Onboard prod jenkins docker images to github actions (#710)

Signed-off-by: Peter Zhu <zhujiaxi@amazon.com>
opensearch-project · Nov 3, 2023 · 0db4dd3 · 0db4dd3
1 parent 24e94b4
commit 0db4dd3
Show file tree

Hide file tree

Showing 3 changed files with 77 additions and 36 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,14 +8,71 @@ on:
       - "*"
 
 jobs:
-  build:
+  Get-CI-Image-Tag:
+    uses: opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main
+    with:
+      product: opensearch
+
+  build-linux:
+    needs: Get-CI-Image-Tag
+    strategy:
+      matrix:
+        java: [11, 17]
+        os: [ ubuntu-latest ]
+    name: Build and Test security-analytics with JDK ${{ matrix.java }} on ${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    container:
+      # using the same image which is used by opensearch-build team to build the OpenSearch Distribution
+      # this image tag is subject to change as more dependencies and updates will arrive over time
+      image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
+      # need to switch to root so that github actions can install runner binary on container without permission issues.
+      options: --user root
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Setup Java ${{ matrix.java }}
+        uses: actions/setup-java@v1
+        with:
+          java-version: ${{ matrix.java }}
+
+      - name: Build and Test
+        run: |
+          chown -R 1000:1000 `pwd`
+          su `id -un 1000` -c "whoami && java -version && ./gradlew build"
+
+      - name: Create Artifact Path
+        run: |
+          mkdir -p security-analytics-artifacts
+          cp ./build/distributions/*.zip security-analytics-artifacts
+
+      - name: Upload Coverage Report
+        uses: codecov/codecov-action@v1
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Upload failed logs
+        uses: actions/upload-artifact@v2
+        if: failure()
+        with:
+          name: logs-ubuntu
+          path: build/testclusters/integTest-*/logs/*
+
+      - name: Upload Artifacts
+        uses: actions/upload-artifact@v1
+        with:
+          name: security-analytics-plugin-${{ matrix.os }}
+          path: security-analytics-artifacts
+
+  build-windows-macos:
     env:
       BUILD_ARGS: ${{ matrix.os_build_args }}
       WORKING_DIR: ${{ matrix.working_directory }}.
     strategy:
       matrix:
         java: [11, 17]
-        os: [ ubuntu-latest, windows-latest, macos-latest ]
+        os: [ windows-latest, macos-latest ]
         include:
           - os: windows-latest
             os_build_args: -x jacocoTestReport
@@ -53,19 +110,6 @@ jobs:
           mkdir -p security-analytics-artifacts
           cp ./build/distributions/*.zip security-analytics-artifacts
 
-      - name: Upload Coverage Report
-        if: ${{ matrix.os == 'ubuntu-latest' }}
-        uses: codecov/codecov-action@v1
-        with:
-          token: ${{ secrets.CODECOV_TOKEN }}
-
-      - name: Upload failed logs
-        uses: actions/upload-artifact@v2
-        if: ${{ failure() && matrix.os == 'ubuntu-latest' }}
-        with:
-          name: logs-ubuntu
-          path: build/testclusters/integTest-*/logs/*
-
       - name: Upload failed logs
         uses: actions/upload-artifact@v2
         if: ${{ failure() && matrix.os == 'macos-latest' }}

diff --git a/.github/workflows/dco.yml b/.github/workflows/dco.yml
diff --git a/.github/workflows/multi-node-test-workflow.yml b/.github/workflows/multi-node-test-workflow.yml
@@ -9,14 +9,27 @@ on:
       - "*"
 
 jobs:
-  build:
+  Get-CI-Image-Tag:
+    uses: opensearch-project/opensearch-build/.github/workflows/get-ci-image-tag.yml@main
+    with:
+      product: opensearch
+
+  build-linux:
+    needs: Get-CI-Image-Tag
     strategy:
       matrix:
         java: [ 11, 17 ]
     # Job name
-    name: Build and test Security Analytics
+    name: Build and test Security Analytics on linux
     # This job runs on Linux
     runs-on: ubuntu-latest
+    container:
+      # using the same image which is used by opensearch-build team to build the OpenSearch Distribution
+      # this image tag is subject to change as more dependencies and updates will arrive over time
+      image: ${{ needs.Get-CI-Image-Tag.outputs.ci-image-version-linux }}
+      # need to switch to root so that github actions can install runner binary on container without permission issues.
+      options: --user root
+
     steps:
       # This step uses the setup-java Github action: https://github.com/actions/setup-java
       - name: Set Up JDK ${{ matrix.java }}
@@ -27,7 +40,9 @@ jobs:
       - name: Checkout Branch
         uses: actions/checkout@v2
       - name: Run integration tests with multi node config
-        run: ./gradlew integTest -PnumNodes=3
+        run: |
+          chown -R 1000:1000 `pwd`
+          su `id -un 1000` -c "./gradlew integTest -PnumNodes=3"
       - name: Upload failed logs
         uses: actions/upload-artifact@v2
         if: failure()