ci: require secrets.PYCLOUDLIB_TOML, add lxd_vm and ec2 scheduled jobs#6715
ci: require secrets.PYCLOUDLIB_TOML, add lxd_vm and ec2 scheduled jobs#6715blackboxsw wants to merge 9 commits intocanonical:mainfrom
Conversation
blackboxsw
force-pushed
the
ci-lxd-vm
branch
2 times, most recently
from
4f73b0f to
ed8690d
Compare
| awk '/cloud-init version: /{printf DEB_VERSION=$NF; exit}' pytest-${{ inputs.platform }}-${{ inputs.release }}-${{ inputs.image_type }}.log | ||
| awk '/image-serial: /{printf IMAGE_SERIAL=$NF; exit}' pytest-${{ inputs.platform }}-${{ inputs.release }}-${{ inputs.image_type }}.log | ||
| shell: bash |
There was a problem hiding this comment.
What is are the awk commands doing here?
And why bash?
There was a problem hiding this comment.
Ahh I was going to use these to help create a top-level report output that would announce what version of cloud-init was installed during the test. I'll drop this from this PR until I have a working approach. I didn't like how opaque our GH workflow runs are when compared to jenkins jobs which announce the version of cloud-init being tested.
There was a problem hiding this comment.
I was originally stuffing env vars them into GITHUB_ENV per these docs and the ctrf.io step can extract and use the environment variables for report headers or summary.
blackboxsw
force-pushed
the
ci-lxd-vm
branch
from
b16406d to
be806da
Compare
| uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 | ||
| - name: Setup LXD | ||
| if: ${{ env.REQUIRED_SECRET != '' and contains(fromJSON('["lxd_vm", "lxd_container"]'), env.CLOUD_INIT_PLATFORM ) }} |
There was a problem hiding this comment.
Avoid the setup-lxd step if we are not on CLOUD_INIT_OS_PLATFORM lxd_container of lxd_vm.
| test '${{ secrets.PYCLOUDLIB_TOML }}' != '' || echo "ERROR: Missing required repo secrets.PYCLOUDLIB_TOML non-empty value." | ||
| test '${{ secrets.PYCLOUDLIB_TOML }}' == '' && exit 1 |
There was a problem hiding this comment.
This checks for the same thing twice, I think an if / else would be cleaner
There was a problem hiding this comment.
Done. We only really care to exit 1 in the face of no secrets.PYCLOUDLIB_TOML or empty string. So, I just put the operation in a single if clause.
| - name: Checkout | ||
| if: ${{ env.REQUIRED_SECRET != '' }} |
There was a problem hiding this comment.
Since env.REQUIRED_SECRET is assigned from secrets.PYCLOUDLIB_TOML, and the first step has an exit 1 when secrets.PYCLOUDLIB_TOML is empty, is this not redundant?
Same comment elsewhere.
There was a problem hiding this comment.
Dropped all unneessary conditionals checks. An exit 1 above will prevent running these steps anyway.
blackboxsw
force-pushed
the
ci-lxd-vm
branch
5 times, most recently
from
80d80a4 to
0c75a04
Compare
|
@blackboxsw let me know when this is ready for re-review |
2 participants
Improve our public scheduled integration test coverage to cover lxd_vm and ec2 platforms.
Add assertion on a non-empty Github repo-level secret named
PYCLOUDLIB_TOMLwhich willbe written to
.config/pycloudlib.tomland used as runtime integration test configuration for pycloudlib.Add an assertion step in _integration_common.yml to error when
secrets.PYCLOUDLIB_TOML is absent and conditional logic which skips
each integration test step to avoid wasting runner cycles on integration tests.
Proposed Commit Message
See individual commits
Additional Context
Test Steps
Failed run example empty or absent secret PYCLOUDLIB_TOML https://github.com/blackboxsw/cloud-init/actions/runs/21699149948/job/62575866822
Success RUN with PYCLOUDLIB_TOML secret set to "[lxd]"
Merge type