feature/integration-tests → develop#1263
Open
lbeckman314 wants to merge 16 commits into
Open
Conversation
✅ Deploy Preview for funnel-dev ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Added commands to initialize and tidy Hugo modules in the website build process.
lbeckman314
changed the title
develop ← feature/integration-testsfeature/integration-tests → develop
Signed-off-by: Liam Beckman <lbeckman314@gmail.com>
✅ Deploy Preview for funnel-dev ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Collaborator
|
This is being done in #1402 instead |
Collaborator
|
Replaced by #1404 |
Signed-off-by: Liam Beckman <lbeckman314@gmail.com>
Comment on lines
+13
to
+154
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| # ----------------- | ||
| # 1. Cluster Setup | ||
| # ----------------- | ||
|
|
||
| - name: Create Kind cluster | ||
| uses: helm/kind-action@v1 | ||
| with: | ||
| cluster_name: funnel-gen3 | ||
|
|
||
| - name: Install Helm | ||
| uses: azure/setup-helm@v4 | ||
|
|
||
| # --------------------------- | ||
| # 2. Install Funnel via Helm | ||
| # --------------------------- | ||
|
|
||
| - name: Add ohsu Helm repo | ||
| run: helm repo add ohsu https://calypr.org/helm-charts && helm repo update | ||
|
|
||
| - name: Install Funnel | ||
| run: | | ||
| # 'standard' is the default StorageClass created by Kind | ||
| helm upgrade --install funnel ohsu/funnel \ | ||
| --set storage.className=standard \ | ||
| --set storage.provisioner=rancher.io/local-path \ | ||
| --wait --timeout=60s | ||
|
|
||
| - name: Wait for Funnel server | ||
| run: kubectl rollout status deployment/funnel-server --timeout=60s | ||
|
|
||
| # ---------------------------------- | ||
| # 3. Install Gen3-Workflow via Helm | ||
| # ---------------------------------- | ||
|
|
||
| - name: Install gen3workflow | ||
| run: | | ||
| helm upgrade --install gen3workflow ohsu/gen3workflow \ | ||
| --set funnelUrl=http://funnel:8000 \ | ||
| --wait --timeout=60s | ||
|
|
||
| - name: Wait for gen3workflow | ||
| run: kubectl rollout status deployment/gen3workflow --timeout=60s | ||
|
|
||
| # ------------------------------------- | ||
| # 4. Expose services for local testing | ||
| # ------------------------------------- | ||
|
|
||
| - name: Port-forward Funnel | ||
| run: kubectl port-forward svc/funnel 8000:8000 & | ||
|
|
||
| - name: Port-forward gen3workflow | ||
| run: kubectl port-forward svc/gen3workflow 8080:8080 & | ||
|
|
||
| # ---------------------------- | ||
| # 5. Run Nextflow + nf-canary | ||
| # ---------------------------- | ||
|
|
||
| - name: Setup Java | ||
| uses: actions/setup-java@v4 | ||
| with: | ||
| distribution: temurin | ||
| java-version: '21' | ||
|
|
||
| - name: Install Nextflow | ||
| run: | | ||
| curl -s https://get.nextflow.io | bash | ||
| chmod +x nextflow | ||
| mkdir -p $HOME/.local/bin | ||
| mv nextflow $HOME/.local/bin/ | ||
| echo "$HOME/.local/bin" >> $GITHUB_PATH | ||
|
|
||
| - name: Clone nf-canary | ||
| run: git clone https://github.com/seqeralabs/nf-canary | ||
|
|
||
| - name: Configure nf-canary for TES (Funnel) | ||
| run: | | ||
| cat >> nf-canary/nextflow.config <<'EOF' | ||
| plugins { | ||
| id 'nf-ga4gh' | ||
| } | ||
| process.executor = 'tes' | ||
| tes.endpoint = 'http://localhost:8000' | ||
| EOF | ||
|
|
||
| - name: Run nf-canary tests | ||
| id: nf_canary | ||
| run: | | ||
| cd nf-canary | ||
| nextflow run main.nf -with-report report.html 2>&1 | tee nextflow.log | ||
| echo "exit_code=${PIPESTATUS[0]}" >> $GITHUB_OUTPUT | ||
|
|
||
| # ------------------- | ||
| # 6. Verify K8s Jobs | ||
| # ------------------- | ||
|
|
||
| - name: Verify Kubernetes jobs completed | ||
| run: | | ||
| echo "=== All jobs in default namespace ===" | ||
| kubectl get jobs -o wide | ||
|
|
||
| FAILED=$(kubectl get jobs \ | ||
| --field-selector=status.failed!=0 \ | ||
| -o jsonpath='{.items[*].metadata.name}' 2>/dev/null || true) | ||
|
|
||
| if [ -n "$FAILED" ]; then | ||
| echo "Failed jobs: $FAILED" | ||
| for JOB in $FAILED; do | ||
| echo "--- Logs for $JOB ---" | ||
| kubectl logs job/$JOB --tail=50 || true | ||
| done | ||
| exit 1 | ||
| fi | ||
|
|
||
| SUCCEEDED=$(kubectl get jobs \ | ||
| --field-selector=status.successful!=0 \ | ||
| -o jsonpath='{.items[*].metadata.name}' 2>/dev/null || true) | ||
|
|
||
| if [ -z "$SUCCEEDED" ]; then | ||
| echo "No jobs completed successfully — did any tasks run?" | ||
| kubectl describe jobs || true | ||
| exit 1 | ||
| fi | ||
|
|
||
| echo "All Kubernetes jobs completed successfully: $SUCCEEDED" | ||
|
|
||
| # ------------------------------ | ||
| # 7. Upload test logs + reports | ||
| # ------------------------------ | ||
|
|
||
| - name: Upload Nextflow logs | ||
| if: always() | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: nextflow-logs | ||
| path: | | ||
| nf-canary/nextflow.log | ||
| nf-canary/report.html | ||
| nf-canary/.nextflow.log | ||
| if-no-files-found: ignore |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 2 days ago
Add an explicit workflow-level permissions block near the top of .github/workflows/integration-tests.yaml (after on: and before concurrency:) so all jobs inherit least-privilege defaults.
For this workflow, the best minimal non-breaking baseline is:
contents: read(CodeQL-recommended minimum for checkout/read access patterns)actions: read(safe for reading workflow/action metadata)packages: read(commonly needed when pulling package/container artifacts; low-risk read scope)
No imports, methods, or definitions are needed (YAML workflow change only).
Suggested changeset
1
.github/workflows/integration-tests.yaml
| @@ -3,6 +3,11 @@ | ||
| on: | ||
| push: | ||
|
|
||
| permissions: | ||
| contents: read | ||
| actions: read | ||
| packages: read | ||
|
|
||
| # Cancel redundant jobs | ||
| concurrency: | ||
| group: ${{ github.workflow }}-${{ github.ref }} |
Copilot is powered by AI and may make mistakes. Always verify output.
| # ----------------- | ||
|
|
||
| - name: Create Kind cluster | ||
| uses: helm/kind-action@v1 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
| cluster_name: funnel-gen3 | ||
|
|
||
| - name: Install Helm | ||
| uses: azure/setup-helm@v4 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
Signed-off-by: Liam Beckman <lbeckman314@gmail.com>
| EOF | ||
|
|
||
| - name: Setup tmate session | ||
| uses: mxschmitt/action-tmate@v3 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
| @@ -0,0 +1,31 @@ | |||
| name: Integration Tests (Gen3) | |||
Collaborator
There was a problem hiding this comment.
hey @lbeckman314 , this one needs to be deleted
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Important
This PR can be revisited after #1404 is merged
Need to add note on how it's different than the integration_tests_on_kind.yaml, for example:
nf-canaryworkflow as opposed to full Gen3 stack)Overview
This PR adds initial support for integration tests against the Gen3 data platform!
Caution
Couple issues with Integration Tests + K8s Tests:
Integration Test Workflow
Tip
integration_tests.yaml
uc-cdis/fence / 31590da