diff --git a/.github/workflows/cloud-runner-ci-pipeline.yml b/.github/workflows/cloud-runner-ci-pipeline.yml deleted file mode 100644 index c0d16a6d..00000000 --- a/.github/workflows/cloud-runner-ci-pipeline.yml +++ /dev/null @@ -1,235 +0,0 @@ -name: Cloud Runner CI Pipeline - -on: - push: { branches: [cloud-runner-develop, cloud-runner-preview, main] } - workflow_dispatch: - inputs: - runGithubIntegrationTests: - description: 'Run GitHub Checks integration tests' - required: false - default: 'false' - -permissions: - checks: write - contents: read - actions: write - packages: read - pull-requests: write - statuses: write - id-token: write - -env: - GKE_ZONE: 'us-central1' - GKE_REGION: 'us-central1' - GKE_PROJECT: 'unitykubernetesbuilder' - GKE_CLUSTER: 'game-ci-github-pipelines' - GCP_LOGGING: true - GCP_PROJECT: unitykubernetesbuilder - GCP_LOG_FILE: ${{ github.workspace }}/cloud-runner-logs.txt - AWS_REGION: eu-west-2 - AWS_DEFAULT_REGION: eu-west-2 - AWS_STACK_NAME: game-ci-team-pipelines - CLOUD_RUNNER_BRANCH: ${{ github.ref }} - DEBUG: true - UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }} - UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }} - UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }} - PROJECT_PATH: test-project - UNITY_VERSION: 2019.3.15f1 - USE_IL2CPP: false - USE_GKE_GCLOUD_AUTH_PLUGIN: true - -jobs: - tests: - name: Tests - if: github.event.event_type != 'pull_request_target' - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - test: - - 'cloud-runner-end2end-locking' - - 'cloud-runner-end2end-caching' - - 'cloud-runner-end2end-retaining' - - 'cloud-runner-caching' - - 'cloud-runner-environment' - - 'cloud-runner-image' - - 'cloud-runner-hooks' - - 'cloud-runner-local-persistence' - - 'cloud-runner-locking-core' - - 'cloud-runner-locking-get-locked' - steps: - - name: Checkout (default) - uses: actions/checkout@v4 - with: - lfs: false - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: eu-west-2 - - run: yarn - - run: yarn run test "${{ matrix.test }}" --detectOpenHandles --forceExit --runInBand - timeout-minutes: 60 - env: - UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }} - UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }} - UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }} - PROJECT_PATH: test-project - TARGET_PLATFORM: StandaloneWindows64 - cloudRunnerTests: true - versioning: None - KUBE_STORAGE_CLASS: local-path - PROVIDER_STRATEGY: local-docker - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} - k8sTests: - name: K8s Tests - if: github.event.event_type != 'pull_request_target' - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - test: - # - 'cloud-runner-async-workflow' - - 'cloud-runner-end2end-locking' - - 'cloud-runner-end2end-caching' - - 'cloud-runner-end2end-retaining' - - 'cloud-runner-kubernetes' - - 'cloud-runner-environment' - - 'cloud-runner-github-checks' - steps: - - name: Checkout (default) - uses: actions/checkout@v2 - with: - lfs: false - - run: yarn - - name: actions-k3s - uses: debianmaster/actions-k3s@v1.0.5 - with: - version: 'latest' - - run: yarn run test "${{ matrix.test }}" --detectOpenHandles --forceExit --runInBand - timeout-minutes: 60 - env: - UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }} - UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }} - UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }} - PROJECT_PATH: test-project - TARGET_PLATFORM: StandaloneWindows64 - cloudRunnerTests: true - versioning: None - KUBE_STORAGE_CLASS: local-path - PROVIDER_STRATEGY: k8s - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - awsTests: - name: AWS Tests - if: github.event.event_type != 'pull_request_target' - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - test: - - 'cloud-runner-end2end-locking' - - 'cloud-runner-end2end-caching' - - 'cloud-runner-end2end-retaining' - - 'cloud-runner-environment' - - 'cloud-runner-s3-steps' - steps: - - name: Checkout (default) - uses: actions/checkout@v2 - with: - lfs: false - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v1 - with: - aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} - aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - aws-region: eu-west-2 - - run: yarn - - run: yarn run test "${{ matrix.test }}" --detectOpenHandles --forceExit --runInBand - timeout-minutes: 60 - env: - UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }} - UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }} - UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }} - PROJECT_PATH: test-project - TARGET_PLATFORM: StandaloneWindows64 - cloudRunnerTests: true - versioning: None - KUBE_STORAGE_CLASS: local-path - PROVIDER_STRATEGY: aws - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} - - buildTargetTests: - name: Local Build Target Tests - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - providerStrategy: - #- aws - - local-docker - #- k8s - targetPlatform: - - StandaloneOSX # Build a macOS standalone (Intel 64-bit). - - StandaloneWindows64 # Build a Windows 64-bit standalone. - - StandaloneLinux64 # Build a Linux 64-bit standalone. - - WebGL # WebGL. - - iOS # Build an iOS player. - # - Android # Build an Android .apk. - steps: - - name: Checkout (default) - uses: actions/checkout@v4 - with: - lfs: false - - run: yarn - - uses: ./ - id: unity-build - timeout-minutes: 30 - env: - UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }} - UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }} - UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }} - - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} - with: - cloudRunnerTests: true - versioning: None - targetPlatform: ${{ matrix.targetPlatform }} - providerStrategy: ${{ matrix.providerStrategy }} - - run: | - cp ./cloud-runner-cache/cache/${{ steps.unity-build.outputs.CACHE_KEY }}/build/${{ steps.unity-build.outputs.BUILD_ARTIFACT }} ${{ steps.unity-build.outputs.BUILD_ARTIFACT }} - - uses: actions/upload-artifact@v4 - with: - name: ${{ matrix.providerStrategy }} Build (${{ matrix.targetPlatform }}) - path: ${{ steps.unity-build.outputs.BUILD_ARTIFACT }} - retention-days: 14 - - githubChecksIntegration: - name: GitHub Checks Integration - runs-on: ubuntu-latest - if: github.event_name == 'workflow_dispatch' && github.event.inputs.runGithubIntegrationTests == 'true' - env: - RUN_GITHUB_INTEGRATION_TESTS: true - steps: - - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 - with: - node-version: 20 - cache: 'yarn' - - run: yarn install --frozen-lockfile - - run: yarn test cloud-runner-github-checks-integration-test --detectOpenHandles --forceExit --runInBand - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/cloud-runner-integrity.yml b/.github/workflows/cloud-runner-integrity.yml new file mode 100644 index 00000000..d2db3d11 --- /dev/null +++ b/.github/workflows/cloud-runner-integrity.yml @@ -0,0 +1,80 @@ +name: cloud-runner-integrity + +on: + workflow_call: + inputs: + runGithubIntegrationTests: + description: 'Run GitHub Checks integration tests' + required: false + default: 'false' + type: string + +permissions: + checks: write + contents: read + actions: write + packages: read + pull-requests: write + statuses: write + id-token: write + +env: + AWS_REGION: eu-west-2 + AWS_DEFAULT_REGION: eu-west-2 + AWS_STACK_NAME: game-ci-team-pipelines + CLOUD_RUNNER_BRANCH: ${{ github.ref }} + DEBUG: true + PROJECT_PATH: test-project + USE_IL2CPP: false + +jobs: + tests: + name: Cloud Runner Tests + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + test: + - 'cloud-runner-end2end-locking' + - 'cloud-runner-end2end-caching' + - 'cloud-runner-end2end-retaining' + - 'cloud-runner-caching' + - 'cloud-runner-environment' + - 'cloud-runner-image' + - 'cloud-runner-hooks' + - 'cloud-runner-local-persistence' + - 'cloud-runner-locking-core' + - 'cloud-runner-locking-get-locked' + steps: + - uses: actions/checkout@v4 + with: + lfs: false + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v1 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws-region: ${{ env.AWS_REGION }} + - uses: actions/setup-node@v4 + with: + node-version: 20 + cache: 'yarn' + - run: yarn install --frozen-lockfile + - run: yarn run test "${{ matrix.test }}" --detectOpenHandles --forceExit --runInBand + timeout-minutes: 60 + env: + UNITY_EMAIL: ${{ secrets.UNITY_EMAIL }} + UNITY_PASSWORD: ${{ secrets.UNITY_PASSWORD }} + UNITY_SERIAL: ${{ secrets.UNITY_SERIAL }} + PROJECT_PATH: test-project + TARGET_PLATFORM: StandaloneWindows64 + cloudRunnerTests: true + versioning: None + KUBE_STORAGE_CLASS: local-path + PROVIDER_STRATEGY: local-docker + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + GIT_PRIVATE_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GIT_PRIVATE_TOKEN }} + + diff --git a/.github/workflows/integrity-check.yml b/.github/workflows/integrity-check.yml index 9ec70659..d8c5affe 100644 --- a/.github/workflows/integrity-check.yml +++ b/.github/workflows/integrity-check.yml @@ -26,3 +26,8 @@ jobs: - run: bash <(curl -s https://codecov.io/bash) - run: yarn build || { echo "build command should always succeed" ; exit 61; } # - run: yarn build --quiet && git diff --quiet dist || { echo "dist should be auto generated" ; git diff dist ; exit 62; } + + cloud-runner: + name: Cloud Runner Integrity + uses: ./.github/workflows/cloud-runner-integrity.yml + secrets: inherit