[Mysticeti Fast path] adding workflows for nightly simtest run and tests/simtests run with fasth path enabled #22433
Conversation
…th Mysticeti fast path enabled.
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎ |
akichidis
temporarily deployed
to
sui-typescript-aws-kms-test-env
GitHub Actions
Inactive
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| runs-on: [ ubuntu-latest ] | ||
| outputs: | ||
| isRust: ${{ steps.diff.outputs.isRust }} | ||
| isMove: ${{ steps.diff.outputs.isMove }} | ||
| steps: | ||
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # Pin v4.1.1 | ||
| with: | ||
| ref: ${{ github.event.inputs.sui_repo_ref || github.ref }} | ||
| - name: Detect Changes | ||
| uses: './.github/actions/diffs' | ||
| id: diff | ||
|
|
||
| test: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 2 days ago
To fix the issue, we will add a permissions block at the root of the workflow file. This block will define the least privileges required for the workflow to function. Based on the provided workflow, it primarily involves checking out the repository, detecting changes, and running tests. The minimal permissions required are likely contents: read. If any job requires additional permissions (e.g., pull-requests: write), they can be defined at the job level.
| @@ -2,2 +2,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
| needs: diff | ||
| if: needs.diff.outputs.isRust == 'true' | ||
| timeout-minutes: 45 | ||
| env: | ||
| # Tests written with #[sim_test] are often flaky if run as #[tokio::test] - this var | ||
| # causes #[sim_test] to only run under the deterministic `simtest` job, and not the | ||
| # non-deterministic `test` job. | ||
| SUI_SKIP_SIMTESTS: 1 | ||
| runs-on: ${{ matrix.os }} | ||
| strategy: | ||
| matrix: | ||
| os: | ||
| - [ ubuntu-ghcloud ] | ||
| fail-fast: false | ||
| steps: | ||
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # Pin v4.1.1 | ||
| with: | ||
| ref: ${{ github.event.inputs.sui_repo_ref || github.ref }} | ||
| - uses: taiki-e/install-action@nextest | ||
| - uses: taiki-e/install-action@protoc | ||
| - name: Add postgres to PATH | ||
| run: echo "/usr/lib/postgresql/14/bin" >> $GITHUB_PATH | ||
| - name: Set Swap Space | ||
| uses: pierotofy/set-swap-space@master | ||
| with: | ||
| swap-size-gb: 256 | ||
| - name: cargo test | ||
| run: | | ||
| cargo nextest run --profile ci -E '!package(sui-bridge) and !package(sui-bridge-indexer)' | ||
| # Ensure there are no uncommitted changes in the repo after running tests | ||
| - run: scripts/changed-files.sh | ||
| shell: bash | ||
|
|
||
| test-extra: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 2 days ago
To fix the issue, we will add a permissions block to the root of the workflow file. This block will define the minimal permissions required for the workflow to function correctly. Based on the provided workflow, it appears that the workflow primarily reads repository contents and does not require write access. Therefore, we will set contents: read at the root level. If specific jobs require additional permissions, we can override the root-level permissions within those jobs.
| @@ -2,2 +2,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
| needs: diff | ||
| if: needs.diff.outputs.isRust == 'true' | ||
| timeout-minutes: 45 | ||
| env: | ||
| # Tests written with #[sim_test] are often flaky if run as #[tokio::test] - this var | ||
| # causes #[sim_test] to only run under the deterministic `simtest` job, and not the | ||
| # non-deterministic `test` job. | ||
| SUI_SKIP_SIMTESTS: 1 | ||
| runs-on: ${{ matrix.os }} | ||
| strategy: | ||
| matrix: | ||
| os: | ||
| - [ ubuntu-ghcloud ] | ||
| fail-fast: false | ||
| steps: | ||
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # Pin v4.1.1 | ||
| with: | ||
| ref: ${{ github.event.inputs.sui_repo_ref || github.ref }} | ||
| - uses: taiki-e/install-action@nextest | ||
| - uses: taiki-e/install-action@protoc | ||
| - name: Add postgres to PATH | ||
| run: echo "/usr/lib/postgresql/14/bin" >> $GITHUB_PATH | ||
| - name: Set Swap Space | ||
| uses: pierotofy/set-swap-space@master | ||
| with: | ||
| swap-size-gb: 256 | ||
| - name: cargo test (sui-graphql staging) | ||
| run: | | ||
| cargo nextest run --profile ci --features staging -E 'package(sui-graphql-rpc)' -E 'package(sui-graphql-e2e-tests)' -E 'package(sui-indexer-alt-graphql)' | ||
| - name: benchmark (smoke) | ||
| run: | | ||
| cargo run --package sui-benchmark --bin stress -- --log-path /tmp/stress.log --num-client-threads 10 --num-server-threads 24 --num-transfer-accounts 2 bench --target-qps 100 --num-workers 10 --transfer-object 50 --shared-counter 50 --run-duration 10s --stress-stat-collection | ||
| - name: doctests | ||
| run: | | ||
| cargo test --doc | ||
| - name: rustdoc | ||
| run: | | ||
| cargo doc --workspace --no-deps | ||
| - name: Install cargo-hakari, and cache the binary | ||
| uses: baptiste0928/cargo-install@1cd874a5478fdca35d868ccc74640c5aabbb8f1b # [email protected] | ||
| with: | ||
| crate: cargo-hakari | ||
| locked: true | ||
| - name: Install rustfmt | ||
| run: rustup component add rustfmt | ||
| - name: sui-execution | ||
| run: | | ||
| ./scripts/execution_layer.py generate-lib | ||
| - name: Install diesel CLI | ||
| uses: baptiste0928/cargo-install@v3 | ||
| with: | ||
| crate: diesel_cli | ||
| version: '=2.2.6' | ||
| locked: true | ||
| args: --no-default-features | ||
| features: postgres | ||
| - name: Indexer schema | ||
| run: | | ||
| ./scripts/generate_indexer_schema.sh | ||
| - name: Indexer Alt schema | ||
| run: | | ||
| ./crates/sui-indexer-alt-schema/generate_schema.sh | ||
| - name: Indexer Alt Framework schema | ||
| run: | | ||
| ./crates/sui-pg-db/generate_schema.sh | ||
| cargo fmt -- crates/sui-pg-db/src/schema.rs | ||
| # Ensure there are no uncommitted changes in the repo after running tests | ||
| - run: scripts/changed-files.sh | ||
| shell: bash | ||
|
|
||
| simtest: |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 2 days ago
To fix the issue, we will add an explicit permissions block to the root of the workflow. This block will define the minimal permissions required for the workflow to function correctly. Based on the provided workflow, it appears that the jobs primarily involve reading repository contents and running tests. Therefore, we will set contents: read as the minimal permission. If any job requires additional permissions (e.g., pull-requests: write), they can be added to the specific job's permissions block.
| @@ -2,2 +2,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
| needs: diff | ||
| if: needs.diff.outputs.isRust == 'true' || needs.diff.outputs.isSolidity == 'true' | ||
| timeout-minutes: 45 | ||
| runs-on: [ ubuntu-ghcloud ] | ||
| env: | ||
| MSIM_WATCHDOG_TIMEOUT_MS: 60000 | ||
| steps: | ||
| - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # Pin v4.1.1 | ||
| with: | ||
| ref: ${{ github.event.inputs.sui_repo_ref || github.ref }} | ||
| - uses: taiki-e/install-action@nextest | ||
| - uses: taiki-e/install-action@protoc | ||
| - name: Add postgres to PATH | ||
| run: echo "/usr/lib/postgresql/14/bin" >> $GITHUB_PATH | ||
| - name: Set Swap Space | ||
| uses: pierotofy/set-swap-space@master | ||
| with: | ||
| swap-size-gb: 256 | ||
| - name: cargo simtest | ||
| run: | | ||
| MSIM_TEST_SEED="$(printf "%lu\n" 0x$(git rev-parse HEAD | cut -c1-16))" scripts/simtest/cargo-simtest simtest --no-fail-fast | ||
| - name: check new tests for flakiness | ||
| run: | | ||
| scripts/simtest/stress-new-tests.sh |
Check warning
Code scanning / CodeQL
Workflow does not contain permissions Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 2 days ago
To fix the issue, we need to add a permissions block to the workflow or specific jobs to explicitly define the least privileges required. Since the workflow involves checking out code and running tests, the contents: read permission is sufficient for most jobs. For jobs that might require write access (e.g., updating pull requests), additional permissions can be specified.
The fix involves:
- Adding a
permissionsblock at the root level of the workflow to apply to all jobs. - If specific jobs require additional permissions, overriding the root-level permissions with job-specific
permissionsblocks.
| @@ -2,2 +2,5 @@ | ||
|
|
||
| permissions: | ||
| contents: read | ||
|
|
||
| on: |
Description
Adding:
Test plan
How did you test the new or updated feature?
Release notes
Check each box that your changes affect. If none of the boxes relate to your changes, release notes aren't required.
For each box you select, include information after the relevant heading that describes the impact of your changes that a user might notice and any actions they must take to implement updates.