2020-10-23 02:43:28 +02:00
|
|
|
name: Zulip production suite
|
2020-07-08 02:20:01 +02:00
|
|
|
|
|
|
|
on:
|
2022-07-05 23:57:53 +02:00
|
|
|
push:
|
|
|
|
branches: ["*.x", chat.zulip.org, main]
|
|
|
|
tags: ["*"]
|
2020-07-08 02:20:01 +02:00
|
|
|
pull_request:
|
2020-07-17 20:27:19 +02:00
|
|
|
paths:
|
2021-07-30 23:52:10 +02:00
|
|
|
- .github/workflows/production-suite.yml
|
2020-07-17 20:27:19 +02:00
|
|
|
- "**/migrations/**"
|
2021-10-20 23:55:54 +02:00
|
|
|
- manage.py
|
2023-03-20 19:52:59 +01:00
|
|
|
- pnpm-lock.yaml
|
2020-07-17 20:27:19 +02:00
|
|
|
- puppet/**
|
|
|
|
- requirements/**
|
|
|
|
- scripts/**
|
|
|
|
- tools/**
|
2023-02-24 02:20:53 +01:00
|
|
|
- web/babel.config.js
|
|
|
|
- web/postcss.config.js
|
2023-02-22 23:03:47 +01:00
|
|
|
- web/third/**
|
2023-02-24 02:20:53 +01:00
|
|
|
- web/webpack.config.ts
|
2021-10-20 23:55:54 +02:00
|
|
|
- zerver/worker/queue_processors.py
|
|
|
|
- zerver/lib/push_notifications.py
|
|
|
|
- zerver/decorator.py
|
2021-07-30 23:52:10 +02:00
|
|
|
- zproject/**
|
2022-07-05 23:57:53 +02:00
|
|
|
workflow_dispatch:
|
2020-07-08 02:20:01 +02:00
|
|
|
|
2022-07-05 01:14:47 +02:00
|
|
|
concurrency:
|
|
|
|
group: "${{ github.workflow }}-${{ github.head_ref || github.run_id }}"
|
|
|
|
cancel-in-progress: true
|
|
|
|
|
2020-07-08 02:20:01 +02:00
|
|
|
defaults:
|
|
|
|
run:
|
|
|
|
shell: bash
|
|
|
|
|
2022-08-30 02:12:55 +02:00
|
|
|
permissions:
|
|
|
|
contents: read
|
|
|
|
|
2020-07-08 02:20:01 +02:00
|
|
|
jobs:
|
|
|
|
production_build:
|
2021-06-07 09:12:58 +02:00
|
|
|
# This job builds a release tarball from the current commit, which
|
|
|
|
# will be used for all of the following install/upgrade tests.
|
2024-03-25 22:17:18 +01:00
|
|
|
name: Ubuntu 22.04 production build
|
2020-07-08 02:20:01 +02:00
|
|
|
runs-on: ubuntu-latest
|
|
|
|
|
2021-11-05 23:35:39 +01:00
|
|
|
# Docker images are built from 'tools/ci/Dockerfile'; the comments at
|
|
|
|
# the top explain how to build and upload these images.
|
2024-03-25 22:17:18 +01:00
|
|
|
# Ubuntu 22.04 ships with Python 3.10.12.
|
|
|
|
container: zulip/ci:jammy
|
2022-12-01 05:51:52 +01:00
|
|
|
|
2020-07-08 02:20:01 +02:00
|
|
|
steps:
|
|
|
|
- name: Add required permissions
|
|
|
|
run: |
|
|
|
|
# The checkout actions doesn't clone to ~/zulip or allow
|
|
|
|
# us to use the path option to clone outside the current
|
|
|
|
# /__w/zulip/zulip directory. Since this directory is owned
|
|
|
|
# by root we need to change it's ownership to allow the
|
|
|
|
# github user to clone the code here.
|
|
|
|
# Note: /__w/ is a docker volume mounted to $GITHUB_WORKSPACE
|
|
|
|
# which is /home/runner/work/.
|
|
|
|
sudo chown -R github .
|
|
|
|
|
|
|
|
# This is the GitHub Actions specific cache directory the
|
|
|
|
# the current github user must be able to access for the
|
|
|
|
# cache action to work. It is owned by root currently.
|
|
|
|
sudo chmod -R 0777 /__w/_temp/
|
|
|
|
|
2024-02-22 00:24:18 +01:00
|
|
|
- uses: actions/checkout@v4
|
2020-07-08 02:20:01 +02:00
|
|
|
|
|
|
|
- name: Create cache directories
|
|
|
|
run: |
|
2023-03-20 19:52:59 +01:00
|
|
|
dirs=(/srv/zulip-{venv,emoji}-cache)
|
2020-07-08 02:20:01 +02:00
|
|
|
sudo mkdir -p "${dirs[@]}"
|
|
|
|
sudo chown -R github "${dirs[@]}"
|
|
|
|
|
2023-03-20 19:52:59 +01:00
|
|
|
- name: Restore pnpm store
|
2024-02-22 00:24:18 +01:00
|
|
|
uses: actions/cache@v4
|
2022-04-29 23:03:12 +02:00
|
|
|
with:
|
2023-05-31 18:53:44 +02:00
|
|
|
path: /__w/.pnpm-store
|
2024-03-25 22:17:18 +01:00
|
|
|
key: v1-pnpm-store-jammy-${{ hashFiles('pnpm-lock.yaml') }}
|
2022-04-29 23:03:12 +02:00
|
|
|
|
|
|
|
- name: Restore python cache
|
2024-02-22 00:24:18 +01:00
|
|
|
uses: actions/cache@v4
|
2022-04-29 23:03:12 +02:00
|
|
|
with:
|
|
|
|
path: /srv/zulip-venv-cache
|
2024-03-25 22:17:18 +01:00
|
|
|
key: v1-venv-jammy-${{ hashFiles('requirements/dev.txt') }}
|
|
|
|
restore-keys: v1-venv-jammy
|
2022-04-29 23:03:12 +02:00
|
|
|
|
|
|
|
- name: Restore emoji cache
|
2024-02-22 00:24:18 +01:00
|
|
|
uses: actions/cache@v4
|
2022-04-29 23:03:12 +02:00
|
|
|
with:
|
|
|
|
path: /srv/zulip-emoji-cache
|
2024-03-25 22:17:18 +01:00
|
|
|
key: v1-emoji-jammy-${{ hashFiles('tools/setup/emoji/emoji_map.json') }}-${{ hashFiles('tools/setup/emoji/build_emoji') }}-${{ hashFiles('tools/setup/emoji/emoji_setup_utils.py') }}-${{ hashFiles('tools/setup/emoji/emoji_names.py') }}-${{ hashFiles('package.json') }}
|
|
|
|
restore-keys: v1-emoji-jammy
|
2020-07-08 02:20:01 +02:00
|
|
|
|
|
|
|
- name: Build production tarball
|
2021-03-29 20:51:40 +02:00
|
|
|
run: ./tools/ci/production-build
|
2020-07-08 02:20:01 +02:00
|
|
|
|
|
|
|
- name: Upload production build artifacts for install jobs
|
2024-02-22 00:24:18 +01:00
|
|
|
uses: actions/upload-artifact@v4
|
2020-07-08 02:20:01 +02:00
|
|
|
with:
|
|
|
|
name: production-tarball
|
|
|
|
path: /tmp/production-build
|
2023-02-16 10:04:39 +01:00
|
|
|
retention-days: 1
|
2020-07-16 21:34:01 +02:00
|
|
|
|
2023-05-31 18:53:44 +02:00
|
|
|
- name: Verify pnpm store path
|
|
|
|
run: |
|
|
|
|
set -x
|
|
|
|
path="$(pnpm store path)"
|
|
|
|
[[ "$path" == /__w/.pnpm-store/* ]]
|
|
|
|
|
2022-12-01 05:51:52 +01:00
|
|
|
- name: Generate failure report string
|
|
|
|
id: failure_report_string
|
2022-12-06 23:10:11 +01:00
|
|
|
if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
|
2022-12-01 05:51:52 +01:00
|
|
|
run: tools/ci/generate-failure-message >> $GITHUB_OUTPUT
|
|
|
|
|
|
|
|
- name: Report status to CZO
|
2022-12-06 23:10:11 +01:00
|
|
|
if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
|
2022-12-01 05:51:52 +01:00
|
|
|
uses: zulip/github-actions-zulip/send-message@v1
|
|
|
|
with:
|
|
|
|
api-key: ${{ secrets.ZULIP_BOT_KEY }}
|
|
|
|
email: "github-actions-bot@chat.zulip.org"
|
|
|
|
organization-url: "https://chat.zulip.org"
|
|
|
|
to: "automated testing"
|
|
|
|
topic: ${{ steps.failure_report_string.outputs.topic }}
|
|
|
|
type: "stream"
|
|
|
|
content: ${{ steps.failure_report_string.outputs.content }}
|
2021-02-16 06:27:02 +01:00
|
|
|
|
2020-07-16 21:34:01 +02:00
|
|
|
production_install:
|
2021-06-07 09:12:58 +02:00
|
|
|
# This job installs the server release tarball built above on a
|
|
|
|
# range of platforms, and does some basic health checks on the
|
|
|
|
# resulting installer Zulip server.
|
2020-07-16 21:34:01 +02:00
|
|
|
strategy:
|
|
|
|
fail-fast: false
|
|
|
|
matrix:
|
|
|
|
include:
|
2021-07-22 21:33:39 +02:00
|
|
|
# Docker images are built from 'tools/ci/Dockerfile'; the comments at
|
|
|
|
# the top explain how to build and upload these images.
|
2022-03-16 00:45:07 +01:00
|
|
|
- docker_image: zulip/ci:jammy
|
2024-03-25 22:17:18 +01:00
|
|
|
name: Ubuntu 22.04 production install and PostgreSQL upgrade with pgroonga
|
2022-03-16 00:45:07 +01:00
|
|
|
os: jammy
|
2023-05-05 04:17:59 +02:00
|
|
|
extra-args: ""
|
2020-07-16 21:34:01 +02:00
|
|
|
|
2024-02-27 00:57:25 +01:00
|
|
|
- docker_image: zulip/ci:noble
|
|
|
|
name: Ubuntu 24.04 production install
|
|
|
|
os: noble
|
|
|
|
extra-args: ""
|
|
|
|
|
2023-05-10 23:20:46 +02:00
|
|
|
- docker_image: zulip/ci:bookworm
|
2024-03-25 22:17:18 +01:00
|
|
|
name: Debian 12 production install with custom db name and user
|
2023-05-10 23:20:46 +02:00
|
|
|
os: bookworm
|
2024-03-25 22:17:18 +01:00
|
|
|
extra-args: --test-custom-db
|
2023-05-10 23:20:46 +02:00
|
|
|
|
2020-07-16 21:34:01 +02:00
|
|
|
name: ${{ matrix.name }}
|
2021-07-22 21:35:27 +02:00
|
|
|
container:
|
|
|
|
image: ${{ matrix.docker_image }}
|
|
|
|
options: --init
|
2020-07-16 21:34:01 +02:00
|
|
|
runs-on: ubuntu-latest
|
|
|
|
needs: production_build
|
|
|
|
|
|
|
|
steps:
|
|
|
|
- name: Download built production tarball
|
2024-02-22 00:24:18 +01:00
|
|
|
uses: actions/download-artifact@v4
|
2020-07-16 21:34:01 +02:00
|
|
|
with:
|
|
|
|
name: production-tarball
|
|
|
|
path: /tmp
|
|
|
|
|
|
|
|
- name: Add required permissions and setup
|
|
|
|
run: |
|
|
|
|
# This is the GitHub Actions specific cache directory the
|
|
|
|
# the current github user must be able to access for the
|
|
|
|
# cache action to work. It is owned by root currently.
|
|
|
|
sudo chmod -R 0777 /__w/_temp/
|
|
|
|
|
2024-02-22 00:24:18 +01:00
|
|
|
# Since actions/download-artifact@v4 loses all the permissions
|
2020-07-16 21:34:01 +02:00
|
|
|
# of the tarball uploaded by the upload artifact fix those.
|
|
|
|
chmod +x /tmp/production-upgrade-pg
|
2021-11-19 02:04:30 +01:00
|
|
|
chmod +x /tmp/production-pgroonga
|
2020-07-16 21:34:01 +02:00
|
|
|
chmod +x /tmp/production-install
|
|
|
|
chmod +x /tmp/production-verify
|
2022-12-01 05:51:52 +01:00
|
|
|
chmod +x /tmp/generate-failure-message
|
2020-07-16 21:34:01 +02:00
|
|
|
|
|
|
|
- name: Create cache directories
|
|
|
|
run: |
|
2023-03-20 19:52:59 +01:00
|
|
|
dirs=(/srv/zulip-{venv,emoji}-cache)
|
2020-07-16 21:34:01 +02:00
|
|
|
sudo mkdir -p "${dirs[@]}"
|
|
|
|
sudo chown -R github "${dirs[@]}"
|
|
|
|
|
|
|
|
- name: Install production
|
2021-11-29 22:53:18 +01:00
|
|
|
run: sudo /tmp/production-install ${{ matrix.extra-args }}
|
2020-07-16 21:34:01 +02:00
|
|
|
|
|
|
|
- name: Verify install
|
2021-12-14 05:23:23 +01:00
|
|
|
run: sudo /tmp/production-verify ${{ matrix.extra-args }}
|
2020-07-16 21:34:01 +02:00
|
|
|
|
2021-11-19 02:04:30 +01:00
|
|
|
- name: Install pgroonga
|
2024-03-25 22:17:18 +01:00
|
|
|
if: ${{ matrix.os == 'jammy' }}
|
2021-11-19 02:04:30 +01:00
|
|
|
run: sudo /tmp/production-pgroonga
|
|
|
|
|
|
|
|
- name: Verify install after installing pgroonga
|
2024-03-25 22:17:18 +01:00
|
|
|
if: ${{ matrix.os == 'jammy' }}
|
2021-12-14 05:23:23 +01:00
|
|
|
run: sudo /tmp/production-verify ${{ matrix.extra-args }}
|
2021-11-19 02:04:30 +01:00
|
|
|
|
2020-07-16 21:34:01 +02:00
|
|
|
- name: Upgrade postgresql
|
2024-03-25 22:17:18 +01:00
|
|
|
if: ${{ matrix.os == 'jammy' }}
|
2021-03-29 20:51:40 +02:00
|
|
|
run: sudo /tmp/production-upgrade-pg
|
2020-07-16 21:34:01 +02:00
|
|
|
|
|
|
|
- name: Verify install after upgrading postgresql
|
2024-03-25 22:17:18 +01:00
|
|
|
if: ${{ matrix.os == 'jammy' }}
|
2021-12-14 05:23:23 +01:00
|
|
|
run: sudo /tmp/production-verify ${{ matrix.extra-args }}
|
2021-02-16 06:27:02 +01:00
|
|
|
|
2022-12-01 05:51:52 +01:00
|
|
|
- name: Generate failure report string
|
|
|
|
id: failure_report_string
|
2022-12-06 23:10:11 +01:00
|
|
|
if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
|
2023-03-09 21:46:10 +01:00
|
|
|
run: /tmp/generate-failure-message >> $GITHUB_OUTPUT
|
2022-12-01 05:51:52 +01:00
|
|
|
|
|
|
|
- name: Report status to CZO
|
2022-12-06 23:10:11 +01:00
|
|
|
if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
|
2022-12-01 05:51:52 +01:00
|
|
|
uses: zulip/github-actions-zulip/send-message@v1
|
|
|
|
with:
|
|
|
|
api-key: ${{ secrets.ZULIP_BOT_KEY }}
|
|
|
|
email: "github-actions-bot@chat.zulip.org"
|
|
|
|
organization-url: "https://chat.zulip.org"
|
|
|
|
to: "automated testing"
|
|
|
|
topic: ${{ steps.failure_report_string.outputs.topic }}
|
|
|
|
type: "stream"
|
|
|
|
content: ${{ steps.failure_report_string.outputs.content }}
|
2021-06-07 09:12:58 +02:00
|
|
|
|
|
|
|
production_upgrade:
|
|
|
|
# The production upgrade job starts with a container with a
|
|
|
|
# previous Zulip release installed, and attempts to upgrade it to
|
|
|
|
# the release tarball built for the current commit being tested.
|
|
|
|
#
|
|
|
|
# This is intended to catch bugs that result in the upgrade
|
|
|
|
# process failing.
|
|
|
|
strategy:
|
|
|
|
fail-fast: false
|
|
|
|
matrix:
|
|
|
|
include:
|
2022-07-16 02:34:09 +02:00
|
|
|
# Docker images are built from 'tools/ci/Dockerfile.prod'; the comments at
|
2021-11-05 23:35:39 +01:00
|
|
|
# the top explain how to build and upload these images.
|
2024-01-05 21:53:14 +01:00
|
|
|
- docker_image: zulip/ci:jammy-6.0
|
2022-11-28 20:46:10 +01:00
|
|
|
name: 6.0 Version Upgrade
|
2024-01-05 21:53:14 +01:00
|
|
|
os: jammy
|
2023-11-29 22:25:02 +01:00
|
|
|
- docker_image: zulip/ci:bookworm-7.0
|
|
|
|
name: 7.0 Version Upgrade
|
|
|
|
os: bookworm
|
2024-03-25 18:24:08 +01:00
|
|
|
- docker_image: zulip/ci:bookworm-8.0
|
|
|
|
name: 8.0 Version Upgrade
|
|
|
|
os: bookworm
|
2021-11-25 06:33:52 +01:00
|
|
|
|
2021-06-07 09:12:58 +02:00
|
|
|
name: ${{ matrix.name }}
|
2021-07-22 21:35:27 +02:00
|
|
|
container:
|
|
|
|
image: ${{ matrix.docker_image }}
|
|
|
|
options: --init
|
2021-06-07 09:12:58 +02:00
|
|
|
runs-on: ubuntu-latest
|
|
|
|
needs: production_build
|
|
|
|
|
|
|
|
steps:
|
|
|
|
- name: Download built production tarball
|
2024-02-22 00:24:18 +01:00
|
|
|
uses: actions/download-artifact@v4
|
2021-06-07 09:12:58 +02:00
|
|
|
with:
|
|
|
|
name: production-tarball
|
|
|
|
path: /tmp
|
|
|
|
|
|
|
|
- name: Add required permissions and setup
|
|
|
|
run: |
|
|
|
|
# This is the GitHub Actions specific cache directory the
|
|
|
|
# the current github user must be able to access for the
|
|
|
|
# cache action to work. It is owned by root currently.
|
|
|
|
sudo chmod -R 0777 /__w/_temp/
|
|
|
|
|
2024-02-22 00:24:18 +01:00
|
|
|
# Since actions/download-artifact@v4 loses all the permissions
|
2021-06-07 09:12:58 +02:00
|
|
|
# of the tarball uploaded by the upload artifact fix those.
|
|
|
|
chmod +x /tmp/production-upgrade
|
|
|
|
chmod +x /tmp/production-verify
|
2022-12-01 05:51:52 +01:00
|
|
|
chmod +x /tmp/generate-failure-message
|
2021-06-07 09:12:58 +02:00
|
|
|
|
2021-07-01 14:44:04 +02:00
|
|
|
- name: Create cache directories
|
|
|
|
run: |
|
2023-03-20 19:52:59 +01:00
|
|
|
dirs=(/srv/zulip-{venv,emoji}-cache)
|
2021-07-01 14:44:04 +02:00
|
|
|
sudo mkdir -p "${dirs[@]}"
|
|
|
|
sudo chown -R github "${dirs[@]}"
|
|
|
|
|
2023-09-15 15:39:38 +02:00
|
|
|
- name: Temporarily bootstrap PostgreSQL upgrades
|
|
|
|
# https://chat.zulip.org/#narrow/stream/43-automated-testing/topic/postgres.20client.20upgrade.20failures/near/1640444
|
|
|
|
# On Debian, there is an ordering issue with post-install maintainer
|
|
|
|
# scripts when postgresql-client-common is upgraded at the same time as
|
|
|
|
# postgresql-client and postgresql-client-15. Upgrade just
|
|
|
|
# postgresql-client-common first, so the main upgrade process can
|
|
|
|
# succeed. This is a _temporary_ work-around to improve CI signal, as
|
|
|
|
# the failure does represent a real failure that production systems may
|
|
|
|
# encounter.
|
|
|
|
run: sudo apt-get update && sudo apt-get install -y --only-upgrade postgresql-client-common
|
|
|
|
|
2021-06-07 09:12:58 +02:00
|
|
|
- name: Upgrade production
|
|
|
|
run: sudo /tmp/production-upgrade
|
|
|
|
|
|
|
|
# TODO: We should be running production-verify here, but it
|
|
|
|
# doesn't pass yet.
|
|
|
|
#
|
|
|
|
# - name: Verify install
|
|
|
|
# run: sudo /tmp/production-verify
|
|
|
|
|
2022-12-01 05:51:52 +01:00
|
|
|
- name: Generate failure report string
|
|
|
|
id: failure_report_string
|
2022-12-06 23:10:11 +01:00
|
|
|
if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
|
2023-03-09 21:46:10 +01:00
|
|
|
run: /tmp/generate-failure-message >> $GITHUB_OUTPUT
|
2022-12-01 05:51:52 +01:00
|
|
|
|
|
|
|
- name: Report status to CZO
|
2022-12-06 23:10:11 +01:00
|
|
|
if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
|
2022-12-01 05:51:52 +01:00
|
|
|
uses: zulip/github-actions-zulip/send-message@v1
|
|
|
|
with:
|
|
|
|
api-key: ${{ secrets.ZULIP_BOT_KEY }}
|
|
|
|
email: "github-actions-bot@chat.zulip.org"
|
|
|
|
organization-url: "https://chat.zulip.org"
|
|
|
|
to: "automated testing"
|
|
|
|
topic: ${{ steps.failure_report_string.outputs.topic }}
|
|
|
|
type: "stream"
|
|
|
|
content: ${{ steps.failure_report_string.outputs.content }}
|