129 lines
3.9 KiB
YAML
129 lines
3.9 KiB
YAML
name: phase6-smoke
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
ssh_host:
|
|
description: "NODA1 SSH host (optional override)"
|
|
required: false
|
|
type: string
|
|
ssh_user:
|
|
description: "NODA1 SSH user (optional override, default root)"
|
|
required: false
|
|
type: string
|
|
workflow_run:
|
|
workflows:
|
|
- deploy-node1
|
|
- deploy-node1-runtime
|
|
- Deploy Node1
|
|
types:
|
|
- completed
|
|
|
|
jobs:
|
|
phase6-smoke:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Skip when upstream deploy was not successful
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
event="${{ gitea.event_name }}"
|
|
if [ "$event" != "workflow_run" ]; then
|
|
exit 0
|
|
fi
|
|
conclusion="$(jq -r '.workflow_run.conclusion // empty' "${GITHUB_EVENT_PATH:-/dev/null}" 2>/dev/null || true)"
|
|
if [ "$conclusion" != "success" ]; then
|
|
echo "workflow_run conclusion=${conclusion:-unknown}; skip smoke."
|
|
exit 0
|
|
fi
|
|
|
|
- name: Resolve SSH target
|
|
shell: bash
|
|
env:
|
|
DEFAULT_SSH_HOST: ${{ secrets.NODA1_SSH_HOST }}
|
|
DEFAULT_SSH_USER: ${{ secrets.NODA1_SSH_USER }}
|
|
run: |
|
|
set -euo pipefail
|
|
host="${DEFAULT_SSH_HOST:-}"
|
|
user="${DEFAULT_SSH_USER:-root}"
|
|
|
|
if [ "${{ gitea.event_name }}" = "workflow_dispatch" ]; then
|
|
if [ -n "${{ inputs.ssh_host }}" ]; then
|
|
host="${{ inputs.ssh_host }}"
|
|
fi
|
|
if [ -n "${{ inputs.ssh_user }}" ]; then
|
|
user="${{ inputs.ssh_user }}"
|
|
fi
|
|
fi
|
|
|
|
if [ -z "$host" ]; then
|
|
echo "Missing SSH host (workflow input or secret NODA1_SSH_HOST)" >&2
|
|
exit 1
|
|
fi
|
|
|
|
echo "SSH_HOST=$host" >> "$GITHUB_ENV"
|
|
echo "SSH_USER=$user" >> "$GITHUB_ENV"
|
|
|
|
- name: Prepare SSH key
|
|
shell: bash
|
|
env:
|
|
SSH_PRIVATE_KEY: ${{ secrets.NODA1_SSH_KEY }}
|
|
run: |
|
|
set -euo pipefail
|
|
set +x
|
|
if [ -z "${SSH_PRIVATE_KEY:-}" ]; then
|
|
echo "Missing secret NODA1_SSH_KEY" >&2
|
|
exit 1
|
|
fi
|
|
mkdir -p ~/.ssh
|
|
chmod 700 ~/.ssh
|
|
key_path=~/.ssh/noda1_ci_key
|
|
if printf '%s' "$SSH_PRIVATE_KEY" | grep -q 'BEGIN OPENSSH PRIVATE KEY'; then
|
|
printf '%s\n' "$SSH_PRIVATE_KEY" | tr -d '\r' > "$key_path"
|
|
else
|
|
# Support base64-encoded key payloads in secrets as a fallback.
|
|
printf '%s' "$SSH_PRIVATE_KEY" | tr -d '\r' | base64 --decode > "$key_path"
|
|
fi
|
|
chmod 600 "$key_path"
|
|
if ! ssh-keygen -y -f "$key_path" >/dev/null 2>&1; then
|
|
echo "Invalid SSH private key in NODA1_SSH_KEY" >&2
|
|
exit 1
|
|
fi
|
|
echo "SSH_KEY_PATH=$key_path" >> "$GITHUB_ENV"
|
|
|
|
- name: Run phase6 smoke (retry once)
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
set +x
|
|
mkdir -p artifacts
|
|
for attempt in 1 2; do
|
|
log="artifacts/phase6-smoke-attempt${attempt}.log"
|
|
if ssh \
|
|
-i "${SSH_KEY_PATH}" \
|
|
-o BatchMode=yes \
|
|
-o IdentitiesOnly=yes \
|
|
-o StrictHostKeyChecking=accept-new \
|
|
-o ConnectTimeout=10 \
|
|
"${SSH_USER}@${SSH_HOST}" \
|
|
"set -euo pipefail; cd /opt/microdao-daarion; git rev-parse HEAD; make phase6-smoke" \
|
|
| tee "$log"; then
|
|
cp "$log" artifacts/phase6-smoke.log
|
|
exit 0
|
|
fi
|
|
|
|
if [ "$attempt" -eq 2 ]; then
|
|
echo "phase6 smoke failed after retry" >&2
|
|
exit 1
|
|
fi
|
|
sleep 15
|
|
done
|
|
|
|
- name: Print artifact paths
|
|
if: always()
|
|
shell: bash
|
|
run: |
|
|
set -euo pipefail
|
|
echo "Smoke logs stored in workspace:"
|
|
ls -la artifacts || true
|