backend.yml 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473
  1. name: backend
  2. on:
  3. push:
  4. branches:
  5. - master
  6. pull_request:
  7. # Cancel in progress workflows on pull_requests.
  8. # https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value
  9. concurrency:
  10. group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
  11. cancel-in-progress: true
  12. # hack for https://github.com/actions/cache/issues/810#issuecomment-1222550359
  13. env:
  14. SEGMENT_DOWNLOAD_TIMEOUT_MINS: 3
  15. jobs:
  16. files-changed:
  17. name: detect what files changed
  18. runs-on: ubuntu-20.04
  19. timeout-minutes: 3
  20. # Map a step output to a job output
  21. outputs:
  22. api_docs: ${{ steps.changes.outputs.api_docs }}
  23. backend: ${{ steps.changes.outputs.backend_all }}
  24. backend_dependencies: ${{ steps.changes.outputs.backend_dependencies }}
  25. backend_any_type: ${{ steps.changes.outputs.backend_any_type }}
  26. migration_lockfile: ${{ steps.changes.outputs.migration_lockfile }}
  27. plugins: ${{ steps.changes.outputs.plugins }}
  28. steps:
  29. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  30. - name: Check for backend file changes
  31. uses: getsentry/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
  32. id: changes
  33. with:
  34. token: ${{ github.token }}
  35. filters: .github/file-filters.yml
  36. api-docs:
  37. if: needs.files-changed.outputs.api_docs == 'true'
  38. needs: files-changed
  39. name: api docs test
  40. runs-on: ubuntu-20.04
  41. steps:
  42. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  43. - uses: getsentry/action-setup-volta@54775a59c41065f54ecc76d1dd5f2cdc7a1550cb # v1.1.0
  44. - name: Setup sentry python env
  45. uses: ./.github/actions/setup-sentry
  46. id: setup
  47. with:
  48. snuba: true
  49. - name: Run API docs tests
  50. # install ts-node for ts build scripts to execute properly without potentially installing
  51. # conflicting deps when running scripts locally
  52. # see: https://github.com/getsentry/sentry/pull/32328/files
  53. run: |
  54. yarn add ts-node && make test-api-docs
  55. backend-test:
  56. if: needs.files-changed.outputs.backend == 'true'
  57. needs: files-changed
  58. name: backend test
  59. runs-on: ubuntu-20.04
  60. timeout-minutes: 40
  61. strategy:
  62. # This helps not having to run multiple jobs because one fails, thus, reducing resource usage
  63. # and reducing the risk that one of many runs would turn red again (read: intermittent tests)
  64. fail-fast: false
  65. matrix:
  66. # XXX: When updating this, make sure you also update MATRIX_INSTANCE_TOTAL.
  67. instance: [0, 1, 2, 3]
  68. pg-version: ['9.6']
  69. env:
  70. # XXX: MATRIX_INSTANCE_TOTAL must be hardcoded to the length of strategy.matrix.instance.
  71. MATRIX_INSTANCE_TOTAL: 4
  72. MIGRATIONS_TEST_MIGRATE: 1
  73. steps:
  74. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  75. with:
  76. # Avoid codecov error message related to SHA resolution:
  77. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  78. fetch-depth: '2'
  79. - name: Setup sentry env
  80. uses: ./.github/actions/setup-sentry
  81. id: setup
  82. with:
  83. snuba: true
  84. # Right now, we run so few bigtable related tests that the
  85. # overhead of running bigtable in all backend tests
  86. # is way smaller than the time it would take to run in its own job.
  87. bigtable: true
  88. pg-version: ${{ matrix.pg-version }}
  89. - name: Run backend test (${{ steps.setup.outputs.matrix-instance-number }} of ${{ steps.setup.outputs.matrix-instance-total }})
  90. run: |
  91. make test-python-ci
  92. - name: Handle artifacts
  93. uses: ./.github/actions/artifacts
  94. cli:
  95. if: needs.files-changed.outputs.backend == 'true'
  96. needs: files-changed
  97. name: cli test
  98. runs-on: ubuntu-20.04
  99. timeout-minutes: 10
  100. strategy:
  101. matrix:
  102. pg-version: ['9.6']
  103. steps:
  104. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  105. - name: Setup sentry env
  106. uses: ./.github/actions/setup-sentry
  107. id: setup
  108. with:
  109. pg-version: ${{ matrix.pg-version }}
  110. - name: Run test
  111. run: |
  112. make test-cli
  113. - name: Handle artifacts
  114. uses: ./.github/actions/artifacts
  115. requirements:
  116. if: needs.files-changed.outputs.backend_dependencies == 'true'
  117. needs: files-changed
  118. name: requirements check
  119. runs-on: ubuntu-20.04
  120. timeout-minutes: 3
  121. steps:
  122. - uses: getsentry/action-github-app-token@97c9e23528286821f97fba885c1b1123284b29cc # v2.0.0
  123. id: token
  124. continue-on-error: true
  125. with:
  126. app_id: ${{ secrets.SENTRY_INTERNAL_APP_ID }}
  127. private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }}
  128. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  129. - uses: actions/setup-python@13ae5bb136fac2878aff31522b9efb785519f984 # v4.3.0
  130. with:
  131. python-version: 3.8.13
  132. - name: check requirements
  133. run: |
  134. python -m pip install -q --constraint requirements-dev-frozen.txt pip-tools
  135. python -S -m tools.freeze_requirements
  136. if ! git diff --exit-code; then
  137. echo $'\n\nrun `make freeze-requirements` locally to update requirements'
  138. exit 1
  139. fi
  140. - name: apply any requirements changes
  141. if: steps.token.outcome == 'success' && github.ref != 'refs/heads/master' && always()
  142. uses: getsentry/action-github-commit@1761f891f036c3efc813b2ba963b121120c1587a # main
  143. with:
  144. github-token: ${{ steps.token.outputs.token }}
  145. message: ':snowflake: re-freeze requirements'
  146. lint:
  147. if: needs.files-changed.outputs.backend == 'true'
  148. needs: files-changed
  149. name: backend lint
  150. runs-on: ubuntu-20.04
  151. timeout-minutes: 10
  152. steps:
  153. - uses: getsentry/action-github-app-token@97c9e23528286821f97fba885c1b1123284b29cc # v2.0.0
  154. id: token
  155. continue-on-error: true
  156. with:
  157. app_id: ${{ secrets.SENTRY_INTERNAL_APP_ID }}
  158. private_key: ${{ secrets.SENTRY_INTERNAL_APP_PRIVATE_KEY }}
  159. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  160. - uses: getsentry/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
  161. id: files
  162. with:
  163. # Enable listing of files matching each filter.
  164. # Paths to files will be available in `${FILTER_NAME}_files` output variable.
  165. # Paths will be escaped and space-delimited.
  166. # Output is usable as command line argument list in linux shell
  167. list-files: shell
  168. # It doesn't make sense to lint deleted files.
  169. # Therefore we specify we are only interested in added or modified files.
  170. filters: |
  171. all:
  172. - added|modified: '**/*.py'
  173. - added|modified: 'requirements-*.txt'
  174. - uses: actions/setup-python@13ae5bb136fac2878aff31522b9efb785519f984 # v4.3.0
  175. with:
  176. python-version: 3.8.13
  177. cache: pip
  178. cache-dependency-path: |
  179. requirements-dev.txt
  180. requirements-dev-frozen.txt
  181. - uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 # v3.0.11
  182. with:
  183. path: ~/.cache/pre-commit
  184. key: cache-epoch-1|${{ env.pythonLocation }}|${{ hashFiles('.pre-commit-config.yaml') }}
  185. - name: Setup pre-commit
  186. # We don't use make setup-git because we're only interested in installing
  187. # requirements-dev.txt as a fast path.
  188. # We don't need pre-commit install --install-hooks since we're just interested
  189. # in running the hooks.
  190. run: |
  191. pip install -r requirements-dev.txt -c requirements-dev-frozen.txt
  192. pre-commit install-hooks
  193. - name: Run pre-commit on changed files
  194. run: |
  195. # Run pre-commit to lint and format check files that were changed (but not deleted) compared to master.
  196. # XXX: there is a very small chance that it'll expand to exceed Linux's limits
  197. # `getconf ARG_MAX` - max # bytes of args + environ for exec()
  198. pre-commit run --files ${{ steps.files.outputs.all_files }}
  199. - name: Apply any pre-commit fixed files
  200. if: steps.token.outcome == 'success' && github.ref != 'refs/heads/master' && always()
  201. uses: getsentry/action-github-commit@1761f891f036c3efc813b2ba963b121120c1587a # main
  202. with:
  203. github-token: ${{ steps.token.outputs.token }}
  204. migration:
  205. if: needs.files-changed.outputs.migration_lockfile == 'true'
  206. needs: files-changed
  207. name: check migration
  208. runs-on: ubuntu-20.04
  209. strategy:
  210. matrix:
  211. pg-version: ['9.6']
  212. steps:
  213. - name: Checkout sentry
  214. uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  215. - name: Setup sentry env
  216. uses: ./.github/actions/setup-sentry
  217. id: setup
  218. with:
  219. pg-version: ${{ matrix.pg-version }}
  220. - name: Migration & lockfile checks
  221. env:
  222. SENTRY_LOG_LEVEL: ERROR
  223. PGPASSWORD: postgres
  224. run: |
  225. ./.github/workflows/scripts/migration-check.sh
  226. plugins:
  227. if: needs.files-changed.outputs.plugins == 'true'
  228. needs: files-changed
  229. name: plugins test
  230. runs-on: ubuntu-20.04
  231. timeout-minutes: 10
  232. steps:
  233. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  234. - name: Setup sentry env
  235. uses: ./.github/actions/setup-sentry
  236. id: setup
  237. with:
  238. snuba: true
  239. - name: Run test
  240. run: |
  241. make test-plugins
  242. region-to-control:
  243. if: needs.files-changed.outputs.backend == 'true'
  244. needs: files-changed
  245. name: region-to-control test
  246. runs-on: ubuntu-20.04
  247. timeout-minutes: 20
  248. steps:
  249. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  250. with:
  251. # Avoid codecov error message related to SHA resolution:
  252. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  253. fetch-depth: '2'
  254. - name: Setup sentry env
  255. uses: ./.github/actions/setup-sentry
  256. id: setup
  257. with:
  258. kafka: true
  259. - name: Run test
  260. run: |
  261. make test-region-to-control-integration
  262. - name: Handle artifacts
  263. uses: ./.github/actions/artifacts
  264. relay:
  265. if: needs.files-changed.outputs.backend == 'true'
  266. needs: files-changed
  267. name: relay test
  268. runs-on: ubuntu-20.04
  269. timeout-minutes: 20
  270. steps:
  271. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  272. with:
  273. # Avoid codecov error message related to SHA resolution:
  274. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  275. fetch-depth: '2'
  276. - name: Setup sentry env
  277. uses: ./.github/actions/setup-sentry
  278. id: setup
  279. with:
  280. snuba: true
  281. kafka: true
  282. - name: Pull relay image
  283. run: |
  284. # pull relay we'll run and kill it for each test
  285. docker pull us.gcr.io/sentryio/relay:nightly
  286. docker ps -a
  287. - name: Run test
  288. run: |
  289. make test-relay-integration
  290. - name: Handle artifacts
  291. uses: ./.github/actions/artifacts
  292. snuba:
  293. if: needs.files-changed.outputs.backend == 'true'
  294. needs: files-changed
  295. name: snuba test
  296. runs-on: ubuntu-20.04
  297. timeout-minutes: 30
  298. strategy:
  299. # This helps not having to run multiple jobs because one fails, thus, reducing resource usage
  300. # and reducing the risk that one of many runs would turn red again (read: intermittent tests)
  301. fail-fast: false
  302. matrix:
  303. # XXX: When updating this, make sure you also update MATRIX_INSTANCE_TOTAL.
  304. instance: [0, 1]
  305. env:
  306. # XXX: MATRIX_INSTANCE_TOTAL must be hardcoded to the length of strategy.matrix.instance.
  307. MATRIX_INSTANCE_TOTAL: 2
  308. MIGRATIONS_TEST_MIGRATE: 1
  309. steps:
  310. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  311. with:
  312. # Avoid codecov error message related to SHA resolution:
  313. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  314. fetch-depth: '2'
  315. - name: Setup sentry env
  316. uses: ./.github/actions/setup-sentry
  317. id: setup
  318. with:
  319. snuba: true
  320. kafka: true
  321. - name: Run snuba test (${{ steps.setup.outputs.matrix-instance-number }} of ${{ steps.setup.outputs.matrix-instance-total }})
  322. run: |
  323. make test-snuba
  324. - name: Handle artifacts
  325. uses: ./.github/actions/artifacts
  326. symbolicator:
  327. if: needs.files-changed.outputs.backend == 'true'
  328. needs: files-changed
  329. name: symbolicator test
  330. runs-on: ubuntu-20.04
  331. timeout-minutes: 10
  332. steps:
  333. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  334. with:
  335. # Avoid codecov error message related to SHA resolution:
  336. # https://github.com/codecov/codecov-bash/blob/7100762afbc822b91806a6574658129fe0d23a7d/codecov#L891
  337. fetch-depth: '2'
  338. - name: Setup sentry env
  339. uses: ./.github/actions/setup-sentry
  340. id: setup
  341. with:
  342. snuba: true
  343. kafka: true
  344. - name: Start symbolicator
  345. run: |
  346. echo $PWD
  347. docker run \
  348. -d \
  349. -v $PWD/config/symbolicator/:/etc/symbolicator \
  350. --network host \
  351. --name symbolicator \
  352. us.gcr.io/sentryio/symbolicator:nightly \
  353. run -c /etc/symbolicator/config.yml
  354. docker ps -a
  355. - name: Run test
  356. run: |
  357. make test-symbolicator
  358. - name: Handle artifacts
  359. uses: ./.github/actions/artifacts
  360. typing:
  361. if: needs.files-changed.outputs.backend == 'true'
  362. needs: files-changed
  363. name: backend typing
  364. runs-on: ubuntu-20.04
  365. timeout-minutes: 12
  366. steps:
  367. - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
  368. - name: Setup Python
  369. uses: ./.github/actions/setup-python
  370. with:
  371. python-version: 3.8.13
  372. dependency-paths: requirements-dev-frozen.txt
  373. #- name: Setup Python
  374. # uses: actions/setup-python@13ae5bb136fac2878aff31522b9efb785519f984 # v4.3.0
  375. # with:
  376. # python-version: 3.8.13
  377. # cache: pip
  378. # cache-dependency-path: requirements-dev-frozen.txt
  379. # We don't call setup-sentry, because we don't need devservices.
  380. #- name: Setup backend typing
  381. # run: pip install -r requirements-dev-frozen.txt
  382. - name: Run backend typing (${{ steps.setup.outputs.matrix-instance-number }} of ${{ strategy.job-total }})
  383. run: make backend-typing
  384. # This check runs once all dependant jobs have passed
  385. # It symbolizes that all required Backend checks have succesfully passed (Or skipped)
  386. # This check is the only required Github check
  387. backend-required-check:
  388. needs:
  389. [
  390. api-docs,
  391. backend-test,
  392. cli,
  393. lint,
  394. requirements,
  395. migration,
  396. plugins,
  397. relay,
  398. region-to-control,
  399. snuba,
  400. symbolicator,
  401. typing,
  402. ]
  403. name: Backend
  404. # This is necessary since a failed/skipped dependent job would cause this job to be skipped
  405. if: always()
  406. runs-on: ubuntu-20.04
  407. steps:
  408. # If any jobs we depend on fail, we will fail since this is a required check
  409. # NOTE: A timeout is considered a failure
  410. - name: Check for failures
  411. if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
  412. run: |
  413. echo "One of the dependent jobs have failed. You may need to re-run it." && exit 1