Skip to content

try disable apparmor, N #27

try disable apparmor, N

try disable apparmor, N #27

Workflow file for this run

name: ci
on:
push:
# branches:
# - master
# pull_request:
# paths-ignore:
# - 'docs/**'
# - '**.md'
repository_dispatch:
types: [test-with-secrets-command]
defaults:
run:
shell: bash --noprofile --norc -euo pipefail {0}
env:
# An envar that signals to tests we are executing in the CI environment
CONTINUOUS_INTEGRATION: true
# allow overriding Maven command
MAVEN: ./mvnw
MAVEN_OPTS: "-Xmx512M -XX:+ExitOnOutOfMemoryError"
MAVEN_INSTALL_OPTS: "-Xmx3G -XX:+ExitOnOutOfMemoryError"
MAVEN_FAST_INSTALL: "-B -V -T 1C -DskipTests -Dmaven.source.skip=true -Dair.check.skip-all"
MAVEN_COMPILE_COMMITS: "-B --quiet -T 1C -DskipTests -Dmaven.source.skip=true -Dair.check.skip-all=true -Dmaven.javadoc.skip=true --no-snapshot-updates --no-transfer-progress -pl '!:trino-server-rpm'"
MAVEN_GIB: "-P gib -Dgib.referenceBranch=refs/remotes/origin/${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref || github.event.repository.default_branch }}"
MAVEN_TEST: "-B -Dmaven.source.skip=true -Dair.check.skip-all --fail-at-end -P gib -Dgib.referenceBranch=refs/remotes/origin/${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref || github.event.repository.default_branch }}"
# Testcontainers kills image pulls if they don't make progress for > 30s and retries for 2m before failing. This means
# that if an image doesn't download all it's layers within ~2m then any other concurrent pull will be killed because
# the Docker daemon only downloads 3 layers concurrently which prevents the other pull from making any progress.
# This value should be greater than the time taken for the longest image pull.
TESTCONTAINERS_PULL_PAUSE_TIMEOUT: 600
# used by actions/cache to retry the download after this time: https://github.com/actions/cache/blob/main/workarounds.md#cache-segment-restore-timeout
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 5
CI_SKIP_SECRETS_PRESENCE_CHECKS: ${{ secrets.CI_SKIP_SECRETS_PRESENCE_CHECKS }}
SECRETS_PRESENT: ${{ secrets.SECRETS_PRESENT }}
PTL_TMP_DOWNLOAD_PATH: /tmp/pt_java_downloads
# Cancel previous PR builds.
concurrency:
# Cancel all workflow runs except latest within a concurrency group. This is achieved by defining a concurrency group for the PR.
# Non-PR builds have singleton concurrency groups.
# When triggered by the repository_dispatch, add the expected SHA to avoid cancelling the run from the PR.
group: |
workflow=${{ github.workflow }},
pr_number=${{ github.event_name == 'pull_request' && github.event.number || 'NA' }},
dispatch_sha=${{ github.event_name == 'repository_dispatch' && github.event.client_payload.slash_command.args.named.sha || 'NA' }},
commit_sha=${{ github.event_name != 'pull_request' && github.event_name != 'repository_dispatch' && github.sha || 'NA' }}
cancel-in-progress: true
jobs:
build-test-matrix:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # checkout all commits to be able to determine merge base for GIB
ref: |
${{ github.event_name == 'repository_dispatch' &&
github.event.client_payload.pull_request.head.sha == github.event.client_payload.slash_command.args.named.sha &&
format('refs/pull/{0}/head', github.event.client_payload.pull_request.number) || '' }}
- uses: ./.github/actions/setup
timeout-minutes: 10
with:
cache: restore
- name: Update PR check
uses: ./.github/actions/update-check
if: >-
github.event_name == 'repository_dispatch' &&
github.event.client_payload.slash_command.args.named.sha != '' &&
github.event.client_payload.pull_request.head.sha == github.event.client_payload.slash_command.args.named.sha
with:
pull_request_number: ${{ github.event.client_payload.pull_request.number }}
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Maven validate
run: |
export MAVEN_OPTS="${MAVEN_INSTALL_OPTS}"
$MAVEN validate ${MAVEN_FAST_INSTALL} ${MAVEN_GIB} -Dgib.logImpactedTo=gib-impacted.log -P disable-check-spi-dependencies -pl '!:trino-docs'
- name: Set matrix
id: set-matrix
run: |
# GIB doesn't run on master, so make sure the file always exist
touch gib-impacted.log
cat <<EOF > .github/test-matrix.yaml
include:
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
- { modules: plugin/trino-exasol }
EOF
./.github/bin/build-matrix-from-impacted.py -v -i gib-impacted.log -m .github/test-matrix.yaml -o matrix.json
echo "Matrix: $(jq '.' matrix.json)"
echo "matrix=$(jq -c '.' matrix.json)" >> $GITHUB_OUTPUT
test:
runs-on: 'ubuntu-latest'
needs: build-test-matrix
if: needs.build-test-matrix.outputs.matrix != '{}'
strategy:
fail-fast: false
matrix: ${{ fromJson(needs.build-test-matrix.outputs.matrix) }}
timeout-minutes: 60
steps:
- name: Disable app armor
run: |
sudo aa-teardown || true
- uses: actions/checkout@v4
with:
fetch-depth: 0 # checkout all commits to be able to determine merge base for GIB
ref: |
${{ github.event_name == 'repository_dispatch' &&
github.event.client_payload.pull_request.head.sha == github.event.client_payload.slash_command.args.named.sha &&
format('refs/pull/{0}/head', github.event.client_payload.pull_request.number) || '' }}
- uses: ./.github/actions/setup
timeout-minutes: 10
with:
cache: restore
cleanup-node: ${{ format('{0}', matrix.modules == 'plugin/trino-singlestore' || matrix.modules == 'plugin/trino-exasol') }}
java-version: ${{ matrix.jdk != '' && matrix.jdk || '23' }}
- name: Maven Install
run: |
export MAVEN_OPTS="${MAVEN_INSTALL_OPTS}"
$MAVEN clean install ${MAVEN_FAST_INSTALL} ${MAVEN_GIB} -am -pl "${{ matrix.modules }}"
- name: Create dir for Exasol JDBC driver logs
run: mkdir -p /tmp/exasol-jdbc-log/
- name: Maven Tests
id: tests
run: |
sudo aa-status
#(
# while true; do
# echo "Top memory-consuming process at $(date):"
# ps -eo user,pid,comm,rss,vsz,args --sort=-rss | head -n 11
# echo "-----------------------------"
# free -h
# sleep 30
# done
#) &
tail -f /var/log/syslog &
echo $! > monitor_pid.txt
$MAVEN test ${MAVEN_TEST} -pl ${{ matrix.modules }} ${{ matrix.profile != '' && format('-P {0}', matrix.profile) || '' }} -Dsurefire.runOrder.random.seed=498044423542
kill $(cat monitor_pid.txt)
rm monitor_pid.txt
- name: "Generate Unique Artifact Name"
if: ${{ always() }}
run: echo "UNIQUE_NAME=$RANDOM" >> $GITHUB_ENV
- name: "Upload Exasol JDBC driver logs"
uses: actions/upload-artifact@v4
if: ${{ always() && contains(matrix.modules, 'plugin/trino-exasol') }}
with:
path: /tmp/exasol-jdbc-log/
name: exasol-jdbc-log-${{ env.UNIQUE_NAME }}
retention-days: 3
if-no-files-found: error
- name: "Upload Exasol Docker-DB logs"
uses: actions/upload-artifact@v4
if: ${{ always() && contains(matrix.modules, 'plugin/trino-exasol') }}
with:
path: /tmp/db-log/
name: exasol-db-log-${{ env.UNIQUE_NAME }}
retention-days: 3
if-no-files-found: error
- name: Sanitize artifact name
if: always()
run: |
# Generate a valid artifact name and make it available to next steps as
# an environment variable ARTIFACT_NAME
# ", :, <, >, |, *, ?, \, / are not allowed in artifact names, replace it with an underscore
name=$(echo -n "${{ matrix.modules }}, ${{ matrix.profile }}, ${{ matrix.jdk }}" | sed -e 's/[":<>|\*\?\\\/]/_/g')
# final artifact name can't be longer than 128 characters
echo "ARTIFACT_NAME=${name:0:100}" >> $GITHUB_ENV
- name: Upload test results
uses: ./.github/actions/process-test-results
if: always()
with:
artifact-name: ${{ env.ARTIFACT_NAME }}-${{ env.UNIQUE_NAME }}
has-failed-tests: >-
${{ steps.tests.outcome == 'failure'
|| steps.tests-hdfs-isolated.outcome == 'failure'
|| steps.tests-hdfs.outcome == 'failure'
|| steps.tests-s3.outcome == 'failure'
|| steps.tests-azure.outcome == 'failure'
|| steps.tests-gcs.outcome == 'failure'
|| steps.tests-delta.outcome == 'failure'
|| steps.tests-memsql.outcome == 'failure'
|| steps.tests-bq.outcome == 'failure'
|| steps.tests-bq-ci.outcome == 'failure'
|| steps.tests-bq-smoke.outcome == 'failure'
|| steps.tests-iceberg.outcome == 'failure'
|| steps.tests-redshift.outcome == 'failure'
|| steps.tests-snowflake.outcome == 'failure'
}}
upload-heap-dump: ${{ env.SECRETS_PRESENT == '' && github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository }}
- name: Update PR check
uses: ./.github/actions/update-check
if: >-
failure() &&
github.event_name == 'repository_dispatch' &&
github.event.client_payload.slash_command.args.named.sha != '' &&
github.event.client_payload.pull_request.head.sha == github.event.client_payload.slash_command.args.named.sha
with:
pull_request_number: ${{ github.event.client_payload.pull_request.number }}
check_name: ${{ github.job }} with secrets
conclusion: ${{ job.status }}
github_token: ${{ secrets.GITHUB_TOKEN }}