Skip to content

Update dependency troposphere to v4.8.3 - autoclosed #5331

Update dependency troposphere to v4.8.3 - autoclosed

Update dependency troposphere to v4.8.3 - autoclosed #5331

Workflow file for this run

name: CI/CD
on:
pull_request: # any pull request
push:
branches:
- master
defaults:
run:
shell: bash
env:
AWS_DEFAULT_OUTPUT: json
AWS_DEFAULT_REGION: us-east-1
AWS_MAX_ATTEMPTS: 20 # retry attempts for AWS API calls
AWS_RETRY_MODE: adaptive # defaults to "legacy"; this handles more errors
NODE_VERSION: '20'
PYTEST_ADDOPTS: --color=yes
RUNWAY_TEST_NAMESPACE: gh-${{ github.run_id }}
PIPENV_IGNORE_VIRTUALENVS: '1'
jobs:
changes:
runs-on: ubuntu-latest
outputs:
infra-test: ${{ steps.filter.outputs.infrastructure-test }}
infra-test-alt: ${{ steps.filter.outputs.infrastructure-test-alt }}
steps:
- name: ⤵️ Check out code from GitHub
uses: actions/checkout@v4 # not needed for pull_request
if: |
github.event_name == 'push'
- uses: dorny/paths-filter@v3 # cspell:ignore dorny
id: filter
with:
filters: |
infrastructure-test:
- 'infrastructure/blueprints/admin_user.py'
- 'infrastructure/blueprints/cfngin_bucket.py'
- 'infrastructure/blueprints/prevent_privilege_escalation.py'
- 'infrastructure/blueprints/test_runner_boundary.py'
- 'infrastructure/blueprints/test_runner_user.py'
- 'infrastructure/test/common/**'
infrastructure-test-alt:
- 'infrastructure/blueprints/admin_role.py'
- 'infrastructure/blueprints/cfngin_bucket.py'
- 'infrastructure/blueprints/prevent_privilege_escalation.py'
- 'infrastructure/blueprints/test_runner_boundary.py'
- 'infrastructure/test-alt/common/**'
info:
name: Output useful information
runs-on: ubuntu-latest
outputs:
is-actor-bot: ${{ steps.gh-context.outputs.is-actor-bot }} # if the actor (user) is a bot
is-fork: ${{ steps.gh-context.outputs.is-fork }} # if the action is running in or from (PR) a fork
repo-head: ${{ steps.gh-context.outputs.repo-head }} # repo where change occurred
repo-origin: ${{ steps.gh-context.outputs.repo-origin }} # origin of codebase
steps:
- name: ℹ️ Output GitHub Context
id: gh-context
run: |
export _REPO_ORIGIN="rackspace/runway";
echo "repo-origin=${_REPO_ORIGIN}" >> "${GITHUB_OUTPUT}";
export _REPO_HEAD="${{ github.event.pull_request.head.repo.full_name || github.repository }}";
echo "repo-head=${_REPO_HEAD}" >> "${GITHUB_OUTPUT}";
if [[ "${_REPO_HEAD}" == "${_REPO_ORIGIN}" ]]; then
echo "is-fork=false" >> "${GITHUB_OUTPUT}";
else
echo "is-fork=true" >> "${GITHUB_OUTPUT}";
fi;
if [[ ${{ github.actor }} == *"[bot]" ]]; then
echo "is-actor-bot=true" >> "${GITHUB_OUTPUT}";
else
echo "is-actor-bot=false" >> "${GITHUB_OUTPUT}";
fi;
deploy-test-infrastructure:
name: Deploy Test Infrastructure
environment: test
concurrency: test-infrastructure
needs:
- changes
- info
if: |
needs.info.outputs.is-fork == 'false' &&
(needs.changes.outputs.infra-test == 'true' || needs.changes.outputs.infra-test-alt == 'true')
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out code from GitHub
uses: actions/checkout@v4
- name: 🏗 Setup Python
uses: finleyfamily/action-setup-python@v1.0.0
with:
poetry-plugins: poetry-dynamic-versioning[plugin]
- name: 🏗 Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.DEPLOY_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.DEPLOY_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: 🚀 Deploy to the test environment
run: make deploy test
working-directory: infrastructure
- name: 🚀 Deploy to the test-alt environment
run: make deploy test-alt
working-directory: infrastructure
lint-python:
name: Lint Python
strategy:
fail-fast: false
matrix:
python-version: [3.9, '3.10', '3.11']
os: [ubuntu-latest, windows-latest]
runs-on: ${{ matrix.os }}
env:
# populating AWS creds with fake values
AWS_ACCESS_KEY_ID: test
AWS_SECRET_ACCESS_KEY: test
steps:
- name: ⤵️ Check out code from GitHub
uses: actions/checkout@v4
- name: 🏗 Setup Node
uses: actions/setup-node@v4
with:
cache: npm
node-version: ${{ env.NODE_VERSION }}
- name: 🏗 Setup Python
uses: finleyfamily/action-setup-python@v1.0.0
with:
poetry-plugins: poetry-dynamic-versioning[plugin]
python-version: ${{ matrix.python-version }}
- name: ⤵️ Install Node Dependencies
run: make setup-npm
- name: 🚀 Run Linters
run: make lint
test-functional:
name: Functional Tests
needs:
- deploy-test-infrastructure
- info
if: |
always() &&
needs.info.outputs.is-fork == 'false' &&
needs.info.outputs.is-actor-bot == 'false' &&
(needs.deploy-test-infrastructure.result == 'success' || needs.deploy-test-infrastructure.result == 'skipped')
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out code from GitHub
uses: actions/checkout@v4
- name: 🏗 Setup Node
uses: actions/setup-node@v4
with:
cache: npm
node-version: ${{ env.NODE_VERSION }}
- name: 🏗 Setup Python
uses: finleyfamily/action-setup-python@v1.0.0
with:
poetry-plugins: poetry-dynamic-versioning[plugin]
python-version: '3.10'
- name: ⤵️ Install Ubuntu Dependencies
run: |
sudo apt update -y
sudo apt install -y default-libmysqlclient-dev libxml2-dev libxmlsec1-dev libxmlsec1-openssl pkg-config
- name: 🏗 Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.TEST_RUNNER_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.TEST_RUNNER_AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1
- name: 🚀 Run Tests
run: make test-functional
test-python:
name: Test Python
strategy:
fail-fast: false
matrix:
python-version: [3.9, '3.10', '3.11']
os: [ubuntu-latest, windows-latest]
runs-on: ${{ matrix.os }}
env:
# populating AWS creds with fake values
AWS_ACCESS_KEY_ID: test
AWS_SECRET_ACCESS_KEY: test
steps:
- name: ⤵️ Check out code from GitHub (complete)
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: 🏗 Setup Node
uses: actions/setup-node@v4
with:
cache: npm
node-version: ${{ env.NODE_VERSION }}
- name: 🏗 Setup Python
uses: finleyfamily/action-setup-python@v1.0.0
with:
poetry-plugins: poetry-dynamic-versioning[plugin]
python-version: ${{ matrix.python-version }}
- name: ⤵️ Install Node Dependencies
run: make setup-npm
- name: 🏗 Configure Pagefile # avoid MemoryError during tests
if: runner.os == 'Windows'
uses: al-cheb/configure-pagefile-action@v1.4 # cspell:ignore cheb
with:
minimum-size: 16GB
maximum-size: 16GB
disk-root: 'C:'
- name: 🚀 Run Integration & Unit Tests
# assertions assume linux so some fail when run on windows
run: make test cov-xml
- name: ⤴️ Upload to Codecov
uses: codecov/codecov-action@v4.6.0
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
build-pypi:
name: Build PyPi 📦
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out code from GitHub (complete)
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: 🏗 Setup Python
uses: finleyfamily/action-setup-python@v1.0.0
with:
poetry-install: false
poetry-plugins: poetry-dynamic-versioning[plugin]
# Remove apt repos that are known to break from time to time
# See https://github.com/actions/virtual-environments/issues/323
- name: Remove broken apt repos (ubuntu)
run: |
for apt_file in `grep -lr microsoft /etc/apt/sources.list.d/`; do sudo rm $apt_file; done
- name: ⤵️ Install Dependencies (ubuntu)
run: sudo apt-get update && sudo apt-get install sed -y
- name: 👷 Build
run: make build
- name: ⤴️ Upload distribution artifact
uses: actions/upload-artifact@v4
with:
name: pypi-dist
path: dist