Add tooling to enable quick release testing#129
Conversation
amcp
changed the title
amcp
force-pushed
the
codepipelines
branch
3 times, most recently
from
af06612 to
f22c9d3
Compare
|
@amcp regroup tests into those that pass and those that fail. Want to see the kind of integration that can be had on passing pipelines. |
|
Committer of one or more commits is not listed as a CLA signer, either individual or as a member of an organization. |
janusgraph-bot
added
cla: no
|
@amcp — you used two different addresses here, one as "author", a different one as "committer", so your CLA is not recognized. You can see this because there are two photos next to each of your commits. Could you please fix this? |
|
@mbrukman I will fix my commit. |
janusgraph-bot
added
cla: yes
| /log/ | ||
| /output/ | ||
| /scripts/ | ||
| /janusgraph-codepipelines-ci/dependency-reduced-pom.xml |
There was a problem hiding this comment.
Can you update Maven shade plugin config in janusgraph-codepipelines-ci/pom.xml to include createDependencyReducedPom=false and then remove this exclusion?
| /codepipelines-ci/.classpath | ||
| /codepipelines-ci/.project | ||
| /codepipelines-ci/.settings/ | ||
| /janusgraph-*/.classpath |
There was a problem hiding this comment.
These exclusions aren't necessary since they're covered under the below janusgraph-* patterns
| artifacts: | ||
| base-directory: module | ||
| files: | ||
| - target/**/* |
There was a problem hiding this comment.
Can you move buildspec.yml to the janusgraph-codepipelines-ci module?
There was a problem hiding this comment.
The standard location is at the root of the repository. We could add a step in the manual workflow to copy the file to the repo root, zip up the repo, copy it to S3, and use that as the source for Code Pipelines. Sounds like a lot of mechanism. Can we revisit this later, perhaps adding a TODO?
| @@ -0,0 +1 @@ | |||
| org.apache.tinkerpop.gremlin.process.TraversalPerformanceTest | |||
There was a problem hiding this comment.
Where is this test resource used? Same question for bdb2 and bdb3 below.
There was a problem hiding this comment.
Now that I have CI working for the DynamoDB Storage Backend here, I want to build on this experience to inform the mechanism for dividing up tests here.
Basically, considering the large number of tests we have, parameterization and the length of concatenated canonical test class names, using these kinds of files is unwieldy and potentially may cause length exceeded errors on the command line used to start tests. I would rather define test categories and use those to drive the tests.
There was a problem hiding this comment.
Of course, depending on the granularity of division, we may need a tool to make sure that TP updates and janusgraph-test updates did not introduce new tests that are not labelled with the new test categories.
| --github-repo janusgraph \ | ||
| --github-branch <branch you want to test> \ | ||
| --profile code-pipelines \ | ||
| --environments=./environments.json \ |
There was a problem hiding this comment.
Should --environment be --pipelines and can you document the expected JSON content format?
| <compiler.target>1.8</compiler.target> | ||
| <test.pipelines.excludes></test.pipelines.excludes> | ||
| <test.pipelines.includes></test.pipelines.includes> | ||
| <test.skip.pipelines>true</test.skip.pipelines> |
| <exclude>**/*ProcessPerformanceTest.java</exclude> | ||
| <exclude>**/*StructureTest.java</exclude> | ||
| </excludes> | ||
|
|
| <log4j.configuration>file:${project.build.directory}/test-classes/log4j.properties</log4j.configuration> | ||
| </systemPropertyVariables> | ||
| </configuration> | ||
| </execution> |
There was a problem hiding this comment.
Do the janusgraph-codepipeline-ci tests warrant this custom test configuration? Would default surefire configuration suffice?
| <relativePath>../pom.xml</relativePath> | ||
| </parent> | ||
| <artifactId>janusgraph-codepipelines-ci</artifactId> | ||
| <name>JanusGraph-CodePipeline CI: Distributed Graph Database</name> |
There was a problem hiding this comment.
Update description from "Distributed Graph Database" to something describing module (e.g. "AWS Codepipelines" or something)
| ```bash | ||
| mvn clean && mvn package && java -jar target/janusgraph-codepipelines-ci-0.1.0-SNAPSHOT.jar --region <region close to you> \ | ||
| --bucket <bucket> \ | ||
| --name <name of ci stack> \ |
There was a problem hiding this comment.
Are github-owner and github-token really required? I'm not familiar with AWS CodePipelines but the below docs suggest personal access tokens aren't required when using Git pull. If those docs are applicable it looks like only OutputBucketName and AllowedIps (GitHub 192.30.252.0/22?) would be required. I'm not positive but it doesn't look like even the ApiSecret would be required.
https://aws.amazon.com/blogs/devops/integrating-git-with-aws-codepipeline/
There was a problem hiding this comment.
Thank you for referring me to the blog article. My read on the article indicates that OutputBucketName plus one of AllowedIps or ApiSecret would be required. But, I like your inclination. AllowedIps requires less effort on the user's part and should continue to be viable for the foreseeable future.
There was a problem hiding this comment.
On second thought, the existing configuration sets up a hook where new commits on the selected branch automatically get built in code pipeline/codebuild. Scenario: set up the pipeline for a release branch, tests get run once and some fail, you fix the failing tests, push a new commit to the release branch and then codepipeline/codebuild automatically builds anew.
amcp
changed the title
amcp
force-pushed
the
codepipelines
branch
3 times, most recently
from
3aa60ec to
13c50dc
Compare
| */ | ||
| @Slf4j | ||
| public class AwsCodePipelinesCi { | ||
| private static final String AWS_CODEBUILD_JAVA_OPENJDK_8 = "aws/codebuild/java:openjdk-8"; |
| .withPackaging(ArtifactPackaging.NONE) | ||
| .withType(ArtifactsType.CODEPIPELINE) | ||
| .withName(artifactsName)) | ||
| .withTimeoutInMinutes(480) //8 hours max - TODO externalize |
|
@sjudeng I'm working on this again. Any help you could give to push this to completion would be greatly appreciated. |
|
@sjudeng getting the cql tests passing is also out of scope of this cr, so I am marking those complete as well. |
amcp
changed the title
amcp
changed the title
sjudeng
left a comment
sjudeng
left a comment
There was a problem hiding this comment.
Some feedback on the documentation
| @@ -0,0 +1,57 @@ | |||
| #JanusGraph CodePipelines CI | |||
There was a problem hiding this comment.
Need space after # for markdown section heading
| --batch-mode \ | ||
| --file ${SRC_DIR}/pom.xml \ | ||
| -DskipTests=true -Dmaven.javadoc.skip=true -Dmaven.compiler.showWarnings=false \ | ||
| && rm -rf ${SRC_DIR} |
There was a problem hiding this comment.
How is this Dockerfile used?
There was a problem hiding this comment.
The purpose of this Dockerfile is to create a reusable cache of maven dependencies.
There was a problem hiding this comment.
on second thought, it seems like I am not using this Dockerfile, so I will remove it.
| FROM maven:3-jdk-8 | ||
| ENV DEBIAN_FRONTEND noninteractive | ||
| COPY settings-docker.xml /usr/share/maven/ref/ | ||
| ENV COMMIT 9165ee8407b3607f39031cdaeff1d15ba0fd4e9e |
There was a problem hiding this comment.
What's the significance of this commit?
There was a problem hiding this comment.
It is a recent commit I can bake into a Docker repository so that building code does not take a long time - I use it to pull all the maven dependencies. Any better ideas?
| It also requires you to create two service roles in IAM: one for CodePipeline and | ||
| one for CodeBuild. | ||
|
|
||
| 1. Get a personal access token from [GitHub](https://github.com/settings/tokens) with repo and admin:repo_hook scopes. |
There was a problem hiding this comment.
Is write:repo_hook required or just read:repo_hook?
There was a problem hiding this comment.
I've confirmed in a use case and The documentation only mentions the repo scope but it assumes the user will create the pipeline using the console. To create the pipeline programmatically, the admin:repo_hook scope is required.
| CodePipelines CI is a mechanism JanusGraph can use to do release testing in massively | ||
| parallel fashion (to the extent of AWS CodePipelines and CodeBuild service limits). | ||
|
|
||
| ## Steps to kick off a build |
There was a problem hiding this comment.
Consider splitting this into two sections, one for one-time "Setup" (with steps 1-6 below) and one for "Testing".
| --bucket jgamcp \ | ||
| --github-owner amcp \ | ||
| --github-repo janusgraph \ | ||
| --github-branch codepipelines \ |
There was a problem hiding this comment.
Set region, bucket, github owner, and branch as part of the environment above.
| mvn clean package | ||
| #define variables | ||
| export AWS_PROFILE_NAME='profile_to_use' | ||
| export AWS_ACCOUNT_NUMBER='000000000000' |
There was a problem hiding this comment.
Is this the root account number?
There was a problem hiding this comment.
I can use STS to get the root account number, I will update
| --codebuild-role-arn arn:aws:iam::${AWS_ACCOUNT_NUMBER}:role/${AWS_CODEBUILD_ROLE} \ | ||
| --codepipeline-role-arn arn:aws:iam::${AWS_ACCOUNT_NUMBER}:role/${AWS_CODEPIPELINE_ROLE} \ | ||
| --github-token ${GITHUB_TOKEN} \ | ||
| --pipelines ${PWD}/pipe.json |
There was a problem hiding this comment.
Consider moving pipelines file to the environment as well.
There was a problem hiding this comment.
I provided two pipelines files so I prefer that users be able to copy paste the execution command after setting up their environment.
There was a problem hiding this comment.
second thought, i like your comment below so I will change according to your suggestion
| --github-token ${GITHUB_TOKEN} \ | ||
| --pipelines ${PWD}/pipe.json | ||
|
|
||
| #kick off tinkerpop tests |
There was a problem hiding this comment.
Consider removing the second call here. It's a complicated call and the only difference is the pipeline used. Instead create another section or discussion (or link) on how to create the pipelines files and indicate that examples are included to run default (pipe.json) and TinkerPop (tp-pipe.json) tests.
| ``` | ||
| 8. Navigate to the [AWS Console](https://console.aws.amazon.com) and check on the status of your pipeline to see status. | ||
|
|
||
| ## Future ideas |
There was a problem hiding this comment.
What about tracking this under a separate issue instead of here?
amcp
force-pushed
the
codepipelines
branch
2 times, most recently
from
9e4f2a0 to
1231adb
Compare
sjudeng
left a comment
sjudeng
left a comment
There was a problem hiding this comment.
Can you include a section on cleaning up resources (e.g. CodeBuild, CodePipeline, S3 bucket, IAM roles/policies/user, CloudWatch logs, etc.)?
| xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 | ||
| https://maven.apache.org/xsd/settings-1.0.0.xsd"> | ||
| <localRepository>/usr/share/maven/ref/repository</localRepository> | ||
| </settings> No newline at end of file |
There was a problem hiding this comment.
Can this be removed since you've removed Dockerfile?
| 2. Second, configure the parameters below to customize your test stack. | ||
|
|
||
| ```bash | ||
| #define variables |
| and `export PIPELINE_CONFIGURATION=${PWD}/tp-pipe.json` for TinkerPop tests. | ||
|
|
||
| ```bash | ||
| #kick off regular tests |
| #Name of bucket you want to use or create and use for storing your build artifacts. | ||
| export AWS_S3_BUCKET_NAME='' | ||
| #Name of pipeline configuration file to use | ||
| export PIPELINE_CONFIGURATION='' |
There was a problem hiding this comment.
Do you want to generalize "Create test pipeline" into it's own list item/section and describe the pipeline.json format and provide the two examples?
There was a problem hiding this comment.
Created a "Create test pipeline" section and described one example
| mvn clean package | ||
| #constants | ||
| export AWS_PROFILE_NAME='code-pipelines' | ||
| export AWS_ACCOUNT_NUMBER=`aws sts get-caller-identity --output text | cut -f1` |
There was a problem hiding this comment.
Add --profile code-pipelines
| --pipelines ${PIPELINE_CONFIGURATION} | ||
| ``` | ||
|
|
||
| 4. Navigate to the [AWS Console](https://console.aws.amazon.com) and check on the status of your pipeline to see status. |
There was a problem hiding this comment.
Consider changing link to http://console.aws.amazon.com/codepipeline
| and a default [output format](http://docs.aws.amazon.com/cli/latest/userguide/controlling-output.html#controlling-output-format) | ||
| of your choice (`json`, `text`, and `table` are available). | ||
| 4. Create a service role for CodeBuild as described | ||
| [here](http://docs.aws.amazon.com/codebuild/latest/userguide/setting-up.html#setting-up-service-role). |
There was a problem hiding this comment.
"Create a CodeBuild policy and associate it to a new service role as described ..."
| [here](http://docs.aws.amazon.com/codebuild/latest/userguide/setting-up.html#setting-up-service-role). | ||
| 5. Create an IAM policy for a CodePipelines service role as described | ||
| [here](http://docs.aws.amazon.com/codepipeline/latest/userguide/iam-identity-based-access-control.html#view-default-service-role-policy). | ||
| 6. Create a service role for CodePipelines by using the policy you created in step 5 and then set the STS trust to |
There was a problem hiding this comment.
Combine 5 and 6 (makes it consistent with step 4): "Create a CodePipeline policy and associate it to a new service role." Indicate (maybe as a sub-bullet) that "EC2" (or whichever) role be selected when creating the role since AWS CodePipeline doesn't appear to be an available option. Be more specific (maybe also as a sub-bullet) on how to set STS trust to codepipeline.amazonaws.com.
| #define variables | ||
| #GitHub personal access token you created in step 1 | ||
| export GITHUB_TOKEN='' | ||
| #GitHub organization or user name |
There was a problem hiding this comment.
Add "of the repository to build". Need to make it clear that it's the user/group of the repository to test not (necessarily) the GitHub handle.
| ``` | ||
|
|
||
| 3. Kick off the regular and TinkerPop tests. Use `export PIPELINE_CONFIGURATION=${PWD}/pipe.json` for regular tests | ||
| and `export PIPELINE_CONFIGURATION=${PWD}/tp-pipe.json` for TinkerPop tests. |
There was a problem hiding this comment.
I think you can remove the ${PWD}/ prefixes
|
I forgot to add a cleanup section. I can do that next. |
|
@sjudeng I added the cleanup section. |
sjudeng
left a comment
sjudeng
left a comment
There was a problem hiding this comment.
Looking good. I think it's just down to getting the es tests passing and fixing the issue (what is it?) with "artifact assembly" in hadoop-lucene-solr test group.
| export AWS_REGION_NAME='' | ||
| #Name of bucket you want to use or create and use for storing your build artifacts. | ||
| export AWS_S3_BUCKET_NAME='' | ||
| #Name of pipeline configuration file to use |
There was a problem hiding this comment.
"Name of pipeline JSON configuration file to use"
|
|
||
| To kick off the regular and TinkerPop tests. Use `export PIPELINE_CONFIGURATION=pipe.json` for regular tests | ||
| and `export PIPELINE_CONFIGURATION=tp-pipe.json` for TinkerPop tests. | ||
|
|
There was a problem hiding this comment.
Add a section break here for ## Run Test Pipelines. I'd keep the "export PIPELINE_CONF..." examples in the previous section.
sjudeng
left a comment
sjudeng
left a comment
There was a problem hiding this comment.
More minor feedback. Do you want to create a separate issue to get ES tests running through pipelines? That would just leave the issue you mention of fixing artifact assembly for hadoop-lucene-solr test group.
| 4. Create an IAM policy for CodeBuild and associate it to a new service role as described | ||
| [here](http://docs.aws.amazon.com/codebuild/latest/userguide/setting-up.html#setting-up-service-role). Select the | ||
| __Amazon EC2__ role type as CodeBuild is not yet available on this page. Edit the new role's trust relationship | ||
| and replace it with the text in step 16 of the CodeBuild user guide. |
There was a problem hiding this comment.
There is now an AWS CodeBuild role so I don't think you need the second or third sentences (default role trust relationship includes codebuild.amazonaws.com principal).
| --pipelines ${PIPELINE_CONFIGURATION} | ||
| ``` | ||
|
|
||
| Navigate to the [AWS Console](https://console.aws.amazon.com/codepipeline) and check on the status of your pipeline to see status. |
There was a problem hiding this comment.
"...status of your pipeline."
| ``` | ||
| The first pipeline is called `j1` and the second pipeline is called `j2`. Each of these pipelines have four | ||
| parallel build actions defined. Each build action is keyed at the action name and includes the environment | ||
| variables to be passed CodeBuild and used in the buildspec.yml file. Use `export PIPELINE_CONFIGURATION=pipe.json` for regular tests |
There was a problem hiding this comment.
Instead of "Use 'export PIPELINE..." how about something like below?
Define the PIPELINE_CONFIGURATION environment variable to point to the custom pipeline file or use existing pipe.json/tp-pipe.json to run all default/TinkerPop tests.
export PIPELINE_CONFIGURATION=pipe.json
amcp
force-pushed
the
codepipelines
branch
2 times, most recently
from
4f6d207 to
a2a9360
Compare
|
lets create a separate issue for fixing ES build #372 |
amcp
force-pushed
the
codepipelines
branch
3 times, most recently
from
37d1b87 to
b08d6fc
Compare
|
@sjudeng I fixed assembly of composite builds like hadoop-lucene-solr so I am ready to close this PR out. |
Signed-off-by: Alexander Patrikalakis <amcp@amazon.co.jp>
5 participants
This change adds a command line tool that ideally will allow any combination of tests to be run. All you have to do is define the command line arguments to maven for each test run and execute the CLI as per the README.md. Currently, the maximum number of parallel actions (build steps) in a stage is 5, so I split up the various test targets into groups of up to four builds.
Status of builds in j1:
Status of builds in j2:
Status of builds in jtp1:
Status of builds in jtp2: