Skip to content

Commit

Permalink
[tests only] CircleCI security episode, rotate tokens, clean up (ddev…
Browse files Browse the repository at this point in the history
…#4525)

* This moves the TestDdevFullSiteSetup and the pull/push tests to github from circleci
  • Loading branch information
rfay authored Jan 6, 2023
1 parent 617c5fd commit 4b27ada
Show file tree
Hide file tree
Showing 5 changed files with 45 additions and 39 deletions.
2 changes: 1 addition & 1 deletion .ci-scripts/linux_arm64_setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ set -o errexit
# Basic tools

set -x
export GO_VERSION=1.18.4
export GO_VERSION=1.19.4

if [ ! -z "${DOCKERHUB_PULL_USERNAME:-}" ]; then
set +x
Expand Down
58 changes: 29 additions & 29 deletions .circleci/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ version: 2.1
jobs:
build:
machine:
image: ubuntu-2004:2022.07.1
image: ubuntu-2004:current
working_directory: ~/ddev
environment:
DDEV_NONINTERACTIVE: "true"
Expand All @@ -11,13 +11,13 @@ jobs:
- run: sudo mkdir /home/linuxbrew && sudo chown $(id -u) /home/linuxbrew
- restore_cache:
keys:
- linux-homebrew-v30
- linux-homebrew-v31
- run:
command: ./.circleci/linux_circle_vm_setup.sh
name: NORMAL Circle VM setup
no_output_timeout: "40m"
- save_cache:
key: linux-homebrew-v30
key: linux-homebrew-v31
paths:
- /home/linuxbrew
- run:
Expand All @@ -37,7 +37,7 @@ jobs:

lx_amd64_fpm_test:
machine:
image: ubuntu-2004:202111-01
image: ubuntu-2004:current
working_directory: ~/ddev
environment:
DDEV_TEST_WEBSERVER_TYPE: nginx-fpm
Expand All @@ -64,16 +64,16 @@ jobs:
- run: 'mkdir -p ~/.ngrok2 && echo "authtoken: ${NGROK_TOKEN}" >~/.ngrok2/ngrok.yml'
- restore_cache:
keys:
- linux-homebrew-v30
- linux-homebrew-v31
- restore_cache:
keys:
- linux-testcache-v27
- linux-testcache-v31
- run:
command: ./.circleci/linux_circle_vm_setup.sh
name: Circle VM setup
no_output_timeout: "40m"
- save_cache:
key: linux-homebrew-v30
key: linux-homebrew-v31
paths:
- /home/linuxbrew
- run: echo "$(docker --version) $(docker-compose --version)"
Expand All @@ -84,13 +84,13 @@ jobs:
- store_test_results:
path: /tmp/testresults
- save_cache:
key: linux-testcache-v27
key: linux-testcache-v31
paths:
- /home/circleci/.ddev/testcache

lx_arm64_fpm_test:
machine:
image: ubuntu-2004:202101-01
image: ubuntu-2004:current
resource_class: arm.medium
working_directory: ~/ddev
environment:
Expand All @@ -106,7 +106,7 @@ jobs:
set -x
if [ "${CIRCLE_PR_NUMBER}" != "" ] ; then
echo "base_revision=<< pipeline.git.base_revision >>"
if ! git diff --name-only "<< pipeline.git.base_revision >>" | egrep "^(Makefile|pkg|cmd|vendor|go\.)"; then
if ! git diff --name-only "<< pipeline.git.base_revision >>" | egrep "^(.circleci|Makefile|pkg|cmd|vendor|go\.)"; then
echo "Skipping build since no code changes found"
circleci-agent step halt
fi
Expand Down Expand Up @@ -213,7 +213,7 @@ jobs:

lx_apache_fpm_test:
machine:
image: ubuntu-2004:202111-01
image: ubuntu-2004:current
working_directory: ~/ddev
environment:
DDEV_TEST_WEBSERVER_TYPE: apache-fpm
Expand All @@ -224,7 +224,7 @@ jobs:
- run: sudo mkdir /home/linuxbrew && sudo chown $(id -u) /home/linuxbrew
- restore_cache:
keys:
- linux-homebrew-v30
- linux-homebrew-v31
- attach_workspace:
at: ~/
- run:
Expand All @@ -241,14 +241,14 @@ jobs:
- store_test_results:
path: /tmp/testresults
- save_cache:
key: linux-homebrew-v30
key: linux-homebrew-v31
paths:
- /home/linuxbrew
- /home/circleci/.ddev/testcache

lx_nfsmount_test:
machine:
image: ubuntu-2004:202111-01
image: ubuntu-2004:current
working_directory: ~/ddev
environment:
DDEV_TEST_USE_NFSMOUNT: true
Expand All @@ -259,7 +259,7 @@ jobs:
- run: sudo mkdir /home/linuxbrew && sudo chown $(id -u) /home/linuxbrew
- restore_cache:
keys:
- linux-homebrew-v30
- linux-homebrew-v31
- attach_workspace:
at: ~/
- run:
Expand All @@ -278,22 +278,22 @@ jobs:
- store_test_results:
path: /tmp/testresults
- save_cache:
key: linux-homebrew-v30
key: linux-homebrew-v31
paths:
- /home/linuxbrew
- /home/circleci/.ddev/testcache

staticrequired:
machine:
image: ubuntu-2004:202111-01
image: ubuntu-2004:current
working_directory: ~/ddev
environment:
steps:
- checkout
- run: sudo mkdir /home/linuxbrew && sudo chown $(id -u) /home/linuxbrew
- restore_cache:
keys:
- linux-homebrew-v30
- linux-homebrew-v31
- run:
command: ./.circleci/linux_circle_vm_setup.sh
name: Circle VM setup
Expand All @@ -304,7 +304,7 @@ jobs:

lx_amd64_container_test:
machine:
image: ubuntu-2004:202111-01
image: ubuntu-2004:current
working_directory: ~/ddev
environment:
GOTEST_SHORT: true
Expand All @@ -315,7 +315,7 @@ jobs:
- run: sudo mkdir /home/linuxbrew && sudo chown $(id -u) /home/linuxbrew
- restore_cache:
keys:
- linux-homebrew-v30
- linux-homebrew-v31
- run:
command: ./.circleci/linux_circle_vm_setup.sh
name: Circle VM setup
Expand All @@ -339,14 +339,14 @@ jobs:
name: linux container test

- save_cache:
key: linux-homebrew-v30
key: linux-homebrew-v31
paths:
- /home/linuxbrew
- /home/circleci/.ddev/testcache

lx_arm64_container_test:
machine:
image: ubuntu-2004:202111-01
image: ubuntu-2004:current
resource_class: arm.medium
working_directory: ~/ddev
environment:
Expand Down Expand Up @@ -400,21 +400,21 @@ jobs:

artifacts:
machine:
image: ubuntu-2004:202111-01
image: ubuntu-2004:current
working_directory: ~/ddev
steps:
- run: sudo mkdir /home/linuxbrew && sudo chown $(id -u) /home/linuxbrew
- restore_cache:
keys:
- linux-homebrew-v30
- linux-homebrew-v31
- attach_workspace:
at: ~/
- run:
command: ./.ci-scripts/generate_artifacts.sh ~/artifacts
name: tar/zip up artifacts and make hashes
no_output_timeout: "40m"
- save_cache:
key: linux-homebrew-v30
key: linux-homebrew-v31
paths:
- /home/linuxbrew
- /home/circleci/.ddev/testcache
Expand Down Expand Up @@ -513,10 +513,10 @@ workflows:
# - mac_container_test
# - lx_amd64_container_test
# - staticrequired
- lx_amd64_fpm_test:
branches:
ignore:
- gh-pages
# - lx_amd64_fpm_test:
# branches:
# ignore:
# - gh-pages
- lx_arm64_fpm_test:
branches:
ignore:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/linux-setup.sh
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ echo "capath=/etc/ssl/certs/" >>~/.curlrc
source ~/.bashrc

brew tap drud/ddev >/dev/null
for item in docker-compose golang golangci-lint mkcert; do
for item in docker-compose golangci-lint mkcert; do
brew install $item >/dev/null || /home/linuxbrew/.linuxbrew/bin/brew upgrade $item >/dev/null
done

Expand Down
22 changes: 14 additions & 8 deletions .github/workflows/tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,9 @@ jobs:
no-bind-mounts: "true"
- name: "traefik"
use-traefik: "true"
- name: "pull-push-test-platforms"
pull-push-test-platforms: true

fail-fast: false

runs-on: ubuntu-20.04
Expand All @@ -58,6 +61,8 @@ jobs:
DDEV_TEST_USE_MUTAGEN: ${{ matrix.mutagen }}
DDEV_TEST_NO_BIND_MOUNTS: ${{ matrix.no-bind-mounts }}
DDEV_TEST_USE_TRAEFIK: ${{ matrix.use-traefik }}
MAKE_TARGET: "test"
TESTARGS: "-failfast"
steps:
- uses: actions/checkout@v3
- name: Set up Homebrew
Expand All @@ -69,14 +74,15 @@ jobs:
with:
go-version: '>=1.19.4'

- run: echo "DDEV_TEST_USE_MUTAGEN=${DDEV_TEST_USE_MUTAGEN} DDEV_TEST_USE_TRAEFIK=${DDEV_TEST_USE_TRAEFIK} DDEV_TEST_WEBSERVER_TYPE=${DDEV_TEST_WEBSERVER_TYPE} DDEV_TEST_NO_BIND_MOUNTS=${DDEV_TEST_NO_BIND_MOUNTS}"

- name: DDEV tests
run: make TESTARGS="-failfast" test
# if: matrix.use-traefik != 'true'
- name: Override environment variables for push-pull-test-platforms
run: |
echo "MAKE_TARGET=testpkg" >> $GITHUB_ENV
echo "TESTARGS=-failfast -run '(TestDdevFullSite.*|Test.*Pull)'" >> $GITHUB_ENV
echo "GOTEST_SHORT=" >> $GITHUB_ENV
if: ${{ matrix.pull-push-test-platforms }}

# - name: DDEV tests - traefik
# run: make test
# if: matrix.use-traefik == 'true'
- run: echo "DDEV_TEST_USE_MUTAGEN=${DDEV_TEST_USE_MUTAGEN} DDEV_TEST_USE_TRAEFIK=${DDEV_TEST_USE_TRAEFIK} DDEV_TEST_WEBSERVER_TYPE=${DDEV_TEST_WEBSERVER_TYPE} DDEV_TEST_NO_BIND_MOUNTS=${DDEV_TEST_NO_BIND_MOUNTS} MAKE_TARGET=${MAKE_TARGET} TESTARGS=${TESTARGS} GOTEST_SHORT='${GOTEST_SHORT}'"

- name: DDEV tests
run: make TESTARGS="${TESTARGS}" ${MAKE_TARGET}

Binary file modified certfiles/ddev_developer_id_cert.p12
Binary file not shown.

0 comments on commit 4b27ada

Please sign in to comment.