teardown": - parallel: true - -teardown: - pre: - # Destroy testing VMs: - - "cd $SRCDIR/test && ./run-integration-tests.sh destroy": - parallel: true - background: true - - "$SRCDIR/bin/circle-teardown-pre": - parallel: true - -deployment: - master: - branch: master - owner: weaveworks - commands: - - "$SRCDIR/bin/circle-deploy-master" +version: 2 +jobs: + build: + machine: + image: circleci/classic:201709-01 + environment: + GOPATH: /home/circleci + SRCDIR: /home/circleci/src/github.com/weaveworks/weave + CIRCLE_ARTIFACTS: /tmp/artifacts + parallelism: 2 + steps: + - checkout + - run: mkdir $CIRCLE_ARTIFACTS + # copy source dir and submodule update --init + - run: bin/circle-dependencies-post-sources + - restore_cache: + key: v1-cache-{{ checksum "build/Dockerfile" }}-{{ checksum "build/build.sh" }} + # kick off creation of test VMs + - run: + command: bin/provision_test_vms.sh + background: true + # create build image and make all + - run: bin/circle-dependencies-post + - save_cache: + key: v1-cache-{{ checksum "build/Dockerfile" }}-{{ checksum "build/build.sh" }} + paths: + - "~/docker" + # when VMs are ready, copy built software to them + - run: + command: bin/circle-test-pre + background: true + - run: bin/circle-test-unit + - run: + command: bin/circle-test-smoke + no_output_timeout: 360s + # Generate code coverage reports + - run: bin/circle-test-teardown + # Destroy testing VMs: + - run: + command: bin/circle-destroy-vms + background: true + # run goveralls; copy coverage reports to artifacts dir + - deploy: + command: $SRCDIR/bin/circle-teardown-pre + - store_artifacts: + path: /tmp/artifacts + - deploy: + command: | + if [ "${CIRCLE_BRANCH}" == "master" ]; then + bin/circle-deploy-master + fi diff --git a/bin/circle-destroy-vms b/bin/circle-destroy-vms new file mode 100755 index 0000000000..853d3c38c6 --- /dev/null +++ b/bin/circle-destroy-vms @@ -0,0 +1,7 @@ +#!/bin/bash + +set -e + +source "$SRCDIR/bin/circle-env" +cd "$SRCDIR/test" +./run-integration-tests.sh destroy diff --git a/bin/circle-env b/bin/circle-env new file mode 100644 index 0000000000..d7b95b5e16 --- /dev/null +++ b/bin/circle-env @@ -0,0 +1,12 @@ +# Set environment variables here because CircleCI can't expand $FOO in 'env' section + +export PATH="$PATH:$HOME/.local/bin:/opt/google-cloud-sdk/bin" +export CLOUDSDK_CORE_DISABLE_PROMPTS=1 +# Base name of VMs for integration tests: +export NAME=test-$CIRCLE_BUILD_NUM-$CIRCLE_NODE_INDEX +export TEST_VMS_SETUP_OUTPUT_FILE=$CIRCLE_ARTIFACTS/test_vms_setup_output.txt +export TEST_VMS_PROV_AND_CONF_LOCK_FILE=$CIRCLE_ARTIFACTS/test_vms_provisioned_and_configured.txt +export TEST_VMS_READY_LOCK_FILE=$CIRCLE_ARTIFACTS/test_vms_ready.txt +# Google Cloud Platorm images for integration tests: +export USE_IMAGE=1 +export DISK_NAME_PREFIX=test-$CIRCLE_BUILD_NUM-0 diff --git a/bin/circle-test-pre b/bin/circle-test-pre index 1fa0dc49d2..e3ae764953 100755 --- a/bin/circle-test-pre +++ b/bin/circle-test-pre @@ -16,6 +16,8 @@ source "$(dirname "$0")/wait_for.sh" exit 1 } +source "$SRCDIR/bin/circle-env" + # Provisioning from image typically take 90 seconds, # but if we are creating a GCP image, it can take more than 10 minutes: wait_for 900 "$TEST_VMS_PROV_AND_CONF_LOCK_FILE" diff --git a/bin/circle-test-smoke b/bin/circle-test-smoke index 8f2cf5f3bc..d14cce51ac 100755 --- a/bin/circle-test-smoke +++ b/bin/circle-test-smoke @@ -9,6 +9,8 @@ source "$(dirname "$0")/wait_for.sh" exit 1 } +source "$SRCDIR/bin/circle-env" + # Provisioning from image typically take 90 seconds, # but if we are creating a GCP image, it can take more than 10 minutes: wait_for 900 "$TEST_VMS_READY_LOCK_FILE" diff --git a/bin/provision_test_vms.sh b/bin/provision_test_vms.sh index 70978f1413..2c0c37554e 100755 --- a/bin/provision_test_vms.sh +++ b/bin/provision_test_vms.sh @@ -18,7 +18,6 @@ function install_ansible() { sudo apt-get install -qq -y python-pip python-dev libffi-dev libssl-dev \ && pip install --user -U setuptools cffi \ && pip install --user ansible - export PATH="$PATH:$HOME/.local/bin" } [ -n "$SECRET_KEY" ] || { @@ -26,6 +25,8 @@ function install_ansible() { exit 1 } +source "$SRCDIR/bin/circle-env" + install_terraform >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 install_ansible >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 From 6337972c8aa763e1990972eab89590e3f3cebf47 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 8 Oct 2017 21:05:29 +0000 Subject: [PATCH 07/14] Don't need to pipe background commands to file in Circle 2.0 --- bin/circle-env | 1 - bin/circle-test-pre | 4 ++-- bin/provision_test_vms.sh | 8 ++++---- bin/wait_for.sh | 2 +- 4 files changed, 7 insertions(+), 8 deletions(-) diff --git a/bin/circle-env b/bin/circle-env index d7b95b5e16..aa716bc092 100644 --- a/bin/circle-env +++ b/bin/circle-env @@ -4,7 +4,6 @@ export PATH="$PATH:$HOME/.local/bin:/opt/google-cloud-sdk/bin" export CLOUDSDK_CORE_DISABLE_PROMPTS=1 # Base name of VMs for integration tests: export NAME=test-$CIRCLE_BUILD_NUM-$CIRCLE_NODE_INDEX -export TEST_VMS_SETUP_OUTPUT_FILE=$CIRCLE_ARTIFACTS/test_vms_setup_output.txt export TEST_VMS_PROV_AND_CONF_LOCK_FILE=$CIRCLE_ARTIFACTS/test_vms_provisioned_and_configured.txt export TEST_VMS_READY_LOCK_FILE=$CIRCLE_ARTIFACTS/test_vms_ready.txt # Google Cloud Platorm images for integration tests: diff --git a/bin/circle-test-pre b/bin/circle-test-pre index e3ae764953..040f85662e 100755 --- a/bin/circle-test-pre +++ b/bin/circle-test-pre @@ -24,6 +24,6 @@ wait_for 900 "$TEST_VMS_PROV_AND_CONF_LOCK_FILE" # Upload built binaries to testing VMs: cd "$SRCDIR/test" # Ensures we generate Terraform state files in the right folder, for later use by integration tests. -./run-integration-tests.sh setup >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 +./run-integration-tests.sh setup echo "OK" >"$TEST_VMS_READY_LOCK_FILE" -echo "Test VMs now ready. $(date)." >>"$TEST_VMS_SETUP_OUTPUT_FILE" +echo "Test VMs now ready. $(date)." diff --git a/bin/provision_test_vms.sh b/bin/provision_test_vms.sh index 2c0c37554e..b42a32cdc3 100755 --- a/bin/provision_test_vms.sh +++ b/bin/provision_test_vms.sh @@ -27,14 +27,14 @@ function install_ansible() { source "$SRCDIR/bin/circle-env" -install_terraform >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 -install_ansible >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 +install_terraform +install_ansible # Only attempt to create GCP image in first container, wait for it to be created otherwise: [ "$CIRCLE_NODE_INDEX" != "0" ] && export CREATE_IMAGE=0 # Provision and configure testing VMs: cd "$SRCDIR/test" # Ensures we generate Terraform state files in the right folder, for later use by integration tests. -./run-integration-tests.sh configure >>"$TEST_VMS_SETUP_OUTPUT_FILE" 2>&1 +./run-integration-tests.sh configure echo "OK" >"$TEST_VMS_PROV_AND_CONF_LOCK_FILE" -echo "Test VMs now provisioned and configured. $(date)." >>"$TEST_VMS_SETUP_OUTPUT_FILE" +echo "Test VMs now provisioned and configured. $(date)." diff --git a/bin/wait_for.sh b/bin/wait_for.sh index d9148cb194..39bb669bbf 100755 --- a/bin/wait_for.sh +++ b/bin/wait_for.sh @@ -16,6 +16,6 @@ wait_for() { if ! ((i % 10)); then echo "[$i seconds]: Waiting for $lock_file to be created..."; fi sleep 1 done - echo "Timed out waiting for test VMs to be ready. See details in: $TEST_VMS_SETUP_OUTPUT_FILE" >&2 + echo "Timed out waiting for test VMs to be ready." >&2 return 1 } From b13eb5ada5f852d3d12e43e89297878521fd2b66 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 8 Oct 2017 22:37:09 +0000 Subject: [PATCH 08/14] Run gen_coverage as a 'deploy' --- .circleci/config.yml | 4 ++-- bin/circle-test-teardown | 6 ------ 2 files changed, 2 insertions(+), 8 deletions(-) delete mode 100755 bin/circle-test-teardown diff --git a/.circleci/config.yml b/.circleci/config.yml index 2e687623be..e668db4d70 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -33,12 +33,12 @@ jobs: - run: command: bin/circle-test-smoke no_output_timeout: 360s - # Generate code coverage reports - - run: bin/circle-test-teardown # Destroy testing VMs: - run: command: bin/circle-destroy-vms background: true + - deploy: + command: cd $SRCDIR/test; ./gen_coverage_reports.sh # run goveralls; copy coverage reports to artifacts dir - deploy: command: $SRCDIR/bin/circle-teardown-pre diff --git a/bin/circle-test-teardown b/bin/circle-test-teardown deleted file mode 100755 index d998a3c737..0000000000 --- a/bin/circle-test-teardown +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash - -set -e - -cd $SRCDIR/test -test "$CIRCLE_NODE_INDEX" != "0" || (cd $SRCDIR/test; ./gen_coverage_reports.sh) From b3e77e81ea775c1929fa0287a6a2d1757c6c6e76 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 29 Jul 2018 13:33:55 +0000 Subject: [PATCH 09/14] Split into several jobs Run build, lint and unit-test steps in a container, using a pre-built image to save rebuilding at CircleCI Move a couple of scripts up to config.yml for clarity --- .circleci/config.yml | 73 +++++++++++++++++++++++++++++------- bin/circle-dependencies-post | 13 ------- bin/circle-deploy-master | 2 +- bin/circle-test-unit | 7 ---- 4 files changed, 61 insertions(+), 34 deletions(-) delete mode 100755 bin/circle-dependencies-post delete mode 100755 bin/circle-test-unit diff --git a/.circleci/config.yml b/.circleci/config.yml index e668db4d70..9095fa573e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,6 +1,39 @@ version: 2 +defaults: &defaults + docker: + - image: weaveworks/weavebuild:circle20-50a4e941 + working_directory: /go/src/github.com/weaveworks/weave + jobs: + lint: + <<: *defaults + steps: + - checkout + - run: git submodule update --init + - run: make DEBUG=1 BUILD_IN_CONTAINER=false lint + + unit-test: + <<: *defaults + parallelism: 2 + steps: + - checkout + - run: COVERDIR=test/coverage make BUILD_IN_CONTAINER=false tests + build: + <<: *defaults + steps: + - checkout + - setup_remote_docker + - run: git submodule update --init + - run: make COVERAGE=true BUILD_IN_CONTAINER=false SUDO= exes all + - persist_to_workspace: + root: . + paths: + - weave.tar.gz + - tools/runner/runner + - test/tls/tls + + smoke-tests: machine: image: circleci/classic:201709-01 environment: @@ -13,23 +46,16 @@ jobs: - run: mkdir $CIRCLE_ARTIFACTS # copy source dir and submodule update --init - run: bin/circle-dependencies-post-sources - - restore_cache: - key: v1-cache-{{ checksum "build/Dockerfile" }}-{{ checksum "build/build.sh" }} + - attach_workspace: + at: /home/circleci/src/github.com/weaveworks/weave # kick off creation of test VMs - run: command: bin/provision_test_vms.sh background: true - # create build image and make all - - run: bin/circle-dependencies-post - - save_cache: - key: v1-cache-{{ checksum "build/Dockerfile" }}-{{ checksum "build/build.sh" }} - paths: - - "~/docker" # when VMs are ready, copy built software to them - run: command: bin/circle-test-pre background: true - - run: bin/circle-test-unit - run: command: bin/circle-test-smoke no_output_timeout: 360s @@ -44,8 +70,29 @@ jobs: command: $SRCDIR/bin/circle-teardown-pre - store_artifacts: path: /tmp/artifacts + + deploy: + <<: *defaults + steps: + - setup_remote_docker + # Rebuild without coverage and push to dockerhub + - deploy: bin/circle-deploy-master + +workflows: + version: 2 + build_test: + jobs: + - lint + - unit-test + - build + - smoke-tests: + requires: + - lint + - unit-test + - build - deploy: - command: | - if [ "${CIRCLE_BRANCH}" == "master" ]; then - bin/circle-deploy-master - fi + requires: + - smoke-tests + filters: + branches: + only: master diff --git a/bin/circle-dependencies-post b/bin/circle-dependencies-post deleted file mode 100755 index e196ca3f41..0000000000 --- a/bin/circle-dependencies-post +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -set -e - -cd "$SRCDIR" -git submodule update --init -cd "$SRCDIR/build" -../tools/rebuild-image weaveworks/weavebuild . Dockerfile build.sh -touch "$SRCDIR/.build.uptodate" -sudo chown -R ubuntu /usr/local/go -cd "$SRCDIR" -make testrunner -make COVERAGE=true RM= exes all diff --git a/bin/circle-deploy-master b/bin/circle-deploy-master index b969bde3d2..5a8dc34694 100755 --- a/bin/circle-deploy-master +++ b/bin/circle-deploy-master @@ -6,4 +6,4 @@ docker login -e $DOCKER_EMAIL -u $DOCKER_USER -p $DOCKER_PASS cd $SRCDIR make clean-bin # CircleCI doesn't let us install the qemu module to do ARM docker builds -make publish ALL_ARCHITECTURES=amd64 UPDATE_LATEST=latest-only +make publish ALL_ARCHITECTURES=amd64 UPDATE_LATEST=latest-only SUDO= BUILD_IN_CONTAINER=false diff --git a/bin/circle-test-unit b/bin/circle-test-unit deleted file mode 100755 index f6a0433b19..0000000000 --- a/bin/circle-test-unit +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -set -e - -cd $SRCDIR -make DEBUG=1 lint -COVERDIR=test/coverage make RM= tests From e3576e13a7db5a273af83c99bd2ab2141d08b62a Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 29 Jul 2018 16:20:32 +0000 Subject: [PATCH 10/14] Don't copy the source directory somewhere else --- .circleci/config.yml | 7 +++---- bin/circle-dependencies-post-sources | 7 ------- 2 files changed, 3 insertions(+), 11 deletions(-) delete mode 100755 bin/circle-dependencies-post-sources diff --git a/.circleci/config.yml b/.circleci/config.yml index 9095fa573e..89d9ceac85 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -36,18 +36,17 @@ jobs: smoke-tests: machine: image: circleci/classic:201709-01 + working_directory: /home/circleci/src/github.com/weaveworks/weave environment: - GOPATH: /home/circleci SRCDIR: /home/circleci/src/github.com/weaveworks/weave CIRCLE_ARTIFACTS: /tmp/artifacts parallelism: 2 steps: - checkout - run: mkdir $CIRCLE_ARTIFACTS - # copy source dir and submodule update --init - - run: bin/circle-dependencies-post-sources + - run: git submodule update --init - attach_workspace: - at: /home/circleci/src/github.com/weaveworks/weave + at: . # kick off creation of test VMs - run: command: bin/provision_test_vms.sh diff --git a/bin/circle-dependencies-post-sources b/bin/circle-dependencies-post-sources deleted file mode 100755 index 8723f11640..0000000000 --- a/bin/circle-dependencies-post-sources +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -set -e - -mkdir -p "$(dirname "$SRCDIR")" && cp -r "$(pwd)/" "$SRCDIR" -cd "$SRCDIR" -git submodule update --init From 1a8794e90f0c3e30fe9c0b87d06e422c14249838 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 29 Jul 2018 16:21:35 +0000 Subject: [PATCH 11/14] Run coverage analysis in separate step, and save results Remove CircleCI 1.0 implementation which used scp to contact other lanes. Note we can't use an env var in store_artifacts clause --- .circleci/config.yml | 34 ++++++++++++++++++++++++++++------ .lintignore | 1 - bin/circle-teardown-pre | 9 --------- test/gen_coverage_reports.sh | 7 +------ 4 files changed, 29 insertions(+), 22 deletions(-) delete mode 100755 bin/circle-teardown-pre diff --git a/.circleci/config.yml b/.circleci/config.yml index 89d9ceac85..9642932ad0 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -1,7 +1,7 @@ version: 2 defaults: &defaults docker: - - image: weaveworks/weavebuild:circle20-50a4e941 + - image: weaveworks/weavebuild:circle20-2e6504d3 working_directory: /go/src/github.com/weaveworks/weave jobs: @@ -18,6 +18,10 @@ jobs: steps: - checkout - run: COVERDIR=test/coverage make BUILD_IN_CONTAINER=false tests + - persist_to_workspace: + root: . + paths: + - test/coverage build: <<: *defaults @@ -62,11 +66,25 @@ jobs: - run: command: bin/circle-destroy-vms background: true - - deploy: - command: cd $SRCDIR/test; ./gen_coverage_reports.sh - # run goveralls; copy coverage reports to artifacts dir - - deploy: - command: $SRCDIR/bin/circle-teardown-pre + - persist_to_workspace: + root: . + paths: + - test/coverage + - store_artifacts: + path: /tmp/artifacts + + gen-coverage: + <<: *defaults + environment: + CIRCLE_ARTIFACTS: /tmp/artifacts + steps: + - checkout + - run: mkdir $CIRCLE_ARTIFACTS + - attach_workspace: + at: . + - run: cd test; ./gen_coverage_reports.sh + - run: goveralls -repotoken $COVERALLS_REPO_TOKEN -coverprofile=test/profile.cov -service=circleci + - run: cp test/coverage.* $CIRCLE_ARTIFACTS - store_artifacts: path: /tmp/artifacts @@ -89,6 +107,10 @@ workflows: - lint - unit-test - build + - gen-coverage: + requires: + - unit-test + - smoke-tests - deploy: requires: - smoke-tests diff --git a/.lintignore b/.lintignore index f6b9efd061..9412318290 100644 --- a/.lintignore +++ b/.lintignore @@ -4,7 +4,6 @@ # avoid breaking the build on make lint: bin/circle-deploy-issues bin/circle-deploy-master -bin/circle-teardown-pre bin/circle-test-teardown bin/circle-test-unit bin/install-wordepress diff --git a/bin/circle-teardown-pre b/bin/circle-teardown-pre deleted file mode 100755 index d4ac8e3cda..0000000000 --- a/bin/circle-teardown-pre +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -set -e - -if [ "$CIRCLE_NODE_INDEX" = "0" ] ; then - go get github.com/mattn/goveralls - goveralls -repotoken $COVERALLS_REPO_TOKEN -coverprofile=$SRCDIR/test/profile.cov -service=circleci - cd $SRCDIR/test; cp coverage.* $CIRCLE_ARTIFACTS -fi diff --git a/test/gen_coverage_reports.sh b/test/gen_coverage_reports.sh index 8f9f381697..27a2e46983 100755 --- a/test/gen_coverage_reports.sh +++ b/test/gen_coverage_reports.sh @@ -3,13 +3,8 @@ set -ex DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" -if [ -n "$CIRCLECI" ]; then - for i in $(seq 1 $(($CIRCLE_NODE_TOTAL - 1))); do - scp node$i:/home/ubuntu/src/github.com/weaveworks/weave/test/coverage/* ./coverage/ || true - done -fi +# 'cover' tool is from github.com/weaveworks/build-tools/cover -go get github.com/weaveworks/build-tools/cover cover ./coverage/* >profile.cov go tool cover -html=profile.cov -o coverage.html go tool cover -func=profile.cov -o coverage.txt From 44e0c6add77bc64c74ef8df166f5ac891351ea63 Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 29 Jul 2018 17:51:05 +0000 Subject: [PATCH 12/14] Try to fix failing test 840 --- test/840_weave_kube_3_test.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/test/840_weave_kube_3_test.sh b/test/840_weave_kube_3_test.sh index 0efde493c0..2e7a5e8a8d 100755 --- a/test/840_weave_kube_3_test.sh +++ b/test/840_weave_kube_3_test.sh @@ -214,11 +214,17 @@ spec: access: deny EOF +# Allow some time for the policy change to take effect +sleep 1 + assert_raises "$SSH $HOST1 $KUBECTL exec $denyPodName -- curl -s -S -f -m 2 http://$DOMAIN:8080/status >/dev/null" # remove the access for nettest-deny run_on $HOST1 "$KUBECTL delete netpol allow-nettest-deny" +# Allow some time for the policy change to take effect +sleep 1 + # nettest-deny should still not be able to reach nettest pods assert_raises "! $SSH $HOST1 $KUBECTL exec $denyPodName -- curl -s -S -f -m 2 http://$DOMAIN:8080/status >/dev/null" From e3231bb373688784a80e004a3ec58fb644442feb Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Sun, 29 Jul 2018 18:42:43 +0000 Subject: [PATCH 13/14] Stop running VM creation in the background There's nothing else happening in parallel in this step now. --- .circleci/config.yml | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 9642932ad0..5bcb44d1f3 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -52,13 +52,9 @@ jobs: - attach_workspace: at: . # kick off creation of test VMs - - run: - command: bin/provision_test_vms.sh - background: true + - run: bin/provision_test_vms.sh # when VMs are ready, copy built software to them - - run: - command: bin/circle-test-pre - background: true + - run: bin/circle-test-pre - run: command: bin/circle-test-smoke no_output_timeout: 360s From e64656d16f53970c136ac5bb63eab203246bae4e Mon Sep 17 00:00:00 2001 From: Bryan Boreham Date: Thu, 2 Aug 2018 09:54:58 +0000 Subject: [PATCH 14/14] Specify https for security --- build/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/Dockerfile b/build/Dockerfile index 163881843b..d89965835f 100644 --- a/build/Dockerfile +++ b/build/Dockerfile @@ -89,7 +89,7 @@ RUN curl -sSL http://www.tcpdump.org/release/libpcap-${LIBPCAP_CROSS_VERSION}.ta && make clean; done # Install Docker -RUN curl -fsSL get.docker.com | VERSION=18.06.0-ce /bin/sh +RUN curl -fsSL https://get.docker.com | VERSION=18.06.0-ce /bin/sh COPY build.sh / ENTRYPOINT ["sh", "/build.sh"]