Skip to content

Production Release #633

Production Release

Production Release #633

Workflow file for this run

name: Test superset deployment
on:
pull_request:
types:
- opened
- edited
- synchronize
- reopened
jobs:
test_local:
name: Superset local deployment
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '16'
cache: 'npm'
- run: sudo apt-get update && sudo apt-get install curl
- run: npm ci
- run: ./bin/dev --version
- run: ./bin/dev config:set registry_host registry.dev.architect.io
- run: ./bin/dev config:set api_host https://api.dev.architect.io
- run: ./bin/dev config:set log_level debug
- run: ./bin/dev login -e ${{ secrets.ARCHITECT_EMAIL }} -p ${{ secrets.ARCHITECT_PASSWORD }}
- run: docker volume create volume-key
- run: ./bin/dev link test/integration/hello-world/architect.yml
- run: ./bin/dev link test/mocks/superset/deprecated.architect.yml
- run: ./bin/dev dev -e superset test/mocks/superset/architect.yml --browser=false -s param_unset=test -s world_text=Architect --detached
- name: Check that the app is accessible locally
run: curl --fail -S -I https://hello.localhost.architect.sh
- name: Check that the app returns the expected response
run: curl --fail -S https://hello.localhost.architect.sh | grep "Hello Architect!"
- name: Run a local task
run: ./bin/dev task superset curler-build --local -e superset
test_remote:
name: Superset remote deployment
if: github.base_ref == 'main'
env:
ACCOUNT_NAME: architect-ci
ENVIRONMENT_NAME: example-environment
CLUSTER_NAME: architect-ci-do
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v3
with:
node-version: '16'
cache: 'npm'
- uses: crazy-max/ghaction-github-runtime@v2 # Exports internal envs for Github Actions. Required for register caching to work.
- run: sudo apt-get update && sudo apt-get install curl
- run: npm ci
- run: ./bin/dev --version
- run: ./bin/dev config:set registry_host registry.dev.architect.io
- run: ./bin/dev config:set api_host https://api.dev.architect.io
- run: ./bin/dev config:set log_level debug
- run: ./bin/dev login -e ${{ secrets.ARCHITECT_EMAIL }} -p ${{ secrets.ARCHITECT_PASSWORD }}
- run: ./bin/dev register -a $ACCOUNT_NAME test/integration/hello-world/architect.yml test/mocks/superset/deprecated.architect.yml
- run: ./bin/dev env:create $ENVIRONMENT_NAME -a $ACCOUNT_NAME --cluster $CLUSTER_NAME --flag zero-trust
- run: ./bin/dev deploy -a $ACCOUNT_NAME --auto-approve -e $ENVIRONMENT_NAME test/mocks/superset/architect.yml -s param_unset=test -s world_text=Architect
- run: sleep 180
- name: Check that the app returns the expected response
run: curl --insecure --fail -S https://hello.$ENVIRONMENT_NAME.$ACCOUNT_NAME.dev.arcitect.io/ | grep "Hello Architect!"
- name: Check that cert exists for deployed service
run: |
export CERT_DATA=$(openssl s_client -showcerts -connect hello.$ENVIRONMENT_NAME.$ACCOUNT_NAME.dev.arcitect.io:443 </dev/null | openssl x509 -noout -issuer)
if [[ "$CERT_DATA" = "issuer=C = US, O = Let's Encrypt, CN = R3" || "$CERT_DATA" = "issuer=C = US, O = (STAGING) Let's Encrypt, CN = (STAGING) Artificial Apricot R3" ]]; then echo "Valid cert generated"; else exit 1; fi
- name: Ensure that network policies are being enforced in the cluster and a service can't connect to one that it shouldn't be able to
run: |
./bin/dev exec -a $ACCOUNT_NAME -e $ENVIRONMENT_NAME superset.services.stateful-api -- sh -c "curl --connect-timeout 10 --insecure -L -I http://hello-world--api:8080/ || true" > network_policy_test.txt 2>&1 </dev/null
if [[ $(cat network_policy_test.txt) == *"Timeout was reached"* ]]; then exit 0; else exit 1; fi
- name: Ensure that network policies are being enforced in the cluster and a service can connect to one that it should be able to
run: ./bin/dev exec -a $ACCOUNT_NAME -e $ENVIRONMENT_NAME superset.services.stateful-frontend -- sh -c "curl --connect-timeout 10 --insecure -L -I http://stateful-reserved-name:8080/"
- name: Run a remote task
run: ./bin/dev task superset curler -a $ACCOUNT_NAME -e $ENVIRONMENT_NAME
- run: ./bin/dev destroy -e $ENVIRONMENT_NAME -a $ACCOUNT_NAME --auto-approve
- run: ./bin/dev env:destroy $ENVIRONMENT_NAME -a $ACCOUNT_NAME --auto-approve