-
Notifications
You must be signed in to change notification settings - Fork 414
108 lines (106 loc) · 4.18 KB
/
lib-injection.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
name: "Library Injection"
on:
# Build each branch for testing
push:
pull_request:
paths:
- ddtrace/**
- lib-injection/**
- setup*
- pyproject.toml
- .github/workflows/lib-injection.yml
jobs:
build-and-publish-test-image:
uses: ./.github/workflows/lib-inject-publish.yml
secrets:
token: ${{ secrets.GITHUB_TOKEN }}
with:
ddtrace-version: v1.16.1
image-tag: ${{ github.sha }}
test-runner-test:
needs:
- build-and-publish-test-image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
matrix:
lib-injection-connection: ['network','uds']
lib-injection-use-admission-controller: ['', 'use-admission-controller']
weblog-variant: ['dd-lib-python-init-test-django','dd-lib-python-init-test-django-gunicorn','dd-lib-python-init-test-django-uvicorn']
fail-fast: false
env:
TEST_LIBRARY: python
WEBLOG_VARIANT: ${{ matrix.weblog-variant }}
LIBRARY_INJECTION_CONNECTION: ${{ matrix.lib-injection-connection }}
LIBRARY_INJECTION_ADMISSION_CONTROLLER: ${{ matrix.lib-injection-use-admission-controller }}
DOCKER_REGISTRY_IMAGES_PATH: ghcr.io/datadog
DOCKER_IMAGE_TAG: ${{ github.sha }}
BUILDX_PLATFORMS: linux/amd64
MODE: manual
steps:
- name: lib-injection test runner
id: lib-injection-test-runner
uses: DataDog/system-tests/lib-injection/runner@89d754340046eafcc72dc5c5fd6ea651ca7b920e
with:
docker-registry: ghcr.io
docker-registry-username: ${{ github.repository_owner }}
docker-registry-password: ${{ secrets.GITHUB_TOKEN }}
test-script: ./lib-injection/run-manual-lib-injection.sh
test_unit:
runs-on: ubuntu-latest
strategy:
matrix:
variant: [
'dd-lib-python-init-test-django',
'dd-lib-python-init-test-django-gunicorn',
'dd-lib-python-init-test-django-gunicorn-alpine',
'dd-lib-python-init-test-django-uvicorn',
'dd-lib-python-init-test-django-no-perms',
'dd-lib-python-init-test-django-pre-installed',
]
fail-fast: false
steps:
- uses: actions/checkout@v3
- name: Build and run the app
run: |
SRC="$(pwd)"
cd lib-injection
export DDTRACE_PYTHON_VERSION="v1.16.1"
export APP_CONTEXT="${SRC}/tests/lib-injection/${{matrix.variant}}"
export TEMP_DIR="${SRC}/tmp/ddtrace"
mkdir -p "${TEMP_DIR}"
# Give the temp dir permissions, by default the docker user doesn't have permissions
# to write to the filesystem.
chmod 777 $TEMP_DIR
# Start the lib_inject to get the files copied. This avoids a race condition with the startup of the
# application.
docker-compose up --build lib_inject
docker-compose up --build -d
# Wait for the app to start
sleep 60
docker-compose logs
- name: Check Permissions on ddtrace pkgs
run: |
cd lib-injection
# Ensure /datadog-lib/ddtrace_pkgs is a valid directory that is not empty
docker-compose run lib_inject find /datadog-init/ddtrace_pkgs -maxdepth 0 -empty | wc -l && if [ $? -ne 0 ]; then exit 1; fi
# Ensure files are not world writeable
docker-compose run lib_inject find /datadog-init/ddtrace_pkgs ! -perm /o+w | wc -l && if [ $? -ne 0 ]; then exit 1; fi
# Ensure all users have read and execute permissions to files stored in /datadog-lib/ddtrace_pkgs
docker-compose run lib_inject find /datadog-init/ddtrace_pkgs ! -perm u=rwx,o=rx | wc -l && if [ $? -ne 0 ]; then exit 1; fi
- name: Test the app
run: |
curl http://localhost:18080
sleep 1 # wait for traces to be sent
- name: Print traces
run: curl http://localhost:8126/test/traces
- name: Check test agent received a trace
run: |
N=$(curl http://localhost:8126/test/traces | jq -r -e 'length')
[[ $N == "1" ]]
- name: Output app logs (LOOK HERE IF THE JOB FAILS)
if: success() || failure()
run: |
docker-compose logs