scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-30 02:02:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add a GHA job running Go tests with race detection enabled to the CI … (#19561)

Browse Source 
* Add a GHA job running Go tests with race detection enabled to the CI workflow

* Incorporate logic from test-go-race into the test-go testing matrix

* Make test-go testing matrix job names more meaningful

* Fix some a bug in script's logic

* Experiment: bump wait time in the failing TestLoginMFASinglePhase test to see if that makes a difference

* Lower the wait time in TestLoginMFASinglePhase

* Change the wait time in TestLoginMFASinglePhase to 15

* Add more detail to test-go testing matrix job names

* Test whether we already have access to larger runners

* Run Go tests with enabled data race detection from a separate job than the standard suite of tests

* Tweak runner sizes for OSS

* Try rebalancing test buckets

* Change instance type for larger ENT runners

* Undo rebalancing of test buckets as it changed nothing

* Change instance type for larger OSS runners

* Change the way we generate names for matrix jobs

* Consolidate the Go build tags variables, update them to use comma as a separator and fix the if statement in test-go

* Fix a typo
This commit is contained in:
Kuba Wieczorek
2023-03-21 18:13:40 +00:00
committed by GitHub
parent 29b1e5541a
commit 61ede67ac4
3 changed files with 52 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
.github/workflows/ci.yml vendored
View File

@@ -1,15 +1,19 @@
name: CI name: CI
on: on:
pull_request:
push: push:
branches:
- "main"
jobs: jobs:
setup: setup:
name: Setup name: Setup
runs-on: ubuntu-latest runs-on: ubuntu-latest
outputs: outputs:
runs-on: ${{ steps.setup-outputs.outputs.runs-on }} compute-standard: ${{ steps.setup-outputs.outputs.compute-standard }}
compute-larger: ${{ steps.setup-outputs.outputs.compute-larger }}
enterprise: ${{ steps.setup-outputs.outputs.enterprise }} enterprise: ${{ steps.setup-outputs.outputs.enterprise }}
go-tags: ${{ steps.setup-outputs.outputs.go-tags }} go-build-tags: ${{ steps.setup-outputs.outputs.go-build-tags }}
steps: steps:
- id: setup-outputs - id: setup-outputs
name: Setup outputs name: Setup outputs
@@ -17,19 +21,21 @@ jobs:
github_repository="${{ github.repository }}" github_repository="${{ github.repository }}"
if [ "${github_repository##*/}" == "vault-enterprise" ] ; then if [ "${github_repository##*/}" == "vault-enterprise" ] ; then
echo 'runs-on=["self-hosted","ondemand","linux","type=c5.2xlarge"]' >> $GITHUB_OUTPUT echo 'compute-standard=["self-hosted","ondemand","linux","type=m5.xlarge"]' >> $GITHUB_OUTPUT
echo 'compute-larger=["self-hosted","ondemand","linux","type=m5.2xlarge"]' >> $GITHUB_OUTPUT
echo 'enterprise=1' >> $GITHUB_OUTPUT echo 'enterprise=1' >> $GITHUB_OUTPUT
echo 'go-tags=ent enterprise' >> $GITHUB_OUTPUT echo 'go-build-tags=ent,enterprise' >> $GITHUB_OUTPUT
else else
echo 'runs-on="ubuntu-latest"' >> $GITHUB_OUTPUT echo 'compute-standard=["custom", "linux", "small"]' >> $GITHUB_OUTPUT
echo 'compute-larger=["custom", "linux", "medium"]' >> $GITHUB_OUTPUT
echo 'enterprise=' >> $GITHUB_OUTPUT echo 'enterprise=' >> $GITHUB_OUTPUT
echo 'go-tags=' >> $GITHUB_OUTPUT echo 'go-build-tags=' >> $GITHUB_OUTPUT
fi fi
semgrep: semgrep:
name: Semgrep name: Semgrep
needs: needs:
- setup - setup
runs-on: ${{ fromJSON(needs.setup.outputs.runs-on) }} runs-on: ${{ fromJSON(needs.setup.outputs.compute-standard) }}
container: container:
image: returntocorp/semgrep@sha256:ffc6f3567654f9431456d49fd059dfe548f007c494a7eb6cd5a1a3e50d813fb3 image: returntocorp/semgrep@sha256:ffc6f3567654f9431456d49fd059dfe548f007c494a7eb6cd5a1a3e50d813fb3
steps: steps:
@@ -43,13 +49,13 @@ jobs:
- setup - setup
uses: ./.github/workflows/setup-go-cache.yml uses: ./.github/workflows/setup-go-cache.yml
with: with:
runs-on: ${{ needs.setup.outputs.runs-on }} runs-on: ${{ needs.setup.outputs.compute-larger }}
secrets: inherit secrets: inherit
fmt: fmt:
name: Check Format name: Check Format
needs: needs:
- setup - setup
runs-on: ${{ fromJSON(needs.setup.outputs.runs-on) }} runs-on: ${{ fromJSON(needs.setup.outputs.compute-standard) }}
steps: steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c
- uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 - uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613
@@ -73,11 +79,25 @@ jobs:
if: ${{ ! (startsWith( github.ref_name, 'ui/' ) || startsWith( github.ref_name, 'docs/' ) || startsWith( github.ref_name, 'backport/docs/') ) }} if: ${{ ! (startsWith( github.ref_name, 'ui/' ) || startsWith( github.ref_name, 'docs/' ) || startsWith( github.ref_name, 'backport/docs/') ) }}
uses: ./.github/workflows/test-go.yml uses: ./.github/workflows/test-go.yml
with: with:
# The example inputs below are just here to get the workflow to run during the migration. name: ''
# In the future, they will be substituted - possibly with references to values coming from a testing matrix.
go-arch: amd64 go-arch: amd64
go-tags: ${{ needs.setup.outputs.go-tags }} go-build-tags: '${{ needs.setup.outputs.go-build-tags }},deadlock'
extra-tags: deadlock runs-on: ${{ needs.setup.outputs.compute-standard }}
runs-on: ${{ needs.setup.outputs.runs-on }} enterprise: ${{ needs.setup.outputs.enterprise }}
secrets: inherit
test-go-race:
name: Run Go tests with data race detection
needs:
- setup
- setup-go-cache
# Don't run this job for branches starting with 'ui/', 'docs/', or 'backport/docs/'
if: ${{ ! (startsWith( github.ref_name, 'ui/' ) || startsWith( github.ref_name, 'docs/' ) || startsWith( github.ref_name, 'backport/docs/') ) }}
uses: ./.github/workflows/test-go.yml
with:
name: race
extra-flags: '-race'
go-arch: amd64
go-build-tags: ${{ needs.setup.outputs.go-build-tags }}
runs-on: ${{ needs.setup.outputs.compute-larger }}
enterprise: ${{ needs.setup.outputs.enterprise }} enterprise: ${{ needs.setup.outputs.enterprise }}
secrets: inherit secrets: inherit

24
.github/workflows/test-go.yml vendored
View File

@@ -1,12 +1,16 @@
on: on:
workflow_call: workflow_call:
inputs: inputs:
name:
description: A suffix to be added to the matrix job names.
required: true
type: string
go-arch: go-arch:
description: The execution architecture (arm, amd64, etc.) description: The execution architecture (arm, amd64, etc.)
required: true required: true
type: string type: string
extra-tags: extra-flags:
description: A comma-separated list of additional build tags. description: A space-separated list of additional build flags.
required: false required: false
type: string type: string
runs-on: runs-on:
@@ -18,8 +22,8 @@ on:
description: A flag indicating if this workflow is executing for the enterprise repository. description: A flag indicating if this workflow is executing for the enterprise repository.
required: true required: true
type: string type: string
go-tags: go-build-tags:
description: The go tags to include on the go test command. description: A comma-separated list of additional build tags to consider satisfied during the build.
required: false required: false
type: string type: string
@@ -55,10 +59,9 @@ jobs:
permissions: permissions:
id-token: write # Note: this permission is explicitly required for Vault auth id-token: write # Note: this permission is explicitly required for Vault auth
contents: read contents: read
name: ${{ inputs.packages }} name: "${{ matrix.runner-index }} ${{ inputs.name }}"
needs: needs:
- runner-indexes - runner-indexes
# Use GitHub runners on the OSS Vault repo and self-hosted runners otherwise.
runs-on: ${{ fromJSON(inputs.runs-on) }} runs-on: ${{ fromJSON(inputs.runs-on) }}
strategy: strategy:
fail-fast: false fail-fast: false
@@ -115,6 +118,11 @@ jobs:
# #
ENTERPRISE=${{ inputs.enterprise }} source .github/scripts/generate-test-package-lists.sh ENTERPRISE=${{ inputs.enterprise }} source .github/scripts/generate-test-package-lists.sh
# If data race detection is enabled, export a relevant environment variable for use in tests
if [[ "${{ inputs.extra-flags }}" =~ "-race" ]]; then
export VAULT_CI_GO_TEST_RACE=1
fi
# Build the dynamically generated source files. # Build the dynamically generated source files.
make prep make prep
@@ -147,9 +155,10 @@ jobs:
--junitfile test-results/go-test/results.xml \ --junitfile test-results/go-test/results.xml \
--jsonfile test-results/go-test/results.json \ --jsonfile test-results/go-test/results.json \
-- \ -- \
-tags "${{ inputs.go-tags }} ${{ inputs.extra-tags }}" \ -tags "${{ inputs.go-build-tags }}" \
-timeout=${{ env.TIMEOUT_IN_MINUTES }}m \ -timeout=${{ env.TIMEOUT_IN_MINUTES }}m \
-parallel=20 \ -parallel=20 \
${{ inputs.extra-flags }} \
\ \
${test_packages[${{ matrix.runner-index }}]} ${test_packages[${{ matrix.runner-index }}]}
- name: Archive test results - name: Archive test results
@@ -157,6 +166,7 @@ jobs:
with: with:
name: test-results-${{ matrix.runner-index }} name: test-results-${{ matrix.runner-index }}
path: test-results/ path: test-results/
if: always()
- name: Create a summary of tests - name: Create a summary of tests
uses: test-summary/action@62bc5c68de2a6a0d02039763b8c754569df99e3f uses: test-summary/action@62bc5c68de2a6a0d02039763b8c754569df99e3f
with: with:

2
Makefile
View File

@@ -33,7 +33,7 @@ bin: prep
# dev creates binaries for testing Vault locally. These are put # dev creates binaries for testing Vault locally. These are put
# into ./bin/ as well as $GOPATH/bin # into ./bin/ as well as $GOPATH/bin
dev: prep dev: prep
@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS)' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'" @CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS),' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
dev-ui: assetcheck prep dev-ui: assetcheck prep
@CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS) ui' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'" @CGO_ENABLED=$(CGO_ENABLED) BUILD_TAGS='$(BUILD_TAGS) ui' VAULT_DEV_BUILD=1 sh -c "'$(CURDIR)/scripts/build.sh'"
dev-dynamic: prep dev-dynamic: prep