Skip to content

Standalone px decrypt (#1473) #6

Standalone px decrypt (#1473)

Standalone px decrypt (#1473) #6

Workflow file for this run

# Copyright 2021 The Cross-Media Measurement Authors
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
name: Build and test
on:
push:
branches:
- main
- 'releases/**'
pull_request:
branches:
- main
- 'releases/**'
types: [opened, synchronize, edited]
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build-test:
name: Build and test
runs-on: ubuntu-20.04
permissions:
id-token: write
env:
CLUSTER_LOGS_PATH: cluster-logs
steps:
- name: Check out revision
uses: actions/checkout@v4
- uses: ./.github/actions/free-disk-space
# Authenticate to Google Cloud for access to remote cache.
- name: Authenticate to Google Cloud
uses: google-github-actions/auth@v2
with:
workload_identity_provider: ${{ vars.BAZEL_BUILD_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ vars.BAZEL_BUILD_SERVICE_ACCOUNT }}
- name: Write ~/.bazelrc
run: |
cat << EOF > ~/.bazelrc
common --config=ci
common --config=remote-cache
build --remote_upload_local_results
build --define container_registry=localhost:5001
build --define image_repo_prefix=halo
build --define image_tag=latest
build --define kingdom_public_api_target=kingdom.example.com:8443
build --define duchy_public_api_target=duchy.example.com:8443
build --define mc_name=measurementConsumers/foo
build --define edp1_name=dataProviders/foo1
build --define edp1_cert_name=dataProviders/foo1/certificates/bar1
build --define edp2_name=dataProviders/foo2
build --define edp2_cert_name=dataProviders/foo2/certificates/bar2
build --define edp3_name=dataProviders/foo3
build --define edp3_cert_name=dataProviders/foo3/certificates/bar3
build --define edp4_name=dataProviders/foo4
build --define edp4_cert_name=dataProviders/foo4/certificates/bar4
build --define edp5_name=dataProviders/foo5
build --define edp5_cert_name=dataProviders/foo5/certificates/bar5
build --define edp6_name=dataProviders/foo6
build --define edp6_cert_name=dataProviders/foo6/certificates/bar6
build --define google_cloud_project=example-project
build --define bigquery_dataset=example-dataset
build --define bigquery_table=events
EOF
- name: Get Bazel cache params
id: get-cache-params
run: |
cache_path="$(bazelisk info output_base)"
echo "cache-path=${cache_path}" >> $GITHUB_OUTPUT
repo_cache_path="$(bazelisk info repository_cache)"
echo "repo-cache-path=${repo_cache_path}" >> $GITHUB_OUTPUT
# This is a hack to utilize the undocumented relatively large empty
# scratch disk mounted at /mnt. It's currently needed to work around
# bazel-contrib/rules_oci#439 as that's what is pushing our usage over the
# limit. The alternative is to use a runner with more disk space.
- name: Mount scratch disk
env:
BAZEL_CACHE_PATH: ${{ steps.get-cache-params.outputs.cache-path }}
run: |
mkdir -p "$BAZEL_CACHE_PATH"
sudo mkdir -p /mnt/bazel-cache
sudo chown 'runner:runner' /mnt/bazel-cache
sudo mount --bind /mnt/bazel-cache "$BAZEL_CACHE_PATH"
- name: Restore repository cache
uses: actions/cache/restore@v4
with:
path: ${{ steps.get-cache-params.outputs.repo-cache-path }}
key: ${{ vars.BAZEL_REPO_CACHE_KEY }}
- name: Build
run: >
bazelisk build --worker_quit_after_build
//...
//src/main/k8s/dev:synthetic_generator_edp_simulators
- name: Save repository cache
uses: actions/cache/save@v4
continue-on-error: true
with:
path: ${{ steps.get-cache-params.outputs.repo-cache-path }}
key: ${{ vars.BAZEL_REPO_CACHE_KEY }}
- name: Run tests
id: run-tests
run: bazelisk test //...
- name: Create cluster
id: create-cluster
run: |
echo "KUBECONFIG=$HOME/.kube/config" >> "$GITHUB_ENV"
curl -LOJ https://kind.sigs.k8s.io/examples/kind-with-registry.sh
chmod +x kind-with-registry.sh
./kind-with-registry.sh
- name: Run correctness test
id: run-correctness-test
run: >
bazelisk test
//src/test/kotlin/org/wfanet/measurement/integration/k8s:EmptyClusterCorrectnessTest
--test_output=streamed
- name: Delete Kubernetes Resources
continue-on-error: true
run: |
kubectl delete all --namespace=default --all
kubectl delete networkpolicies --all-namespaces --all
- name: Run panelmatch correctness test
id: run-panelmatch-correctness-test
run: >
bazelisk test
//src/test/kotlin/org/wfanet/panelmatch/integration/k8s:EmptyClusterPanelMatchCorrectnessTest
--test_output=streamed
- name: Export cluster logs
id: export-cluster-logs
if: failure() && (steps.run-correctness-test.outcome == 'failure' || steps.run-panelmatch-correctness-test.outcome == 'failure')
continue-on-error: true
run: |
mkdir -p "$CLUSTER_LOGS_PATH"
kind export logs "$CLUSTER_LOGS_PATH"
- name: Upload cluster logs artifact
if: failure() && steps.export-cluster-logs.outcome == 'success'
uses: actions/upload-artifact@v4
continue-on-error: true
with:
name: cluster-logs
path: ${{ env.CLUSTER_LOGS_PATH }}
- name: Upload Bazel testlogs
continue-on-error: true
uses: world-federation-of-advertisers/actions/bazel-upload-testlogs@v2
if: failure() && (steps.run-tests.outcome == 'failure' || steps.run-correctness-test.outcome == 'failure' || steps.run-panelmatch-correctness-test.outcome == 'failure')