IAM Auth for RDS #911
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Run Integration Tests v2 | |
concurrency: | |
group: Run-Integration-Tests-${{ github.workflow }}-${{ github.head_ref || github.event.workflow_run.head_branch || github.run_id }} | |
cancel-in-progress: true | |
on: | |
merge_group: | |
pull_request: | |
branches: | |
- main | |
- "release/**" | |
env: | |
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }} | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
CONFLUENCE_TEST_SPACE_URL: ${{ secrets.CONFLUENCE_TEST_SPACE_URL }} | |
CONFLUENCE_USER_NAME: ${{ secrets.CONFLUENCE_USER_NAME }} | |
CONFLUENCE_ACCESS_TOKEN: ${{ secrets.CONFLUENCE_ACCESS_TOKEN }} | |
jobs: | |
integration-tests: | |
# See https://runs-on.com/runners/linux/ | |
runs-on: [runs-on, runner=32cpu-linux-x64, "run-id=${{ github.run_id }}"] | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
# tag every docker image with "test" so that we can spin up the correct set | |
# of images during testing | |
# We don't need to build the Web Docker image since it's not yet used | |
# in the integration tests. We have a separate action to verify that it builds | |
# successfully. | |
- name: Pull Web Docker image | |
run: | | |
docker pull onyxdotapp/onyx-web-server:latest | |
docker tag onyxdotapp/onyx-web-server:latest onyxdotapp/onyx-web-server:test | |
# we use the runs-on cache for docker builds | |
# in conjunction with runs-on runners, it has better speed and unlimited caching | |
# https://runs-on.com/caching/s3-cache-for-github-actions/ | |
# https://runs-on.com/caching/docker/ | |
# https://github.com/moby/buildkit#s3-cache-experimental | |
# images are built and run locally for testing purposes. Not pushed. | |
- name: Build Backend Docker image | |
uses: ./.github/actions/custom-build-and-push | |
with: | |
context: ./backend | |
file: ./backend/Dockerfile | |
platforms: linux/amd64 | |
tags: onyxdotapp/onyx-backend:test | |
push: false | |
load: true | |
cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/backend/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }} | |
cache-to: type=s3,prefix=cache/${{ github.repository }}/integration-tests/backend/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }},mode=max | |
- name: Build Model Server Docker image | |
uses: ./.github/actions/custom-build-and-push | |
with: | |
context: ./backend | |
file: ./backend/Dockerfile.model_server | |
platforms: linux/amd64 | |
tags: onyxdotapp/onyx-model-server:test | |
push: false | |
load: true | |
cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/model-server/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }} | |
cache-to: type=s3,prefix=cache/${{ github.repository }}/integration-tests/model-server/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }},mode=max | |
- name: Build integration test Docker image | |
uses: ./.github/actions/custom-build-and-push | |
with: | |
context: ./backend | |
file: ./backend/tests/integration/Dockerfile | |
platforms: linux/amd64 | |
tags: onyxdotapp/onyx-integration:test | |
push: false | |
load: true | |
cache-from: type=s3,prefix=cache/${{ github.repository }}/integration-tests/integration/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }} | |
cache-to: type=s3,prefix=cache/${{ github.repository }}/integration-tests/integration/,region=${{ env.RUNS_ON_AWS_REGION }},bucket=${{ env.RUNS_ON_S3_BUCKET_CACHE }},mode=max | |
# Start containers for multi-tenant tests | |
- name: Start Docker containers for multi-tenant tests | |
run: | | |
cd deployment/docker_compose | |
ENABLE_PAID_ENTERPRISE_EDITION_FEATURES=true \ | |
MULTI_TENANT=true \ | |
AUTH_TYPE=basic \ | |
REQUIRE_EMAIL_VERIFICATION=false \ | |
DISABLE_TELEMETRY=true \ | |
IMAGE_TAG=test \ | |
docker compose -f docker-compose.dev.yml -p danswer-stack up -d | |
id: start_docker_multi_tenant | |
# In practice, `cloud` Auth type would require OAUTH credentials to be set. | |
- name: Run Multi-Tenant Integration Tests | |
run: | | |
echo "Running integration tests..." | |
docker run --rm --network danswer-stack_default \ | |
--name test-runner \ | |
-e POSTGRES_HOST=relational_db \ | |
-e POSTGRES_USER=postgres \ | |
-e POSTGRES_PASSWORD=password \ | |
-e POSTGRES_DB=postgres \ | |
-e VESPA_HOST=index \ | |
-e REDIS_HOST=cache \ | |
-e API_SERVER_HOST=api_server \ | |
-e OPENAI_API_KEY=${OPENAI_API_KEY} \ | |
-e SLACK_BOT_TOKEN=${SLACK_BOT_TOKEN} \ | |
-e TEST_WEB_HOSTNAME=test-runner \ | |
-e AUTH_TYPE=cloud \ | |
-e MULTI_TENANT=true \ | |
onyxdotapp/onyx-integration:test \ | |
/app/tests/integration/multitenant_tests | |
continue-on-error: true | |
id: run_multitenant_tests | |
- name: Check multi-tenant test results | |
run: | | |
if [ ${{ steps.run_tests.outcome }} == 'failure' ]; then | |
echo "Integration tests failed. Exiting with error." | |
exit 1 | |
else | |
echo "All integration tests passed successfully." | |
fi | |
- name: Stop multi-tenant Docker containers | |
run: | | |
cd deployment/docker_compose | |
docker compose -f docker-compose.dev.yml -p danswer-stack down -v | |
- name: Start Docker containers | |
run: | | |
cd deployment/docker_compose | |
ENABLE_PAID_ENTERPRISE_EDITION_FEATURES=true \ | |
AUTH_TYPE=basic \ | |
REQUIRE_EMAIL_VERIFICATION=false \ | |
DISABLE_TELEMETRY=true \ | |
IMAGE_TAG=test \ | |
docker compose -f docker-compose.dev.yml -p danswer-stack up -d | |
id: start_docker | |
- name: Wait for service to be ready | |
run: | | |
echo "Starting wait-for-service script..." | |
docker logs -f danswer-stack-api_server-1 & | |
start_time=$(date +%s) | |
timeout=300 # 5 minutes in seconds | |
while true; do | |
current_time=$(date +%s) | |
elapsed_time=$((current_time - start_time)) | |
if [ $elapsed_time -ge $timeout ]; then | |
echo "Timeout reached. Service did not become ready in 5 minutes." | |
exit 1 | |
fi | |
# Use curl with error handling to ignore specific exit code 56 | |
response=$(curl -s -o /dev/null -w "%{http_code}" http://localhost:8080/health || echo "curl_error") | |
if [ "$response" = "200" ]; then | |
echo "Service is ready!" | |
break | |
elif [ "$response" = "curl_error" ]; then | |
echo "Curl encountered an error, possibly exit code 56. Continuing to retry..." | |
else | |
echo "Service not ready yet (HTTP status $response). Retrying in 5 seconds..." | |
fi | |
sleep 5 | |
done | |
echo "Finished waiting for service." | |
- name: Run Standard Integration Tests | |
run: | | |
echo "Running integration tests..." | |
docker run --rm --network danswer-stack_default \ | |
--name test-runner \ | |
-e POSTGRES_HOST=relational_db \ | |
-e POSTGRES_USER=postgres \ | |
-e POSTGRES_PASSWORD=password \ | |
-e POSTGRES_DB=postgres \ | |
-e VESPA_HOST=index \ | |
-e REDIS_HOST=cache \ | |
-e API_SERVER_HOST=api_server \ | |
-e OPENAI_API_KEY=${OPENAI_API_KEY} \ | |
-e SLACK_BOT_TOKEN=${SLACK_BOT_TOKEN} \ | |
-e CONFLUENCE_TEST_SPACE_URL=${CONFLUENCE_TEST_SPACE_URL} \ | |
-e CONFLUENCE_USER_NAME=${CONFLUENCE_USER_NAME} \ | |
-e CONFLUENCE_ACCESS_TOKEN=${CONFLUENCE_ACCESS_TOKEN} \ | |
-e TEST_WEB_HOSTNAME=test-runner \ | |
onyxdotapp/onyx-integration:test \ | |
/app/tests/integration/tests \ | |
/app/tests/integration/connector_job_tests | |
continue-on-error: true | |
id: run_tests | |
- name: Check test results | |
run: | | |
if [ ${{ steps.run_tests.outcome }} == 'failure' ]; then | |
echo "Integration tests failed. Exiting with error." | |
exit 1 | |
else | |
echo "All integration tests passed successfully." | |
fi | |
# save before stopping the containers so the logs can be captured | |
- name: Save Docker logs | |
if: success() || failure() | |
run: | | |
cd deployment/docker_compose | |
docker compose -f docker-compose.dev.yml -p danswer-stack logs > docker-compose.log | |
mv docker-compose.log ${{ github.workspace }}/docker-compose.log | |
- name: Stop Docker containers | |
run: | | |
cd deployment/docker_compose | |
docker compose -f docker-compose.dev.yml -p danswer-stack down -v | |
- name: Upload logs | |
if: success() || failure() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: docker-logs | |
path: ${{ github.workspace }}/docker-compose.log | |
- name: Stop Docker containers | |
run: | | |
cd deployment/docker_compose | |
docker compose -f docker-compose.dev.yml -p danswer-stack down -v |