Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added a CI job for WPCloud testing of wpcomsh. #39258

Open
wants to merge 35 commits into
base: trunk
Choose a base branch
from
Open

Added a CI job for WPCloud testing of wpcomsh. #39258

wants to merge 35 commits into from

Conversation

zinigor
Copy link
Member

@zinigor zinigor commented Sep 5, 2024

Adds a new CI flow specifically for starting WPCloud test runs in case wpcomsh is modified.

@a8caustin we would need to make some changes in the WPCloud environment to properly check out and run wpcomsh using the Monorepo, can you help with that please?

Proposed changes:

  • Adds a conditional WPCloud CI run for wpcomsh.

Other information:

  • Have you written new tests for your changes, if applicable?
  • Have you checked the E2E test CI results, and verified that your changes do not break them?
  • Have you tested your changes on WordPress.com, if applicable (if so, you'll see a generated comment below with a script to run)?

Jetpack product discussion

Does this pull request change what data or activity we track or use?

Testing instructions:

  • Go to '..'

@zinigor zinigor requested review from a8caustin and a team September 5, 2024 17:58
@github-actions github-actions bot added the Actions GitHub actions used to automate some of the work around releases and repository management label Sep 5, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Sep 5, 2024
edited
Loading

Thank you for your PR!

When contributing to Jetpack, we have a few suggestions that can help us test and review your patch:

  • ✅ Include a description of your PR changes.
  • 🔴 Add a "[Status]" label (In Progress, Needs Team Review, ...).
  • 🔴 Add a "[Type]" label (Bug, Enhancement, Janitorial, Task).
  • ✅ Add testing instructions.
  • ✅ Specify whether this PR includes any changes to data or privacy.
  • ✅ Add changelog entries to affected projects

This comment will be updated as you work on your PR and make changes. If you think that some of those checks are not needed for your PR, please explain why you think so. Thanks for cooperation 🤖

The e2e test report can be found here. Please note that it can take a few minutes after the e2e tests checks are complete for the report to be available.

Follow this PR Review Process:

  1. Ensure all required checks appearing at the bottom of this PR are passing.
  2. Choose a review path based on your changes:
    • A. Team Review: add the "[Status] Needs Team Review" label
      • For most changes, including minor cross-team impacts.
      • Example: Updating a team-specific component or a small change to a shared library.
    • B. Crew Review: add the "[Status] Needs Review" label
      • For significant changes to core functionality.
      • Example: Major updates to a shared library or complex features.
    • C. Both: Start with Team, then request Crew
      • For complex changes or when you need extra confidence.
      • Example: Refactor affecting multiple systems.
  3. Get at least one approval before merging.

Still unsure? Reach out in #jetpack-developers for guidance!

Wpcomsh plugin:

  • Next scheduled release: Atomic deploys happen twice daily on weekdays (p9o2xV-2EN-p2).

If you have any questions about the release process, please ask in the #jetpack-releases channel on Slack.

@github-actions github-actions bot added the [Status] Needs Author Reply We would need you to make some changes or provide some more details about your PR. Thank you! label Sep 5, 2024
anomiex
anomiex reviewed Sep 5, 2024
View reviewed changes
.github/workflows/wpcloud.yml Outdated
Comment on lines 61 to 67
touch ~/.ssh/askpass
chmod -v 700 ~/.ssh/askpass
cat >>~/.ssh/askpass <<END
#!/bin/bash
echo "\$WPCLOUD_SSH_KEY_PASSPHRASE"
END
echo "wrote ~/.ssh/askpass"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder if we could switch to a key with no password, so we could skip this. Is there an attack scenario where someone could steal the key but not also steal this file with the password?

.github/workflows/wpcloud.yml Outdated
Comment on lines 82 to 87
export SSH_ASKPASS="$HOME/.ssh/askpass"
echo "exported SSH_ASKPASS"
export SSH_ASKPASS_REQUIRE="force"
echo "exported SSH_ASKPASS_REQUIRE"
export DISPLAY=":"
echo "exported DISPLAY"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(this along with the comment on lines 61–67 above)

.github/workflows/wpcloud.yml Outdated
echo "::endgroup::"

echo "::group::execution"
cat ~/.ssh/stdin | setsid ssh -i ~/.ssh/id_site -l "$WPCLOUD_SSH_USER" ssh.atomicsites.net "$WPCLOUD_SSH_COMMAND" || CODE=$?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm left wondering what's in WPCLOUD_SSH_COMMAND that we can't just put it in here.

Is whatever this runs going to work if multiple PRs run this at the same time?

anomiex
anomiex reviewed Oct 24, 2024
View reviewed changes
.github/workflows/wpcloud.yml Outdated
END
echo "wrote ~/.ssh/stdin"
echo "::group::Installing and building wpcomsh"
pnpm jetpack build plugins/wpcomsh
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You probably need to include --deps, and adding -v would probably be helpful in case anything fails.

Personally, I'd do the build as a separate step, if not as a separate job to make re-runs not have to re-build (cf. #32686).

anomiex
anomiex reviewed Oct 25, 2024
View reviewed changes
.github/workflows/wpcloud.yml Outdated

- name: Restore wpcomsh build cache
id: wpcomsh-build-cache
if: needs.build.result == 'success'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can leave out this line, it's there in the E2E workflow because the build might be skipped when it's going to run against Atomic or something.

Suggested change
if: needs.build.result == 'success'

anomiex
anomiex reviewed Oct 25, 2024
View reviewed changes
.github/workflows/wpcloud.yml Outdated
name: Run PHPUnit on the WPCloud test site
runs-on: ubuntu-latest
needs: build
if: needs.build.changed.outputs.wpcomsh == 'true'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oops, this is why it skipped this time.

Suggested change
if: needs.build.changed.outputs.wpcomsh == 'true'
if: needs.build.outputs.wpcomsh == 'true'

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 14, 2025
View reviewed changes
.github/workflows/wpcloud.yml Outdated
Comment on lines 13 to 79
name: Install the Monorepo and build wpcomsh
runs-on: ubuntu-latest
outputs:
wpcomsh: ${{ steps.changed.outputs.wpcomsh }}
steps:
- uses: actions/checkout@v4
with:
# codecov.io requires a fetch depth > 1.
fetch-depth: 2

# For pull requests, list-changed-projects.sh needs the merge base.
# But it doesn't have to be checked out.
- name: Deepen to merge base
if: github.event_name == 'pull_request'
uses: ./.github/actions/deepen-to-merge-base
with:
checkout: false

- name: Setup tools
uses: ./.github/actions/tool-setup
with:
php: ${{ matrix.php }}
node: ${{ matrix.node }}
- name: Monorepo install
run: |
echo "::group::Pnpm"
pnpm install
echo "::endgroup::"
- name: Detect if wpcomsh has changed
id: changed
run: |
CHANGED="$(EXTRA=test .github/files/list-changed-projects.sh)"

# WPCOMSH_CHANGED="$(jq --argjson changed "$CHANGED" -n '$changed | has( "plugins/wpcomsh" ) ')"
WPCOMSH_CHANGED="true"
echo "wpcomsh=${WPCOMSH_CHANGED}" >> "$GITHUB_OUTPUT"
- name: Build wpcomsh
if: steps.changed.outputs.wpcomsh == 'true'
run: |
find . -path ./.github -prune -o -type f -print | sort > /tmp/before.txt
echo "::group::Installing and building wpcomsh"
pnpm jetpack build -v --deps plugins/wpcomsh
echo "::endgroup::"

# We only want to save the files that were actually created or changed.
# But we can't just list them for actions/cache/save, "Argument list too long".
# So instead we delete all the unchanged files so we can tell actions/cache/save
# to save everything that's left.
git -c core.quotepath=off diff --name-only | sort > /tmp/changed.txt
if [[ -s /tmp/changed.txt ]]; then
grep -F -x -v -f /tmp/changed.txt /tmp/before.txt > /tmp/remove.txt
else
cp /tmp/before.txt /tmp/remove.txt
fi
xargs -d '\n' rm < /tmp/remove.txt
find . -type d -empty -delete

- name: Save wpcomsh build cache
if: steps.changed.outputs.wpcomsh == 'true'
id: wpcomsh-build-cache-save
uses: actions/cache/save@v4
with:
path: |
.
!./.github/
key: ${{ github.sha }}
deploy:

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions Job or Workflow does not set permissions
.github/workflows/wpcloud.yml Outdated
Comment on lines 80 to 141
name: Run PHPUnit on the WPCloud test site
runs-on: ubuntu-latest
needs: build
if: needs.build.outputs.wpcomsh == 'true'
steps:
- uses: actions/checkout@v4

- name: Restore wpcomsh build cache
id: wpcomsh-build-cache
uses: actions/cache/restore@v4
with:
path: |
.
!./.github/
key: ${{ github.sha }}
fail-on-cache-miss: true

- name: Setup tools
uses: ./.github/actions/tool-setup

- name: Install monorepo
run: |
pnpm install

- name: Configure Github to be able to SSH to the Atomic site
run: |
echo "::group::Intializing"

mkdir -vp ~/.ssh/
chmod -v 700 ~/.ssh

touch ~/.ssh/id_site
touch ~/.ssh/known_hosts
chmod 600 ~/.ssh/id_site
chmod 600 ~/.ssh/known_hosts
echo "$SSH_KEY" > ~/.ssh/id_site
echo "wrote ~/.ssh/id_site"
echo "$SSH_KNOWN_HOSTS" > ~/.ssh/known_hosts
echo "wrote ~/.ssh/known_hosts"

echo "::endgroup::"

echo "::group::Transferring wpcomsh to the testing server"
pnpm jetpack rsync wpcomsh [email protected]:~/htdocs/wp-content/mu-plugins
scp -r projects/plugins/wpcomsh/bin [email protected]:/srv/htdocs/wp-content/mu-plugins/wpcomsh
scp -r projects/plugins/wpcomsh/tests [email protected]:/srv/htdocs/wp-content/mu-plugins/wpcomsh/
scp projects/plugins/wpcomsh/phpunit.xml.dist [email protected]:/srv/htdocs/wp-content/mu-plugins/wpcomsh/

echo "::engroup::"

echo "::group::execution"
ssh -i ~/.ssh/id_site [email protected] "~/htdocs/github-action-handler.sh" || CODE=$?
echo "::endgroup::"

echo "::group::teardown"
rm -rvf ~/.ssh/
echo "::endgroup::"
echo "Exiting with exit code $CODE"
exit $CODE
env:
SSH_KEY: ${{ secrets.UPDATEJETPACKSTAGING_SSH_KEY }}
SSH_KNOWN_HOSTS: ${{ secrets.UPDATEJETPACKSTAGING_SSH_KNOWN_HOSTS }}

Check warning

Code scanning / CodeQL

Workflow does not contain permissions Medium

Actions Job or Workflow does not set permissions
@zinigor zinigor requested a review from a team January 17, 2025 16:32
@zinigor zinigor added [Status] Needs Review To request a review from fellow Jetpack developers. Label will be renamed soon. and removed [Status] Needs Author Reply We would need you to make some changes or provide some more details about your PR. Thank you! [Status] In Progress labels Jan 17, 2025
@github-actions github-actions bot added [Status] Needs Author Reply We would need you to make some changes or provide some more details about your PR. Thank you! and removed [Status] Needs Review To request a review from fellow Jetpack developers. Label will be renamed soon. labels Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anomiex anomiex anomiex left review comments

@a8caustin a8caustin Awaiting requested review from a8caustin

Assignees

@zinigor zinigor

Labels
Actions GitHub actions used to automate some of the work around releases and repository management [Plugin] Wpcomsh [Status] Needs Author Reply We would need you to make some changes or provide some more details about your PR. Thank you! [Tests] Includes Tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@zinigor @anomiex