SERVER-216

[cinterloper]

Built packages with links to JFrog are available in the Actions tab above

Integration tests are here.

Test cases download the current build from JFrog and install it in a fresh container, then execute it with the --help argument

You need a JFrog username and token to execute the test cases, an example is in the README.sh

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.15%. Comparing base (490f5cd) to head (0dcc615).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #76   +/-   ##
=======================================
  Coverage   76.15%   76.15%           
=======================================
  Files          13       13           
  Lines        1086     1086           
=======================================
  Hits          827      827           
  Misses        190      190           
  Partials       69       69           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[pvinh-spike]

Should it be "install_deps_amzn2023"

[cinterloper]

Fixed

[arrowplum]

In general looks good but some of these items should be addressed (some are nits). Also it could use yamlint and shellchk (plus formatting). Trunk is a good tool for this if you haven't used it. I added the baseline trunk config as a PR in case you want to take it but have commented out the commit rules until you are adopting those.

[arrowplum]

Do we want to run the build only on merge to main? Wouldn't we need to do something on PR also (either just build or build and test)

in either case should remove the branches

Suggested change

	branches: [ main, SERVER-216, SERVER-434 ]
	branches: [ main ]

[cinterloper]

Since this is the packaging CI workflow, I imagine we want to only build and push artifacts for the builds that are ready to go to QE.
So either merge to main, or tag creation.

The projects testing workflow is separate

[cinterloper]

I changed it build on this branch, and on tag creation.

Lets talk about this with QE, anyway removing the SERVER-216 should be the last commit here before we merge

[arrowplum]

There is no need to && these together they can just be an inline shell script.

[cinterloper]

This would not continue if one of the commands failed, but set -e would do the same thing

[arrowplum]

Set -e runs by default (it is the default when shell part of a github action so the script mimics that behaviour

[arrowplum]

What is the triple quote convention?

[cinterloper]

Not a real convention.

[arrowplum]

Should remove these commented out lines

[arrowplum]

Also I see it is not using the bundle workflow. A bundle will have to be created in order to release or promote the artifacts. https://github.com/aerospike/shared-workflows/blob/main/.github/workflows/reusable_create-release-bundle.yaml

[arrowplum]

Set -e runs by default (it is the default when shell part of a github action so the script mimics that behaviour

[arrowplum]

You can't test merges to main but shouldn't this run for PRs not just for testing but so PR commits get tested?

[arrowplum]

Looks good

[arrowplum]

I approved but I think the trigger is still something wrong (should be able to trigger on a pull request)

[arrowplum]

I approved but I think the trigger is still something wrong (should be able to trigger on a pull request)

checking to see if it is the fault of the pinned commit

[arrowplum]

Found the culprit. A fix there would be a one liner but investigating I started with upgrading to 2.0.1 (i hadn't noticed the ref issue yet). It is fairly straightforward to upgrade so added a pr for both (into this branch) #80

[arrowplum]

If nothing changes we shouldn't produce a new build every day should we? Also I think you don't want to get rid of builds on PR (even if it doesn't do the deploy or bundle step)

[cinterloper]

Please see @kportertx's comment here
https://aerospike.atlassian.net/browse/SERVER-216?focusedCommentId=169529

If we cant do this I think we will need to update to an alternate deploy target and self-hosted runners, but I dont think that is in the scope of this release

[kportertx]

Discussed with @arrowplum, will need to write up something. @arrowplum suggested (which you'd also suggested something similar) to build and test all commits but to only upload to jfrog commits to PRs. To keep the rules simple across projects, don't worry with "PRs that target main" since different projects have various branches used for release processes. The assumption is that a very small subset of PRs don't target a release branch.

Will also update the PRD with this info.

[cinterloper]

@kportertx OK so to clarify, we would like to rpm and dev packages on:

• branch prs:
  • dev/*
  • hotfix/*
• tags

Delivering these builds to QE I assumed will go through the packaging system - although if we want to keep the old system as well thats a possibility.
If we need to deliver packaged builds to QE on every commit we will need another place to store them (flat file bucket comes to mind)

[cinterloper]

Moving common/ code to https://github.com/aerospike/server-packaging-common/

[pvinh-spike]

Should be:
BUILD_DISTRO ?= $(shell $(PKG_DIR)/../.github/packaging/common/os_version.sh)

[cinterloper]

these should be resolved now

[pvinh-spike]

There is no asconfig target in top Makefile so the following need to be changed:
.PHONY: all
all: $(ACONFIG_BIN) deb rpm tar

.PHONY: deb
deb: $(ACONFIG_BIN)
$(MAKE) -C $(ROOT_DIR)/pkg/ $@

.PHONY: rpm
rpm: $(ACONFIG_BIN)
$(MAKE) -C $(ROOT_DIR)/pkg/ $@

.PHONY: tar
tar: $(ACONFIG_BIN)
$(MAKE) -C $(ROOT_DIR)/pkg/ $@

[pvinh-spike]

It would be helpful to have usages/descriptions in scripts. It will make maintenance them easier.

[pvinh-spike]

LGTM assuming warning from github-advanced-security[bot] reviewed and determined no changes needed.

[dwelch-spike]

We talked about this in the walkthrough but noting it for later. re-enable this when possible.

[dwelch-spike]

LGTM left a comment as a reminder of something that came up in the walkthrough but this looks good as is to me 👍

[kportertx]

Is this for debugging? Do we know it this may dump secrets to the log?

[kportertx]

@arrowplum

[cinterloper]

@kportertx I think the secrets are redacted by value in the logs

[cinterloper]

but it is for debugging