-
Notifications
You must be signed in to change notification settings - Fork 21
135 lines (129 loc) · 6.44 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: CI
on:
pull_request:
workflow_dispatch:
inputs:
test_env:
type: choice
description: 'Select the wether to run the tests in the CI environment or Production environment'
default: 'PROD'
options:
- CI
- PROD
notebooks:
description: 'The path to the notebooks to test. leave empty to test all notebooks'
required: false
defaults:
run:
working-directory: .tests
shell: bash
jobs:
playwright-tests:
permissions:
contents: 'read'
id-token: 'write'
env:
CSAE_NOTEBOOKS: ${{ github.event.inputs.notebooks }}
CSAE_ENV_PASSWORD: ${{ secrets.CSAE_ENV_PASSWORD }}
CSAE_PARALLEL_TESTS_COUNT: ${{ vars.CSAE_PARALLEL_TESTS_COUNT }}
CSAE_WORKERS_COUNT: ${{ vars.CSAE_WORKERS_COUNT }}
TEST_ENV: ${{ github.event.inputs.test_env || 'PROD' }}
CSAE_CI_JOB_IDX: 1
CSAE_CI_JOB_COUNT: 1
name: Playwirght Test
timeout-minutes: 1440
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
# We need to fetch all branches and commits so that Nx affected has a base to compare against.
fetch-depth: 0
- name: Run changed-files with the commit of the last successful test workflow run
id: changed-files
uses: tj-actions/changed-files@v44
with:
files: |
**.ipynb
- name: List all changed notebook files
if: steps.changed-files.outputs.any_changed == 'true'
id: load-files
env:
ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
run: |
for file in ${ALL_CHANGED_FILES}; do
if ! grep -Fxq "../$file" skip_files.txt
then
echo "../$file"
fi
done | sort > ./files.txt
cat ./files.txt
if [ -s ./files.txt ]; then
echo "tests_exists=true" >> $GITHUB_OUTPUT
else
echo "tests_exists=false" >> $GITHUB_OUTPUT
fi
- uses: actions/setup-node@v3
if: ${{ steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
with:
node-version: 16
- name: Define env name and GCP credentials
if: ${{ steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
id: define-environment
run: |
echo "env-name=ci-$(date +%s%N)" >> $GITHUB_OUTPUT
if [ "${TEST_ENV}" == "CI" ]; then
echo "workload_identity_provider=projects/561066095864/locations/global/workloadIdentityPools/github/providers/jupyter-demos" >> $GITHUB_OUTPUT
echo "[email protected]" >> $GITHUB_OUTPUT
echo "gcp_project=clearscape-ci" >> $GITHUB_OUTPUT
echo "CSAE_CLEARSCAPE_API_KEY=${{ secrets.CSAE_CI_CLEARSCAPE_API_KEY }}" >> $GITHUB_ENV
else
echo "workload_identity_provider=projects/323844706402/locations/global/workloadIdentityPools/github/providers/jupyter-demos" >> $GITHUB_OUTPUT
echo "service_account=cicd-sa@clearscape-production.iam.gserviceaccount.com" >> $GITHUB_OUTPUT
echo "gcp_project=clearscape-production" >> $GITHUB_OUTPUT
echo "CSAE_CLEARSCAPE_API_KEY=${{ secrets.CSAE_CLEARSCAPE_API_KEY }}" >> $GITHUB_ENV
fi
- name: Authenticate with Google Cloud
if: ${{ steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
id: auth
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: ${{steps.define-environment.outputs.workload_identity_provider}}
service_account: ${{steps.define-environment.outputs.service_account}}
- name: Get secrets from Google Secret Manager
if: ${{ steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
id: 'secrets'
uses: 'google-github-actions/get-secretmanager-secrets@v2'
with:
secrets: |-
OPENAI_API_KEY:${{steps.define-environment.outputs.gcp_project}}/JUPYTER_NOTEBOOK_CI_OPEN_AI_KEY
GOOGLE_AI_API_KEY:${{steps.define-environment.outputs.gcp_project}}/GOOGLE_AI_API_KEY
GOOGLE_API_KEY:${{steps.define-environment.outputs.gcp_project}}/GOOGLE_API_KEY
AWS_BEDROCK_ACCESS_KEY_ID:${{steps.define-environment.outputs.gcp_project}}/AWS_BEDROCK_ACCESS_KEY_ID
AWS_BEDROCK_REGION_NAME:${{steps.define-environment.outputs.gcp_project}}/AWS_BEDROCK_REGION_NAME
AWS_BEDROCK_SECRET_ACCESS_KEY:${{steps.define-environment.outputs.gcp_project}}/AWS_BEDROCK_SECRET_ACCESS_KEY
export_to_environment: true
- name: Install dependencies
if: ${{ steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
run: npm ci
- name: Install Playwright browsers
if: ${{ steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
run: |
npx playwright install --with-deps
- name: Start test environments
if: ${{ steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
id: start-test-environment
run: npx ts-node pre_create_env.ts
- name: Run Playwright tests
if: ${{ steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
run: |
export CI_BRANCH=${{ github.head_ref || github.ref_name }}
npx playwright test
- name: Delete test environments
if: ${{always() && steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
run: npx ts-node post_delete_env.ts
- uses: actions/upload-artifact@v4
if: ${{always() && steps.load-files.outputs.tests_exists == 'true' || github.event.inputs.notebooks }}
with:
name: playwright-report
path: .tests/playwright-report/
retention-days: 30