Skip to content

Commit

Permalink
Move system testing and Openresty build to GitHub Actions
Browse files Browse the repository at this point in the history
  • Loading branch information
lucacome committed Jun 28, 2024
1 parent 21481c3 commit 590bf87
Show file tree
Hide file tree
Showing 14 changed files with 237 additions and 117 deletions.
34 changes: 0 additions & 34 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
@@ -1,16 +1,5 @@
version: 2
jobs:
system_testing:
machine:
image: ubuntu-2204:2022.04.2
steps:
- checkout
- run:
name: system.testing
command: |
./ci/system_testing.sh
- store_artifacts:
path: ./test-log
build_gcc48_opentracing_15:
docker:
- image: ubuntu:18.04
Expand All @@ -33,36 +22,13 @@ jobs:
- run: ./ci/install_gcc4.8.sh
- run: ./ci/install_opentracing.sh
- run: ./ci/do_ci.sh build
openresty_docker_image:
machine: true
steps:
- checkout
- run:
command: docker build -t opentracing/openresty -f Dockerfile-openresty .

push_docker_image:
machine: true
steps:
- checkout
- run:
command: ./ci/do_ci.sh push_docker_image


workflows:
version: 2
build_test_and_deploy:
jobs:
- push_docker_image:
filters:
branches:
ignore: /.*/
tags: &tags
only: /^v[0-9]+(\.[0-9]+)*$/
- system_testing
- build_gcc48_opentracing_15
- build_gcc48_opentracing_16:
requires:
- build_gcc48_opentracing_15
- openresty_docker_image:
requires:
- system_testing
109 changes: 109 additions & 0 deletions .github/workflows/docker-openresty.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,109 @@
name: Docker Openresty

on:
push:
branches:
- master
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches:
- master

concurrency:
group: ${{ github.ref_name }}-docker-openresty
cancel-in-progress: true

jobs:
build-docker:
name: Build Docker Image
runs-on: ubuntu-22.04
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- name: Checkout Repository
uses: actions/checkout@v4

- name: Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host

- name: DockerHub Login
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
if: github.event_name != 'pull_request'

- name: Login to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
if: github.event_name != 'pull_request'

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: |
name=opentracing/openresty,enable=${{ github.event_name != 'pull_request' }}
name=ghcr.io/opentracing-contrib/openresty,enable=${{ github.event_name != 'pull_request' }}
name=localhost:5000/opentracing/openresty
tags: |
type=edge
type=ref,event=pr
type=semver,pattern={{version}}
env:
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index

- name: Build and push
uses: docker/build-push-action@v6
with:
file: Dockerfile-openresty
pull: true
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
annotations: ${{ steps.meta.outputs.annotations }}
cache-from: type=gha,scope=openresty
cache-to: type=gha,scope=openresty,mode=max
sbom: true
provenance: mode=max

- name: Inspect SBOM and output manifest
run: |
docker buildx imagetools inspect localhost:5000/opentracing/openresty:${{ steps.meta.outputs.version }} --format '{{ json .SBOM.SPDX }}' > sbom-openresty.json
docker buildx imagetools inspect localhost:5000/opentracing/openresty:${{ steps.meta.outputs.version }} --format '{{ json .Provenance.SLSA }}' > provenance-openresty.json
docker buildx imagetools inspect localhost:5000/opentracing/openresty:${{ steps.meta.outputs.version }} --raw
- name: Scan SBOM
id: scan
uses: anchore/scan-action@v3
with:
sbom: "sbom-openresty.json"
only-fixed: true
add-cpes-if-none: true
fail-build: false

- name: Upload scan result to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3
continue-on-error: true
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
if: always()

- name: Upload Scan Results
uses: actions/upload-artifact@v4
continue-on-error: true
with:
name: scan-results-openresty
path: |
${{ steps.scan.outputs.sarif }}
*.json
if: always()
1 change: 0 additions & 1 deletion .github/workflows/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,6 @@ jobs:
- name: Docker Buildx
uses: docker/setup-buildx-action@v3
with:
buildkitd-flags: --debug
driver-opts: network=host

- name: DockerHub Login
Expand Down
95 changes: 95 additions & 0 deletions .github/workflows/system-testing.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
name: System Testing

on:
push:
branches:
- master
tags:
- "v[0-9]+.[0-9]+.[0-9]+"
pull_request:
branches:
- master

defaults:
run:
shell: bash

concurrency:
group: ${{ github.ref_name }}-system-testing
cancel-in-progress: true

jobs:
system-testing:
name: System Testing
runs-on: ubuntu-22.04
steps:
- name: Checkout Repository
uses: actions/checkout@v4

- name: Get vars
id: vars
run: |
# replace with version from Dockerfile when fixed
echo "NGINX_VERSION=1.27.0" >> $GITHUB_OUTPUT
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version-file: '.python-version'
cache: 'pip'

- name: Install Dependencies
run: pip install -r test/requirements.ci.txt

- name: Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Build nginx
uses: docker/build-push-action@v6
with:
pull: true
load: true
file: test/Dockerfile-test
tags: nginx-opentracing-test/nginx
cache-from: type=gha,scope=system-nginx
cache-to: type=gha,scope=system-nginx,mode=max
build-args: |
NGINX_VERSION=${{ steps.vars.outputs.NGINX_VERSION }}
- name: Build backend
uses: docker/build-push-action@v6
with:
pull: true
load: true
file: test/Dockerfile-backend
context: test
tags: nginx-opentracing-test/backend
cache-from: type=gha,scope=system-backend
cache-to: type=gha,scope=system-backend,mode=max

- name: Build grpc-backend
uses: docker/build-push-action@v6
with:
pull: true
load: true
file: test/environment/grpc/Dockerfile
context: test/environment/grpc
tags: nginx-opentracing-test/grpc-backend
cache-from: type=gha,scope=system-grpc-backend
cache-to: type=gha,scope=system-grpc-backend,mode=max

- name: Run Tests
run: |
mkdir -p test-log
python3 nginx_opentracing_test.py
env:
PYTHONPATH: environment/grpc
LOG_DIR: ${{ github.workspace }}/test/test-log
working-directory: test

- name: Upload artifact
uses: actions/upload-artifact@v4
if: always()
with:
name: test-log
path: ./test/test-log
3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -41,3 +41,6 @@ test-log/
.DS_Store

out
bin
lib
pyvenv.cfg
2 changes: 1 addition & 1 deletion .python-version
Original file line number Diff line number Diff line change
@@ -1 +1 @@
3.10.3
3.12.4
15 changes: 10 additions & 5 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,18 +1,23 @@
NGINX_VERSION=1.27.0

.PHONY: docker-image
docker-image:
DOCKER_BUILDKIT=1 docker build -f Dockerfile -t opentracing-contrib/nginx-opentracing --target final .
docker build -f Dockerfile -t opentracing-contrib/nginx-opentracing --target final .

.PHONY: docker-image-alpine
docker-image-alpine:
DOCKER_BUILDKIT=1 docker build -f Dockerfile -t opentracing-contrib/nginx-opentracing --target final --build-arg BUILD_OS=alpine .
docker build -f Dockerfile -t opentracing-contrib/nginx-opentracing --target final --build-arg BUILD_OS=alpine .

docker-build-binaries:
DOCKER_BUILDKIT=1 docker buildx build --build-arg NGINX_VERSION=1.27.0 --platform linux/amd64 -f build/Dockerfile -t nginx-opentracing-binaries --target=export --output "type=local,dest=out" --progress=plain --no-cache --pull .
docker buildx build --build-arg NGINX_VERSION=$(NGINX_VERSION) --platform linux/amd64 -f build/Dockerfile -t nginx-opentracing-binaries --target=export --output "type=local,dest=out" --progress=plain --no-cache --pull .

.PHONY: test
test:
./ci/system_testing.sh
docker build -t nginx-opentracing-test/nginx -f test/Dockerfile-test . --build-arg NGINX_VERSION=$(NGINX_VERSION)
docker build -t nginx-opentracing-test/backend -f test/Dockerfile-backend ./test
docker build -t nginx-opentracing-test/grpc-backend -f test/environment/grpc/Dockerfile ./test/environment/grpc
cd test && LOG_DIR=$(CURDIR)/test/test-log PYTHONPATH=environment/grpc python3 nginx_opentracing_test.py

.PHONY: clean
clean:
rm -fr test-log
rm -fr test/test-log
23 changes: 1 addition & 22 deletions ci/do_ci.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,31 +5,10 @@ set -e
[ -z "${SRC_DIR}" ] && export SRC_DIR="$(pwd)"
[ -z "${BUILD_DIR}" ] && export BUILD_DIR=/build

if [[ "$1" == "system.testing" ]]; then
docker build -t nginx-opentracing-test/nginx -f Dockerfile-test .
cd test
docker build -t nginx-opentracing-test/backend -f Dockerfile-backend .
cd environment/grpc
docker build -t nginx-opentracing-test/grpc-backend .
cd -
PYTHONPATH=environment/grpc python3 nginx_opentracing_test.py
exit 0
elif [[ "$1" == "build" ]]; then
if [[ "$1" == "build" ]]; then
mkdir -p "${BUILD_DIR}"
./ci/build_nginx_opentracing_module.sh
exit 0
elif [[ "$1" == "push_docker_image" ]]; then
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
VERSION_TAG="$(git describe --abbrev=0 --tags)"
VERSION="${VERSION_TAG/v/}"

# openresty
docker build -t opentracing/openresty -f Dockerfile-openresty .
docker tag opentracing/openresty opentracing/openresty:${VERSION}
docker push opentracing/openresty:${VERSION}
docker tag opentracing/openresty opentracing/openresty:latest
docker push opentracing/openresty:latest
exit 0
else
echo "Invalid do_ci.sh target"
exit 1
Expand Down
19 changes: 0 additions & 19 deletions ci/install_dependencies.sh

This file was deleted.

9 changes: 0 additions & 9 deletions ci/system_testing.sh

This file was deleted.

15 changes: 3 additions & 12 deletions test/Dockerfile-backend
Original file line number Diff line number Diff line change
@@ -1,20 +1,11 @@
FROM ubuntu:22.04
FROM python:3.12

RUN apt-get update \
&& apt-get install -y \
curl \
python3 \
python3-dev \
build-essential \
&& rm -rf /var/lib/apt/lists/* \
&& curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py \
&& python3 get-pip.py \
&& rm get-pip.py
COPY requirements.txt .
RUN pip install -r requirements.txt

COPY . /app
WORKDIR /app

RUN pip install -r requirements.txt

ENTRYPOINT ["python3"]
CMD ["environment/app.py"]
Loading

0 comments on commit 590bf87

Please sign in to comment.