Commit graph

107 commits

Author SHA1 Message Date
Michael Lange 753a7dfea3 Tag the GHA run for percy to use
Percy uses this to stitch parallel test runs back together into a single
report.
2023-06-20 15:38:05 -07:00
Michael Lange 644b67b5c5 Simplify workflows
After renovating everything, it's evident that the ember-exam
sub-workflow can be inlined without any pesky duplication.
2023-06-20 15:05:17 -07:00
Michael Lange 495ada2072 Pipe secrets through to exam job 2023-06-20 14:49:57 -07:00
Michael Lange 918f503e51 Rip out the xUnit test reporter
This was used to integrate with Circle CI's deeper test reporting
(failures, flakes, reporting). It's strictly vestigial now that we're on
GHA.
2023-06-20 14:49:56 -07:00
Michael Lange 125d2f3e7f Use a matrix strategy to run exam partitions
This will run partitions and parallel only after linting passes.
2023-06-20 13:51:45 -07:00
Michael Lange 370327fd13 Move the ember exam workflow into its own reusable job
This will be called N times by the parent test-ui script.
2023-06-20 13:51:45 -07:00
Michael Lange 53643f05a7 Bump the ember-test-audit workflow to node 18 2023-06-20 10:31:24 -07:00
Luiz Aoqui 4b33bbd9c4
ci: run 'make check' as reusable workflow (#17600)
Some of the paths ignored by `test-core.yaml` need to be checked by
`make check`. The `checks.yaml` workflow run on these paths and can also
be used as a reusable workflow.
2023-06-20 08:17:13 +01:00
Seth Hoenig 3e7007b2a3
tests: set timeout on test-ui (#17549)
This seems to finish in about 20 minutes, or run for 6+ hours until hitting
a default timeout. Set a timeout to 30 minutes so we aren't wasting time
and runners.
2023-06-15 09:38:50 -05:00
Phil Renaud 944f30674d
[ui] Parallelize ember tests (#17442)
* Exam to parallelize tests

* Logging to try to solve test flakiness

* Logging in another failure

* Hardening for one test and snapshot for another

* Explicitly set the first one as the servicedAlloc instead of randomly picking

* A wild CircleCI test failure appears

* de-log
2023-06-07 17:01:35 -04:00
Phil Renaud f348121ec7
[ui] Remove Ember Assets Github Actions workflow (#17426)
* Remove Ember Assets gha workflow

* PR write added to permissions
2023-06-05 13:52:20 -04:00
hc-github-team-es-release-engineering 6758379e48
ci: finish migration from CCI to GHA (#17103)
namely, these workflows:
  test-e2e, test-ui, and test-windows

extra-curricularly, as part of the overall
migration effort company-wide, this also includes
some standardization such as:
 * explicit permissions:read on various workflows
 * pinned action version shas (per https://github.com/hashicorp/security-public-tsccr)
 * actionlint, which among other things runs
   shellcheck on GHA run steps

Co-authored-by: emilymianeil <eneil@hashicorp.com>
Co-authored-by: Daniel Kimsey <daniel.kimsey@hashicorp.com>
2023-06-02 14:35:55 -05:00
Bryce Kalow 9e4bb87536
Delete check-legacy-links-format.yml (#17380) 2023-06-01 13:41:17 -04:00
Daniel Kimsey ec59fd1d54 Revert "fixup: address review changes"
This reverts commit ba736e4521bb4bec14d21862895eabec14a9c2f9.

This was accidentally added by fat-fingered Admin push...
2023-06-01 08:58:07 -05:00
Daniel Kimsey 5b886165da fixup: address review changes 2023-06-01 08:48:42 -05:00
Seth Hoenig acfdf0f479
compliance: add headers with fixed copywrite tool (#17353)
Closes #17117
2023-05-30 09:20:32 -05:00
Tim Gross b9ca3bc9b1
build: remove 386 builds for Nomad 1.6.0 (#17239)
The 32-bit Intel builds (aka "386") are not tested and likely have bugs
involving platform-sized integers when operated at any non-trivial scale. Remove
these builds from the upcoming Nomad 1.6.0 and provide recommendations in the
upgrade notes for those users who might have hobbyist boards running 32-bit
ARM (this will primarily be the RaspberryPi Zero or older spins of the RaspPi).

DO NOT BACKPORT TO 1.5.x OR EARLIER!
2023-05-22 13:27:17 -04:00
Tim Gross 15fa0277cf
build: pin semgrep action (#17248)
The file path in the TSCCR repo for the `returntocorp/semgrep` action was
incorrect, so the pinning tool was not able to find the correct entry and it was
not pinned in #17238.

The repository is fixed in https://github.com/hashicorp/security-tsccr/pull/431
2023-05-19 10:27:51 -04:00
Tim Gross dbfcfbd623
build: move GitHub actions to versions allowed by prodsec (#17238)
The `backspace/ember-asset-size` action we're using is unmaintained and has a
bunch of vulns in it, so it won't pass security screening (this is a NodeJS
action so it has piles of dependencies, 99% of which won't be in use but fails
automated screening anyways). Move this to the upstream version.

The `machine-learning-apps/pr-comment` action also presents a problem for the
ProdSec security screening because it's archived and also runs an external
Docker image. Move this to a likely-ok maintained action for now, until we can
spare some time to remove this in lieu of something more reasonable that isn't a
GitHub action.
2023-05-19 09:07:02 -04:00
Tim Gross c64efa0776
build: upgrade deprecated actions syntax (#17222)
Missed these in the previous pass.
2023-05-17 11:39:55 -04:00
hashicorp-tsccr[bot] aec3b16085
build: trusted workflow pinning (#16992)
Co-authored-by: Tim Gross <tgross@hashicorp.com>
2023-05-17 10:38:10 -04:00
Tim Gross 710afecf61
build: update deprecated GitHub Actions (#17218)
Many of the GitHub Actions from the build pipeline are written in a truly
ancient version of NodeJS. Upgrade to more recent versions.

Remove RelEng from codeowners
2023-05-17 08:57:28 -04:00
Luiz Aoqui 53020c0941
Revert "ci: use BACKPORT_MERGE_COMMIT option (#16730)" (#17116)
This reverts commit 1721e687c0832bea3d9b7eec5dcd3c4e7a924d71.

The change was expected to solve the sporadic problems we were having
with Backport Assistant, but it end up creating even more failures.
2023-05-08 13:30:43 -04:00
Tim Gross ee071531de
docs: disable secret scanning for documentation content (#16903)
Examples in the documentation frequently include tokens, including Vault tokens
which end up triggering GitHub's secret scanner. Remove these from consideration
so that we don't get false positive reports.
2023-04-17 10:03:52 -04:00
hashicorp-copywrite[bot] 005636afa0 [COMPLIANCE] Add Copyright and License Headers 2023-04-10 15:36:59 +00:00
Luiz Aoqui fa4ee68c6a
ci: use BACKPORT_MERGE_COMMIT option (#16730)
Instead of attempting to pick each individual commit in a PR using
`BACKPORT_MERGE_COMMIT` only picks the commit that was merged into
`main`.

This reduces the amount of work done during a backport, generating
cleaner merges and avoiding potential issues on specific commits.

With this setting PRs that are not squashed will fail to backport and
must be handled manually, but those are considered exceptions.
2023-03-30 11:49:46 -04:00
Ashlee M Boyer 9af02f3f4a
CI: delete test-link-rewrites.yml (#16354) 2023-03-06 15:41:01 -05:00
Luiz Aoqui e7546e9e16
ci: reduce number of ember-test-audit iterations (#16118) 2023-02-09 15:28:30 -05:00
Seth Hoenig bf2f3885a3
tests: reduce timeout on test-api (#16107)
Sometimes GHA gets wedged, and there is no need to waste 30 minutes
on a job that usually takes < 3.

e.g. stuck loading module cache, which is out of our control
https://github.com/hashicorp/nomad/actions/runs/4135098558/jobs/7147128419
2023-02-09 10:26:10 -06:00
Seth Hoenig 7838f16e2b
tests: bump consul and vault versions in test-core (#15979) 2023-01-31 10:00:27 -06:00
Ashlee M Boyer 57f8ebfa26
docs: Migrate link formats (#15779)
* Adding check-legacy-links-format workflow

* Adding test-link-rewrites workflow

* chore: updates link checker workflow hash

* Migrating links to new format

Co-authored-by: Kendall Strautman <kendallstrautman@gmail.com>
2023-01-25 09:31:14 -08:00
Tim Gross bbafb87e50
CI: run tests on pull_request and push to main/release (#15690)
Running tests `on: push` prevents GitHub from showing the workflow approval
button, which prevents tests from being run on community-contributed (or even
just non-Nomad HashiCorp folks) PRs. Running `on: pull_request` automatically
picks up opened, reopened, and synchronize hooks (where "synchronize" means a
push to HEAD on the PR's branch, so that'll pick up rebases and updates).

But we also want to run tests on `main` and the various `release` backport
branches, so retain a `on: push` for those.
2023-01-04 14:34:23 -05:00
Seth Hoenig 336d730b9c
api: make api tests fast and more concurrency safe (#15543)
This PR tries to make API tests run fast, as an experiment to later apply
to all packages. Key changes include

- Swapping freeport for test/portal for port allocations
- Swappng some uses of WaitForResult with test/wait
- Turning on parallelism in api/testutil/slow.go
- Switching to custom public runner (32 vcpu)

There's also chunk of cleanup brought in for the ride
2022-12-16 12:25:28 -06:00
Michele Degges 23030fa77b
[CI-only] Run builds on pushes to main and the release branches (#14630) 2022-12-12 08:48:39 -08:00
Michele Degges da5ee8731c
Use custom runners pinned to 20.04 for building nomad (#15490) 2022-12-09 13:15:02 -08:00
Tim Gross c7d3b3a543
pin build/release pipeline to ubuntu 20.04 (#15348)
The `ubuntu-latest` runner has been migrated to Ubuntu 22.04, which doesn't have
all the same multilib packages as 20.04. Although we'll probably want to migrate
eventually, we should ship Nomad 1.4.3 with the same toolchain as we did
previously so that we're not introducing new issues.
2022-11-21 14:08:45 -05:00
Seth Hoenig 74f1fe437e
ci: use hashicorp/setup-golang for setting up go compiler, cache (#15271)
This PR changes test-core to make use of

https://github.com/hashicorp/setup-golang

to consolidate the setting up of the Go compiler and the Go modules cache
used for the CI job.

Fixes: #14905
2022-11-17 07:50:45 -06:00
Luiz Aoqui d3714b68e5
ci: notify on backport-assistant errors (#15203) 2022-11-10 16:11:26 -05:00
Luiz Aoqui d23203b7e4
ci: re-enable tests on main (#15204)
Now that the tests are grouped more tightly we don't use as many runners
as before, so we can re-enable these without clogging the queue.
2022-11-10 13:51:37 -05:00
Seth Hoenig a0bdc67d6a
build: update to go1.19.3 (#15099) 2022-11-01 15:54:49 -05:00
Seth Hoenig 4f3a1e6f7d
ci: use groups of tests in gha (#15018)
* [no ci] use json for grouping packages for testing

* [no ci] able to get packages in group

* [no ci] able to run groups of tests

* [no ci] more

* [no ci] try disable circle unit tests

* ci: use actions/checkout@v3

* ci: rename to quick

* ci: need make dev in mods cache step

* ci: make compile step depend on checks step

* ci: bump consul and vault versions

* ci: need make dev for group tests

* ci: update ci unit testing docs

* docs: spell plumbing correctly

Co-authored-by: Tim Gross <tgross@hashicorp.com>

Co-authored-by: Tim Gross <tgross@hashicorp.com>
2022-10-27 09:02:58 -05:00
Seth Hoenig dd2999d6af
ci: add -core suffix to mods action (#15015)
Forgot to add this line to the new mods action; without it, it
creates a cache different from the one used by the other jobs.
2022-10-24 08:49:01 -05:00
Seth Hoenig 91d29e6449
ci: use the same go mod cache across test-core jobs (#15006)
* ci: use the same go mod cache for test-core jobs

* ci: precache go modules

* ci: add a mods precache job
2022-10-21 17:38:45 -05:00
Tim Gross 6263c8b323
lock closed issues and PRs after 120 days (#14824)
When community members comment on long-closed issues, there's a number of
failure modes that make for a bad experience for them:

* Their comments are often missed entirely because notification settings make it
  impractical for most developers to read comments on inactive issues.

* In our experience, the problem is only rarely a regression; because failures
  are complex, totally different code paths can result in symptoms that initially
  appear to be the same but turn out to be completely different under close
  examination. This is particularly the case for issues fixed in very old
  versions (sometimes 2 or more years old).

The Terraform core team uses a bot that locks issues after only 30 days. But
because we typically close issues automatically on PR merge but don't have
rolling releases, it'd frequently happen that unrelease fixes will have locked
comments, which isn't a good experience either. I've looked through the pace of
releases since Nomad 0.9.0 and the longest window between releases was 3
months. Set the window for the lock bot to 120 days to give us plenty of
breathing room so it doesn't feel like we're shutting down discussion
prematurely.
2022-10-06 16:18:00 -04:00
Tim Gross a3ff23608c
deps: use install from current HEAD for hc-install (#14786)
The `hc-install` tool we're using needed a patch for a specific bug, but that's
since been merged. We definitely want to switch to using a standard release from
that project once one is shipped with the CLI, but pinning to HEAD should keep
us for now.
2022-10-04 08:22:30 -04:00
Seth Hoenig 3f29e59e6e
build: update go version to go1.19.1 (#14653)
minor update, no CL needed
2022-09-22 09:40:01 -05:00
Luiz Aoqui ad48401219
chore: move changelog file to the right folder (#14639) 2022-09-21 13:50:22 -04:00
Luiz Aoqui c3c8ae584f
api: provide more detail on ACL bootstrap request error (#14629) 2022-09-20 21:20:04 -04:00
Seth Hoenig bf0e83e3a0
deps: run all dependabot configs over the weekend (#14608) 2022-09-16 10:50:57 -05:00
Seth Hoenig c9bbe5230d
ci: no need to run unit tests for e2e/ui changes (#14607) 2022-09-16 09:58:06 -05:00