backend.yml 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457
  1. name: backend
  2. on:
  3. push:
  4. branches:
  5. - master
  6. pull_request:
  7. # Cancel in progress workflows on pull_requests.
  8. # https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value
  9. concurrency:
  10. group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
  11. cancel-in-progress: true
  12. # hack for https://github.com/actions/cache/issues/810#issuecomment-1222550359
  13. env:
  14. SEGMENT_DOWNLOAD_TIMEOUT_MINS: 3
  15. jobs:
  16. files-changed:
  17. name: detect what files changed
  18. runs-on: ubuntu-20.04
  19. timeout-minutes: 3
  20. # Map a step output to a job output
  21. outputs:
  22. api_docs: ${{ steps.changes.outputs.api_docs }}
  23. backend: ${{ steps.changes.outputs.backend_all }}
  24. backend_dependencies: ${{ steps.changes.outputs.backend_dependencies }}
  25. backend_any_type: ${{ steps.changes.outputs.backend_any_type }}
  26. migration_lockfile: ${{ steps.changes.outputs.migration_lockfile }}
  27. plugins: ${{ steps.changes.outputs.plugins }}
  28. steps:
  29. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  30. - name: Check for backend file changes
  31. uses: getsentry/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
  32. id: changes
  33. with:
  34. token: ${{ github.token }}
  35. filters: .github/file-filters.yml
  36. api-docs:
  37. if: needs.files-changed.outputs.api_docs == 'true'
  38. needs: files-changed
  39. name: api docs test
  40. runs-on: ubuntu-20.04
  41. steps:
  42. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  43. - uses: getsentry/action-setup-volta@54775a59c41065f54ecc76d1dd5f2cdc7a1550cb # v1.1.0
  44. - name: Setup sentry python env
  45. uses: ./.github/actions/setup-sentry
  46. id: setup
  47. with:
  48. snuba: true
  49. - name: Run API docs tests
  50. # install ts-node for ts build scripts to execute properly without potentially installing
  51. # conflicting deps when running scripts locally
  52. # see: https://github.com/getsentry/sentry/pull/32328/files
  53. run: |
  54. yarn add ts-node && make test-api-docs
  55. backend-test:
  56. if: needs.files-changed.outputs.backend == 'true'
  57. needs: files-changed
  58. name: backend test
  59. runs-on: ubuntu-20.04
  60. timeout-minutes: 40
  61. strategy:
  62. # This helps not having to run multiple jobs because one fails, thus, reducing resource usage
  63. # and reducing the risk that one of many runs would turn red again (read: intermittent tests)
  64. fail-fast: false
  65. matrix:
  66. # XXX: When updating this, make sure you also update MATRIX_INSTANCE_TOTAL.
  67. instance: [0, 1, 2, 3, 4, 5, 6]
  68. pg-version: ['14']
  69. env:
  70. # XXX: `MATRIX_INSTANCE_TOTAL` must be hardcoded to the length of `strategy.matrix.instance`.
  71. # If this increases, make sure to also increase `flags.backend.after_n_builds` in `codecov.yml`.
  72. MATRIX_INSTANCE_TOTAL: 7
  73. steps:
  74. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  75. with:
  76. # Avoid codecov error message related to SHA resolution:
  77. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  78. fetch-depth: '2'
  79. - name: Setup sentry env
  80. uses: ./.github/actions/setup-sentry
  81. id: setup
  82. with:
  83. snuba: true
  84. # Right now, we run so few bigtable related tests that the
  85. # overhead of running bigtable in all backend tests
  86. # is way smaller than the time it would take to run in its own job.
  87. bigtable: true
  88. pg-version: ${{ matrix.pg-version }}
  89. - name: Run backend test (${{ steps.setup.outputs.matrix-instance-number }} of ${{ steps.setup.outputs.matrix-instance-total }})
  90. run: |
  91. make test-python-ci
  92. # Upload coverage data even if running the tests step fails since
  93. # it reduces large coverage fluctuations
  94. - name: Handle artifacts
  95. if: ${{ always() }}
  96. uses: ./.github/actions/artifacts
  97. with:
  98. token: ${{ secrets.CODECOV_TOKEN }}
  99. backend-migration-tests:
  100. if: needs.files-changed.outputs.backend == 'true'
  101. needs: files-changed
  102. name: backend migration tests
  103. runs-on: ubuntu-20.04
  104. timeout-minutes: 30
  105. strategy:
  106. matrix:
  107. pg-version: ['14']
  108. steps:
  109. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  110. with:
  111. # Avoid codecov error message related to SHA resolution:
  112. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  113. fetch-depth: '2'
  114. - name: Setup sentry env
  115. uses: ./.github/actions/setup-sentry
  116. id: setup
  117. with:
  118. snuba: true
  119. pg-version: ${{ matrix.pg-version }}
  120. - name: run tests
  121. run: |
  122. MIGRATIONS_TEST_MIGRATE=1 PYTEST_ADDOPTS="$PYTEST_ADDOPTS -m migrations" make test-python-ci
  123. # Upload coverage data even if running the tests step fails since
  124. # it reduces large coverage fluctuations
  125. - name: Handle artifacts
  126. if: ${{ always() }}
  127. uses: ./.github/actions/artifacts
  128. with:
  129. token: ${{ secrets.CODECOV_TOKEN }}
  130. cli:
  131. if: needs.files-changed.outputs.backend == 'true'
  132. needs: files-changed
  133. name: cli test
  134. runs-on: ubuntu-20.04
  135. timeout-minutes: 10
  136. strategy:
  137. matrix:
  138. pg-version: ['14']
  139. steps:
  140. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  141. - name: Setup sentry env
  142. uses: ./.github/actions/setup-sentry
  143. id: setup
  144. with:
  145. pg-version: ${{ matrix.pg-version }}
  146. - name: Run test
  147. run: |
  148. make test-cli
  149. # Upload coverage data even if running the tests step fails since
  150. # it reduces large coverage fluctuations
  151. - name: Handle artifacts
  152. if: ${{ always() }}
  153. uses: ./.github/actions/artifacts
  154. with:
  155. token: ${{ secrets.CODECOV_TOKEN }}
  156. requirements:
  157. if: needs.files-changed.outputs.backend_dependencies == 'true'
  158. needs: files-changed
  159. name: requirements check
  160. runs-on: ubuntu-20.04
  161. timeout-minutes: 3
  162. steps:
  163. - uses: getsentry/action-github-app-token@97c9e23528286821f97fba885c1b1123284b29cc # v2.0.0
  164. id: token
  165. continue-on-error: true
  166. with:
  167. app_id: ${{ vars.SENTRY_INTERNAL_APP_ID }}
  168. private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }}
  169. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  170. - uses: getsentry/action-setup-venv@9e3bbae3836b1b6f129955bf55a19e1d99a61c67 # v1.0.5
  171. with:
  172. python-version: 3.8.16
  173. cache-depedency: requirements-dev-frozen.txt
  174. install-cmd: pip install -q --constraint requirements-dev-frozen.txt pip-tools
  175. - name: check requirements
  176. run: |
  177. python -S -m tools.freeze_requirements
  178. if ! git diff --exit-code; then
  179. echo $'\n\nrun `make freeze-requirements` locally to update requirements'
  180. exit 1
  181. fi
  182. - name: apply any requirements changes
  183. if: steps.token.outcome == 'success' && github.ref != 'refs/heads/master' && always()
  184. uses: getsentry/action-github-commit@748c31dd78cffe76f51bef49a0be856b6effeda7 # v1.1.0
  185. with:
  186. github-token: ${{ steps.token.outputs.token }}
  187. message: ':snowflake: re-freeze requirements'
  188. migration:
  189. if: needs.files-changed.outputs.migration_lockfile == 'true'
  190. needs: files-changed
  191. name: check migration
  192. runs-on: ubuntu-20.04
  193. strategy:
  194. matrix:
  195. pg-version: ['14']
  196. steps:
  197. - name: Checkout sentry
  198. uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  199. - name: Setup sentry env
  200. uses: ./.github/actions/setup-sentry
  201. id: setup
  202. with:
  203. pg-version: ${{ matrix.pg-version }}
  204. - name: Migration & lockfile checks
  205. env:
  206. SENTRY_LOG_LEVEL: ERROR
  207. PGPASSWORD: postgres
  208. run: |
  209. ./.github/workflows/scripts/migration-check.sh
  210. plugins:
  211. if: needs.files-changed.outputs.plugins == 'true'
  212. needs: files-changed
  213. name: plugins test
  214. runs-on: ubuntu-20.04
  215. timeout-minutes: 10
  216. steps:
  217. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  218. - name: Setup sentry env
  219. uses: ./.github/actions/setup-sentry
  220. id: setup
  221. with:
  222. snuba: true
  223. - name: Run test
  224. run: |
  225. make test-plugins
  226. relay:
  227. if: needs.files-changed.outputs.backend == 'true'
  228. needs: files-changed
  229. name: relay test
  230. runs-on: ubuntu-20.04
  231. timeout-minutes: 30
  232. steps:
  233. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  234. with:
  235. # Avoid codecov error message related to SHA resolution:
  236. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  237. fetch-depth: '2'
  238. - name: Setup sentry env
  239. uses: ./.github/actions/setup-sentry
  240. id: setup
  241. with:
  242. snuba: true
  243. kafka: true
  244. - name: Pull relay image
  245. run: |
  246. # pull relay we'll run and kill it for each test
  247. docker pull us.gcr.io/sentryio/relay:nightly
  248. docker ps -a
  249. - name: Run test
  250. env:
  251. SENTRY_FORCE_SILOED_TESTS: 1
  252. run: |
  253. make test-relay-integration
  254. # Upload coverage data even if running the tests step fails since
  255. # it reduces large coverage fluctuations
  256. - name: Handle artifacts
  257. if: ${{ always() }}
  258. uses: ./.github/actions/artifacts
  259. with:
  260. token: ${{ secrets.CODECOV_TOKEN }}
  261. snuba:
  262. if: needs.files-changed.outputs.backend == 'true'
  263. needs: files-changed
  264. name: snuba test
  265. runs-on: ubuntu-20.04
  266. timeout-minutes: 45
  267. strategy:
  268. # This helps not having to run multiple jobs because one fails, thus, reducing resource usage
  269. # and reducing the risk that one of many runs would turn red again (read: intermittent tests)
  270. fail-fast: false
  271. matrix:
  272. # XXX: When updating this, make sure you also update MATRIX_INSTANCE_TOTAL.
  273. instance: [0, 1, 2, 3]
  274. env:
  275. # XXX: MATRIX_INSTANCE_TOTAL must be hardcoded to the length of strategy.matrix.instance.
  276. MATRIX_INSTANCE_TOTAL: 4
  277. steps:
  278. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  279. with:
  280. # Avoid codecov error message related to SHA resolution:
  281. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  282. fetch-depth: '2'
  283. - name: Setup sentry env
  284. uses: ./.github/actions/setup-sentry
  285. id: setup
  286. with:
  287. snuba: true
  288. kafka: true
  289. - name: Run snuba test (${{ steps.setup.outputs.matrix-instance-number }} of ${{ steps.setup.outputs.matrix-instance-total }})
  290. run: |
  291. make test-snuba
  292. # Upload coverage data even if running the tests step fails since
  293. # it reduces large coverage fluctuations
  294. - name: Handle artifacts
  295. if: ${{ always() }}
  296. uses: ./.github/actions/artifacts
  297. with:
  298. token: ${{ secrets.CODECOV_TOKEN }}
  299. symbolicator:
  300. if: needs.files-changed.outputs.backend == 'true'
  301. needs: files-changed
  302. name: symbolicator test
  303. runs-on: ubuntu-20.04
  304. timeout-minutes: 20
  305. steps:
  306. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  307. with:
  308. # Avoid codecov error message related to SHA resolution:
  309. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  310. fetch-depth: '2'
  311. - name: Setup sentry env
  312. uses: ./.github/actions/setup-sentry
  313. id: setup
  314. with:
  315. snuba: true
  316. kafka: true
  317. - name: Start symbolicator
  318. run: |
  319. echo $PWD
  320. docker run \
  321. -d \
  322. -v $PWD/config/symbolicator/:/etc/symbolicator \
  323. --network host \
  324. --name symbolicator \
  325. us.gcr.io/sentryio/symbolicator:nightly \
  326. run -c /etc/symbolicator/config.yml
  327. docker ps -a
  328. - name: Run test
  329. run: |
  330. make test-symbolicator
  331. # Upload coverage data even if running the tests step fails since
  332. # it reduces large coverage fluctuations
  333. - name: Handle artifacts
  334. if: ${{ always() }}
  335. uses: ./.github/actions/artifacts
  336. with:
  337. token: ${{ secrets.CODECOV_TOKEN }}
  338. typing:
  339. if: needs.files-changed.outputs.backend == 'true'
  340. needs: files-changed
  341. name: backend typing
  342. runs-on: ubuntu-20.04
  343. timeout-minutes: 20
  344. steps:
  345. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  346. - uses: getsentry/action-setup-venv@9e3bbae3836b1b6f129955bf55a19e1d99a61c67 # v1.0.5
  347. with:
  348. python-version: 3.8.16
  349. cache-dependency-path: requirements-dev-frozen.txt
  350. install-cmd: pip install -r requirements-dev-frozen.txt
  351. - name: setup sentry (lite)
  352. run: |
  353. SENTRY_LIGHT_BUILD=1 pip install --no-deps -e .
  354. sentry init
  355. - run: make backend-typing
  356. id: run
  357. - uses: getsentry/action-github-app-token@97c9e23528286821f97fba885c1b1123284b29cc # v2.0.0
  358. id: token
  359. continue-on-error: true
  360. with:
  361. app_id: ${{ vars.SENTRY_INTERNAL_APP_ID }}
  362. private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }}
  363. # only if `backend-typing` succeeds should we try and trim the blocklist
  364. - run: |
  365. python3 -m tools.mypy_helpers.make_module_ignores
  366. git diff --exit-code
  367. - name: apply blocklist changes
  368. if: steps.token.outcome == 'success' && steps.run.outcome == 'success' && github.ref != 'refs/heads/master' && always()
  369. uses: getsentry/action-github-commit@748c31dd78cffe76f51bef49a0be856b6effeda7 # v1.1.0
  370. with:
  371. github-token: ${{ steps.token.outputs.token }}
  372. message: ':knife: regenerate mypy module blocklist'
  373. # This check runs once all dependent jobs have passed
  374. # It symbolizes that all required Backend checks have succesfully passed (Or skipped)
  375. # This step is the only required backend check
  376. backend-required-check:
  377. needs:
  378. [
  379. api-docs,
  380. backend-test,
  381. backend-migration-tests,
  382. cli,
  383. files-changed,
  384. requirements,
  385. migration,
  386. plugins,
  387. relay,
  388. snuba,
  389. symbolicator,
  390. typing,
  391. ]
  392. name: Backend
  393. # This is necessary since a failed/skipped dependent job would cause this job to be skipped
  394. if: always()
  395. runs-on: ubuntu-20.04
  396. steps:
  397. # If any jobs we depend on fail, we will fail since this is a required check
  398. # NOTE: A timeout is considered a failure
  399. - name: Check for failures
  400. if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
  401. run: |
  402. echo "One of the dependent jobs have failed. You may need to re-run it." && exit 1