try disable apparmor, N #27
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
on: | |
push: | |
# branches: | |
# - master | |
# pull_request: | |
# paths-ignore: | |
# - 'docs/**' | |
# - '**.md' | |
repository_dispatch: | |
types: [test-with-secrets-command] | |
defaults: | |
run: | |
shell: bash --noprofile --norc -euo pipefail {0} | |
env: | |
# An envar that signals to tests we are executing in the CI environment | |
CONTINUOUS_INTEGRATION: true | |
# allow overriding Maven command | |
MAVEN: ./mvnw | |
MAVEN_OPTS: "-Xmx512M -XX:+ExitOnOutOfMemoryError" | |
MAVEN_INSTALL_OPTS: "-Xmx3G -XX:+ExitOnOutOfMemoryError" | |
MAVEN_FAST_INSTALL: "-B -V -T 1C -DskipTests -Dmaven.source.skip=true -Dair.check.skip-all" | |
MAVEN_COMPILE_COMMITS: "-B --quiet -T 1C -DskipTests -Dmaven.source.skip=true -Dair.check.skip-all=true -Dmaven.javadoc.skip=true --no-snapshot-updates --no-transfer-progress -pl '!:trino-server-rpm'" | |
MAVEN_GIB: "-P gib -Dgib.referenceBranch=refs/remotes/origin/${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref || github.event.repository.default_branch }}" | |
MAVEN_TEST: "-B -Dmaven.source.skip=true -Dair.check.skip-all --fail-at-end -P gib -Dgib.referenceBranch=refs/remotes/origin/${{ github.event_name == 'pull_request' && github.event.pull_request.base.ref || github.event.repository.default_branch }}" | |
# Testcontainers kills image pulls if they don't make progress for > 30s and retries for 2m before failing. This means | |
# that if an image doesn't download all it's layers within ~2m then any other concurrent pull will be killed because | |
# the Docker daemon only downloads 3 layers concurrently which prevents the other pull from making any progress. | |
# This value should be greater than the time taken for the longest image pull. | |
TESTCONTAINERS_PULL_PAUSE_TIMEOUT: 600 | |
# used by actions/cache to retry the download after this time: https://github.com/actions/cache/blob/main/workarounds.md#cache-segment-restore-timeout | |
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 5 | |
CI_SKIP_SECRETS_PRESENCE_CHECKS: ${{ secrets.CI_SKIP_SECRETS_PRESENCE_CHECKS }} | |
SECRETS_PRESENT: ${{ secrets.SECRETS_PRESENT }} | |
PTL_TMP_DOWNLOAD_PATH: /tmp/pt_java_downloads | |
# Cancel previous PR builds. | |
concurrency: | |
# Cancel all workflow runs except latest within a concurrency group. This is achieved by defining a concurrency group for the PR. | |
# Non-PR builds have singleton concurrency groups. | |
# When triggered by the repository_dispatch, add the expected SHA to avoid cancelling the run from the PR. | |
group: | | |
workflow=${{ github.workflow }}, | |
pr_number=${{ github.event_name == 'pull_request' && github.event.number || 'NA' }}, | |
dispatch_sha=${{ github.event_name == 'repository_dispatch' && github.event.client_payload.slash_command.args.named.sha || 'NA' }}, | |
commit_sha=${{ github.event_name != 'pull_request' && github.event_name != 'repository_dispatch' && github.sha || 'NA' }} | |
cancel-in-progress: true | |
jobs: | |
build-test-matrix: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.set-matrix.outputs.matrix }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # checkout all commits to be able to determine merge base for GIB | |
ref: | | |
${{ github.event_name == 'repository_dispatch' && | |
github.event.client_payload.pull_request.head.sha == github.event.client_payload.slash_command.args.named.sha && | |
format('refs/pull/{0}/head', github.event.client_payload.pull_request.number) || '' }} | |
- uses: ./.github/actions/setup | |
timeout-minutes: 10 | |
with: | |
cache: restore | |
- name: Update PR check | |
uses: ./.github/actions/update-check | |
if: >- | |
github.event_name == 'repository_dispatch' && | |
github.event.client_payload.slash_command.args.named.sha != '' && | |
github.event.client_payload.pull_request.head.sha == github.event.client_payload.slash_command.args.named.sha | |
with: | |
pull_request_number: ${{ github.event.client_payload.pull_request.number }} | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Maven validate | |
run: | | |
export MAVEN_OPTS="${MAVEN_INSTALL_OPTS}" | |
$MAVEN validate ${MAVEN_FAST_INSTALL} ${MAVEN_GIB} -Dgib.logImpactedTo=gib-impacted.log -P disable-check-spi-dependencies -pl '!:trino-docs' | |
- name: Set matrix | |
id: set-matrix | |
run: | | |
# GIB doesn't run on master, so make sure the file always exist | |
touch gib-impacted.log | |
cat <<EOF > .github/test-matrix.yaml | |
include: | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
- { modules: plugin/trino-exasol } | |
EOF | |
./.github/bin/build-matrix-from-impacted.py -v -i gib-impacted.log -m .github/test-matrix.yaml -o matrix.json | |
echo "Matrix: $(jq '.' matrix.json)" | |
echo "matrix=$(jq -c '.' matrix.json)" >> $GITHUB_OUTPUT | |
test: | |
runs-on: 'ubuntu-latest' | |
needs: build-test-matrix | |
if: needs.build-test-matrix.outputs.matrix != '{}' | |
strategy: | |
fail-fast: false | |
matrix: ${{ fromJson(needs.build-test-matrix.outputs.matrix) }} | |
timeout-minutes: 60 | |
steps: | |
- name: Disable app armor | |
run: | | |
sudo aa-teardown || true | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # checkout all commits to be able to determine merge base for GIB | |
ref: | | |
${{ github.event_name == 'repository_dispatch' && | |
github.event.client_payload.pull_request.head.sha == github.event.client_payload.slash_command.args.named.sha && | |
format('refs/pull/{0}/head', github.event.client_payload.pull_request.number) || '' }} | |
- uses: ./.github/actions/setup | |
timeout-minutes: 10 | |
with: | |
cache: restore | |
cleanup-node: ${{ format('{0}', matrix.modules == 'plugin/trino-singlestore' || matrix.modules == 'plugin/trino-exasol') }} | |
java-version: ${{ matrix.jdk != '' && matrix.jdk || '23' }} | |
- name: Maven Install | |
run: | | |
export MAVEN_OPTS="${MAVEN_INSTALL_OPTS}" | |
$MAVEN clean install ${MAVEN_FAST_INSTALL} ${MAVEN_GIB} -am -pl "${{ matrix.modules }}" | |
- name: Create dir for Exasol JDBC driver logs | |
run: mkdir -p /tmp/exasol-jdbc-log/ | |
- name: Maven Tests | |
id: tests | |
run: | | |
sudo aa-status | |
#( | |
# while true; do | |
# echo "Top memory-consuming process at $(date):" | |
# ps -eo user,pid,comm,rss,vsz,args --sort=-rss | head -n 11 | |
# echo "-----------------------------" | |
# free -h | |
# sleep 30 | |
# done | |
#) & | |
tail -f /var/log/syslog & | |
echo $! > monitor_pid.txt | |
$MAVEN test ${MAVEN_TEST} -pl ${{ matrix.modules }} ${{ matrix.profile != '' && format('-P {0}', matrix.profile) || '' }} -Dsurefire.runOrder.random.seed=498044423542 | |
kill $(cat monitor_pid.txt) | |
rm monitor_pid.txt | |
- name: "Generate Unique Artifact Name" | |
if: ${{ always() }} | |
run: echo "UNIQUE_NAME=$RANDOM" >> $GITHUB_ENV | |
- name: "Upload Exasol JDBC driver logs" | |
uses: actions/upload-artifact@v4 | |
if: ${{ always() && contains(matrix.modules, 'plugin/trino-exasol') }} | |
with: | |
path: /tmp/exasol-jdbc-log/ | |
name: exasol-jdbc-log-${{ env.UNIQUE_NAME }} | |
retention-days: 3 | |
if-no-files-found: error | |
- name: "Upload Exasol Docker-DB logs" | |
uses: actions/upload-artifact@v4 | |
if: ${{ always() && contains(matrix.modules, 'plugin/trino-exasol') }} | |
with: | |
path: /tmp/db-log/ | |
name: exasol-db-log-${{ env.UNIQUE_NAME }} | |
retention-days: 3 | |
if-no-files-found: error | |
- name: Sanitize artifact name | |
if: always() | |
run: | | |
# Generate a valid artifact name and make it available to next steps as | |
# an environment variable ARTIFACT_NAME | |
# ", :, <, >, |, *, ?, \, / are not allowed in artifact names, replace it with an underscore | |
name=$(echo -n "${{ matrix.modules }}, ${{ matrix.profile }}, ${{ matrix.jdk }}" | sed -e 's/[":<>|\*\?\\\/]/_/g') | |
# final artifact name can't be longer than 128 characters | |
echo "ARTIFACT_NAME=${name:0:100}" >> $GITHUB_ENV | |
- name: Upload test results | |
uses: ./.github/actions/process-test-results | |
if: always() | |
with: | |
artifact-name: ${{ env.ARTIFACT_NAME }}-${{ env.UNIQUE_NAME }} | |
has-failed-tests: >- | |
${{ steps.tests.outcome == 'failure' | |
|| steps.tests-hdfs-isolated.outcome == 'failure' | |
|| steps.tests-hdfs.outcome == 'failure' | |
|| steps.tests-s3.outcome == 'failure' | |
|| steps.tests-azure.outcome == 'failure' | |
|| steps.tests-gcs.outcome == 'failure' | |
|| steps.tests-delta.outcome == 'failure' | |
|| steps.tests-memsql.outcome == 'failure' | |
|| steps.tests-bq.outcome == 'failure' | |
|| steps.tests-bq-ci.outcome == 'failure' | |
|| steps.tests-bq-smoke.outcome == 'failure' | |
|| steps.tests-iceberg.outcome == 'failure' | |
|| steps.tests-redshift.outcome == 'failure' | |
|| steps.tests-snowflake.outcome == 'failure' | |
}} | |
upload-heap-dump: ${{ env.SECRETS_PRESENT == '' && github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name != github.repository }} | |
- name: Update PR check | |
uses: ./.github/actions/update-check | |
if: >- | |
failure() && | |
github.event_name == 'repository_dispatch' && | |
github.event.client_payload.slash_command.args.named.sha != '' && | |
github.event.client_payload.pull_request.head.sha == github.event.client_payload.slash_command.args.named.sha | |
with: | |
pull_request_number: ${{ github.event.client_payload.pull_request.number }} | |
check_name: ${{ github.job }} with secrets | |
conclusion: ${{ job.status }} | |
github_token: ${{ secrets.GITHUB_TOKEN }} |