Skip to content
samcli-vm

samcli-vm #132

Sign in to view logs

samcli-vm

samcli-vm #132

Workflow file for this run

.github/workflows/samcli-vm.yaml at c3cdb3b
name: samcli-vm
on:
pull_request:
branches:
- main
paths:
- 'scripts/samcli-vm/**'
- 'scripts/cleanup-aws-resources.sh'
- 'scripts/validate-test-results.sh'
- '.github/workflows/samcli-vm.yaml'
schedule:
- cron: '0 8 * * *'
workflow_dispatch:
env:
GO_VERSION: '1.24.11'
# python version should match https://github.com/aws/aws-sam-cli/blame/develop/tests/integration/testdata/durable/template.yaml
PYTHON_VERSION: '3.13'
PYTHON_BINARY: 'python3.13'
AWS_DEFAULT_REGION: "${{ secrets.REGION }}"
BY_CANARY: true # allows full testing
SAM_CLI_DEV: 1
SAM_CLI_TELEMETRY: 0
DOCKER_HOST: unix:///Applications/Finch/lima/data/finch/sock/finch.sock
DOCKER_CONFIG: /Users/ec2-user/.finch
permissions:
id-token: write
contents: read
jobs:
samcli-vm-test:
runs-on: codebuild-finch-daemon-arm64-2-instance-${{ github.run_id }}-${{ github.run_attempt }}
steps:
- name: Clean macOS runner workspace
run: |
# taken from test-pkg workflow in finch
sudo rm -rf /Applications/Finch
sudo rm -rf /opt/finch
su ec2-user -c 'rm -rf ~/.finch'
sudo rm -rf ./_output
if pgrep '^qemu-system'; then
sudo pkill '^qemu-system'
fi
if pgrep '^socket_vmnet'; then
sudo pkill '^socket_vmnet'
fi
- name: Configure Git for ec2-user
run: |
git config --global --add safe.directory "*"
shell: bash
- name: Set up Go
uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
with:
go-version: ${{ env.GO_VERSION }}
cache: false
- name: Configure Go for ec2-user
run: |
chown -R ec2-user:staff $GOPATH || true
chown -R ec2-user:staff $RUNNER_TOOL_CACHE/go || true
- name: Install Rosetta 2
run: su ec2-user -c 'echo "A" | /usr/sbin/softwareupdate --install-rosetta --agree-to-license || true'
- name: Set up Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Configure Python for ec2-user
run: |
# Make Python accessible to ec2-user
chown -R ec2-user:staff $(${{ env.PYTHON_BINARY }} -c "import site; print(site.USER_BASE)") || true
# Or symlink to ec2-user's PATH
ln -sf $(which ${{ env.PYTHON_BINARY }}) /usr/local/bin/${{ env.PYTHON_BINARY }} || true
- name: Configure Homebrew for ec2-user
run: |
echo "Creating .brewrc file for ec2-user..."
cat > /Users/ec2-user/.brewrc << 'EOF'
# Homebrew environment setup
export PATH="/opt/homebrew/bin:/opt/homebrew/sbin:$PATH"
export HOMEBREW_PREFIX="/opt/homebrew"
export HOMEBREW_CELLAR="/opt/homebrew/Cellar"
export HOMEBREW_REPOSITORY="/opt/homebrew"
export HOMEBREW_NO_AUTO_UPDATE=1
EOF
chown ec2-user:staff /Users/ec2-user/.brewrc
# Fix Homebrew permissions
echo "Setting permissions for Homebrew directories..."
mkdir -p /opt/homebrew/Cellar
chown -R ec2-user:staff /opt/homebrew
shell: bash
- name: Install dependencies
run: |
echo "Installing dependencies as ec2-user..."
su ec2-user -c 'source /Users/ec2-user/.brewrc && brew install lz4 automake autoconf libtool yq'
shell: bash
- name: Checkout mainline finch repo
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
ref: main
repository: runfinch/finch
submodules: recursive
- name: Checkout finch-daemon
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
path: finch-daemon-pr
- name: Make & install Finch
run: |
chown -R ec2-user:staff "$GITHUB_WORKSPACE"
su ec2-user -c "cd $GITHUB_WORKSPACE && make clean && make FINCH_OS_IMAGE_LOCATION_ROOT=/Applications/Finch && make install PREFIX=Applications/Finch"
su ec2-user -c "ls -lah /Applications/Finch"
- name: Make Finch Daemon
run: |
su ec2-user -c "cd $GITHUB_WORKSPACE/finch-daemon-pr && STATIC=1 GOPROXY=direct GOOS=linux GOARCH=\$(go env GOARCH) make"
su ec2-user -c "cp $GITHUB_WORKSPACE/finch-daemon-pr/bin/finch-daemon /Applications/Finch/finch-daemon/finch-daemon"
- name: Initializing Finch VM
run: |
su ec2-user -c 'finch vm init'
su ec2-user -c 'while ! finch vm status | grep -q "Running"; do echo "Waiting for VM..."; sleep 5; done'
- name: Pinging Finch Daemon socket
run: |
su ec2-user -c 'LIMA_HOME=/Applications/Finch/lima/data /Applications/Finch/lima/bin/limactl shell finch curl --unix-socket /var/run/finch.sock -X GET http:/v1.41/version'
- name: Verify Finch socket
run: |
# Test socket connectivity
if su ec2-user -c 'curl -s --unix-socket /Applications/Finch/lima/data/finch/sock/finch.sock http://localhost/version' > /dev/null; then
echo "✓ Finch daemon is accessible"
else
echo "✗ Finch daemon connection failed"
ls -la /Applications/Finch/lima/data/finch/sock/ || echo "Socket directory not found"
exit 1
fi
- name: Ensure Docker is not available (force Finch usage)
run: |
echo "Ensuring Docker is not accessible to force SAM CLI to use Finch..."
# Remove docker binaries from PATH
sudo rm -f /usr/local/bin/docker /opt/homebrew/bin/docker || true
# Verify docker is not accessible
if su ec2-user -c 'which docker' > /dev/null 2>&1; then
echo "WARNING: Docker is still accessible"
su ec2-user -c 'which docker'
else
echo "SUCCESS: Docker is not accessible - SAM CLI will use Finch"
fi
shell: bash
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df # v4.2.1
with:
role-to-assume: ${{ secrets.SAMCLI_VM_ROLE_SYNC }}
role-session-name: samcli-finch-vm-sequential-tests
aws-region: ${{ secrets.REGION }}
role-duration-seconds: 14400
- name: Get latest SAM CLI tag
id: sam-tag
run: |
TAG=$(curl -s https://api.github.com/repos/aws/aws-sam-cli/releases/latest | jq -r .tag_name)
echo "tag=$TAG" >> $GITHUB_OUTPUT
- name: Checkout SAM CLI
uses: actions/checkout@v4
with:
repository: aws/aws-sam-cli
submodules: recursive
path: aws-sam-cli
ref: ${{ steps.sam-tag.outputs.tag }}
- name: Set up SAM CLI from source
run: |
# Move to ec2-user home and change ownership
sudo rm -rf /Users/ec2-user/aws-sam-cli || true
sudo mv aws-sam-cli /Users/ec2-user/aws-sam-cli
sudo chown -R ec2-user:staff /Users/ec2-user/aws-sam-cli
# Install and setup (use full path)
su ec2-user -c 'cd /Users/ec2-user/aws-sam-cli && ${{ env.PYTHON_BINARY }} -m pip install --upgrade pip --user'
su ec2-user -c 'cd /Users/ec2-user/aws-sam-cli && SAM_CLI_DEV=1 ${{ env.PYTHON_BINARY }} -m pip install -e ".[dev]" --user'
su ec2-user -c 'cd /Users/ec2-user/aws-sam-cli && export PATH="/Users/ec2-user/Library/Python/${{ env.PYTHON_VERSION }}/bin:$PATH" && samdev --version'
shell: bash
- name: Run unit tests
run: ./finch-daemon-pr/scripts/samcli-vm/run-unit-tests.sh
- name: Run invoke tests
timeout-minutes: 50
run: ./finch-daemon-pr/scripts/samcli-vm/run-invoke-tests.sh
- name: Run start-api tests
timeout-minutes: 80
run: ./finch-daemon-pr/scripts/samcli-vm/run-start-api-tests.sh
- name: Run sync tests
timeout-minutes: 30
run: ./finch-daemon-pr/scripts/samcli-vm/run-sync-tests.sh
- name: Run package tests
timeout-minutes: 15
run: ./finch-daemon-pr/scripts/samcli-vm/run-package-tests.sh
- name: Run start-lambda tests
timeout-minutes: 40
run: ./finch-daemon-pr/scripts/samcli-vm/run-start-lambda-tests.sh
# ensuring resources are clean post-test
cleanup:
runs-on: codebuild-finch-daemon-arm64-2-instance-${{ github.run_id }}-${{ github.run_attempt }}
needs: samcli-vm-test
if: always()
steps:
- name: Final cleanup
run: |
# Stop and remove VM
su ec2-user -c 'finch vm stop' || true
su ec2-user -c 'finch vm remove -f' || true
# Clean up processes and sockets
sudo pkill -f socket_vmnet || true
sudo pkill -f finch-daemon || true
sudo rm -rf /private/var/run/finch-lima/*.sock || true
# Clean up cache and temporary files
sudo rm -rf /Applications/Finch/lima/data/finch/_cache || true
sudo rm -rf /tmp/finch-* || true
- name: Checkout repository
uses: actions/checkout@v4
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@b47578312673ae6fa5b5096b330d9fbac3d116df
with:
role-to-assume: ${{ secrets.SAMCLI_VM_ROLE_SYNC }}
role-session-name: cleanup
aws-region: ${{ secrets.REGION }}
- name: Comprehensive AWS resource cleanup
timeout-minutes: 10
run: ./scripts/cleanup-aws-resources.sh