feat: add ansible task testing infrastructure based on Docker and pytest #4219
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Nix CI | |
| on: | |
| push: | |
| branches: | |
| - release/* | |
| pull_request: | |
| merge_group: | |
| workflow_dispatch: | |
| permissions: | |
| id-token: write | |
| # required by testinfra-ami-build dependent workflows | |
| contents: write | |
| packages: write | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
| jobs: | |
| build-run-image: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - runner: blacksmith-32vcpu-ubuntu-2404 | |
| arch: amd64 | |
| - runner: blacksmith-32vcpu-ubuntu-2404-arm | |
| arch: arm64 | |
| - runner: macos-latest-xlarge | |
| arch: arm64 | |
| runs-on: ${{ matrix.runner }} | |
| timeout-minutes: 180 | |
| steps: | |
| - name: Checkout Repo | |
| uses: supabase/postgres/.github/actions/shared-checkout@HEAD | |
| - uses: ./.github/actions/nix-install-ephemeral | |
| with: | |
| push-to-cache: ${{ github.secret_source == 'Actions' && 'true' || 'false' }} | |
| env: | |
| DEV_AWS_ROLE: ${{ secrets.DEV_AWS_ROLE }} | |
| NIX_SIGN_SECRET_KEY: ${{ secrets.NIX_SIGN_SECRET_KEY }} | |
| - name: Aggressive disk cleanup for DuckDB build | |
| if: matrix.runner == 'macos-latest-xlarge' | |
| run: | | |
| nix --version | |
| echo "=== BEFORE CLEANUP ===" | |
| df -h | |
| # Remove major space consumers | |
| sudo rm -rf /usr/share/dotnet || true | |
| sudo rm -rf /usr/local/lib/android || true | |
| sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneSimulator.platform || true | |
| sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/watchOS.platform || true | |
| sudo rm -rf /Applications/Xcode.app/Contents/Developer/Platforms/tvOS.platform || true | |
| # Clean everything possible | |
| sudo rm -rf /opt/ghc || true | |
| sudo rm -rf /usr/local/share/boost || true | |
| sudo rm -rf /opt/homebrew || true | |
| sudo xcrun simctl delete all 2>/dev/null || true | |
| # Aggressive cache cleanup | |
| sudo rm -rf /System/Library/Caches/* 2>/dev/null || true | |
| sudo rm -rf /Library/Caches/* 2>/dev/null || true | |
| sudo rm -rf ~/Library/Caches/* 2>/dev/null || true | |
| sudo rm -rf /private/var/log/* 2>/dev/null || true | |
| sudo rm -rf /tmp/* 2>/dev/null || true | |
| echo "=== AFTER CLEANUP ===" | |
| df -h | |
| - | |
| name: Build psql bundle | |
| run: > | |
| nix run "github:Mic92/nix-fast-build?rev=b1dae483ab7d4139a6297e02b6de9e5d30e43d48" | |
| -- --skip-cached --no-nom ${{ matrix.runner == 'macos-latest-xlarge' && '--max-jobs 1' || '' }} | |
| --flake ".#checks.$(nix eval --raw --impure --expr 'builtins.currentSystem')" | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ env.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ env.AWS_SECRET_ACCESS_KEY }} | |
| AWS_SESSION_TOKEN: ${{ env.AWS_SESSION_TOKEN }} | |
| run-testinfra: | |
| needs: build-run-image | |
| if: ${{ success() }} | |
| uses: ./.github/workflows/testinfra-ami-build.yml | |
| secrets: | |
| DEV_AWS_ROLE: ${{ secrets.DEV_AWS_ROLE }} | |
| run-tests: | |
| needs: build-run-image | |
| if: ${{ success() }} | |
| uses: ./.github/workflows/test.yml |