Skip to content

Document replacing credentials in a basic auth setup (#8491) #1219

Document replacing credentials in a basic auth setup (#8491)

Document replacing credentials in a basic auth setup (#8491) #1219

name: lakeFS HadoopFS Compatibility Tests
on:
push:
branches:
- master
workflow_dispatch: {}
# These permissions are needed to interact with GitHub's OIDC Token endpoint.
permissions:
id-token: write
contents: read
jobs:
gen-code:
name: Generate code from latest lakeFS app
runs-on: ubuntu-22.04
steps:
- name: Check-out code
uses: actions/checkout@v4
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: "1.23"
id: go
- uses: actions/setup-node@v4
with:
node-version: "18.17.0"
- uses: actions/setup-java@v3
with:
distribution: "adopt-hotspot"
java-version: "8"
cache: "sbt"
- name: Generate code
run: |
make -j3 gen-api gen-code VERSION=${{ steps.version.outputs.tag }}
mkdir webui/dist
touch webui/dist/index.html
tar -czf /tmp/generated.tar.gz .
- name: Store generated code
uses: actions/upload-artifact@v4
with:
name: generated-code
path: /tmp/generated.tar.gz
- name: Build Spark direct-access client
working-directory: clients/hadoopfs
run: |
mvn -Passembly -DfinalName=client -DskipTests --batch-mode --update-snapshots package
- name: Store client assembly
uses: actions/upload-artifact@v4
with:
name: client-assembly
path: clients/hadoopfs/target/client.jar
deploy-image:
name: Build and cache Docker image
needs: [gen-code]
runs-on: ubuntu-22.04
outputs:
tag: ${{ steps.version.outputs.tag }}
image_id: ${{ steps.build_export.outputs.ImageID }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup NodeJS
uses: actions/setup-node@v4
with:
node-version: "18.17.0"
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: "1.23"
id: go
- name: Retrieve generated code
uses: actions/download-artifact@v4.1.8
with:
name: generated-code
path: /tmp/
- name: Unpack generated code
run: tar -xzvf /tmp/generated.tar.gz
- name: Extract version
shell: bash
run: echo "tag=sha-$(git rev-parse --short HEAD | sed s/^v//g)" >> $GITHUB_OUTPUT
id: version
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Build and export
uses: docker/build-push-action@v5
id: build_export
with:
context: .
file: ./Dockerfile
tags: treeverse/lakefs:${{ steps.version.outputs.tag }}
outputs: type=docker,dest=/tmp/lakefs.tar
- name: Upload artifact
uses: actions/upload-artifact@v4
with:
name: lakefs-image
path: /tmp/lakefs.tar
compatibility-checks-client:
name: Test lakeFS Hadoop FileSystem compatibility
needs: [gen-code]
strategy:
fail-fast: false
matrix:
# Removing a version from this list means the published client is no longer tested for
# compatibility with that lakeFS version. Like any other client it can still rely on
# the lakeFS 1.0 API guarantees.
lakefs_version:
- 0.113.0
- 1.0.0
- 1.1.0
- 1.2.0
- 1.3.1
- 1.4.0
- 1.5.0
- 1.6.0
- 1.7.0
- 1.8.0
- 1.9.1
- 1.10.0
- 1.11.1
- 1.12.1
- 1.13.0
- 1.14.1
- 1.15.0
- 1.16.0
- 1.17.0
- 1.18.0
- 1.19.0
- 1.20.0
- 1.21.0
- 1.22.0
- 1.23.0
- 1.24.0
- 1.25.0
- 1.26.1
- 1.27.0
- 1.28.2
- 1.29.0
- 1.30.0
- 1.31.1
- 1.32.1
- 1.33.0
- 1.34.0
- 1.35.0
- 1.36.0
- 1.37.0
- 1.38.0
- 1.39.2
- 1.40.0
- 1.41.0
- 1.42.0
- 1.43.0
- 1.44.0
- 1.45.0
- 1.46.0
- 1.47.0
# Do *not* test 1.48.0, we withdrew it.
- 1.48.1
runs-on: ubuntu-22.04
env:
TAG: ${{ matrix.lakefs_version }}
REGISTRY: treeverse
SPARK_TAG: 3
steps:
- name: Check-out code
uses: actions/checkout@v4
- uses: actions/setup-java@v3
with:
distribution: "adopt-hotspot"
java-version: "8"
cache: "sbt"
- name: Package Spark App
working-directory: test/spark/app
run: sbt sonnets-311/package
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: 3.11
cache: 'pip'
- run: pip install -r ./test/spark/requirements.txt
- name: Generate uniquifying value
id: unique
shell: bash
run: echo "value=$(cat /proc/sys/kernel/random/uuid)" >> $GITHUB_OUTPUT
- name: Start lakeFS for Spark tests
uses: ./.github/actions/bootstrap-test-lakefs
with:
compose-directory: test/spark
env:
REGISTRY: treeverse
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
LAKEFS_DATABASE_TYPE: postgres
LAKEFS_BLOCKSTORE_TYPE: s3
LAKEFS_BLOCKSTORE_S3_CREDENTIALS_ACCESS_KEY_ID: ${{ secrets.ESTI_AWS_ACCESS_KEY_ID }}
LAKEFS_BLOCKSTORE_S3_CREDENTIALS_SECRET_ACCESS_KEY: ${{ secrets.ESTI_AWS_SECRET_ACCESS_KEY }}
- name: Retrieve client
uses: actions/download-artifact@v4.1.8
with:
name: client-assembly
path: clients/hadoopfs/target
- name: Test lakeFS S3 with Spark 3.x thick client
timeout-minutes: 8
working-directory: test/spark
run: |
python ./run-test.py \
--storage_namespace s3://esti-system-testing/compatibility/${{ github.run_number }}-spark3-client/${{ steps.unique.outputs.value }} \
--repository thick-client-test \
--sonnet_jar sonnets-311/target/sonnets-311/scala-2.12/sonnets-311_2.12-0.1.0.jar \
--access_mode hadoopfs \
--aws_access_key ${{ secrets.ESTI_AWS_ACCESS_KEY_ID }} \
--aws_secret_key ${{ secrets.ESTI_AWS_SECRET_ACCESS_KEY }}
- name: lakeFS Logs on Spark with client failure
if: ${{ failure() }}
continue-on-error: true
working-directory: test/spark
run: docker compose logs --tail=15000 lakefs
compatibility-checks-server:
name: Test lakeFS server FileSystem compatibility
needs: [deploy-image]
strategy:
fail-fast: false
matrix:
# Removing a version from this list means the current lakeFS is no longer compatible with
# that Hadoop lakeFS client version.
client_version: [ 0.1.10, 0.1.11, 0.1.12, 0.1.13, 0.1.14, 0.1.15, 0.2.1 ]
runs-on: ubuntu-22.04
env:
CLIENT_VERSION: ${{ matrix.client_version }}
TAG: ${{ needs.deploy-image.outputs.tag }}
IMAGE_ID: ${{ needs.deploy-image.outputs.image_id }}
REGISTRY: treeverse
SPARK_TAG: 3
steps:
- name: Check-out code
uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Download artifact
uses: actions/download-artifact@v4.1.8
with:
name: lakefs-image
path: /tmp
- name: Load Docker image
run: docker load --input /tmp/lakefs.tar
- uses: actions/setup-java@v3
with:
distribution: "adopt-hotspot"
java-version: "8"
cache: "sbt"
- name: Package Spark App
working-directory: test/spark/app
run: sbt sonnets-311/package
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v4
with:
python-version: 3.11
cache: 'pip'
- run: pip install -r ./test/spark/requirements.txt
- name: Generate uniquifying value
id: unique
shell: bash
run: echo "value=$(cat /proc/sys/kernel/random/uuid)" >> $GITHUB_OUTPUT
- name: Start lakeFS for Spark tests
uses: ./.github/actions/bootstrap-test-lakefs
with:
compose-directory: test/spark
env:
REGISTRY: treeverse
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
LAKEFS_DATABASE_TYPE: postgres
LAKEFS_BLOCKSTORE_TYPE: s3
LAKEFS_BLOCKSTORE_S3_CREDENTIALS_ACCESS_KEY_ID: ${{ secrets.ESTI_AWS_ACCESS_KEY_ID }}
LAKEFS_BLOCKSTORE_S3_CREDENTIALS_SECRET_ACCESS_KEY: ${{ secrets.ESTI_AWS_SECRET_ACCESS_KEY }}
- name: Test lakeFS S3 with Spark 3.x thick client
timeout-minutes: 8
working-directory: test/spark
run: |
python ./run-test.py \
--storage_namespace s3://esti-system-testing/compatibility/${{ github.run_number }}-spark3-client/${{ steps.unique.outputs.value }} \
--repository thick-client-test \
--sonnet_jar sonnets-311/target/sonnets-311/scala-2.12/sonnets-311_2.12-0.1.0.jar \
--access_mode hadoopfs \
--aws_access_key ${{ secrets.ESTI_AWS_ACCESS_KEY_ID }} \
--aws_secret_key ${{ secrets.ESTI_AWS_SECRET_ACCESS_KEY }} \
--client_version ${{ matrix.client_version }}
- name: lakeFS Logs on Spark with client failure
if: ${{ failure() }}
continue-on-error: true
working-directory: test/spark
run: docker compose logs --tail=15000 lakefs
notify-slack:
name: Notify slack on workflow failures
needs: [compatibility-checks-client, compatibility-checks-server]
runs-on: ubuntu-22.04
if: ${{ always() && contains(needs.*.result, 'failure') }}
steps:
- name: slack-send
uses: slackapi/slack-github-action@v1.23.0
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
payload: |
{
"mrkdwn": true,
"text": "Compatibility tests failure in master branch: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
}