E2E Release Validation #10
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Copyright (c) Microsoft Corporation. | |
| # Licensed under the MIT License. | |
| # | |
| # E2E Release Validation — GitHub Actions Workflow | |
| name: E2E Release Validation | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| github_ref: | |
| description: "Git ref to test (branch/tag/SHA)" | |
| required: false | |
| default: "main" | |
| distros: | |
| description: "Comma-separated distros" | |
| required: false | |
| default: "rhel,sles,ubuntu" | |
| workspace_configs: | |
| description: "Workspaces to test (empty = all)" | |
| required: false | |
| type: choice | |
| default: "" | |
| options: | |
| - "" | |
| - "SLE-AFS-AFA-SU-ANGI" | |
| - "RHE-ANF-ISCSI-SU" | |
| - "SLE-AFS-AFA-SU" | |
| - "SLE-ANF-AFA-SO" | |
| test_groups: | |
| description: "Test groups to run (empty = all)" | |
| required: false | |
| type: choice | |
| default: "" | |
| options: | |
| - "" | |
| - "ConfigurationChecks" | |
| - "CentralServicesHighAvailability" | |
| - "DatabaseHighAvailability" | |
| dry_run: | |
| description: "Deploy + discover only, skip tests" | |
| required: false | |
| default: "false" | |
| skip_teardown: | |
| description: "Keep VMs alive after tests (debugging)" | |
| required: false | |
| default: "false" | |
| release: | |
| types: [prereleased, published] | |
| permissions: | |
| contents: read | |
| checks: write | |
| actions: read | |
| id-token: write | |
| concurrency: | |
| group: e2e-validation-${{ github.ref }} | |
| cancel-in-progress: true | |
| env: | |
| # Azure — OIDC federated credentials | |
| AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
| AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
| E2E_AZURE_SUBSCRIPTION_ID: ${{ secrets.E2E_AZURE_SUBSCRIPTION_ID }} | |
| E2E_KEY_VAULT_NAME: ${{ secrets.E2E_KEY_VAULT_NAME }} | |
| E2E_AZURE_RESOURCE_GROUP: "rg-sap-qa-e2e-${{ github.run_id }}" | |
| E2E_AZURE_LOCATION: "swedencentral" | |
| # GitHub repo to clone on each deployer VM | |
| E2E_GITHUB_REPO: ${{ github.server_url }}/${{ github.repository }}.git | |
| E2E_GITHUB_REF: ${{ github.event.inputs.github_ref || github.head_ref || github.sha }} | |
| # Test configuration | |
| E2E_DISTROS: ${{ github.event.inputs.distros || 'rhel,sles,ubuntu' }} | |
| E2E_TEST_GROUPS: ${{ github.event.inputs.test_groups || '' }} | |
| E2E_WORKSPACE_CONFIGS: ${{ github.event.inputs.workspace_configs || '' }} | |
| E2E_EXECUTION_MODES: ${{ github.event.inputs.execution_modes || 'local,container' }} | |
| E2E_DRY_RUN: ${{ github.event.inputs.dry_run || 'false' }} | |
| E2E_SKIP_TEARDOWN: ${{ github.event.inputs.skip_teardown || 'false' }} | |
| E2E_VM_SIZE: ${{ github.event.inputs.vm_size || 'Standard_D4s_v5' }} | |
| E2E_AUTHENTICATION_TYPE: ${{ github.event.inputs.authentication_type || 'VMPASSWORD' }} | |
| # Timeouts | |
| E2E_DEPLOY_TIMEOUT: "900" | |
| E2E_TEST_TIMEOUT: "7200" | |
| E2E_HEALTH_RETRIES: "30" | |
| E2E_HEALTH_RETRY_DELAY: "20" | |
| E2E_REPORT_DIR: "e2e/reports" | |
| jobs: | |
| e2e-validation: | |
| name: "E2E Validation" | |
| runs-on: [self-hosted, e2e-runner] | |
| environment: "e2e" | |
| timeout-minutes: 180 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.inputs.github_ref || github.ref }} | |
| - name: Set up Python 3.12 | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: "3.12" | |
| - name: Install E2E test dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r e2e/requirements.txt | |
| # sshpass is needed for password-based SSH | |
| sudo apt-get update -y && sudo apt-get install -y sshpass | |
| - name: Ensure Azure CLI is installed | |
| run: | | |
| if ! command -v az &>/dev/null; then | |
| echo "Azure CLI not found — installing..." | |
| curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash | |
| fi | |
| az version --output table | |
| - name: Azure Login (OIDC) | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.E2E_AZURE_SUBSCRIPTION_ID }} | |
| - name: Load secrets from Key Vault | |
| run: | | |
| echo "Loading secrets from Key Vault: $E2E_KEY_VAULT_NAME" | |
| for secret_name in $(az keyvault secret list \ | |
| --vault-name "$E2E_KEY_VAULT_NAME" \ | |
| --query "[].name" -o tsv); do | |
| env_name=$(echo "$secret_name" | tr '-' '_' | tr '[:lower:]' '[:upper:]') | |
| value=$(az keyvault secret show \ | |
| --vault-name "$E2E_KEY_VAULT_NAME" \ | |
| --name "$secret_name" \ | |
| --query "value" -o tsv) | |
| echo "::add-mask::$value" | |
| echo "${env_name}=${value}" >> "$GITHUB_ENV" | |
| echo " Loaded: $secret_name -> $env_name" | |
| done | |
| - name: Run E2E validation suite | |
| run: | | |
| echo "=== E2E Release Validation ===" | |
| echo "Ref: $E2E_GITHUB_REF" | |
| echo "Distros: $E2E_DISTROS" | |
| echo "Workspaces: ${E2E_WORKSPACE_CONFIGS:-all}" | |
| echo "Groups: ${E2E_TEST_GROUPS:-all}" | |
| echo "Modes: $E2E_EXECUTION_MODES" | |
| echo "Auth: $E2E_AUTHENTICATION_TYPE" | |
| echo "Dry run: $E2E_DRY_RUN" | |
| echo "===============================" | |
| python -m pytest e2e/tests/ \ | |
| --tb=short \ | |
| --no-header \ | |
| -v \ | |
| --timeout=7200 \ | |
| --junitxml=e2e/reports/e2e-results.xml \ | |
| -o log_cli=true \ | |
| -o log_cli_level=INFO \ | |
| 2>&1 | tee e2e/reports/e2e-output.log | |
| - name: Upload E2E reports | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: e2e-reports-${{ github.run_id }} | |
| path: | | |
| e2e/reports/*.html | |
| e2e/reports/*.xml | |
| e2e/reports/*.log | |
| retention-days: 30 | |
| - name: Publish test results | |
| if: always() | |
| uses: EnricoMi/publish-unit-test-result-action@v2 | |
| with: | |
| files: e2e/reports/e2e-results.xml | |
| check_name: "E2E Test Results" | |
| comment_mode: "off" | |
| # Safety net: even if pytest teardown fails, clean up | |
| - name: Teardown Azure resources (safety net) | |
| if: always() && env.E2E_SKIP_TEARDOWN != 'true' | |
| run: | | |
| echo "Safety-net teardown of $E2E_AZURE_RESOURCE_GROUP" | |
| az group delete \ | |
| --name "$E2E_AZURE_RESOURCE_GROUP" \ | |
| --yes --no-wait || true | |
| continue-on-error: true | |
| # ================================================================ | |
| # Job 2: Summary notification | |
| # ================================================================ | |
| notify: | |
| name: "Notify" | |
| needs: e2e-validation | |
| runs-on: ubuntu-latest | |
| if: always() | |
| steps: | |
| - name: Check result | |
| run: | | |
| if [[ "${{ needs.e2e-validation.result }}" == "success" ]]; then | |
| echo "::notice::E2E validation PASSED for ref ${{ env.E2E_GITHUB_REF }}" | |
| else | |
| echo "::error::E2E validation FAILED for ref ${{ env.E2E_GITHUB_REF }}" | |
| fi |