diff --git a/.ci/build_matrix.sh b/.ci/build_matrix.sh index 5110185ddf2..9f049203c4a 100755 --- a/.ci/build_matrix.sh +++ b/.ci/build_matrix.sh @@ -11,10 +11,9 @@ versions=( 'latest-ubuntu-student' 'v25.2.0' 'v25.1.0' - 'v25.1-ubuntu' + 'v25.1-ubuntu-cicd' 'v25.1-ubuntu-student' 'v24.2.0' - 'v24.2-ubuntu' 'v24.1.0' 'v24.1-ubuntu' 'v23.2.0' diff --git a/.ci/entrypoint.sh b/.ci/entrypoint.sh index ca61a1ee21d..669cc1d0bfb 100755 --- a/.ci/entrypoint.sh +++ b/.ci/entrypoint.sh @@ -1,4 +1,5 @@ #!/bin/bash + export OMPI_ALLOW_RUN_AS_ROOT=1 export OMPI_ALLOW_RUN_AS_ROOT_CONFIRM=1 @@ -15,6 +16,7 @@ if [ -n "${ANSYS_DPF_ACCEPT_LA}" ]; then fi fi + echo "RUN_DPF_SERVER: $RUN_DPF_SERVER" if [ "$RUN_DPF_SERVER" == "true" ]; then @@ -23,7 +25,16 @@ if [ "$RUN_DPF_SERVER" == "true" ]; then echo "DPF server started." fi +if [[ $MAPDL_VERSION == *"cicd"* ]] ; then + echo "Using OpenMPI for CICD version" + export MPI="-mpi openmpi" + +else + echo "Using default MPI version" + export MPI="" +fi; + echo "Starting MAPDL..." echo "Using executable path: ${EXEC_PATH}" -$EXEC_PATH -grpc -dir /jobs -"${DISTRIBUTED_MODE}" -np 2 -db -6000 -m -6000 - \ No newline at end of file +$EXEC_PATH -grpc -dir /jobs -"${DISTRIBUTED_MODE}" -np 2 -db -6000 -m -6000 "${MPI}" - \ No newline at end of file diff --git a/.ci/start_mapdl.sh b/.ci/start_mapdl.sh index 07d418fd4e9..3ce38a16d82 100755 --- a/.ci/start_mapdl.sh +++ b/.ci/start_mapdl.sh @@ -79,6 +79,7 @@ if [[ $MAPDL_VERSION == *"cicd"* ]] ; then echo "Overriding DISTRIBUTED_MODE to 'dmp' for CICD version" export DISTRIBUTED_MODE="dmp" + else export DPF_PORT_ARG="" export DB_INT_PORT=50055 @@ -108,6 +109,7 @@ run \ -e DPF_PORT_INTERNAL=${DPF_PORT_INTERNAL} \ -e EXEC_PATH=${EXEC_PATH} \ -e DISTRIBUTED_MODE=${DISTRIBUTED_MODE} \ + -e MAPDL_IMAGE=${MAPDL_IMAGE} \ --shm-size=2gb \ -e I_MPI_SHM_LMT=shm \ -e P_SCHEMA=${P_SCHEMA} \ diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2a92555a420..bf32145aecb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,7 +44,7 @@ jobs: permissions: pull-requests: write steps: - - uses: actions-ecosystem/action-add-assignees@a5b84af721c4a621eb9c7a4a95ec20a90d0b88e9 #v1.0.1 + - uses: actions-ecosystem/action-add-assignees@a5b84af721c4a621eb9c7a4a95ec20a90d0b88e9 #v1.0.1 if: | ( github.event_name == 'pull_request' && @@ -238,10 +238,11 @@ jobs: codecov-token: ${{ secrets.CODECOV_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }} username: ${{ github.actor }} + log-encryption-key: ${{ secrets.LOG_ENCRYPTION_KEY }} with: mapdl-version: "${{ matrix.mapdl-version }}" file-name: "remote-${{ matrix.mapdl-version }}" - + upload-logs: false build-test-local-matrix: name: "Build test matrix for minimal and local" @@ -282,6 +283,7 @@ jobs: codecov-token: ${{ secrets.CODECOV_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }} username: ${{ github.actor }} + log-encryption-key: ${{ secrets.LOG_ENCRYPTION_KEY }} with: testing-minimal: false pytest-arguments: '--reset_only_failed --add_missing_images' @@ -289,7 +291,8 @@ jobs: file-name: "local-${{ matrix.mapdl-version }}" tags: "local" latest-version: "252" - test_dpf: ${{ contains(matrix.mapdl-version, 'cicd') }} + test_dpf: ${{ contains(matrix.mapdl-version, 'cicd') && !contains(matrix.mapdl-version, '24') }} + upload-logs: false build-test-ubuntu-minimal: @@ -303,12 +306,13 @@ jobs: strategy: fail-fast: false matrix: - mapdl-version: ['v25.2-ubuntu-cicd', 'v25.1-ubuntu'] + mapdl-version: ['v25.2-ubuntu-cicd', 'v25.1-ubuntu-cicd'] secrets: license-server: ${{ secrets.LICENSE_SERVER }} codecov-token: ${{ secrets.CODECOV_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }} username: ${{ github.actor }} + log-encryption-key: ${{ secrets.LOG_ENCRYPTION_KEY }} with: testing-minimal: true pytest-arguments: '' @@ -317,6 +321,7 @@ jobs: tags: "local,minimal" latest-version: "252" test_dpf: false + upload-logs: false build-test-ubuntu-console: @@ -330,12 +335,13 @@ jobs: strategy: fail-fast: false matrix: - mapdl-version: ['v25.2-ubuntu-cicd', 'v25.1-ubuntu'] + mapdl-version: ['v25.2-ubuntu-cicd', 'v25.1-ubuntu-cicd'] secrets: license-server: ${{ secrets.LICENSE_SERVER }} codecov-token: ${{ secrets.CODECOV_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }} username: ${{ github.actor }} + log-encryption-key: ${{ secrets.LOG_ENCRYPTION_KEY }} with: latest-version: "252" mapdl-version: ${{ matrix.mapdl-version }} @@ -345,7 +351,7 @@ jobs: file-name: "${{ matrix.mapdl-version }}-console" tags: "local,console" test_dpf: false - + upload-logs: false package: name: "Package library" diff --git a/.github/workflows/test-local.yml b/.github/workflows/test-local.yml index bce0a912d94..fb76e7a0df8 100644 --- a/.github/workflows/test-local.yml +++ b/.github/workflows/test-local.yml @@ -31,14 +31,14 @@ on: required: false type: boolean default: false - + test_dpf: description: | If true, the DPF tests will be run. required: false type: boolean default: true - + on-console: description: | If true, the tests will be run on console. @@ -46,6 +46,13 @@ on: type: boolean default: false + upload-logs: + description: | + If true, logs will be uploaded encrypted. Set to false to disable log upload (for security). + required: false + type: boolean + default: false + file-name: description: | Name of the file to save the logs. @@ -72,7 +79,7 @@ on: required: false type: string default: ghcr.io/ansys/mapdl - + runner: description: | Runner to use. @@ -86,7 +93,7 @@ on: required: false type: string default: "3.12" - + secrets: license-server: description: | @@ -97,12 +104,17 @@ on: description: | Token for Codecov. required: true - + + log-encryption-key: + description: | + Encryption key for sensitive log files. + required: false + token: description: | Token for GitHub. Used also for login into ghcr.io. required: true - + username: description: | GitHub username for login into ghcr.io. @@ -126,7 +138,7 @@ jobs: TESTING_MINIMAL: ${{ inputs.testing-minimal }} P_SCHEMA: "/ansys_inc/v241/ansys/ac4/schema" PYTEST_TIMEOUT: 120 # seconds. Limit the duration for each unit test - PYTEST_ARGUMENTS: '-vvv -ra --color=yes --durations=30 --random-order --random-order-bucket=class --maxfail=10 --reruns 3 --reruns-delay 4 --cov=ansys.mapdl.core --cov-report=html --timeout=180 --profile-svg --profile --report-log-exclude-logs-on-passed-tests --strict-markers' + PYTEST_ARGUMENTS: '-vvv -ra --color=yes --durations=30 --random-order --random-order-bucket=class --maxfail=2 --reruns 2 --reruns-delay 2 --cov=ansys.mapdl.core --cov-report=html --timeout=180 --profile-svg --profile --report-log-exclude-logs-on-passed-tests --strict-markers' OMPI_ALLOW_RUN_AS_ROOT: 1 OMPI_ALLOW_RUN_AS_ROOT_CONFIRM: 1 DATAPROCESSING_DEBUG: /home/mapdl/dpf_logs @@ -168,19 +180,20 @@ jobs: if [[ "${MAPDL_VERSION}" == *"cicd"* ]]; then echo "CICD MAPDL version detected, testing DPF backend for results module."; echo "TEST_DPF_BACKEND=true" >> $GITHUB_ENV; + echo "PYMAPDL_ADDITIONAL_SWITCHES=-mpi openmpi" >> $GITHUB_ENV; fi echo "ON_STUDENT: $ON_STUDENT" echo "TAG_STUDENT: $TAG_STUDENT" echo "ON_STUDENT=$(echo $ON_STUDENT)" >> $GITHUB_OUTPUT echo "TAG_STUDENT=$(echo $TAG_STUDENT)" >> $GITHUB_OUTPUT - + - name: "Install gcc" shell: bash if: ${{ contains(inputs.mapdl-version, 'cicd') }} run: | apt-get update && apt-get -y install gcc mono-mcs g++ - + - name: "Installing minimal OS packages" shell: bash @@ -295,12 +308,37 @@ jobs: run: | .ci/collect_mapdl_logs_locals.sh - # - name: "Upload logs to GitHub" - # if: always() - # uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 - # with: - # name: logs-${{ inputs.file-name }}.tgz - # path: ./logs-${{ inputs.file-name }}.tgz + - name: "Encrypt and upload logs to GitHub" + if: always() && inputs.upload-logs == true + env: + ENCRYPTION_KEY: ${{ secrets.log-encryption-key }} + FILE_NAME: ${{ inputs.file-name }} + shell: bash + run: | + # Check if logs exist + if [ -f "./logs-${FILE_NAME}.tgz" ]; then + echo "Encrypting logs..." + + # Encrypt using OpenSSL (already available in container) + openssl enc -aes-256-cbc -salt -pbkdf2 \ + -in ./logs-${FILE_NAME}.tgz \ + -out ./logs-${FILE_NAME}.tgz.enc \ + -pass env:ENCRYPTION_KEY + + echo "Logs encrypted successfully" + echo "To decrypt locally, use:" + echo "openssl enc -aes-256-cbc -d -pbkdf2 -in logs-${FILE_NAME}.tgz.enc -out logs-${FILE_NAME}.tgz -pass pass:YOUR_KEY" + else + echo "No log file found to encrypt" + fi + + - name: "Upload encrypted logs to GitHub" + if: always() && inputs.upload-logs == true + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 + with: + name: logs-${{ inputs.file-name }}-encrypted + path: ./logs-${{ inputs.file-name }}.tgz.enc + retention-days: 3 - name: "Display files structure" if: always() diff --git a/.github/workflows/test-remote.yml b/.github/workflows/test-remote.yml index fc67e101eca..dc7f74fea57 100644 --- a/.github/workflows/test-remote.yml +++ b/.github/workflows/test-remote.yml @@ -18,6 +18,13 @@ on: required: true type: string + upload-logs: + description: | + If true, logs will be uploaded encrypted. Set to false to disable log upload (for security). + required: false + type: boolean + default: false + python-version: description: | Python version to use. @@ -30,7 +37,7 @@ on: description: | Username for the GitHub container registry. required: true - + token: description: | Token for GitHub. @@ -40,12 +47,17 @@ on: description: | License server for ANSYS MAPDL required: true - + codecov-token: description: | Token for Codecov. required: true + log-encryption-key: + description: | + Encryption key for sensitive log files. + required: false + permissions: {} jobs: @@ -73,7 +85,7 @@ jobs: DPF_START_SERVER: False HAS_DPF: True TEST_DPF_BACKEND: false - PYTEST_ARGUMENTS: '-vvv -ra --color=yes --durations=30 --random-order --random-order-bucket=class --maxfail=10 --reruns 3 --reruns-delay 4 --cov=ansys.mapdl.core --cov-report=html --timeout=180 --profile-svg --profile --report-log-exclude-logs-on-passed-tests --strict-markers' + PYTEST_ARGUMENTS: '-vvv -ra --color=yes --durations=30 --random-order --random-order-bucket=class --maxfail=2 --reruns 2 --reruns-delay 2 --cov=ansys.mapdl.core --cov-report=html --timeout=180 --profile-svg --profile --report-log-exclude-logs-on-passed-tests --strict-markers' MAPDL_PACKAGE: ghcr.io/ansys/mapdl steps: @@ -154,7 +166,7 @@ jobs: echo "TAG_STUDENT: $TAG_STUDENT" echo "ON_STUDENT=$(echo $ON_STUDENT)" >> $GITHUB_OUTPUT echo "TAG_STUDENT=$(echo $TAG_STUDENT)" >> $GITHUB_OUTPUT - + - name: "Pull, launch, and validate MAPDL service" id: start_mapdl env: @@ -320,12 +332,37 @@ jobs: run: | .ci/collect_mapdl_logs_remote.sh - # - name: "Upload logs to GitHub" - # if: always() - # uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 - # with: - # name: logs-${{ inputs.file-name }}.tgz - # path: ./logs-${{ inputs.file-name }}.tgz + - name: "Encrypt and upload logs to GitHub" + if: always() && inputs.upload-logs == true + env: + ENCRYPTION_KEY: ${{ secrets.log-encryption-key }} + FILE_NAME: ${{ inputs.file-name }} + shell: bash + run: | + # Check if logs exist + if [ -f "./logs-${FILE_NAME}.tgz" ]; then + echo "Encrypting logs..." + + # Encrypt using OpenSSL + openssl enc -aes-256-cbc -salt -pbkdf2 \ + -in ./logs-${FILE_NAME}.tgz \ + -out ./logs-${FILE_NAME}.tgz.enc \ + -pass env:ENCRYPTION_KEY + + echo "Logs encrypted successfully" + echo "To decrypt locally, use:" + echo "openssl enc -aes-256-cbc -d -pbkdf2 -in logs-${FILE_NAME}.tgz.enc -out logs-${FILE_NAME}.tgz -pass pass:YOUR_KEY" + else + echo "No log file found to encrypt" + fi + + - name: "Upload encrypted logs to GitHub" + if: always() && inputs.upload-logs == true + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 #v4.6.2 + with: + name: logs-${{ inputs.file-name }}-encrypted + path: ./logs-${{ inputs.file-name }}.tgz.enc + retention-days: 3 - name: "Display files structure" if: always() diff --git a/doc/changelog.d/4319.fixed.md b/doc/changelog.d/4319.fixed.md new file mode 100644 index 00000000000..87f4caa5a30 --- /dev/null +++ b/doc/changelog.d/4319.fixed.md @@ -0,0 +1 @@ +Cicd mpi issue and adding conditional encrypted log uploads