Enable parallel CI execution with cluster isolation and local testing support #81
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Infrastructure Verification | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| types: [opened, synchronize, reopened] | |
| # Allow parallel execution with unique cluster names per run | |
| # Each job gets isolated VMs, networks, and resources | |
| concurrency: | |
| group: enclave-ci-${{ github.run_id }} | |
| cancel-in-progress: false | |
| jobs: | |
| infra-verify: | |
| name: Infrastructure Verification | |
| runs-on: [self-hosted, enclave-small] | |
| timeout-minutes: 120 | |
| env: | |
| DEV_SCRIPTS_PATH: ${{ vars.DEV_SCRIPTS_PATH }} | |
| BASE_WORKING_DIR: ${{ vars.BASE_WORKING_DIR }} | |
| PULL_SECRET: ${{ secrets.PULL_SECRET }} | |
| # Bypass CI_TOKEN requirement (we only use dev-scripts for infra, not cluster install) | |
| OPENSHIFT_CI: "true" | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Generate unique cluster name | |
| uses: ./.github/actions/setup-cluster-name | |
| with: | |
| naming-strategy: hash | |
| prefix: eci | |
| run-id: ${{ github.run_id }} | |
| - name: Setup cluster-specific working directory | |
| run: | | |
| CLUSTER_WORKING_DIR="${BASE_WORKING_DIR}/clusters/${ENCLAVE_CLUSTER_NAME}" | |
| echo "Creating cluster-specific working directory: $CLUSTER_WORKING_DIR" | |
| mkdir -p "$CLUSTER_WORKING_DIR" | |
| echo "WORKING_DIR=$CLUSTER_WORKING_DIR" >> $GITHUB_ENV | |
| echo "Cluster working directory: $CLUSTER_WORKING_DIR" | |
| # Create directory for step logs | |
| mkdir -p step-logs | |
| echo "STEP_LOGS_DIR=$PWD/step-logs" >> $GITHUB_ENV | |
| - name: Workflow information | |
| env: | |
| PR_TITLE: ${{ github.event.pull_request.title }} | |
| run: | | |
| echo "## Workflow Information" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "- **Trigger**: ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY | |
| echo "- **Cleanup Strategy**: $CLEANUP_STRATEGY" >> $GITHUB_STEP_SUMMARY | |
| if [ "${{ github.event_name }}" = "pull_request" ]; then | |
| echo "- **PR Number**: #${{ github.event.pull_request.number }}" >> $GITHUB_STEP_SUMMARY | |
| echo "- **PR Title**: $PR_TITLE" >> $GITHUB_STEP_SUMMARY | |
| fi | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| - name: Pre-flight checks | |
| uses: ./.github/actions/preflight-checks | |
| with: | |
| title: Infrastructure Verification Pre-flight Checks | |
| check-system-resources: 'true' | |
| check-libvirt: 'true' | |
| - name: Allocate unique subnet for cluster | |
| id: allocate_subnet | |
| uses: ./.github/actions/allocate-subnet | |
| - name: Save allocation log | |
| if: always() && steps.allocate_subnet.outcome != 'skipped' | |
| run: | | |
| echo "Subnet allocation completed with status: ${{ steps.allocate_subnet.outcome }}" > step-logs/01-allocate-subnet.log | |
| - name: Setup infrastructure | |
| id: setup_infra | |
| uses: ./.github/actions/setup-infrastructure | |
| with: | |
| skip-install-enclave: 'true' | |
| - name: Save infrastructure log | |
| if: always() && steps.setup_infra.outcome != 'skipped' | |
| run: | | |
| echo "Infrastructure setup completed with status: ${{ steps.setup_infra.outcome }}" > step-logs/02-setup-infrastructure.log | |
| - name: Install Enclave Lab (Connected Mode) | |
| id: install_enclave | |
| run: | | |
| echo "## Installing Enclave Lab" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "Running in connected mode for faster testing..." >> $GITHUB_STEP_SUMMARY | |
| ENCLAVE_DEPLOYMENT_MODE=connected make install-enclave 2>&1 | tee step-logs/03-install-enclave.log | |
| - name: Collect step logs | |
| if: always() | |
| run: | | |
| echo "Collecting additional logs..." | |
| # Collect dev-scripts logs if they exist | |
| if [ -d "${DEV_SCRIPTS_PATH}/logs" ]; then | |
| mkdir -p step-logs/dev-scripts | |
| cp -r "${DEV_SCRIPTS_PATH}/logs"/* step-logs/dev-scripts/ || true | |
| fi | |
| # Collect cluster-specific logs if they exist | |
| if [ -d "${WORKING_DIR}/logs" ]; then | |
| mkdir -p step-logs/cluster-logs | |
| cp -r "${WORKING_DIR}/logs"/* step-logs/cluster-logs/ || true | |
| fi | |
| # List what we collected | |
| echo "Step logs collected:" | |
| ls -lah step-logs/ || echo "No step logs directory" | |
| - name: Collect artifacts | |
| if: always() | |
| uses: ./.github/actions/collect-artifacts | |
| with: | |
| artifact-type: infra | |
| output-directory: ci-artifacts | |
| - name: Upload artifacts | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: infra-verify-artifacts | |
| path: | | |
| ci-artifacts/ | |
| step-logs/ | |
| retention-days: 7 | |
| - name: Cleanup infrastructure | |
| if: always() | |
| run: | | |
| echo "## Cleanup Infrastructure" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| make clean || true | |
| echo "✅ Cleanup complete" >> $GITHUB_STEP_SUMMARY | |
| - name: Workflow summary | |
| if: always() | |
| run: | | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "---" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "## Workflow Summary" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "- **Trigger**: ${{ github.event_name }}" >> $GITHUB_STEP_SUMMARY | |
| echo "- **Result**: ${{ job.status }}" >> $GITHUB_STEP_SUMMARY |