-
Notifications
You must be signed in to change notification settings - Fork 33
170 lines (153 loc) · 6.6 KB
/
unit-tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
name: "BioNemo Image Build and Unit Tests"
on:
pull_request:
branches: [main]
types: [opened, synchronize, reopened, ready_for_review]
push:
branches: [main]
merge_group:
types: [checks_requested]
defaults:
run:
shell: bash -x -e -u -o pipefail {0}
concurrency:
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
cancel-in-progress: true
jobs:
pre-commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
submodules: "recursive"
- uses: actions/setup-python@v5
with:
python-version: "3.12"
cache: "pip"
- run: pip install -r requirements-dev.txt
- run: ./ci/scripts/static_checks.sh
# For pull requests and merge_group events, trufflehog only runs on the diff between the base and head branches.
# For `push` events, (i.e., post-merge tests), we run trufflehog on the entire main branch by setting the base to
# ''. For some reason, the default behavior doesn't work well with the merge_group event, so we need to set these
# manually.
- uses: trufflesecurity/trufflehog@main
with:
path: ./
base: ${{ github.event_name != 'push' && github.event.repository.default_branch || '' }}
head: HEAD
extra_args: --only-verified
build-bionemo-image:
needs: pre-commit
runs-on: self-hosted-azure-cpu
if: ${{ !contains(github.event.pull_request.labels.*.name, 'SKIP_CI') }}
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
# This working directory / path business is because our self-hosted runners are not ephemeral VMs, so we
# isolate each build into their own folder. Note that these are not currently cleaned up, so that will need to
# be automated in the future.
path: ${{ github.run_id }}
submodules: "recursive"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Docker Metadata
id: metadata
uses: docker/metadata-action@v5
with:
images: nemoci.azurecr.io/bionemo
labels: nemo.library=bionemo
tags: |
type=schedule
type=ref,event=branch
type=ref,event=tag
type=ref,event=pr
type=raw,value=${{ github.run_id }}
# This action sets up our cache-from and cache-to flags appropriately; see the README of this action for more
# info. It doesn't seem to cache correctly for merge_group events, so we need to add that as an extra argument in
# the step below. There's probably a slight optimization to be had here by caching from the pr- caches for
# merge_group events. See https://github.com/int128/docker-build-cache-config-action/issues/1005 for more info.
- uses: int128/docker-build-cache-config-action@v1
id: cache
with:
image: nemoci.azurecr.io/bionemo/build-cache
pull-request-cache: true
- name: Build and push
uses: docker/build-push-action@v5
with:
file: ${{ github.run_id }}/Dockerfile
context: ${{ github.run_id }}/
push: true
tags: ${{ steps.metadata.outputs.tags }}
labels: ${{ steps.metadata.outputs.labels }}
cache-from: |
${{ steps.cache.outputs.cache-from }}
${{ github.event_name == 'merge_group' && 'nemoci.azurecr.io/bionemo/build-cache:main' || '' }}
cache-to: ${{ steps.cache.outputs.cache-to }}
run-tests:
needs: build-bionemo-image
runs-on: self-hosted-nemo-gpus-1
defaults:
run:
working-directory: ./${{ github.run_id }}
container:
image: nemoci.azurecr.io/bionemo:${{ github.run_id }}
options: --gpus all
# We mount the cache directory to avoid downloading the test data every run. Note that this only works because our
# VMs are not ephemeral, otherwise we'd need to cache the data somewhere that persists between runs.
volumes:
- /home/azureuser/actions-runner-bionemo/cache:/github/home/.cache
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
path: ${{ github.run_id }}
- name: Run tests
# Tests in this stage generate code coverage metrics for the repository
# Coverage data is uploaded to Codecov in subsequent stages
env:
BIONEMO_DATA_SOURCE: ngc
run: ./ci/scripts/run_pytest.sh --no-nbval --skip-slow
- name: Run slow tests
if: |
github.event_name == 'merge_group' ||
(github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'INCLUDE_SLOW_TESTS'))
env:
BIONEMO_DATA_SOURCE: ngc
run: pytest -m "slow" sub-packages/
- name: Run notebook tests
if: |
github.event_name == 'merge_group' ||
(github.event_name == 'pull_request' &&
contains(github.event.pull_request.labels.*.name, 'INCLUDE_NOTEBOOKS_TESTS'))
env:
BIONEMO_DATA_SOURCE: ngc
run: pytest --nbval-lax -p no:python docs/ sub-packages/
- name: Upload coverage to Codecov
# Don't run coverage on merge queue CI to avoid duplicating reports
# to codecov. See https://github.com/matplotlib/napari-matplotlib/issues/155
if: github.event_name != 'merge_group'
uses: codecov/codecov-action@v5
with:
token: ${{ secrets.CODECOV_TOKEN }}
working-directory: ${{ github.run_id }}
- name: Upload test results to Codecov
# Don't run coverage on merge queue CI to avoid duplicating reports
# to codecov. See https://github.com/matplotlib/napari-matplotlib/issues/155
if: ${{ !cancelled() && github.event_name != 'merge_group' }}
uses: codecov/test-results-action@v1
with:
token: ${{ secrets.CODECOV_TOKEN }}
working-directory: ${{ github.run_id }}
# Again, because our VMs are not ephemeral, we need to clean up the image after the tests are done. Otherwise `docker
# images list` will get very cluttered and we'll run out of disk space on these runners.
clean-up:
needs: run-tests
runs-on: self-hosted-nemo-gpus-1
if: ${{ success() || failure() }}
steps:
- name: clean up image
run: docker rmi nemoci.azurecr.io/bionemo:${{ github.run_id }}
# TODO: exclude tests from base image; run tests from github workspace mounted in the image.
# TODO: figure out way of cleaning up working directory (requires sudo or for us to fix file ownership from release container)