larryh/corso
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
corso/.github/workflows/longevity_test.yml
dependabot[bot] b0eb3109dd
⬆️ Bump aws-actions/configure-aws-credentials from 2 to 3 (#4121) 
Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/aws-actions/configure-aws-credentials/releases">aws-actions/configure-aws-credentials's releases</a>.</em></p>
<blockquote>
<h2>v3</h2>
<p>This tag tracks the latest v3.x.x release</p>
<h2>v2.2.0</h2>
<p>See the <a href="https://github.com/aws-actions/configure-aws-credentials/blob/v2.2.0/CHANGELOG.md">changelog</a> for details about the changes included in this release.</p>
<h2>v2.1.0</h2>
<p>See the <a href="https://github.com/aws-actions/configure-aws-credentials/blob/v2.1.0/CHANGELOG.md">changelog</a> for details about the changes included in this release.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md">aws-actions/configure-aws-credentials's changelog</a>.</em></p>
<blockquote>
<h2><a href="https://github.com/aws-actions/configure-aws-credentials/compare/v3.0.0...v3.0.1">3.0.1</a> (2023-08-24)</h2>
<h3>Features</h3>
<ul>
<li>Can configure <code>special-characters-workaround</code> to keep retrying credentials if the returned
credentials have special characters (Fixes <a href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/599">#599</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>Fixes <a href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/792">#792</a>: Action fails when intending to use existing credentials</li>
<li>Minor typo fix from <a href="https://github.com/ubaid-ansari21"><code>@​ubaid-ansari21</code></a></li>
</ul>
<h3>Changes to existing functionality</h3>
<ul>
<li>Special characters are now allowed in returned credential variables unless you configure the
<code>special-characters-workaround</code> option</li>
</ul>
<h2><a href="https://github.com/aws-actions/configure-aws-credentials/compare/v2.2.0...v3.0.0">3.0.0</a> (2023-08-21)</h2>
<h3>Features</h3>
<ul>
<li>Can configure <code>max-retries</code> and <code>disable-retry</code> to modify retry functionality when the assume role call fails</li>
<li>Set returned credentials as step outputs with <code>output-credentials</code></li>
<li>Clear AWS related environment variables at the start of the action with <code>unset-current-credentials</code></li>
<li>Unique role identifier is now printed in the workflow logs</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>Can't use credentials if they contain a special character</li>
<li>Retry functionality added when generating the JWT fails</li>
<li>Can now use <code>webIdentityTokenFile</code> option</li>
<li>Branch name validation too strict</li>
<li>JS SDK v2 deprecation warning in workflow logs</li>
</ul>
<h3>Changes to existing functionality</h3>
<ul>
<li>Default session duration is now 1 hour in all cases (from 6 hours in some cases)</li>
<li>Account ID will not be masked by default in logs</li>
</ul>
<h2><a href="https://github.com/aws-actions/configure-aws-credentials/compare/v2.1.0...v2.2.0">2.2.0</a> (2023-05-31)</h2>
<h3>Features</h3>
<ul>
<li><code>inline-session-policy</code> prop enables assuming a role with inline session policies (<a href="d00f6c6f41">d00f6c6</a>)</li>
<li><code>managed-session-policies</code> prop enables assuming a role with managed policy arns (<a href="d00f6c6f41">d00f6c6</a>)</li>
</ul>
<h2><a href="https://github.com/aws-actions/configure-aws-credentials/compare/v2.0.0...v2.1.0">2.1.0</a> (2023-05-31)</h2>
<h3>Features</h3>
<ul>
<li><code>role-chaining</code> prop enables role chaining use case (<a href="6fbd316fd1">6fbd316</a>)</li>
</ul>
<h2><a href="https://github.com/aws-actions/configure-aws-credentials/compare/v1.7.0...v2.0.0">2.0.0</a> (2023-03-06)</h2>
<h3>Features</h3>
<ul>
<li>Version bump to use Node 16 by default.</li>
</ul>
<h2><a href="https://github.com/aws-actions/configure-aws-credentials/compare/v1.6.1...v1.7.0">1.7.0</a> (2022-08-03)</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="04b98b3f9e"><code>04b98b3</code></a> Merge pull request <a href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/798">#798</a> from aws-actions/kellertk-patch-1</li>
<li><a href="a2b0094a4d"><code>a2b0094</code></a> change bugfix description</li>
<li><a href="3464309856"><code>3464309</code></a> chore: update CHANGELOG.md for v3.0.1</li>
<li><a href="3a12f318be"><code>3a12f31</code></a> CHANGELOG.md for 3.0.1</li>
<li><a href="6478abc372"><code>6478abc</code></a> Merge pull request <a href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/794">#794</a> from ubaid-ansari21/contri</li>
<li><a href="91d9dfcd6f"><code>91d9dfc</code></a> Merge branch 'main' into contri</li>
<li><a href="76997ececd"><code>76997ec</code></a> fix: action fails when intending to use existing credentials (<a href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/796">#796</a>)</li>
<li><a href="a96263310b"><code>a962633</code></a> feat: special character check (<a href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/797">#797</a>)</li>
<li><a href="fbbf385657"><code>fbbf385</code></a> feat: add config option for special character handling (<a href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/795">#795</a>)</li>
<li><a href="f5f46df077"><code>f5f46df</code></a> fix typo</li>
<li>Additional commits viewable in <a href="https://github.com/aws-actions/configure-aws-credentials/compare/v2...v3">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aws-actions/configure-aws-credentials&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

You can trigger a rebase of this PR by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)


</details>
2023-08-28 17:57:06 +00:00

393 lines
14 KiB
YAML
Raw Blame History

name: Longevity Testing
on:
schedule:
# Run every day at 04:00 GMT (roughly 8pm PST)
- cron: "0 4 * * *"
workflow_dispatch:
inputs:
user:
description: 'User to run longevity test on'
permissions:
# required to retrieve AWS credentials
id-token: write
contents: write
# cancel currently running jobs if a new version of the branch is pushed
concurrency:
group: longevity_testing-${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
SetM365App:
uses: alcionai/corso/.github/workflows/accSelector.yaml@main
Longevity-Tests:
needs: [ SetM365App ]
environment: Testing
runs-on: ubuntu-latest
env:
# Need these in the local env so that corso can read them
AZURE_CLIENT_ID: ${{ secrets[needs.SetM365App.outputs.client_id_env] }}
AZURE_CLIENT_SECRET: ${{ secrets[needs.SetM365App.outputs.client_secret_env] }}
AZURE_TENANT_ID: ${{ secrets.TENANT_ID }}
CORSO_PASSPHRASE: ${{ secrets.INTEGRATION_TEST_CORSO_PASSPHRASE }}
# re-used values
CORSO_LOG_DIR: ${{ github.workspace }}/src/testlog
CORSO_LOG_FILE: ${{ github.workspace }}/src/testlog/run-longevity.log
RESTORE_DEST_PFX: Corso_Test_Longevity_
TEST_USER: ${{ github.event.inputs.user != '' && github.event.inputs.user || secrets.CORSO_M365_TEST_USER_ID }}
PREFIX: 'longevity'
# Options for retention.
RETENTION_MODE: GOVERNANCE
# Time to retain blobs for in hours.
RETENTION_DURATION: 216
defaults:
run:
working-directory: src
##########################################################################################################################################
# setup
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # needed to get latest tag
- name: Setup Golang with cache
uses: magnetikonline/action-golang-cache@v4
with:
go-version-file: src/go.mod
- run: |
go build -o longevity-test ./cmd/longevity_test
go build -o s3checker ./cmd/s3checker
- name: Get version string
id: version
run: |
echo version=$(git describe --tags --abbrev=0) | tee -a $GITHUB_OUTPUT
# Checkout the .github directory at the original branch's ref so we have a
# stable view of the actions.
- name: Code Checkout
working-directory: ${{ github.workspace }}
run: |
git checkout ${{ steps.version.outputs.version }}
git checkout ${{ github.ref }} -- .github
- run: go build -o corso
- run: mkdir ${CORSO_LOG_DIR}
# Use shorter-lived credentials obtained from assume-role since these
# runs haven't been taking long.
- name: Configure AWS credentials from Test account
uses: aws-actions/configure-aws-credentials@v3
with:
role-to-assume: ${{ secrets.AWS_IAM_ROLE }}
role-session-name: integration-testing
aws-region: us-east-1
##########################################################################################################################################
# Repository commands
- name: Version Test
run: |
./corso --version | grep -c 'Corso version:'
- name: Repo init test
id: repo-init
run: |
set -euo pipefail
echo -e "\nRepo init test\n" >> ${{ env.CORSO_LOG_FILE }}
./corso repo init s3 \
--no-stats \
--hide-progress \
--prefix ${{ env.PREFIX }} \
--bucket ${{ secrets.CI_RETENTION_TESTS_S3_BUCKET }} \
--succeed-if-exists \
2>&1 | tee ${{ env.CORSO_LOG_DIR }}/gotest-repo-init.log
if grep -q 'Failed to' ${{ env.CORSO_LOG_DIR }}/gotest-repo-init.log
then
echo "Repo could not be initialized"
exit 1
fi
- name: Repo connect test
run: |
set -euo pipefail
echo -e "\nRepo connect test\n" >> ${{ env.CORSO_LOG_FILE }}
./corso repo connect s3 \
--no-stats \
--hide-progress \
--prefix ${{ env.PREFIX }} \
--bucket ${{ secrets.CI_RETENTION_TESTS_S3_BUCKET }} \
2>&1 | tee ${{ env.CORSO_LOG_DIR }}/gotest-repo-connect.log
if ! grep -q 'Connected to S3 bucket' ${{ env.CORSO_LOG_DIR }}/gotest-repo-connect.log
then
echo "Repo could not be connected"
exit 1
fi
##########################################################################################################################################
# Exchange
- name: Backup exchange test
id: exchange-test
run: |
echo -e "\nBackup Exchange test\n" >> ${CORSO_LOG_FILE}
./corso backup create exchange \
--no-stats \
--mailbox "${TEST_USER}" \
--hide-progress \
--json \
2>&1 | tee ${{ env.CORSO_LOG_DIR }}/backup_exchange.txt
resultjson=$(sed -e '1,/Completed Backups/d' ${{ env.CORSO_LOG_DIR }}/backup_exchange.txt )
if [[ $( echo $resultjson | jq -r '.[0] | .stats.errorCount') -ne 0 ]]; then
echo "backup was not successful"
exit 1
fi
data=$( echo $resultjson | jq -r '.[0] | .id' )
echo result=$data >> $GITHUB_OUTPUT
##########################################################################################################################################
# Onedrive
- name: Backup onedrive test
id: onedrive-test
run: |
set -euo pipefail
echo -e "\nBackup OneDrive test\n" >> ${CORSO_LOG_FILE}
./corso backup create onedrive \
--no-stats \
--hide-progress \
--user "${TEST_USER}" \
--json \
2>&1 | tee ${{ env.CORSO_LOG_DIR }}/backup_onedrive.txt
resultjson=$(sed -e '1,/Completed Backups/d' ${{ env.CORSO_LOG_DIR }}/backup_onedrive.txt )
if [[ $( echo $resultjson | jq -r '.[0] | .stats.errorCount') -ne 0 ]]; then
echo "backup was not successful"
exit 1
fi
data=$( echo $resultjson | jq -r '.[0] | .id' )
echo result=$data >> $GITHUB_OUTPUT
##########################################################################################################################################
# Sharepoint test
- name: Backup sharepoint test
id: sharepoint-test
run: |
set -euo pipefail
echo -e "\nBackup SharePoint test\n" >> ${CORSO_LOG_FILE}
./corso backup create sharepoint \
--no-stats \
--hide-progress \
--site "${{ secrets.CORSO_M365_TEST_SITE_URL }}" \
--json \
2>&1 | tee ${{ env.CORSO_LOG_DIR }}/backup_sharepoint.txt
resultjson=$(sed -e '1,/Completed Backups/d' ${{ env.CORSO_LOG_DIR }}/backup_sharepoint.txt )
if [[ $( echo $resultjson | jq -r '.[0] | .stats.errorCount') -ne 0 ]]; then
echo "backup was not successful"
exit 1
fi
data=$( echo $resultjson | jq -r '.[0] | .id' )
echo result=$data >> $GITHUB_OUTPUT
##########################################################################################################################################
# Backup Exchange Deletion test
- name: Backup Delete exchange test
id: delete-exchange-test
env:
SERVICE: "exchange"
DELETION_DAYS: 10
run: |
set -euo pipefail
echo -e "\nDelete Backup exchange \n" >> ${CORSO_LOG_FILE}
./longevity-test
##########################################################################################################################################
# Backup Onedrive Deletion test
- name: Backup Delete onedrive test
id: delete-onedrive-test
env:
SERVICE: "onedrive"
DELETION_DAYS: 10
run: |
set -euo pipefail
echo -e "\nDelete Backup onedrive \n" >> ${CORSO_LOG_FILE}
./longevity-test
##########################################################################################################################################
# Backup Sharepoint Deletion test
- name: Backup Delete Sharepoint test
id: delete-sharepoint-test
env:
SERVICE: "sharepoint"
DELETION_DAYS: 5
run: |
set -euo pipefail
echo -e "\nDelete Backup sharepoint \n" >> ${CORSO_LOG_FILE}
./longevity-test
##########################################################################################################################################
# skipped until supported
# Export OneDrive Test
# - name: OneDrive Export test
# run: |
# set -euo pipefail
# echo -e "\Export OneDrive test\n" >> ${CORSO_LOG_FILE}
# echo -e "\Export OneDrive test - first entry\n" >> ${CORSO_LOG_FILE}
# ./corso backup list onedrive 2>/dev/null | tail -n+2 | head -n1 | awk '{print $1}' |
# while read -r line; do
# ./corso export onedrive \
# "/tmp/corso-export--$line" \
# --no-stats \
# --backup "$line" \
# 2>&1 | tee ${{ env.CORSO_LOG_DIR }}/export_onedrive_first.txt
# done
# echo -e "\Export OneDrive test - last entry\n" >> ${CORSO_LOG_FILE}
# ./corso backup list onedrive 2>/dev/null | tail -n1 | awk '{print $1}' |
# while read -r line; do
# ./corso export onedrive \
# "/tmp/corso-export--$line" \
# --no-stats \
# --backup "$line" \
# 2>&1 | tee ${{ env.CORSO_LOG_DIR }}/export_onedrive_last.txt
# done
##########################################################################################################################################
# skipped until supported
# Export SharePoint Test
# - name: SharePoint Export test
# run: |
# set -euo pipefail
# echo -e "\Export SharePoint test\n" >> ${CORSO_LOG_FILE}
# echo -e "\Export SharePoint test - first entry\n" >> ${CORSO_LOG_FILE}
# ./corso backup list sharepoint 2>/dev/null | tail -n+2 | head -n1 | awk '{print $1}' |
# while read -r line; do
# ./corso export sharepoint \
# "/tmp/corso-export--$line" \
# --no-stats \
# --backup "$line" \
# 2>&1 | tee ${{ env.CORSO_LOG_DIR }}/export_sharepoint_first.txt
# done
# echo -e "\Export SharePoint test - last entry\n" >> ${CORSO_LOG_FILE}
# ./corso backup list sharepoint 2>/dev/null | tail -n1 | awk '{print $1}' |
# while read -r line; do
# ./corso export sharepoint \
# "/tmp/corso-export--$line" \
# --no-stats \
# --backup "$line" \
# 2>&1 | tee ${{ env.CORSO_LOG_DIR }}/export_sharepoint_last.txt
# done
##########################################################################################################################################
# Maintenance test
- name: Maintenance test Daily
id: maintenance-test-daily
run: |
set -euo pipefail
echo -e "\n Maintenance test Daily\n" >> ${CORSO_LOG_FILE}
# Run with the force flag so it doesn't fail if the github runner
# hostname isn't what's expected. This is only safe because we can
# guarantee only one runner will be executing maintenance at a time.
./corso repo maintenance --mode metadata \
--no-stats \
--hide-progress \
--force \
--json \
2>&1 | tee ${{ env.CORSO_LOG_DIR }}/maintenance_metadata.txt
- name: Maintenance test Weekly
id: maintenance-test-weekly
run: |
if [[ $(date +%A) == "Saturday" ]]; then
set -euo pipefail
echo -e "\n Maintenance test Weekly\n" >> ${CORSO_LOG_FILE}
./corso repo maintenance --mode complete \
--no-stats \
--hide-progress \
--force \
--json \
2>&1 | tee ${{ env.CORSO_LOG_DIR }}/maintenance_complete.txt
# TODO(ashmrtn): We can also check that non-current versions of
# blobs don't have their retention extended if we want.
#
# Assuming no failures during full maintenance, current versions of
# objects with the below versions should have retention times that
# are roughly (now + RETENTION_DURATION). We can explicitly check
# for this, but leave a little breathing room since maintenance may
# take some time to run.
#
# If we pick a live-retention-duration that is too small then we'll
# start seeing failures. The check for live objects is a lower bound
# check.
#
# Blob prefixes are as follows:
# - kopia.blobcfg - repo-wide config
# - kopia.repository - repo-wide config
# - p - data pack blobs (i.e. file data)
# - q - metadata pack blobs (i.e. manifests, directory listings, etc)
# - x - index blobs
./s3checker \
--bucket ${{ secrets.CI_RETENTION_TESTS_S3_BUCKET }} \
--bucket-prefix ${{ env.PREFIX }} \
--retention-mode ${{ env.RETENTION_MODE }} \
--live-retention-duration "$((${{ env.RETENTION_DURATION}}-1))h" \
--prefix "kopia.blobcfg" \
--prefix "kopia.repository" \
--prefix "p" \
--prefix "q" \
--prefix "x"
fi
##########################################################################################################################################
# Logging & Notifications
# Upload the original go test output as an artifact for later review.
- name: Upload test log
if: always()
uses: actions/upload-artifact@v3
with:
name: longevity-test-log
path: src/testlog/*
if-no-files-found: error
retention-days: 14
- name: Notify failure in slack
if: failure()
uses: ./.github/actions/slack-message
with:
msg: "[FAILED] Longevity Test"
slack_url: ${{ secrets.SLACK_WEBHOOK_URL }}
Reference in New Issue View Git Blame Copy Permalink