AWS: Add AWS integ tests to check task and enable tests based on required environment variables #12671
Conversation
… enable tests in check task
aws/src/main/java/org/apache/iceberg/aws/s3/S3FileIOProperties.java
Outdated
Show resolved
Hide resolved
| @@ -56,8 +58,7 @@ | |||
| import software.amazon.awssdk.services.s3.model.HeadObjectRequest; | |||
| import software.amazon.awssdk.services.s3.model.NoSuchKeyException; | |||
|
|
|||
| public class TestDynamoDbCatalog { | |||
|
|
|||
| public class TestMockDynamoDbCatalog extends BaseAwsMockTest { | |||
There was a problem hiding this comment.
can we achieve the same without having to rename tests? I don't think it's clear that tests need to have a Mock in the name to properly be executed and it's very likely that this will be missed in the future if new tests are added. Hence I would suggest to keep the test names as they are
There was a problem hiding this comment.
Right now I use filtering to only run tests start with TestMock, but I agree it's not very clear. I think we could maybe introduce a custom annotation. Let me try out new approaches and give update on this.
There was a problem hiding this comment.
Seems like using Tag and
useJUnitPlatform {
includeTags 'verification'
}
is the cleanest approach
aws/src/integration/java/org/apache/iceberg/aws/dynamodb/TestMockDynamoDbLockManager.java
Outdated
Show resolved
Hide resolved
aws/src/integration/java/org/apache/iceberg/aws/moto/BaseAwsMockTest.java
Outdated
Show resolved
Hide resolved
|
cc: @nastra @xiaoxuandev I made some updates based on the reviews. Feel free to take another look when you have time. |
aws/src/integration/java/org/apache/iceberg/aws/dynamodb/TestDynamoDbCatalog.java
Show resolved
Hide resolved
aws/src/integration/java/org/apache/iceberg/aws/dynamodb/TestDynamoDbLockManager.java
Show resolved
Hide resolved
|
@xiaoxuandev @nastra There are some concerns on moving the tests to moto since we need to add additional configs to make it work correctly. So I revert those changes in this PR and we can revisit those later with adding separate mock test group that can be enabled in the pipeline while maintaining integration tests that use actual aws services. But we can still close out on the original issue on moving the docker based tests from |
Thanks @lliangyu-lin, that sounds good to me. Do we need to change the commit title? |
|
Since the PR is now using JUnit tags to distinguish between tests I was wondering whether it would make more sense to actually move the docker-specific tests to |
lliangyu-lin
changed the title
I think in this scenario, custom annotation is better compared to tags since some integration tests require different env vars, and we don't need to introduce another task as well. Otherwise we will need to add many different tags and need to handle the condition in gradle build file. |
|
Updated based on the comments. |
build.gradle
Outdated
| @@ -529,7 +529,10 @@ project(':iceberg-aws') { | |||
| inputSpec.set(s3SignerSpec) | |||
| recommend.set(true) | |||
| } | |||
| check.dependsOn('validateS3SignerSpec') | |||
| tasks.named('check') { | |||
There was a problem hiding this comment.
I would prefer to not change this line and keep it as is. This is so that we're in-line with how we define this in other places. And then right after the integrationTest task (after L526) is defined you would add the check.dependsOn integrationTest
| @Inherited | ||
| @Target({ElementType.TYPE, ElementType.METHOD}) | ||
| @Retention(RetentionPolicy.RUNTIME) | ||
| public @interface EnableAwsTest { |
There was a problem hiding this comment.
I believe we should be able to reuse EnabledIfEnvironmentVariables instead of introducing a separate Java annotation
| AwsIntegTestUtil.AWS_REGION, | ||
| AwsIntegTestUtil.AWS_TEST_BUCKET | ||
| }) | ||
| @ExtendWith(EnableAwsTestCondition.class) |
There was a problem hiding this comment.
could you please try and see whether we can achieve the same thing by using EnabledIfEnvironmentVariables? This would be more straightforward and easier to read/understand when the tests should be executed. Also we don't need to introduce any new classes/annotations
There was a problem hiding this comment.
@nastra Thank you for the suggestion! I made a revision to change to EnabledIfEnvironmentVariables and is working the same way, and it's good to reuse as well. But some caveats I found are that EnabledIfEnvironmentVariables cannot be applied on parent class and be inherited to all children classes, which means we need to put these annotations on each test class.
This might be enough, but some other thoughts I have are
- Extend the
EnabledIfEnvironmentVariablesto include@inherited(Need to introduce a class) - Use
AssumeNotNullto check env vars inBeforeAll(Remove any annotation, but is not clear to user why the tests are skipped since it's embedded in test setup).
| @@ -47,6 +49,14 @@ | |||
| import software.amazon.awssdk.services.iam.model.PutRolePolicyRequest; | |||
| import software.amazon.awssdk.services.s3.model.S3Exception; | |||
|
|
|||
| @EnabledIfEnvironmentVariables({ | |||
There was a problem hiding this comment.
I think skipping those tests is reasonable, but hardcoding AWS credentials in environment variables poses security risks. While this is an existing issue, it was never enabled for CI. I would prefer a configuration-based approach over using @EnabledIfEnvironmentVariables.
There was a problem hiding this comment.
Discussed with @xiaoxuandev offline. Since we are mixing other issues on this PR, I think we are good with moving with environment variables approach and close out on moving the docker based tests first.
I will follow up with separate PRs to address other concerns in the AWS integration tests. I have created this issue to track.
cc: @nastra
Description
testtointegrationTestfolderintegrationTestFixes #12236
Testing
./gradlew :iceberg-aws:checkConfirmed unit test and aws mocked integration tests are ran successfully. When required AWS environment variables are not set, the tests are correctly skipped.