Skip to content

Schedule Daily

Schedule Daily #1038

name: Schedule Daily
on:
schedule:
# Note that we would like there to be no overlap between the system-tests-benchmarks-nightly job below
# and the Release Testing workflow triggered by the Schedule RC workflow.
- cron: "0 1 * * *"
workflow_dispatch:
env:
BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
CI_COMMIT_SHA: ${{ github.sha }}
CI_JOB_NAME: ${{ github.job }}
CI_PROJECT_DIR: ${{ github.workspace }}
CI_RUN_ID: ${{ github.run_id }}
jobs:
fi-tests-nightly:
name: Bazel Test FI Nightly
runs-on: &dind-large-setup
labels: dind-large
container: &container-setup
image: ghcr.io/dfinity/ic-build@sha256:15e6eca52d696697a681916c92ab3623ebff1fcff70156220b0270c2985a6b2b
options: >-
-e NODE_NAME --privileged --cgroupns host --mount type=tmpfs,target="/tmp/containers"
timeout-minutes: 720 # 12 hours
environment: Nightly Tests
steps:
- &checkout
name: Checkout
uses: actions/checkout@v4
- &backup-pod-access
name: Set up backup pod access
run: |
# The following adds the SSH private key to the ssh-agent such that CI can SSH into the backup pod.
if [ -z "${SSH_AUTH_SOCK:-}" ]; then
eval "$(ssh-agent -s)"
ssh-add - <<'EOF'
${{ secrets.SSH_PRIVATE_KEY_BACKUP_POD }}
EOF
echo "SSH_AUTH_SOCK=$SSH_AUTH_SOCK" >> "$GITHUB_ENV"
fi
rm -rf ~/.ssh
mkdir -p ~/.ssh
chmod 0700 ~/.ssh
echo -e "Host *\nUser github-runner\n" > ~/.ssh/config
- name: Run FI Tests Nightly
uses: ./.github/actions/bazel
with:
run: |
bazel test \
--config=stamped \
--test_tag_filters=fi_tests_nightly \
//rs/ledger_suite/... \
--test_env=SSH_AUTH_SOCK \
--keep_going --test_timeout=43200
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
bazel-test-bare-metal:
name: Bazel Test Bare Metal
runs-on: *dind-large-setup
container: *container-setup
environment: Nightly Tests
steps:
- *checkout
- name: Run Bazel Launch Bare Metal
shell: bash
run: |
echo "$ZH2_DLL01_INI_SECRET" > file1
echo "$ZH2_FILE_SHARE_KEY" > file2 && chmod 400 file2
launch_bare_metal() {
# shellcheck disable=SC2046,SC2086
bazel --output_base=/var/tmp/bazel-output run \
//ic-os/setupos/envs/dev:launch_bare_metal -- \
--config_path "$(realpath ./ic-os/dev-tools/bare_metal_deployment/zh2-dll01.yaml)" \
--ini_filename "$(realpath file1)" \
--file_share_ssh_key "$(realpath file2)" \
--inject_image_pub_key "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK3gjE/2K5nxIBbk3ohgs8J5LW+XiObwA+kGtSaF5+4c" \
--file_share_username ci_interim \
--ci_mode \
$@
}
# Run bare metal installation test
launch_bare_metal --hsm
# Run bare metal node performance benchmarks
launch_bare_metal --benchmark
# Run bare metal node hostOS metrics check
launch_bare_metal --check_hostos_metrics
bazel clean
env:
ZH2_DLL01_INI_SECRET: "${{ secrets.ZH2_DLL01_INI_SECRET }}"
ZH2_FILE_SHARE_KEY: "${{ secrets.ZH2_FILE_SHARE_KEY }}"
nns-tests-nightly:
name: Bazel Test NNS Nightly
runs-on: *dind-large-setup
container: *container-setup
timeout-minutes: 30
environment: Nightly Tests
steps:
- *checkout
- *backup-pod-access
- name: Run NNS Tests Nightly
uses: ./.github/actions/bazel
with:
run: |
bazel test \
--config=stamped \
--test_tag_filters=nns_tests_nightly \
//... \
--test_env=SSH_AUTH_SOCK --test_env=NNS_CANISTER_UPGRADE_SEQUENCE=all \
--keep_going
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Post Slack Notification
uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
if: failure()
with:
channel-id: eng-nns
slack-message: "${{ github.job }} failed :disappointed: - <${{github.server_url}}/${{github.repository}}/actions/runs/${{github.run_id}}|Run#${{github.run_id}}>"
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_API_TOKEN }}
pocketic-tests-nightly:
name: Bazel Test PocketIC Nightly
runs-on: *dind-large-setup
container: *container-setup
timeout-minutes: 30
steps:
- *checkout
- name: Run PocketIC Tests Nightly
uses: ./.github/actions/bazel
with:
run: |
bazel test \
--config=stamped \
--test_tag_filters=pocketic_tests_nightly \
//rs/pocket_ic_server/... \
--test_env=SSH_AUTH_SOCK \
--keep_going
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Post Slack Notification
uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
if: failure()
with:
channel-id: pocket-ic
slack-message: "${{ github.job }} failed :disappointed: - <${{github.server_url}}/${{github.repository}}/actions/runs/${{github.run_id}}|Run#${{github.run_id}}>"
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_API_TOKEN }}
system-tests-benchmarks-nightly:
name: Bazel System Test Benchmarks
runs-on: *dind-large-setup
container: *container-setup
timeout-minutes: 480
steps:
- *checkout
- name: Test System Test Benchmarks
id: bazel-system-test-benchmarks
uses: ./.github/actions/bazel
with:
run: |
set -euo pipefail
# NOTE: we use `bazel query` to list the targets explicitly because (at the
# time of writing) benchmark targets are labeled as manual and would not be
# picked up by e.g. `bazel test //...`
target_pattern_file=$(mktemp)
bazel query 'attr(tags, system_test_benchmark, //rs/...)' | grep -v head_nns > "$target_pattern_file"
echo "inferred system test benchmark targets:"
cat "$target_pattern_file"
# note: there's just one performance cluster, so the job can't be parallelized (hence --jobs=1)
bazel test \
--config=stamped \
--test_tag_filters=system_test_benchmark \
--//bazel:enable_upload_perf_systest_results=True \
--target_pattern_file="$target_pattern_file" \
--test_env=SSH_AUTH_SOCK --test_env=NNS_CANISTER_UPGRADE_SEQUENCE=all \
--keep_going --jobs=1
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Post Slack Notification
uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
if: failure()
with:
channel-id: eng-ic-benchmark-alerts
slack-message: "${{ github.job }} failed :disappointed: - <${{github.server_url}}/${{github.repository}}/actions/runs/${{github.run_id}}|Run#${{github.run_id}}>"
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_API_TOKEN }}
# CI job is also executed in PR on use of 'CI_COVERAGE' label
bazel-test-coverage:
name: Bazel Test Coverage
runs-on: *dind-large-setup
container: *container-setup
if: false
steps:
- *checkout
- name: Run Bazel Test Coverage
shell: bash
# TODO: enable when bazel coverage is fixed
#run: ./ci/scripts/bazel-coverage.sh
run: echo "Disabled until fixed"
- name: Upload bazel-coverage
uses: actions/upload-artifact@v4
with:
name: bazel-coverage
retention-days: 1
if-no-files-found: ignore
compression-level: 9
path: |
cov_html.zip
pocket-ic-tests-windows:
uses: ./.github/workflows/pocket-ic-tests-windows.yml
with:
commit-sha: ${{ github.sha }}