-
Notifications
You must be signed in to change notification settings - Fork 420
118 lines (112 loc) · 4.14 KB
/
lib-injection.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
name: "Library Injection"
on:
# Build each branch for testing
push:
pull_request:
paths:
- ddtrace/**
- lib-injection/**
- setup*
- pyproject.toml
- .github/workflows/lib-injection.yml
jobs:
build-and-publish-test-image:
uses: ./.github/workflows/lib-inject-publish.yml
secrets:
token: ${{ secrets.GITHUB_TOKEN }}
with:
ddtrace-version: v2.6.3
image-tag: ${{ github.sha }}
test-runner-test:
needs:
- build-and-publish-test-image
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
strategy:
matrix:
weblog-variant: ['dd-lib-python-init-test-django','dd-lib-python-init-test-django-gunicorn','dd-lib-python-init-test-django-uvicorn']
fail-fast: false
env:
TEST_LIBRARY: python
WEBLOG_VARIANT: ${{ matrix.weblog-variant }}
DOCKER_REGISTRY_IMAGES_PATH: ghcr.io/datadog
DOCKER_IMAGE_TAG: ${{ github.sha }}
BUILDX_PLATFORMS: linux/amd64
steps:
- name: Checkout system tests
uses: actions/checkout@v3
with:
repository: 'DataDog/system-tests'
- name: Install runner
uses: ./.github/actions/install_runner
- name: Run K8s Lib Injection Tests
run: ./run.sh K8S_LIB_INJECTION_BASIC
- name: Compress logs
id: compress_logs
if: always()
run: tar -czvf artifact.tar.gz $(ls | grep logs)
- name: Upload artifact
if: always()
uses: actions/upload-artifact@v4
with:
name: logs_k8s_lib_injection_${{ matrix.weblog-variant }}
path: artifact.tar.gz
test_unit:
runs-on: ubuntu-latest
strategy:
matrix:
variant: [
'dd-lib-python-init-test-django',
'dd-lib-python-init-test-django-gunicorn',
'dd-lib-python-init-test-django-gunicorn-alpine',
'dd-lib-python-init-test-django-uvicorn',
'dd-lib-python-init-test-django-no-perms',
'dd-lib-python-init-test-django-pre-installed',
'dd-lib-python-init-test-django-unsupported-python',
]
fail-fast: false
steps:
- uses: actions/checkout@v3
- name: Build and run the app
run: |
SRC="$(pwd)"
cd lib-injection
export DDTRACE_PYTHON_VERSION="v2.6.3"
export APP_CONTEXT="${SRC}/tests/lib-injection/${{matrix.variant}}"
export TEMP_DIR="${SRC}/tmp/ddtrace"
mkdir -p "${TEMP_DIR}"
# Give the temp dir permissions, by default the docker user doesn't have permissions
# to write to the filesystem.
chmod 777 $TEMP_DIR
# Start the lib_inject to get the files copied. This avoids a race condition with the startup of the
# application.
docker compose up --build lib_inject
docker compose up --build -d
# Wait for the app to start
sleep 60
docker compose logs
- name: Check Permissions on ddtrace pkgs
run: |
cd lib-injection
# Ensure /datadog-lib/ddtrace_pkgs is a valid directory that is not empty
docker compose run lib_inject find /datadog-init/ddtrace_pkgs -maxdepth 0 -empty | wc -l && if [ $? -ne 0 ]; then exit 1; fi
# Ensure files are not world writeable
docker compose run lib_inject find /datadog-init/ddtrace_pkgs ! -perm /o+w | wc -l && if [ $? -ne 0 ]; then exit 1; fi
# Ensure all users have read and execute permissions to files stored in /datadog-lib/ddtrace_pkgs
docker compose run lib_inject find /datadog-init/ddtrace_pkgs ! -perm u=rwx,o=rx | wc -l && if [ $? -ne 0 ]; then exit 1; fi
- name: Test the app
run: |
curl http://localhost:18080
sleep 1 # wait for traces to be sent
- name: Print traces
run: curl http://localhost:8126/test/traces
- name: Check test agent received a trace
run: |
N=$(curl http://localhost:8126/test/traces | jq -r -e 'length')
[[ $N == "1" ]]
- name: Output app logs (LOOK HERE IF THE JOB FAILS)
if: success() || failure()
run: |
docker compose logs