Draft fix for https://github.com/neondatabase/neon/issues/10381 #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Test with Sanitizers | ||
| on: | ||
| push: | ||
| branches: | ||
| - "enable-sanitizers-for-v17" | ||
| workflow_dispatch: | ||
| defaults: | ||
| run: | ||
| shell: bash -euxo pipefail {0} | ||
| concurrency: | ||
| # Allow only one workflow per any non-`main` branch. | ||
| group: ${{ github.workflow }}-${{ github.ref_name }}-${{ github.ref_name == 'main' && github.sha || 'anysha' }} | ||
| cancel-in-progress: true | ||
| env: | ||
| RUST_BACKTRACE: 1 | ||
| COPT: '-Werror' | ||
| # A concurrency group that we use for e2e-tests runs, matches `concurrency.group` above with `github.repository` as a prefix | ||
| E2E_CONCURRENCY_GROUP: ${{ github.repository }}-e2e-tests-${{ github.ref_name }}-${{ github.ref_name == 'main' && github.sha || 'anysha' }} | ||
| jobs: | ||
| check-permissions: | ||
| if: ${{ !contains(github.event.pull_request.labels.*.name, 'run-no-ci') }} | ||
| uses: ./.github/workflows/check-permissions.yml | ||
| with: | ||
| github-event-name: ${{ github.event_name }} | ||
| cancel-previous-e2e-tests: | ||
| needs: [ check-permissions ] | ||
| if: github.event_name == 'pull_request' | ||
| runs-on: ubuntu-22.04 | ||
| steps: | ||
| - name: Cancel previous e2e-tests runs for this PR | ||
| env: | ||
| GH_TOKEN: ${{ secrets.CI_ACCESS_TOKEN }} | ||
| run: | | ||
| gh workflow --repo neondatabase/cloud \ | ||
| run cancel-previous-in-concurrency-group.yml \ | ||
| --field concurrency_group="${{ env.E2E_CONCURRENCY_GROUP }}" | ||
| tag: | ||
| needs: [ check-permissions ] | ||
| runs-on: [ self-hosted, small ] | ||
| container: 369495373322.dkr.ecr.eu-central-1.amazonaws.com/base:pinned | ||
| outputs: | ||
| build-tag: ${{steps.build-tag.outputs.tag}} | ||
| steps: | ||
| # Need `fetch-depth: 0` to count the number of commits in the branch | ||
| - uses: actions/checkout@v4 | ||
| with: | ||
| fetch-depth: 0 | ||
| - name: Get build tag | ||
| run: | | ||
| echo run:$GITHUB_RUN_ID | ||
| echo ref:$GITHUB_REF_NAME | ||
| echo rev:$(git rev-list --count HEAD) | ||
| if [[ "$GITHUB_REF_NAME" == "main" ]]; then | ||
| echo "tag=$(git rev-list --count HEAD)" >> $GITHUB_OUTPUT | ||
| elif [[ "$GITHUB_REF_NAME" == "release" ]]; then | ||
| echo "tag=release-$(git rev-list --count HEAD)" >> $GITHUB_OUTPUT | ||
| elif [[ "$GITHUB_REF_NAME" == "release-proxy" ]]; then | ||
| echo "tag=release-proxy-$(git rev-list --count HEAD)" >> $GITHUB_OUTPUT | ||
| elif [[ "$GITHUB_REF_NAME" == "release-compute" ]]; then | ||
| echo "tag=release-compute-$(git rev-list --count HEAD)" >> $GITHUB_OUTPUT | ||
| else | ||
| echo "GITHUB_REF_NAME (value '$GITHUB_REF_NAME') is not set to either 'main' or 'release', 'release-proxy', 'release-compute'" | ||
| echo "tag=$GITHUB_RUN_ID" >> $GITHUB_OUTPUT | ||
| fi | ||
| shell: bash | ||
| id: build-tag | ||
| build-build-tools-image: | ||
| needs: [ check-permissions ] | ||
| uses: ./.github/workflows/build-build-tools-image.yml | ||
| secrets: inherit | ||
| build-and-test-locally: | ||
| needs: [ tag, build-build-tools-image ] | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| arch: [ x64, arm64 ] | ||
| # Do not build or run tests in debug for release branches | ||
| build-type: [ debug-with-sanitizers ] | ||
| uses: ./.github/workflows/_build-and-test-locally.yml | ||
| with: | ||
| arch: ${{ matrix.arch }} | ||
| build-tools-image: ${{ needs.build-build-tools-image.outputs.image }}-bookworm | ||
| build-tag: ${{ needs.tag.outputs.build-tag }} | ||
| build-type: ${{ matrix.build-type }} | ||
| # Run tests on all Postgres versions in release builds and only on the latest version in debug builds. | ||
| # Run without LFC on v17 release and debug builds only. For all the other cases LFC is enabled. | ||
| test-cfg: ${{ '[{"pg_version":"v17", "lfc_state": "with-lfc"}]' }} | ||
| secrets: inherit | ||
| create-test-report: | ||
| needs: [ check-permissions, build-and-test-locally ] | ||
| if: ${{ !cancelled() && contains(fromJSON('["skipped", "success"]'), needs.check-permissions.result) }} | ||
| permissions: | ||
| id-token: write # aws-actions/configure-aws-credentials | ||
| statuses: write | ||
| contents: write | ||
| pull-requests: write | ||
| outputs: | ||
| report-url: ${{ steps.create-allure-report.outputs.report-url }} | ||
| runs-on: [ self-hosted, small ] | ||
| container: | ||
| image: ${{ needs.build-build-tools-image.outputs.image }}-bookworm | ||
| credentials: | ||
| username: ${{ secrets.NEON_DOCKERHUB_USERNAME }} | ||
| password: ${{ secrets.NEON_DOCKERHUB_PASSWORD }} | ||
| options: --init | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - name: Create Allure report | ||
| if: ${{ !cancelled() }} | ||
| id: create-allure-report | ||
| uses: ./.github/actions/allure-report-generate | ||
| with: | ||
| store-test-results-into-db: true | ||
| aws-oicd-role-arn: ${{ vars.DEV_AWS_OIDC_ROLE_ARN }} | ||
| env: | ||
| REGRESS_TEST_RESULT_CONNSTR_NEW: ${{ secrets.REGRESS_TEST_RESULT_CONNSTR_NEW }} | ||
| - uses: actions/github-script@v7 | ||
| if: ${{ !cancelled() }} | ||
| with: | ||
| # Retry script for 5XX server errors: https://github.com/actions/github-script#retries | ||
| retries: 5 | ||
| script: | | ||
| const report = { | ||
| reportUrl: "${{ steps.create-allure-report.outputs.report-url }}", | ||
| reportJsonUrl: "${{ steps.create-allure-report.outputs.report-json-url }}", | ||
| } | ||
| const coverage = { | ||
| coverageUrl: "${{ needs.coverage-report.outputs.coverage-html }}", | ||
| summaryJsonUrl: "${{ needs.coverage-report.outputs.coverage-json }}", | ||
| } | ||
| const script = require("./scripts/comment-test-report.js") | ||
| await script({ | ||
| github, | ||
| context, | ||
| fetch, | ||
| report, | ||
| coverage, | ||
| }) | ||
