diff --git a/.github/scripts/manage-radius-installation.sh b/.github/scripts/manage-radius-installation.sh index 92d2f2e76f..01e8dc8e48 100755 --- a/.github/scripts/manage-radius-installation.sh +++ b/.github/scripts/manage-radius-installation.sh @@ -105,7 +105,7 @@ install_radius() { echo "Installing Radius..." if ! rad install kubernetes \ --set global.azureWorkloadIdentity.enabled=true \ - --set database.enabled=true; then + --set database.enabled=false; then echo "" echo "============================================================================" echo "ERROR: Radius installation failed" diff --git a/.github/workflows/functional-test-cloud.yaml b/.github/workflows/functional-test-cloud.yaml index 95dbb2757e..1cbb352497 100644 --- a/.github/workflows/functional-test-cloud.yaml +++ b/.github/workflows/functional-test-cloud.yaml @@ -62,13 +62,13 @@ env: # Azure workload identity webhook chart version AZURE_WORKLOAD_IDENTITY_WEBHOOK_VER: 1.3.0 # Container registry for storing container images - CONTAINER_REGISTRY: ghcr.io/radius-project/dev + CONTAINER_REGISTRY: ${{ vars.FUNCTIONAL_TEST_CONTAINER_REGISTRY }} # Container registry for storing Bicep recipe artifacts - BICEP_RECIPE_REGISTRY: ghcr.io/radius-project/dev + BICEP_RECIPE_REGISTRY: ${{ vars.FUNCTIONAL_TEST_BICEP_RECIPE_REGISTRY }} # The radius functional test timeout FUNCTIONALTEST_TIMEOUT: 60m # The Azure Location to store test resources - AZURE_LOCATION: westus3 + AZURE_LOCATION: westus2 # The base directory for storing test logs RADIUS_CONTAINER_LOG_BASE: dist/container_logs # The Radius helm chart location. @@ -80,11 +80,13 @@ env: # Server where terraform test modules are deployed TF_RECIPE_MODULE_SERVER_URL: http://tf-module-server.radius-test-tf-module-server.svc.cluster.local # The functional test GitHub app id - FUNCTIONAL_TEST_APP_ID: 425843 + FUNCTIONAL_TEST_APP_ID: ${{ vars.FUNCTIONAL_TEST_APP_ID }} # Private Git repository where terraform module for testing is stored. TF_RECIPE_PRIVATE_GIT_SOURCE: git::https://github.com/radius-project/terraform-private-modules//kubernetes-redis - # bicep-types ACR url for uploading Radius Bicep types + # bicep-types ACR url for pulling latest Radius Bicep types (AWS) BICEP_TYPES_REGISTRY: biceptypes.azurecr.io + # bicep-types ACR url for uploading test Radius Bicep types + TEST_BICEP_TYPES_REGISTRY: ${{ vars.TEST_BICEP_TYPES_REGISTRY }} # Kubernetes client QPS and Burst settings for high-concurrency CI environments RADIUS_QPS_AND_BURST: "800" @@ -119,7 +121,7 @@ jobs: if: | always() && (github.event_name != 'pull_request_target' || needs.approval-gate.result == 'success' || needs.approval-gate.result == 'skipped') && - (github.event_name != 'schedule' || github.repository == 'radius-project/radius') + (github.event_name != 'schedule' || github.repository == vars.RADIUS_REPOSITORY) runs-on: ubuntu-24.04 timeout-minutes: 5 permissions: @@ -219,6 +221,7 @@ jobs: changes: name: Changes needs: setup + if: always() && needs.setup.result == 'success' uses: ./.github/workflows/__changes.yml with: ref: ${{ needs.setup.outputs.CHECKOUT_REF }} @@ -232,7 +235,7 @@ jobs: name: Build Radius for test needs: [setup, changes] # Skip if only docs/markdown changed - if: needs.changes.outputs.only_changed != 'true' + if: always() && needs.changes.outputs.only_changed != 'true' runs-on: ubuntu-24.04 timeout-minutes: 15 permissions: @@ -253,7 +256,7 @@ jobs: ACTION_LINK: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} steps: - name: Get GitHub app token - if: github.repository == 'radius-project/radius' + if: github.repository == vars.RADIUS_REPOSITORY uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 id: get_installation_token with: @@ -387,64 +390,32 @@ jobs: message: | :hourglass: Publishing Bicep Recipes for functional tests... - - name: Get App Token (radius-publisher) - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 - id: get_publisher_token + - name: Setup Node.js + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: - app-id: ${{ secrets.RADIUS_PUBLISHER_BOT_APP_ID }} - private-key: ${{ secrets.RADIUS_PUBLISHER_BOT_PRIVATE_KEY }} - permission-metadata: read - permission-actions: read - permission-contents: write - owner: azure-octo - repositories: | - radius-publisher + node-version-file: .node-version - - name: Capture dispatch start time - id: dispatch-start - shell: bash + - name: Generate Bicep extensibility types from OpenAPI specs run: | - echo "started_at=$(date -u +%Y-%m-%dT%H:%M:%SZ)" >> "$GITHUB_OUTPUT" + make generate-bicep-types VERSION=${{ env.REL_VERSION == 'edge' && 'latest' || env.REL_VERSION }} - - name: Repository Dispatch (publish test bicep types) - id: repository-dispatch - uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 - with: - token: ${{ steps.get_publisher_token.outputs.token }} - repository: azure-octo/radius-publisher - event-type: bicep-types - client-payload: |- - { - "source_repository": "${{ github.repository }}", - "source_ref": "${{ github.ref }}", - "source_sha": "${{ github.sha }}", - "rel_channel": "${{ env.REL_VERSION }}", - "registry_target": "test/radius" - } + - name: Setup and verify bicep CLI + run: | + curl -Lo bicep https://github.com/Azure/bicep/releases/latest/download/bicep-linux-x64 + chmod +x ./bicep + sudo mv ./bicep /usr/local/bin/bicep + bicep --version - - name: Monitor remote workflow - id: monitor-remote-workflow - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + - name: Login to Azure (for private test bicep-types ACR) + uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0 with: - github-token: ${{ steps.get_publisher_token.outputs.token }} - script: | - const { default: script } = await import(`${process.env.GITHUB_WORKSPACE}/.github/scripts/monitor-remote-workflow.mjs`) - await script({context, github, core}) - env: - INPUT_OWNER: azure-octo - INPUT_REPO: radius-publisher - INPUT_WORKFLOW_FILE: publish-bicep-types.yml - INPUT_DISPATCH_STARTED_AT: ${{ steps.dispatch-start.outputs.started_at }} - INPUT_MAX_WAIT_SECONDS: "900" - INPUT_POLL_INTERVAL_SECONDS: "10" - - - name: Show failed logs - if: failure() && steps.monitor-remote-workflow.outputs.run_id != '' - shell: bash - env: - GH_TOKEN: ${{ steps.get_publisher_token.outputs.token }} + client-id: ${{ secrets.AZURE_SP_TESTS_APPID }} + tenant-id: ${{ secrets.AZURE_SP_TESTS_TENANTID }} + subscription-id: ${{ secrets.AZURE_SUBSCRIPTIONID_TESTS }} + + - name: Publish Radius test bicep types run: | - gh run view "${{ steps.monitor-remote-workflow.outputs.run_id }}" --repo azure-octo/radius-publisher --log-failed || true + bicep publish-extension ./hack/bicep-types-radius/generated/index.json --target br:${{ env.TEST_BICEP_TYPES_REGISTRY }}/test/radius:${{ env.REL_VERSION == 'edge' && 'latest' || env.REL_VERSION }} --force - name: Generate test bicepconfig.json run: | @@ -459,7 +430,7 @@ jobs: "extensibility": true }, "extensions": { - "radius": "br:${{ env.BICEP_TYPES_REGISTRY }}/test/radius:$RADIUS_VERSION", + "radius": "br:${{ env.TEST_BICEP_TYPES_REGISTRY }}/test/radius:$RADIUS_VERSION", "aws": "br:${{ env.BICEP_TYPES_REGISTRY }}/aws:latest" } } @@ -504,14 +475,14 @@ jobs: skip-tests: name: Skip Functional Tests needs: [setup, changes] - if: needs.changes.outputs.only_changed == 'true' + if: always() && needs.changes.outputs.only_changed == 'true' runs-on: ubuntu-24.04 timeout-minutes: 5 permissions: contents: read # Required for listing the commits steps: - name: Get GitHub app token - if: github.repository == 'radius-project/radius' + if: github.repository == vars.RADIUS_REPOSITORY uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 id: get_installation_token with: @@ -533,6 +504,7 @@ jobs: tests: name: Run ${{ matrix.name }} functional tests needs: [setup, build] + if: always() && needs.setup.result == 'success' && needs.build.result == 'success' # Approval gate (via environment protection) ensures external contributors are approved before reaching here strategy: fail-fast: true @@ -545,6 +517,7 @@ jobs: id-token: write # Required for requesting the JWT contents: read # Required for listing the commits checks: write # Required for publishing test results + packages: read # Required for pulling images from ghcr.io inside KinD env: UNIQUE_ID: ${{ needs.setup.outputs.UNIQUE_ID }} REL_VERSION: ${{ needs.setup.outputs.REL_VERSION }} @@ -558,7 +531,7 @@ jobs: DE_TAG: ${{ needs.setup.outputs.DE_TAG }} steps: - name: Get GitHub app token - if: github.repository == 'radius-project/radius' + if: github.repository == vars.RADIUS_REPOSITORY uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 id: get_installation_token with: @@ -666,21 +639,32 @@ jobs: # create kind cluster with OIDC provider. - name: Create KinD cluster run: | + set -euo pipefail + curl -sSLo "kind" "https://github.com/kubernetes-sigs/kind/releases/download/${{ env.KIND_VER }}/kind-linux-amd64" chmod +x ./kind - # Populate the following environment variables for Azure workload identity from secrets. - # AZURE_OIDC_ISSUER_PUBLIC_KEY - # AZURE_OIDC_ISSUER_PRIVATE_KEY - # AZURE_OIDC_ISSUER - eval "export $(echo "${{ secrets.FUNCTEST_AZURE_OIDC_JSON }}" | jq -r 'to_entries | map("\(.key)=\(.value)") | @sh')" + # Parse and validate Azure workload identity values from secret JSON. + OIDC_JSON='${{ secrets.FUNCTEST_AZURE_OIDC_JSON }}' + if ! echo "${OIDC_JSON}" | jq -e . >/dev/null; then + echo "FUNCTEST_AZURE_OIDC_JSON is not valid JSON." + echo "Expected keys: AZURE_OIDC_ISSUER, AZURE_OIDC_ISSUER_PUBLIC_KEY, AZURE_OIDC_ISSUER_PRIVATE_KEY" + exit 1 + fi + + AZURE_OIDC_ISSUER="$(echo "${OIDC_JSON}" | jq -er '.AZURE_OIDC_ISSUER')" + AZURE_OIDC_ISSUER_PUBLIC_KEY="$(echo "${OIDC_JSON}" | jq -er '.AZURE_OIDC_ISSUER_PUBLIC_KEY')" + AZURE_OIDC_ISSUER_PRIVATE_KEY="$(echo "${OIDC_JSON}" | jq -er '.AZURE_OIDC_ISSUER_PRIVATE_KEY')" - AUTHKEY=$(echo -n "${{ github.actor }}:${{ secrets.GH_RAD_CI_BOT_PAT }}" | base64) + AUTHKEY=$(printf '%s' "${{ github.actor }}:${{ github.token }}" | base64) echo "{\"auths\":{\"ghcr.io\":{\"auth\":\"${AUTHKEY}\"}}}" > "./ghcr_secret.json" # Create KinD cluster with OIDC Issuer keys - echo $AZURE_OIDC_ISSUER_PUBLIC_KEY | base64 -d > sa.pub - echo $AZURE_OIDC_ISSUER_PRIVATE_KEY | base64 -d > sa.key + printf '%s' "${AZURE_OIDC_ISSUER_PUBLIC_KEY}" | base64 -d > sa.pub + printf '%s' "${AZURE_OIDC_ISSUER_PRIVATE_KEY}" | base64 -d > sa.key + openssl pkey -pubin -in sa.pub -noout >/dev/null + openssl pkey -in sa.key -check -noout >/dev/null + cat </dev/null; then + echo "FUNCTEST_PREPROVISIONED_RESOURCE_JSON is not valid JSON." + echo "Expected keys: AZURE_COSMOS_MONGODB_ACCOUNT_ID, AZURE_MSSQL_RESOURCE_ID, AZURE_MSSQL_USERNAME, AZURE_MSSQL_PASSWORD" + exit 1 + fi + + export AZURE_COSMOS_MONGODB_ACCOUNT_ID="$(echo "${PREPROVISIONED_JSON}" | jq -er '.AZURE_COSMOS_MONGODB_ACCOUNT_ID')" + export AZURE_MSSQL_RESOURCE_ID="$(echo "${PREPROVISIONED_JSON}" | jq -er '.AZURE_MSSQL_RESOURCE_ID')" + export AZURE_MSSQL_USERNAME="$(echo "${PREPROVISIONED_JSON}" | jq -er '.AZURE_MSSQL_USERNAME')" + export AZURE_MSSQL_PASSWORD="$(echo "${PREPROVISIONED_JSON}" | jq -er '.AZURE_MSSQL_PASSWORD')" make test-functional-${{ matrix.name }} env: @@ -906,7 +902,7 @@ jobs: - name: Process Functional Test Results uses: ./.github/actions/process-test-results # In case of failure, upload functional_test_results to artifacts so that they are not erased by subsequent runs. - if: failure() && github.repository == 'radius-project/radius' + if: failure() && github.repository == vars.RADIUS_REPOSITORY with: test_group_name: Functional Tests - ${{ matrix.name }} artifact_name: functional_test_results_${{ matrix.name }} @@ -999,7 +995,7 @@ jobs: report-test-results: # Report final test status. Runs after all tests complete (or are skipped). - if: always() && github.repository == 'radius-project/radius' + if: always() && github.repository == vars.RADIUS_REPOSITORY name: Report test results needs: [setup, build, tests] runs-on: ubuntu-24.04 @@ -1057,8 +1053,7 @@ jobs: needs: [build, tests] runs-on: ubuntu-24.04 timeout-minutes: 5 - permissions: {} - if: failure() && github.event_name == 'schedule' && github.repository == 'radius-project/radius' + if: failure() && github.event_name == 'schedule' && github.repository == vars.RADIUS_REPOSITORY steps: - name: Create failure issue for failing scheduled run uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 diff --git a/.github/workflows/functional-test-noncloud.yaml b/.github/workflows/functional-test-noncloud.yaml index 2d8905b201..af96a7ea2f 100644 --- a/.github/workflows/functional-test-noncloud.yaml +++ b/.github/workflows/functional-test-noncloud.yaml @@ -75,7 +75,7 @@ env: LOCAL_REGISTRY_SERVER: localhost # Local Docker registry port LOCAL_REGISTRY_PORT: "5000" - # bicep-types ACR url for uploading Radius Bicep types + # bicep-types ACR url for pulling public AWS Bicep types BICEP_TYPES_REGISTRY: biceptypes.azurecr.io # Git HTTP server URL GIT_HTTP_SERVER_URL: http://localhost:30080 @@ -508,7 +508,7 @@ jobs: - name: Process Functional Test Results uses: ./.github/actions/process-test-results # In case of failure, upload functional_test_results to artifacts so that they are not erased by subsequent runs. - if: failure() && github.repository == 'radius-project/radius' + if: failure() && github.repository == vars.RADIUS_REPOSITORY with: test_group_name: Functional Tests - ${{ matrix.name }} artifact_name: functional_test_results_${{ matrix.name }} @@ -584,17 +584,18 @@ jobs: if-no-files-found: error report-failure: - if: failure() && github.event_name == 'schedule' && github.repository == 'radius-project/radius' && needs.changes.outputs.only_changed != 'true' + if: failure() && github.event_name == 'schedule' && github.repository == vars.RADIUS_REPOSITORY && needs.changes.outputs.only_changed != 'true' name: Report test failure needs: [changes, build, tests] runs-on: ubuntu-24.04 timeout-minutes: 5 - permissions: {} + permissions: + issues: write steps: - name: Create failure issue for failing scheduled run uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: - github-token: ${{ secrets.GH_RAD_CI_BOT_PAT }} + github-token: ${{ github.token }} script: | github.rest.issues.create({ ...context.repo, diff --git a/.github/workflows/long-running-azure.yaml b/.github/workflows/long-running-azure.yaml index 1e9d85089b..a6c8c7113a 100644 --- a/.github/workflows/long-running-azure.yaml +++ b/.github/workflows/long-running-azure.yaml @@ -55,25 +55,27 @@ env: GOTESTSUM_VER: 1.13.0 # Container registry for storing Bicep recipe artifacts - BICEP_RECIPE_REGISTRY: ghcr.io/radius-project/dev - # ACR url for uploading test UDT Bicep types - TEST_BICEP_TYPES_REGISTRY: testuserdefinedbiceptypes.azurecr.io + BICEP_RECIPE_REGISTRY: ${{ vars.FUNCTIONAL_TEST_BICEP_RECIPE_REGISTRY || 'ghcr.io/radius-project/dev' }} + # bicep-types ACR url for pulling latest Radius Bicep types (AWS) + BICEP_TYPES_REGISTRY: biceptypes.azurecr.io + # bicep-types ACR url for uploading test Radius Bicep types + TEST_BICEP_TYPES_REGISTRY: ${{ vars.TEST_BICEP_TYPES_REGISTRY }} # The radius functional test timeout FUNCTIONALTEST_TIMEOUT: 60m # The Azure Location to store test resources - AZURE_LOCATION: westus3 + AZURE_LOCATION: westus2 # The base directory for storing test logs RADIUS_CONTAINER_LOG_BASE: dist/container_logs # The region for AWS resources AWS_REGION: us-west-2 # The functional test GitHub app id - FUNCTIONAL_TEST_APP_ID: 425843 + FUNCTIONAL_TEST_APP_ID: ${{ vars.FUNCTIONAL_TEST_APP_ID }} # The AKS cluster name - AKS_CLUSTER_NAME: radlrtest00-aks + AKS_CLUSTER_NAME: ${{ vars.LRT_AKS_CLUSTER_NAME }} # The resource group for AKS_CLUSTER_NAME resource. - AKS_RESOURCE_GROUP: radlrtest00 + AKS_RESOURCE_GROUP: ${{ vars.LRT_AKS_RESOURCE_GROUP }} # Server where terraform test modules are deployed TF_RECIPE_MODULE_SERVER_URL: http://tf-module-server.radius-test-tf-module-server.svc.cluster.local @@ -95,7 +97,7 @@ env: jobs: tests: - if: github.repository == 'radius-project/radius' + if: github.repository == vars.RADIUS_REPOSITORY name: Run functional tests runs-on: ubuntu-24.04 timeout-minutes: 120 @@ -113,7 +115,7 @@ jobs: echo "AZURE_TEST_RESOURCE_GROUP=radtest-${UNIQUE_ID}" >> "${GITHUB_OUTPUT}" - name: Get GitHub app token - if: github.repository == 'radius-project/radius' + if: github.repository == vars.RADIUS_REPOSITORY uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 id: get_installation_token with: @@ -241,6 +243,21 @@ jobs: env: RELEASE_DIR: ${{ steps.checkout-release-codebase.outputs.release-dir }} + - name: Point dynamicrp testresources extension to test ACR + run: | + set -euo pipefail + + BICEP_CONFIG_FILE="./${RELEASE_DIR}/test/functional-portable/dynamicrp/noncloud/resources/bicepconfig.json" + TMP_FILE="$(mktemp)" + jq --arg radius "br:${BICEP_TYPES_REGISTRY}/radius:latest" \ + --arg aws "br:${BICEP_TYPES_REGISTRY}/aws:latest" \ + --arg testresources "br:${TEST_BICEP_TYPES_REGISTRY}/testresources:latest" \ + '.extensions.radius = $radius | .extensions.aws = $aws | .extensions.testresources = $testresources | .cloud.credentialPrecedence = ["AzureCLI", "Environment"]' \ + "${BICEP_CONFIG_FILE}" > "${TMP_FILE}" + mv "${TMP_FILE}" "${BICEP_CONFIG_FILE}" + env: + RELEASE_DIR: ${{ steps.checkout-release-codebase.outputs.release-dir }} + - name: Publish Bicep Test Recipes run: | export PATH=$GITHUB_WORKSPACE/bin:$PATH @@ -339,12 +356,12 @@ jobs: - name: Restore Bicep artifacts before running functional tests # The exact files chosen to run the command can be changed, but we need 1 that uses the Radius extension, 1 that uses the AWS extension and 1 that uses UDT testresources # so we can restore all Bicep artifacts before the tests start. - run: | - # Restore Radius Bicep types - bicep restore "./${RELEASE_DIR}/test/functional-portable/corerp/cloud/resources/testdata/corerp-azure-connection-database-service.bicep" --force - # Restore AWS Bicep types - bicep restore "./${RELEASE_DIR}/test/functional-portable/corerp/cloud/resources/testdata/aws-s3-bucket.bicep" --force - env: + run: | + # Restore Radius Bicep types + bicep restore "./${RELEASE_DIR}/test/functional-portable/corerp/cloud/resources/testdata/corerp-azure-connection-database-service.bicep" --force + # Restore AWS Bicep types + bicep restore "./${RELEASE_DIR}/test/functional-portable/corerp/cloud/resources/testdata/aws-s3-bucket.bicep" --force + env: RELEASE_DIR: ${{ steps.checkout-release-codebase.outputs.release-dir }} - name: Run functional tests @@ -369,6 +386,8 @@ jobs: GIT_HTTP_PASSWORD: ${{ env.GIT_HTTP_PASSWORD }} working-directory: ${{ steps.checkout-release-codebase.outputs.release-dir }} run: | + set -euo pipefail + # Ensure rad cli is in path before running tests. export PATH=$GITHUB_WORKSPACE/bin:$PATH @@ -379,7 +398,17 @@ jobs: # AZURE_MSSQL_RESOURCE_ID # AZURE_MSSQL_USERNAME # AZURE_MSSQL_PASSWORD - eval "export $(echo "${{ secrets.FUNCTEST_PREPROVISIONED_RESOURCE_JSON }}" | jq -r 'to_entries | map("\(.key)=\(.value)") | @sh')" + PREPROVISIONED_JSON='${{ secrets.FUNCTEST_PREPROVISIONED_RESOURCE_JSON }}' + if ! echo "${PREPROVISIONED_JSON}" | jq -e . >/dev/null; then + echo "FUNCTEST_PREPROVISIONED_RESOURCE_JSON is not valid JSON." + echo "Expected keys: AZURE_COSMOS_MONGODB_ACCOUNT_ID, AZURE_MSSQL_RESOURCE_ID, AZURE_MSSQL_USERNAME, AZURE_MSSQL_PASSWORD" + exit 1 + fi + + export AZURE_COSMOS_MONGODB_ACCOUNT_ID="$(echo "${PREPROVISIONED_JSON}" | jq -er '.AZURE_COSMOS_MONGODB_ACCOUNT_ID')" + export AZURE_MSSQL_RESOURCE_ID="$(echo "${PREPROVISIONED_JSON}" | jq -er '.AZURE_MSSQL_RESOURCE_ID')" + export AZURE_MSSQL_USERNAME="$(echo "${PREPROVISIONED_JSON}" | jq -er '.AZURE_MSSQL_USERNAME')" + export AZURE_MSSQL_PASSWORD="$(echo "${PREPROVISIONED_JSON}" | jq -er '.AZURE_MSSQL_PASSWORD')" make test-functional-all @@ -452,12 +481,11 @@ jobs: ./.github/scripts/cleanup-long-running-cluster.sh skip-delete-resources-list.txt report-failure: - if: failure() && github.repository == 'radius-project/radius' && github.event_name == 'schedule' + if: failure() && github.repository == vars.RADIUS_REPOSITORY && github.event_name == 'schedule' name: Report test failure needs: [tests] runs-on: ubuntu-24.04 timeout-minutes: 5 - permissions: {} steps: - name: Create failure issue for failing long running test run uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 diff --git a/test/functional-portable/corerp/cloud/mechanics/aws_mechanics_test.go b/test/functional-portable/corerp/cloud/mechanics/aws_mechanics_test.go index c540968de7..b6e8338fc6 100644 --- a/test/functional-portable/corerp/cloud/mechanics/aws_mechanics_test.go +++ b/test/functional-portable/corerp/cloud/mechanics/aws_mechanics_test.go @@ -27,6 +27,8 @@ import ( ) func Test_AWSRedeployWithUpdatedResourceUpdatesResource(t *testing.T) { + t.Skip("temporarily skipping AWS tests while OIDC issuer validation is being updated") + template := "testdata/aws-mechanics-redeploy-withupdatedresource.bicep" name := "radiusfunctionaltest-" + uuid.New().String() creationTimestamp := testutil.GetCreationTimestamp() diff --git a/test/functional-portable/corerp/cloud/resources/aws_logs_loggroup_test.go b/test/functional-portable/corerp/cloud/resources/aws_logs_loggroup_test.go index 39637ec553..c57d19d2c9 100644 --- a/test/functional-portable/corerp/cloud/resources/aws_logs_loggroup_test.go +++ b/test/functional-portable/corerp/cloud/resources/aws_logs_loggroup_test.go @@ -27,6 +27,8 @@ import ( ) func Test_AWS_LogsLogGroup(t *testing.T) { + t.Skip("temporarily skipping AWS tests while OIDC issuer validation is being updated") + template := "testdata/aws-logs-loggroup.bicep" name := "radiusfunctionaltest-" + uuid.New().String() creationTimestamp := testutil.GetCreationTimestamp() @@ -63,6 +65,8 @@ func Test_AWS_LogsLogGroup(t *testing.T) { } func Test_AWS_LogsLogGroup_Existing(t *testing.T) { + t.Skip("temporarily skipping AWS tests while OIDC issuer validation is being updated") + template := "testdata/aws-logs-loggroup.bicep" templateExisting := "testdata/aws-logs-loggroup-existing.bicep" name := "radiusfunctionaltest-" + uuid.New().String() diff --git a/test/functional-portable/corerp/cloud/resources/aws_multi_identifier_resource_test.go b/test/functional-portable/corerp/cloud/resources/aws_multi_identifier_resource_test.go index c5d29da1c4..7fa0131c74 100644 --- a/test/functional-portable/corerp/cloud/resources/aws_multi_identifier_resource_test.go +++ b/test/functional-portable/corerp/cloud/resources/aws_multi_identifier_resource_test.go @@ -28,6 +28,8 @@ import ( ) func Test_AWS_MultiIdentifier_Resource(t *testing.T) { + t.Skip("temporarily skipping AWS tests while OIDC issuer validation is being updated") + template := "testdata/aws-multi-identifier.bicep" filterName := "ms" + uuid.New().String() logGroupName := "ms" + uuid.New().String() diff --git a/test/functional-portable/corerp/cloud/resources/extender_test.go b/test/functional-portable/corerp/cloud/resources/extender_test.go index a599bc6243..0f0ad4300b 100644 --- a/test/functional-portable/corerp/cloud/resources/extender_test.go +++ b/test/functional-portable/corerp/cloud/resources/extender_test.go @@ -30,6 +30,8 @@ import ( ) func Test_Extender_RecipeAWS_LogGroup(t *testing.T) { + t.Skip("temporarily skipping AWS tests while OIDC issuer validation is being updated") + awsAccountID := os.Getenv("AWS_ACCOUNT_ID") awsRegion := os.Getenv("AWS_REGION") // Error the test if the required environment variables are not set diff --git a/test/functional-portable/ucp/cloud/aws_credential_test.go b/test/functional-portable/ucp/cloud/aws_credential_test.go index 0e803353d0..45dc49b6d2 100644 --- a/test/functional-portable/ucp/cloud/aws_credential_test.go +++ b/test/functional-portable/ucp/cloud/aws_credential_test.go @@ -31,6 +31,8 @@ import ( ) func Test_AWS_Credential_Operations(t *testing.T) { + t.Skip("temporarily skipping AWS tests while OIDC issuer validation is being updated") + myTest := test.NewUCPTest(t, "Test_AWS_Credential_Operations", func(t *testing.T, url string, roundTripper http.RoundTripper) { resourceTypePath := "/planes/aws/awstest/providers/System.AWS/credentials" resourceURL := fmt.Sprintf("%s%s/default?api-version=%s", url, resourceTypePath, ucp.Version) diff --git a/test/functional-portable/ucp/cloud/aws_test.go b/test/functional-portable/ucp/cloud/aws_test.go index 09d5d39591..7641c71391 100644 --- a/test/functional-portable/ucp/cloud/aws_test.go +++ b/test/functional-portable/ucp/cloud/aws_test.go @@ -45,6 +45,8 @@ var ( ) func Test_AWS_DeleteResource(t *testing.T) { + t.Skip("temporarily skipping AWS tests while OIDC issuer validation is being updated") + ctx := context.Background() myTest := test.NewUCPTest(t, "Test_AWS_DeleteResource", func(t *testing.T, url string, roundTripper http.RoundTripper) { @@ -106,6 +108,8 @@ func Test_AWS_DeleteResource(t *testing.T) { } func Test_AWS_ListResources(t *testing.T) { + t.Skip("temporarily skipping AWS tests while OIDC issuer validation is being updated") + ctx := context.Background() myTest := test.NewUCPTest(t, "Test_AWS_ListResources", func(t *testing.T, url string, roundTripper http.RoundTripper) {