Skip to content

Add more stages to main buildkite pipeline #1130

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 40 commits into from
Feb 16, 2023
Merged

Add more stages to main buildkite pipeline #1130

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
40 commits
Select commit Hold shift + click to select a range
37921bc
Add release step
mrodm Feb 1, 2023
97b0404
Add integration test stage with just one make command
mrodm Feb 1, 2023
f6c8544
Update permissions scripts
mrodm Feb 1, 2023
998b1cf
Upload dynamically integration tests
mrodm Feb 2, 2023
663bab8
Fix trigger pipeline script
mrodm Feb 2, 2023
6f2a188
Add more stages into integration tests
mrodm Feb 2, 2023
fc6229d
Add check parallel targets
mrodm Feb 2, 2023
03dcd6b
Remove commented command
mrodm Feb 6, 2023
d2f3cab
Add comment in junit plugin
mrodm Feb 7, 2023
98c37ad
Test run unit tests windows
mrodm Feb 7, 2023
f6637a5
Do not run integration tests if there are failures
mrodm Feb 7, 2023
44ca5f4
Disable windows step
mrodm Feb 7, 2023
5454e7c
Add gcp integration test
mrodm Feb 7, 2023
93d85c3
Remove windows dep
mrodm Feb 7, 2023
20cc88c
Set env. vars
mrodm Feb 7, 2023
693fc97
Remove changes in Makefile
mrodm Feb 7, 2023
6d2be6f
Set same docker-compose version as in Jenkins
mrodm Feb 7, 2023
7fd2313
Use temporal credentials for GCP
mrodm Feb 8, 2023
4ff6233
Add secrets for aws
mrodm Feb 8, 2023
3d30f33
Remove dummy secrets
mrodm Feb 9, 2023
d8c528e
Test junit failures from multiple steps
mrodm Feb 9, 2023
2b8a93c
Revert "Test junit failures from multiple steps"
mrodm Feb 9, 2023
956af89
Merge remote-tracking branch 'upstream/main' into add_more_stages_bui…
mrodm Feb 9, 2023
6a89ace
Test release step conditional
mrodm Feb 9, 2023
4c33798
Test release step
mrodm Feb 9, 2023
0895e2f
Re-add if condition in release step
mrodm Feb 9, 2023
644d36b
Remove paths from artifacts
mrodm Feb 10, 2023
30fb51b
Remove windows leftovers
mrodm Feb 10, 2023
aa08b37
Updated build.tag regex
mrodm Feb 10, 2023
0e3c48a
Update regex
mrodm Feb 10, 2023
00089c2
Remove release step from Jenkins
mrodm Feb 13, 2023
0feb72a
Add post-checkout hook
mrodm Feb 14, 2023
daa4de8
fix branch name var
mrodm Feb 14, 2023
8387042
update function name
mrodm Feb 14, 2023
9159ddc
Update echo message
mrodm Feb 14, 2023
93efa17
Update post-checkout hook
mrodm Feb 14, 2023
670cd89
Change message
mrodm Feb 14, 2023
c153d44
set author name/email
mrodm Feb 14, 2023
1385a94
Update path aws account
mrodm Feb 15, 2023
3740ebe
Test to ensure pre-command group is rendered
mrodm Feb 15, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 53 additions & 0 deletions .buildkite/hooks/post-checkout
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
#!/bin/bash

set -euo pipefail

checkout_merge() {
local target_branch=$1
local pr_commit=$2
local merge_branch=$3

if [[ -z "${target_branch}" ]]; then
echo "No pull request target branch"
exit 1
fi

git fetch -v origin "${target_branch}"
git checkout FETCH_HEAD
echo "Current branch: $(git rev-parse --abbrev-ref HEAD)"

# create temporal branch to merge the PR with the target branch
git checkout -b ${merge_branch}
echo "New branch created: $(git rev-parse --abbrev-ref HEAD)"

# set author identity so it can be run git merge
git config user.name "github-merged-pr-post-checkout"
git config user.email "auto-merge@buildkite"

git merge --no-edit "${BUILDKITE_COMMIT}" || {
local merge_result=$?
echo "Merge failed: ${merge_result}"
git merge --abort
exit ${merge_result}
}
}

pull_request="${BUILDKITE_PULL_REQUEST:-false}"

if [[ "${pull_request}" == "false" ]]; then
echo "Not a pull request, skipping"
exit 0
fi

TARGET_BRANCH="${BUILDKITE_PULL_REQUEST_BASE_BRANCH:-master}"
PR_COMMIT="${BUILDKITE_COMMIT}"
PR_ID=${BUILDKITE_PULL_REQUEST}
MERGE_BRANCH="pr_merge_${PR_ID}"

checkout_merge "${TARGET_BRANCH}" "${PR_COMMIT}" "${MERGE_BRANCH}"

echo "Commit information"
git log --format=%B -n 1

# Ensure buildkite groups are rendered
echo ""
52 changes: 52 additions & 0 deletions .buildkite/hooks/pre-command
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
#!/bin/bash

set -euo pipefail

function retry {
local retries=$1
shift

local count=0
until "$@"; do
exit=$?
wait=$((2 ** count))
count=$((count + 1))
if [ $count -lt "$retries" ]; then
>&2 echo "Retry $count/$retries exited $exit, retrying in $wait seconds..."
sleep $wait
else
>&2 echo "Retry $count/$retries exited $exit, no more retries left."
return $exit
fi
done
return 0
}

GCP_SERVICE_ACCOUNT_SECRET_PATH=secret/ci/elastic-elastic-package/gcp-service-account
AWS_SERVICE_ACCOUNT_SECRET_PATH=kv/ci-shared/platform-ingest/aws_account_auth
GITHUB_TOKEN_VAULT_PATH=kv/ci-shared/platform-ingest/github_token

# Secrets must be redacted
# https://buildkite.com/docs/pipelines/managing-log-output#redacted-environment-variables

if [[ "$BUILDKITE_PIPELINE_SLUG" == "elastic-package" && "$BUILDKITE_STEP_KEY" == "integration-parallel-gcp" ]]; then
export ELASTIC_PACKAGE_GCP_PROJECT_SECRET=$(retry 5 vault read -field projectId ${GCP_SERVICE_ACCOUNT_SECRET_PATH})
export ELASTIC_PACKAGE_GCP_CREDENTIALS_SECRET=$(retry 5 vault read -field credentials ${GCP_SERVICE_ACCOUNT_SECRET_PATH})

# Environment variables required by the service deployer
export GOOGLE_CREDENTIALS=${ELASTIC_PACKAGE_GCP_CREDENTIALS_SECRET}
export GCP_PROJECT_ID=${ELASTIC_PACKAGE_GCP_PROJECT_SECRET}
fi

if [[ "$BUILDKITE_PIPELINE_SLUG" == "elastic-package" && "$BUILDKITE_STEP_KEY" == "integration-parallel-aws" ]]; then
export ELASTIC_PACKAGE_AWS_SECRET_KEY=$(retry 5 vault kv get -field secret_key ${AWS_SERVICE_ACCOUNT_SECRET_PATH})
export ELASTIC_PACKAGE_AWS_ACCESS_KEY=$(retry 5 vault kv get -field access_key ${AWS_SERVICE_ACCOUNT_SECRET_PATH})

# Environment variables required by the service deployer
export AWS_SECRET_ACCESS_KEY=${ELASTIC_PACKAGE_AWS_SECRET_KEY}
export AWS_ACCESS_KEY_ID=${ELASTIC_PACKAGE_AWS_ACCESS_KEY}
fi

if [[ "$BUILDKITE_PIPELINE_SLUG" == "elastic-package" && "$BUILDKITE_STEP_KEY" == "release" ]]; then
export GITHUB_TOKEN=$(retry 5 vault kv get -field token ${GITHUB_TOKEN_VAULT_PATH})
fi
79 changes: 79 additions & 0 deletions .buildkite/pipeline.trigger.integration.tests.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
#!/bin/bash

# exit immediately on failure, or if an undefined variable is used
set -eu

# begin the pipeline.yml file
echo "steps:"
echo " - group: \":terminal: Integration test suite\""
echo " key: \"integration-tests\""
echo " steps:"

# Integration tests related stack command
STACK_COMMAND_TESTS=(
test-stack-command-default
test-stack-command-oldest
test-stack-command-7x
test-stack-command-86
test-stack-command-8x
)

for test in ${STACK_COMMAND_TESTS[@]}; do
echo " - label: \":go: Running integration test: ${test}\""
echo " command: ./.buildkite/scripts/integration_tests.sh -t ${test}"
echo " agents:"
echo " provider: \"gcp\""
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Provider gcp is required to use docker-like commands.

echo " artifact_paths:"
echo " - build/elastic-stack-dump/stack/*/logs/*.log"
echo " - build/elastic-stack-dump/stack/*/logs/fleet-server-internal/*.log"
echo " - build/elastic-stack-status/*/*"
done

CHECK_PACKAGES_TESTS=(
test-check-packages-other
test-check-packages-with-kind
test-check-packages-with-custom-agent
test-check-packages-benchmarks
)
for test in ${CHECK_PACKAGES_TESTS[@]}; do
echo " - label: \":go: Running integration test: ${test}\""
echo " command: ./.buildkite/scripts/integration_tests.sh -t ${test}"
echo " agents:"
echo " provider: \"gcp\""
echo " artifact_paths:"
echo " - build/test-results/*.xml"
echo " - build/elastic-stack-dump/stack/check-*/logs/*.log"
echo " - build/elastic-stack-dump/stack/check-*/logs/fleet-server-internal/*.log"
if [[ $test =~ with-kind$ ]]; then
echo " - build/kubectl-dump.txt"
fi
done

pushd test/packages/parallel > /dev/null
for package in $(find . -maxdepth 1 -mindepth 1 -type d) ; do
package_name=$(basename ${package})
echo " - label: \":go: Running integration test: ${package_name}\""
echo " key: \"integration-parallel-${package_name}\""
echo " command: ./.buildkite/scripts/integration_tests.sh -t test-check-packages-parallel -p ${package_name}"
echo " agents:"
echo " provider: \"gcp\""
echo " artifact_paths:"
echo " - build/test-results/*.xml"
echo " - build/elastic-stack-dump/stack/check-*/logs/*.log"
echo " - build/elastic-stack-dump/stack/check-*/logs/fleet-server-internal/*.log"
done

popd > /dev/null

echo " - label: \":go: Running integration test: test-build-zip\""
echo " command: ./.buildkite/scripts/integration_tests.sh -t test-build-zip"
echo " agents:"
echo " provider: \"gcp\""
echo " artifact_paths:"
echo " - build/elastic-stack-dump/stack/*/logs/*.log"
echo " - build/packages/*.sig"

echo " - label: \":go: Running integration test: test-profiles-command\""
echo " command: ./.buildkite/scripts/integration_tests.sh -t test-profiles-command"
echo " agents:"
echo " provider: \"gcp\""
35 changes: 32 additions & 3 deletions .buildkite/pipeline.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,20 @@
env:
SETUP_GVM_VERSION: 'v0.5.0' # https://github.com/andrewkroh/gvm/issues/44#issuecomment-1013231151
DOCKER_COMPOSE_VERSION: "1.25.5" # "v2.15.1"
KIND_VERSION: 'v0.17.0'
K8S_VERSION: 'v1.26.0'

steps:
- label: ":go: Run check-static"
key: check-static
command: "make check-static"
agents:
image: "golang:1.19.5"
cpu: "8"
memory: "4G"

- label: ":go: Run unit tests"
- label: ":go: :linux: Run unit tests"
key: unit-tests-linux
command: "make test-go-ci"
artifact_paths:
- "build/test-results/*.xml"
Expand All @@ -19,10 +27,31 @@ steps:
- wait: ~
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why we are adding this wait step?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This wait forces that the two steps defined previously (Run check static and Run unit tests) are finished before executing the following ones.

I wanted to force that way, so in case one of these two steps fail, integration tests are not run. Same behavior as in Jenkins.

continue_on_failure: true

- label: "Junit annotate"
- label: ":pipeline: Trigger Integration tests"
command: ".buildkite/pipeline.trigger.integration.tests.sh | buildkite-agent pipeline upload"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There is a bit of complexity here. To run integration tests we have this stack of scripts:

  • .buildkite/pipeline.yml
  • pipeline.trigger.integration.tests.sh
  • ./.buildkite/scripts/integration_tests.sh
  • make targets
  • scripts/test-...

There would be any option to reduce this complexity? Maybe we can remove the make targets and call directly the scripts? Though the make targets can be useful to reproduce locally with the same parameters.

Or most of the things integration_tests.sh does is to install things, could this be also done by providing an image with these dependencies?

Food for thought, no need to do anything about this on this PR.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's true, there are more scripts than before with Jenkins. All that logic was defined inside the same groovy file (.ci/Jenkinsfile) i.e. triggering dynamically stages in Jenkins depending on the existing test folders, using specific commands in each one.

Maybe we can remove the make targets and call directly the scripts? Though the make targets can be useful to reproduce locally with the same parameters.

As you mention, I would keep make targets since they are helpful to run and test everything locally.

Or most of the things integration_tests.sh does is to install things, could this be also done by providing an image with these dependencies?

Those dependencies installed in integration_tests.sh probably they could be moved to a custom agent image. It would also make the builds faster since each step would not install everything.

depends_on:
- step: check-static
allow_failure: false
- step: unit-tests-linux
allow_failure: false

- wait: ~
continue_on_failure: true

- label: ":junit: Junit annotate"
plugins:
- junit-annotate#v2.4.1:
artifacts: "build/test-results/*.xml"
agents:
provider: "gcp"
provider: "gcp" # junit plugin requires docker

- label: ":github: Release"
key: "release"
# build.tag != null && build.branch == "main"
if: |
build.tag =~ /^v[0-9]+[.][0-9]+[.][0-9]+$$/ && build.branch == "main"
command: ".buildkite/scripts/release.sh"
agents:
image: "golang:1.19.5"
cpu: "8"
memory: "4G"
106 changes: 106 additions & 0 deletions .buildkite/scripts/integration_tests.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,106 @@
#!/bin/bash

set -euo pipefail

PARALLEL_TARGET="test-check-packages-parallel"
KIND_TARGET="test-check-packages-with-kind"

usage() {
echo "$0 [-t <target>] [-h]"
echo "Trigger integration tests related to a target in Makefile"
echo -e "\t-t <target>: Makefile target. Mandatory"
echo -e "\t-p <package>: Package (required for test-check-packages-parallel target)."
echo -e "\t-h: Show this message"
}

with_kubernetes() {
# FIXME add retry logic
mkdir -p ${WORKSPACE}/bin
curl -sSLo ${WORKSPACE}/bin/kind "https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-linux-amd64"
chmod +x ${WORKSPACE}/bin/kind
kind version
which kind

mkdir -p ${WORKSPACE}/bin
curl -sSLo ${WORKSPACE}/bin/kubectl "https://storage.googleapis.com/kubernetes-release/release/${K8S_VERSION}/bin/linux/amd64/kubectl"
chmod +x ${WORKSPACE}/bin/kubectl
kubectl version --client
which kubectl
}

with_go() {
# FIXME add retry logic
mkdir -p ${WORKSPACE}/bin
curl -sL -o ${WORKSPACE}/bin/gvm "https://github.com/andrewkroh/gvm/releases/download/${SETUP_GVM_VERSION}/gvm-linux-amd64"
chmod +x ${WORKSPACE}/bin/gvm
eval "$(gvm $(cat .go-version))"
go version
which go
}

with_docker_compose() {
# FIXME add retry logic
mkdir -p ${WORKSPACE}/bin
curl -SL -o ${WORKSPACE}/bin/docker-compose "https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-linux-x86_64"
chmod +x ${WORKSPACE}/bin/docker-compose
docker-compose version
}

TARGET=""
PACKAGE=""
while getopts ":t:p:h" o; do
case "${o}" in
t)
TARGET=${OPTARG}
;;
p)
PACKAGE=${OPTARG}
;;
h)
usage
exit 0
;;
\?)
echo "Invalid option ${OPTARG}"
usage
exit 1
;;
:)
echo "Missing argument for -${OPTARG}"
usage
exit 1
;;
esac
done

if [[ "${TARGET}" == "" ]]; then
echo "Missing target"
usage
exit 1
fi

echo "Current path: $(pwd)"
WORKSPACE="$(pwd)"
export PATH="${WORKSPACE}/bin:${PATH}"
echo "Path: $PATH"

echo "--- install go"
with_go
export PATH="$(go env GOPATH)/bin:${PATH}"

echo "--- install docker-compose"
with_docker_compose

if [[ "${TARGET}" == "${KIND_TARGET}" ]]; then
echo "--- install kubectl & kind"
with_kubernetes
fi

echo "--- Run integration test ${TARGET}"
if [[ "${TARGET}" == "${PARALLEL_TARGET}" ]]; then
make install
make PACKAGE_UNDER_TEST=${PACKAGE} ${TARGET}
exit 0
fi

make install ${TARGET} check-git-clean
13 changes: 13 additions & 0 deletions .buildkite/scripts/release.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
#!/bin/bash

set -euo pipefail

echo "--- fetching tags"
# Ensure that tags are present so goreleaser can build the changelog from the last release.
git rev-parse --is-shallow-repository
git fetch origin --tags

echo "--- running goreleaser"
# Run latest version of goreleaser
curl -sL https://git.io/goreleaser | bash

17 changes: 0 additions & 17 deletions .ci/Jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ pipeline {
REPO = "elastic-package"
BASE_DIR="src/github.com/elastic/elastic-package"
JOB_GIT_CREDENTIALS = "f6c7695a-671e-4f4f-a331-acdce44ff9ba"
GITHUB_TOKEN_CREDENTIALS = "2a9602aa-ab9f-4e52-baf3-b71ca88469c7"
PIPELINE_LOG_LEVEL='INFO'
AWS_ACCOUNT_SECRET = 'secret/observability-team/ci/elastic-observability-aws-account-auth'
HOME = "${env.WORKSPACE}"
Expand Down Expand Up @@ -117,22 +116,6 @@ pipeline {
}
}
}
stage('Release') {
when {
tag pattern: '(v)?\\d+\\.\\d+\\.\\d+', comparator: 'REGEXP'
}
steps {
dir("${BASE_DIR}"){
withMageEnv(){
withCredentials([string(credentialsId: "${GITHUB_TOKEN_CREDENTIALS}", variable: 'GITHUB_TOKEN')]) {
// Ensure that tags are present so goreleaser can build the changelog from the last release.
gitCmd(cmd: 'fetch', args: '--unshallow --tags')
sh 'curl -sL https://git.io/goreleaser | bash'
}
}
}
}
}
}
}
}
Expand Down
Loading