Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/.github/workflows/production-suite.yml

267 lines
8.8 KiB
YAML
Raw Normal View History

docs: Fix more capitalization issues. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-23 02:43:28 +02:00
name: Zulip production suite
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
on:
ci: Adjust when production suite is run. We make a few adjustments: * We now run full CI whenever pushing to master. It's cheap enough that it's worth getting accurate signal. * We now don't run production tests on PRs for changes to JavaScript/CSS in static/ that don't also affect the webpack configuration. * We sort the list of paths that trigger tests.
2021-07-30 23:52:10 +02:00
push: {}
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
pull_request:
github-actions: Only run production suite on production related updates. The production suite will only run if anything under puppet, scripts, and tools or any migrations are updated. The '**' glob means it includes subdirectory updates. For migrations all ~5 migrations directories are includes using the **/migrations/** pattern. The GitHub Action docs that explain the syntax: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
2020-07-17 20:27:19 +02:00
paths:
ci: Adjust when production suite is run. We make a few adjustments: * We now run full CI whenever pushing to master. It's cheap enough that it's worth getting accurate signal. * We now don't run production tests on PRs for changes to JavaScript/CSS in static/ that don't also affect the webpack configuration. * We sort the list of paths that trigger tests.
2021-07-30 23:52:10 +02:00
- .github/workflows/production-suite.yml
github-actions: Only run production suite on production related updates. The production suite will only run if anything under puppet, scripts, and tools or any migrations are updated. The '**' glob means it includes subdirectory updates. For migrations all ~5 migrations directories are includes using the **/migrations/** pattern. The GitHub Action docs that explain the syntax: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
2020-07-17 20:27:19 +02:00
- "**/migrations/**"
ci: Adjust when production suite is run. We make a few adjustments: * We now run full CI whenever pushing to master. It's cheap enough that it's worth getting accurate signal. * We now don't run production tests on PRs for changes to JavaScript/CSS in static/ that don't also affect the webpack configuration. * We sort the list of paths that trigger tests.
2021-07-30 23:52:10 +02:00
- babel.config.js
ci: Run production tests when files mentioning zilencer are changed. Production installs do not use the zilencer application, but the tests do include it; as such, changes to any files which reference zilencer are more likely to pass tests but fail production installs. Run production tests when those files are changed.
2021-10-20 23:55:54 +02:00
- manage.py
ci: Adjust when production suite is run. We make a few adjustments: * We now run full CI whenever pushing to master. It's cheap enough that it's worth getting accurate signal. * We now don't run production tests on PRs for changes to JavaScript/CSS in static/ that don't also affect the webpack configuration. * We sort the list of paths that trigger tests.
2021-07-30 23:52:10 +02:00
- postcss.config.js
github-actions: Only run production suite on production related updates. The production suite will only run if anything under puppet, scripts, and tools or any migrations are updated. The '**' glob means it includes subdirectory updates. For migrations all ~5 migrations directories are includes using the **/migrations/** pattern. The GitHub Action docs that explain the syntax: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
2020-07-17 20:27:19 +02:00
- puppet/**
- requirements/**
- scripts/**
ci: Adjust when production suite is run. We make a few adjustments: * We now run full CI whenever pushing to master. It's cheap enough that it's worth getting accurate signal. * We now don't run production tests on PRs for changes to JavaScript/CSS in static/ that don't also affect the webpack configuration. * We sort the list of paths that trigger tests.
2021-07-30 23:52:10 +02:00
- static/assets/**
- static/third/**
github-actions: Only run production suite on production related updates. The production suite will only run if anything under puppet, scripts, and tools or any migrations are updated. The '**' glob means it includes subdirectory updates. For migrations all ~5 migrations directories are includes using the **/migrations/** pattern. The GitHub Action docs that explain the syntax: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
2020-07-17 20:27:19 +02:00
- tools/**
ci: Adjust when production suite is run. We make a few adjustments: * We now run full CI whenever pushing to master. It's cheap enough that it's worth getting accurate signal. * We now don't run production tests on PRs for changes to JavaScript/CSS in static/ that don't also affect the webpack configuration. * We sort the list of paths that trigger tests.
2021-07-30 23:52:10 +02:00
- webpack.config.ts
github-actions: Only run production suite on production related updates. The production suite will only run if anything under puppet, scripts, and tools or any migrations are updated. The '**' glob means it includes subdirectory updates. For migrations all ~5 migrations directories are includes using the **/migrations/** pattern. The GitHub Action docs that explain the syntax: https://docs.github.com/en/actions/reference/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
2020-07-17 20:27:19 +02:00
- yarn.lock
ci: Run production tests when files mentioning zilencer are changed. Production installs do not use the zilencer application, but the tests do include it; as such, changes to any files which reference zilencer are more likely to pass tests but fail production installs. Run production tests when those files are changed.
2021-10-20 23:55:54 +02:00
- zerver/worker/queue_processors.py
- zerver/lib/push_notifications.py
- zerver/decorator.py
ci: Adjust when production suite is run. We make a few adjustments: * We now run full CI whenever pushing to master. It's cheap enough that it's worth getting accurate signal. * We now don't run production tests on PRs for changes to JavaScript/CSS in static/ that don't also affect the webpack configuration. * We sort the list of paths that trigger tests.
2021-07-30 23:52:10 +02:00
- zproject/**
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
defaults:
run:
shell: bash
jobs:
production_build:
ci: Add prod upgrade step to prod suite. This adds a check in the current production suite of CI that upgrades a previous release of zulip server with a newer one. Fixes #18346.
2021-06-07 09:12:58 +02:00
# This job builds a release tarball from the current commit, which
# will be used for all of the following install/upgrade tests.
Remove Ubuntu 18.04 support. As a consequence: • Bump minimum supported Python version to 3.7. • Move Vagrant environment to Debian 10, which has Python 3.7. • Move CI frontend tests to Debian 10. • Move production build test to Debian 10. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-08 22:12:57 +01:00
name: Debian 10 production build
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
runs-on: ubuntu-latest
ci: Update outdated comments to generated Dockerfiles. These were missed in the doc updates in d78723b6e876, which were for behavior changes in 16067bc4fc5c.
2021-11-05 23:35:39 +01:00
# Docker images are built from 'tools/ci/Dockerfile'; the comments at
# the top explain how to build and upload these images.
Remove Ubuntu 18.04 support. As a consequence: • Bump minimum supported Python version to 3.7. • Move Vagrant environment to Debian 10, which has Python 3.7. • Move CI frontend tests to Debian 10. • Move production build test to Debian 10. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-08 22:12:57 +01:00
# Debian 10 ships with Python 3.7.3.
container: zulip/ci:buster
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
steps:
- name: Add required permissions
run: |
# The checkout actions doesn't clone to ~/zulip or allow
# us to use the path option to clone outside the current
# /__w/zulip/zulip directory. Since this directory is owned
# by root we need to change it's ownership to allow the
# github user to clone the code here.
# Note: /__w/ is a docker volume mounted to $GITHUB_WORKSPACE
# which is /home/runner/work/.
sudo chown -R github .
# This is the GitHub Actions specific cache directory the
# the current github user must be able to access for the
# cache action to work. It is owned by root currently.
sudo chmod -R 0777 /__w/_temp/
- uses: actions/checkout@v2
- name: Create cache directories
run: |
dirs=(/srv/zulip-{npm,venv,emoji}-cache)
sudo mkdir -p "${dirs[@]}"
sudo chown -R github "${dirs[@]}"
- name: Restore node_modules cache
uses: actions/cache@v2
with:
path: /srv/zulip-npm-cache
ci: Cache with the OS name, not the job name. The job name is just the constant `production_build`. Renaming it to have the OS in the key ensures that it is not shared across OS'es (for instance between `4.x` and `main`, which are now bionic and buster, respectively), and also allows it to share caches with the install step, which uses the OS name in that place.
2022-01-24 22:54:12 +01:00
key: v1-yarn-deps-buster-${{ hashFiles('package.json') }}-${{ hashFiles('yarn.lock') }}
restore-keys: v1-yarn-deps-buster
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
- name: Restore python cache
uses: actions/cache@v2
with:
path: /srv/zulip-venv-cache
ci: Cache with the OS name, not the job name. The job name is just the constant `production_build`. Renaming it to have the OS in the key ensures that it is not shared across OS'es (for instance between `4.x` and `main`, which are now bionic and buster, respectively), and also allows it to share caches with the install step, which uses the OS name in that place.
2022-01-24 22:54:12 +01:00
key: v1-venv-buster-${{ hashFiles('requirements/dev.txt') }}
restore-keys: v1-venv-buster
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
- name: Restore emoji cache
uses: actions/cache@v2
with:
path: /srv/zulip-emoji-cache
ci: Cache with the OS name, not the job name. The job name is just the constant `production_build`. Renaming it to have the OS in the key ensures that it is not shared across OS'es (for instance between `4.x` and `main`, which are now bionic and buster, respectively), and also allows it to share caches with the install step, which uses the OS name in that place.
2022-01-24 22:54:12 +01:00
key: v1-emoji-buster-${{ hashFiles('tools/setup/emoji/emoji_map.json') }}-${{ hashFiles('tools/setup/emoji/build_emoji') }}-${{ hashFiles('tools/setup/emoji/emoji_setup_utils.py') }}-${{ hashFiles('tools/setup/emoji/emoji_names.py') }}-${{ hashFiles('package.json') }}
restore-keys: v1-emoji-buster
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
- name: Build production tarball
ci: Remove 2>&1 redirection. We had used 2>&1 to redirect stderr to stdout so it could be piped into ts, but commit dd3cdd6ec5085c25b6a9491b7e9b672ae99af442 (#17611) removed ts, so we no longer need the redirection. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-03-29 20:51:40 +02:00
run: ./tools/ci/production-build
github-actions: Add bionic production build job. All the steps are same from circleci except two steps: 1. The 'Add permissions ...' step is Actions specific as explained in comments. 2. The step that used upload-artifacts is Actions verison of presist_to_workspace. Finally, I should note the duplication in this and zulip-ci workflow. There are three reason this is not a problem: 1. It will be messy to mush this into zulip-ci workflow only for benefit of un-duplicating the env and cache restore steps. 2. We needs this on its own workflow if we want to only run it when production related dependencies are updated. 3. I don't see us updating the duplicated steps between both workflow. Circle CI config is prefect example for this; nothing is changed except for adding or updating steps which are not duplicated.
2020-07-08 02:20:01 +02:00
- name: Upload production build artifacts for install jobs
uses: actions/upload-artifact@v2
with:
name: production-tarball
path: /tmp/production-build
github: Enable retention periods for uploaded artifacts. This prevents Zulip CI from eventually consuming large amounts of storage on one's GitHub account. I picked a longer retention period for the Puppeteer artifacts because humans look at those; the production tarballs are unlikely to be used 10 minutes after the run completes as they are just for the next stage fo the build; certainly 14 days seems ample for any debugging.
2020-11-04 01:36:23 +01:00
retention-days: 14
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
ci: Notify in zulip when a build fails in GitHub Actions. We use the circleci integration which already has a nice setup for sending messages when triggered to send the build failure notification.
2021-02-16 06:27:02 +01:00
- name: Report status
if: failure()
env:
ZULIP_BOT_KEY: ${{ secrets.ZULIP_BOT_KEY }}
run: tools/ci/send-failure-message
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
production_install:
ci: Add prod upgrade step to prod suite. This adds a check in the current production suite of CI that upgrades a previous release of zulip server with a newer one. Fixes #18346.
2021-06-07 09:12:58 +02:00
# This job installs the server release tarball built above on a
# range of platforms, and does some basic health checks on the
# resulting installer Zulip server.
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
strategy:
fail-fast: false
matrix:
include:
ci: Update outdated comments, documentation and gitignore. Use of `Dockerfile.template` and generated `tools/ci/images/` was removed in 16067bc4fc5c.
2021-07-22 21:33:39 +02:00
# Docker images are built from 'tools/ci/Dockerfile'; the comments at
# the top explain how to build and upload these images.
ci: Switch to hosting the CI images under Zulip on Dockerhub.
2021-04-01 00:59:59 +02:00
- docker_image: zulip/ci:focal
docs: Fix more capitalization issues. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-10-23 02:43:28 +02:00
name: Focal production install
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
os: focal
ci: Refactor --test-custom-db to be an argument, not a command.
2021-12-14 05:18:12 +01:00
extra_args: ""
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
ci: Switch to hosting the CI images under Zulip on Dockerhub.
2021-04-01 00:59:59 +02:00
- docker_image: zulip/ci:buster
Remove Ubuntu 18.04 support. As a consequence: • Bump minimum supported Python version to 3.7. • Move Vagrant environment to Debian 10, which has Python 3.7. • Move CI frontend tests to Debian 10. • Move production build test to Debian 10. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-08 22:12:57 +01:00
name: Buster production install with custom db name and user
production_suite: Add debian production install to production suite. We support Debian as an OS for setting up the Zulip server. But the CI does not run on pull request to test the setting up of the server on Debian. Hence, add the check to CI.
2021-03-25 08:37:45 +01:00
os: buster
Remove Ubuntu 18.04 support. As a consequence: • Bump minimum supported Python version to 3.7. • Move Vagrant environment to Debian 10, which has Python 3.7. • Move CI frontend tests to Debian 10. • Move production build test to Debian 10. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-08 22:12:57 +01:00
extra_args: --test-custom-db
production_suite: Add debian production install to production suite. We support Debian as an OS for setting up the Zulip server. But the CI does not run on pull request to test the setting up of the server on Debian. Hence, add the check to CI.
2021-03-25 08:37:45 +01:00
ci: Add Debian bullseye to production test suite.
2021-04-02 11:04:05 +02:00
- docker_image: zulip/ci:bullseye
name: Bullseye production install
os: bullseye
ci: Refactor --test-custom-db to be an argument, not a command.
2021-12-14 05:18:12 +01:00
extra_args: ""
ci: Add Debian bullseye to production test suite.
2021-04-02 11:04:05 +02:00
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
name: ${{ matrix.name }}
ci: Use an init process to reap defunct processes. When Github Actions run in Docker, the default pid 1 entrypoint is `tail -f /dev/null`. PID 1 is responsible for propagating signals to its children, and calling `waitpid()` on defunct processes; `tail` does not do these things. This results in zombie processes piling up inside the container, which is not an issue in most contexts. However, it affects `start-stop-daemon`, which hangs when stopping daemon processes, as they are never reaped. This appears in CI as `/etc/init.d/supervisor restart` never being able to succeed. Run the docker container with `--init`, which spawns a `/sbin/docker-init` PID 1 to handle the job of an init process.
2021-07-22 21:35:27 +02:00
container:
image: ${{ matrix.docker_image }}
options: --init
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
runs-on: ubuntu-latest
needs: production_build
steps:
- name: Download built production tarball
uses: actions/download-artifact@v2
with:
name: production-tarball
path: /tmp
- name: Add required permissions and setup
run: |
# This is the GitHub Actions specific cache directory the
# the current github user must be able to access for the
# cache action to work. It is owned by root currently.
sudo chmod -R 0777 /__w/_temp/
# Since actions/download-artifact@v2 loses all the permissions
# of the tarball uploaded by the upload artifact fix those.
chmod +x /tmp/production-upgrade-pg
ci: Test pgroonga installation.
2021-11-19 02:04:30 +01:00
chmod +x /tmp/production-pgroonga
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
chmod +x /tmp/production-install
chmod +x /tmp/production-verify
ci: Notify in zulip when a build fails in GitHub Actions. We use the circleci integration which already has a nice setup for sending messages when triggered to send the build failure notification.
2021-02-16 06:27:02 +01:00
chmod +x /tmp/send-failure-message
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
- name: Create cache directories
run: |
dirs=(/srv/zulip-{npm,venv,emoji}-cache)
sudo mkdir -p "${dirs[@]}"
sudo chown -R github "${dirs[@]}"
- name: Restore node_modules cache
uses: actions/cache@v2
with:
path: /srv/zulip-npm-cache
github-actions: Fix incorrect hash key in production install job. The hash keys were missing hash for package.json and yarn.lock because they were not present since we don't do a full checkout in this job. We fix this by sending over those files and generating hashes from them. I usally verify these cache keys by clicking the Restore <cache> step dropdown menu and then clicking the Run ... dropdown menu again to see the generated hash.
2020-08-03 19:58:56 +02:00
key: v1-yarn-deps-${{ matrix.os }}-${{ hashFiles('/tmp/package.json') }}-${{ hashFiles('/tmp/yarn.lock') }}
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
restore-keys: v1-yarn-deps-${{ matrix.os }}
- name: Install production
run: |
sudo service rabbitmq-server restart
ci: Refactor --test-custom-db to be an argument, not a command.
2021-12-14 05:18:12 +01:00
sudo /tmp/production-install ${{ matrix.extra-args }}
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
- name: Verify install
puppet: process_fts_updates connects as nagios (or provided username). It should not use the configured zulip username, but should instead pull from the login user (likely `nagios`), or an explicit alternate provided PostgreSQL username. Failure to do so results in Nagios failures because the `nagios` login does not have permissions to authenticated the `zulip` PostgreSQL user. This requires CI changes, as the install tests install as the `zulip` login username, which allowed Nagios tests to pass previously; with the custom database and username, however, they must be passed to process_fts_updates explicitly when validating the install.
2021-12-14 05:23:23 +01:00
run: sudo /tmp/production-verify ${{ matrix.extra-args }}
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
ci: Test pgroonga installation.
2021-11-19 02:04:30 +01:00
- name: Install pgroonga
ci: Test upgrade-postgresql on Ubuntu 20.04. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-09 03:50:07 +01:00
if: ${{ matrix.os == 'focal' }}
ci: Test pgroonga installation.
2021-11-19 02:04:30 +01:00
run: sudo /tmp/production-pgroonga
- name: Verify install after installing pgroonga
ci: Test upgrade-postgresql on Ubuntu 20.04. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-09 03:50:07 +01:00
if: ${{ matrix.os == 'focal' }}
puppet: process_fts_updates connects as nagios (or provided username). It should not use the configured zulip username, but should instead pull from the login user (likely `nagios`), or an explicit alternate provided PostgreSQL username. Failure to do so results in Nagios failures because the `nagios` login does not have permissions to authenticated the `zulip` PostgreSQL user. This requires CI changes, as the install tests install as the `zulip` login username, which allowed Nagios tests to pass previously; with the custom database and username, however, they must be passed to process_fts_updates explicitly when validating the install.
2021-12-14 05:23:23 +01:00
run: sudo /tmp/production-verify ${{ matrix.extra-args }}
ci: Test pgroonga installation.
2021-11-19 02:04:30 +01:00
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
- name: Upgrade postgresql
ci: Test upgrade-postgresql on Ubuntu 20.04. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-09 03:50:07 +01:00
if: ${{ matrix.os == 'focal' }}
ci: Remove 2>&1 redirection. We had used 2>&1 to redirect stderr to stdout so it could be piped into ts, but commit dd3cdd6ec5085c25b6a9491b7e9b672ae99af442 (#17611) removed ts, so we no longer need the redirection. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-03-29 20:51:40 +02:00
run: sudo /tmp/production-upgrade-pg
github-actions: Add bionic and focal production install jobs. We remove the "Do memcached hack" step from CircleCI when migrating this job because a fix has been made upstream.
2020-07-16 21:34:01 +02:00
- name: Verify install after upgrading postgresql
ci: Test upgrade-postgresql on Ubuntu 20.04. Signed-off-by: Anders Kaseorg <anders@zulip.com>
2021-11-09 03:50:07 +01:00
if: ${{ matrix.os == 'focal' }}
puppet: process_fts_updates connects as nagios (or provided username). It should not use the configured zulip username, but should instead pull from the login user (likely `nagios`), or an explicit alternate provided PostgreSQL username. Failure to do so results in Nagios failures because the `nagios` login does not have permissions to authenticated the `zulip` PostgreSQL user. This requires CI changes, as the install tests install as the `zulip` login username, which allowed Nagios tests to pass previously; with the custom database and username, however, they must be passed to process_fts_updates explicitly when validating the install.
2021-12-14 05:23:23 +01:00
run: sudo /tmp/production-verify ${{ matrix.extra-args }}
ci: Notify in zulip when a build fails in GitHub Actions. We use the circleci integration which already has a nice setup for sending messages when triggered to send the build failure notification.
2021-02-16 06:27:02 +01:00
- name: Report status
if: failure()
env:
ZULIP_BOT_KEY: ${{ secrets.ZULIP_BOT_KEY }}
run: /tmp/send-failure-message
ci: Add prod upgrade step to prod suite. This adds a check in the current production suite of CI that upgrades a previous release of zulip server with a newer one. Fixes #18346.
2021-06-07 09:12:58 +02:00
production_upgrade:
# The production upgrade job starts with a container with a
# previous Zulip release installed, and attempts to upgrade it to
# the release tarball built for the current commit being tested.
#
# This is intended to catch bugs that result in the upgrade
# process failing.
strategy:
fail-fast: false
matrix:
include:
ci: Update outdated comments to generated Dockerfiles. These were missed in the doc updates in d78723b6e876, which were for behavior changes in 16067bc4fc5c.
2021-11-05 23:35:39 +01:00
# Docker images are built from 'tools/ci/Dockerfile'; the comments at
# the top explain how to build and upload these images.
ci: Add prod upgrade step to prod suite. This adds a check in the current production suite of CI that upgrades a previous release of zulip server with a newer one. Fixes #18346.
2021-06-07 09:12:58 +02:00
- docker_image: zulip/ci:buster-3.4
name: 3.4 Version Upgrade
os: buster
ci: Test upgrades from the latest minor release.
2021-11-25 06:33:52 +01:00
- docker_image: zulip/ci:bullseye-4.7
name: 4.7 Version Upgrade
os: bullseye
ci: Add prod upgrade step to prod suite. This adds a check in the current production suite of CI that upgrades a previous release of zulip server with a newer one. Fixes #18346.
2021-06-07 09:12:58 +02:00
name: ${{ matrix.name }}
ci: Use an init process to reap defunct processes. When Github Actions run in Docker, the default pid 1 entrypoint is `tail -f /dev/null`. PID 1 is responsible for propagating signals to its children, and calling `waitpid()` on defunct processes; `tail` does not do these things. This results in zombie processes piling up inside the container, which is not an issue in most contexts. However, it affects `start-stop-daemon`, which hangs when stopping daemon processes, as they are never reaped. This appears in CI as `/etc/init.d/supervisor restart` never being able to succeed. Run the docker container with `--init`, which spawns a `/sbin/docker-init` PID 1 to handle the job of an init process.
2021-07-22 21:35:27 +02:00
container:
image: ${{ matrix.docker_image }}
options: --init
ci: Add prod upgrade step to prod suite. This adds a check in the current production suite of CI that upgrades a previous release of zulip server with a newer one. Fixes #18346.
2021-06-07 09:12:58 +02:00
runs-on: ubuntu-latest
needs: production_build
steps:
- name: Download built production tarball
uses: actions/download-artifact@v2
with:
name: production-tarball
path: /tmp
- name: Add required permissions and setup
run: |
# This is the GitHub Actions specific cache directory the
# the current github user must be able to access for the
# cache action to work. It is owned by root currently.
sudo chmod -R 0777 /__w/_temp/
# Since actions/download-artifact@v2 loses all the permissions
# of the tarball uploaded by the upload artifact fix those.
chmod +x /tmp/production-upgrade
chmod +x /tmp/production-verify
chmod +x /tmp/send-failure-message
upgrade-check: Add create cache directory step. Create cache directories for the upgrade check in the production-suite.
2021-07-01 14:44:04 +02:00
- name: Create cache directories
run: |
dirs=(/srv/zulip-{npm,venv,emoji}-cache)
sudo mkdir -p "${dirs[@]}"
sudo chown -R github "${dirs[@]}"
ci: Add prod upgrade step to prod suite. This adds a check in the current production suite of CI that upgrades a previous release of zulip server with a newer one. Fixes #18346.
2021-06-07 09:12:58 +02:00
- name: Upgrade production
run: sudo /tmp/production-upgrade
# TODO: We should be running production-verify here, but it
# doesn't pass yet.
#
# - name: Verify install
# run: sudo /tmp/production-verify
- name: Report status
if: failure()
env:
ZULIP_BOT_KEY: ${{ secrets.ZULIP_BOT_KEY }}
run: /tmp/send-failure-message