chore(testinfra): initial ami test

.github/workflows/testinfra.yml

@@ -5,7 +5,7 @@ on:
   workflow_dispatch:
 
 jobs:
-  build:
+  test-all-in-one:
     strategy:
       matrix:
         include:
@@ -25,5 +25,110 @@ jobs:
 
       - name: Run aio integration tests
         run: |
-          pip3 install docker pytest pytest-testinfra
+          # TODO: use poetry for pkg mgmt
+          pip3 install boto3 boto3-stubs[essential] docker ec2instanceconnectcli pytest pytest-testinfra[paramiko,docker] requests
           pytest -vv testinfra/test_all_in_one.py
+
+  test-ami:
+    strategy:
+      matrix:
+        include:
+          - runner: arm-runner
+            arch: arm64
+            ubuntu_release: focal
+            ubuntu_version: 20.04
+            mcpu: neoverse-n1
+    runs-on: ${{ matrix.runner }}
+    timeout-minutes: 150
+    permissions:
+      contents: write
+      packages: write
+      id-token: write
+
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v4
+
+      - id: args
+        uses: mikefarah/yq@master
+        with:
+          cmd: yq 'to_entries | map(select(.value|type == "!!str")) |  map(.key + "=" + .value) | join("\n")' 'ansible/vars.yml'
+
+      - run: docker context create builders
+
+      - uses: docker/setup-buildx-action@v3
+        with:
+          endpoint: builders
+
+      - uses: docker/build-push-action@v5
+        with:
+          load: true
+          build-args: |
+            ${{ steps.args.outputs.result }}
+          target: extensions
+          tags: supabase/postgres:extensions
+          platforms: linux/${{ matrix.arch }}
+          cache-from: |
+            type=gha,scope=${{ github.ref_name }}-extensions
+            type=gha,scope=${{ github.base_ref }}-extensions
+            type=gha,scope=develop-extensions
+          cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-extensions
+
+      - name: Extract built packages
+        run: |
+          mkdir -p /tmp/extensions ansible/files/extensions
+          docker save supabase/postgres:extensions | tar xv -C /tmp/extensions
+          for layer in /tmp/extensions/*/layer.tar; do
+            tar xvf "$layer" -C ansible/files/extensions --strip-components 1
+          done
+
+      - id: version
+        run: echo "${{ steps.args.outputs.result }}" | grep "postgresql" >> "$GITHUB_OUTPUT"
+
+      - name: Build Postgres deb
+        uses: docker/build-push-action@v5
+        with:
+          load: true
+          file: docker/Dockerfile
+          target: pg-deb
+          build-args: |
+            ubuntu_release=${{ matrix.ubuntu_release }}
+            ubuntu_release_no=${{ matrix.ubuntu_version }}
+            postgresql_major=${{ steps.version.outputs.postgresql_major }}
+            postgresql_release=${{ steps.version.outputs.postgresql_release }}
+            CPPFLAGS=-mcpu=${{ matrix.mcpu }}
+          tags: supabase/postgres:deb
+          platforms: linux/${{ matrix.arch }}
+          cache-from: |
+            type=gha,scope=${{ github.ref_name }}-deb
+            type=gha,scope=${{ github.base_ref }}-deb
+            type=gha,scope=develop-deb
+          cache-to: type=gha,mode=max,scope=${{ github.ref_name }}-deb
+
+      - name: Extract Postgres deb
+        run: |
+          mkdir -p /tmp/build ansible/files/postgres
+          docker save supabase/postgres:deb | tar xv -C /tmp/build
+          for layer in /tmp/build/*/layer.tar; do
+            tar xvf "$layer" -C ansible/files/postgres --strip-components 1
+          done
+
+      # Packer doesn't support skipping registering the AMI for the ebssurrogate
+      # builder, so we register an AMI with a fixed name and run tests on an
+      # instance launched from that
+      # https://github.com/hashicorp/packer/issues/4899
+      - name: Build AMI
+        run: |
+          GIT_SHA=${{github.sha}}
+          packer build -var "git-head-version=${GIT_SHA}" -var "packer-execution-id=${GITHUB_RUN_ID}" -var-file="development-arm.vars.pkr.hcl" -var-file="common.vars.pkr.hcl" -var "ansible_arguments=" -var "postgres-version=ci-ami-test" -var "region=ap-southeast-1" -var 'ami_regions=["ap-southeast-1"]' -var "force-deregister=true" amazon-arm64.pkr.hcl
+
+      - name: Run tests
+        run: |
+          # TODO: use poetry for pkg mgmt
+          pip3 install boto3 boto3-stubs[essential] docker ec2instanceconnectcli pytest pytest-testinfra[paramiko,docker] requests
+          pytest -vv testinfra/test_ami.py
+
+      - name: Cleanup resources on build cancellation
+        if: ${{ cancelled() }}
+        run: |
+          aws ec2 --region ap-southeast-1 describe-instances --filters "Name=tag:packerExecutionId,Values=${GITHUB_RUN_ID}" --query "Reservations[].Instances[].InstanceId" --output text | xargs -I {} aws ec2 terminate-instances --instance-ids {}

amazon-arm64.pkr.hcl

@@ -87,6 +87,11 @@ variable "packer-execution-id" {
   default = "unknown"
 }
 
+variable "force-deregister" {
+  type    = bool
+  default = false
+}
+
 # source block
 source "amazon-ebssurrogate" "source" {
   profile = "${var.profile}"
@@ -99,6 +104,7 @@ source "amazon-ebssurrogate" "source" {
   instance_type = "c6g.4xlarge"
   region       = "${var.region}"
   #secret_key   = "${var.aws_secret_key}"
+  force_deregister = var.force-deregister
 
   # Use latest official ubuntu focal ami owned by Canonical.
   source_ami_filter {

testinfra/README.md

@@ -2,14 +2,64 @@
 
 ## Prerequisites
 
+- Docker
+- Packer
+- yq
+- Python deps:
+
 ```sh
-pip3 install docker pytest pytest-testinfra requests
+pip3 install boto3 boto3-stubs[essential] docker ec2instanceconnectcli pytest pytest-testinfra[paramiko,docker] requests
 ```
 
 ## Running locally
 
 ```sh
+set -euo pipefail
 # cwd: repo root
 # docker must be running
-pytest -vv testinfra/*.py
+
+# build extensions & pg binaries
+docker buildx build \
+  $(yq 'to_entries | map(select(.value|type == "!!str")) |  map(" --build-arg " + .key + "=" + .value) | join("")' 'ansible/vars.yml') \
+  --target=extensions \
+  --tag=supabase/postgres:extensions \
+  --platform=linux/arm64 \
+  --load \
+  .
+mkdir -p /tmp/extensions ansible/files/extensions
+docker save supabase/postgres:extensions | tar xv -C /tmp/extensions
+for layer in /tmp/extensions/*/layer.tar; do
+  tar xvf "$layer" -C ansible/files/extensions --strip-components 1
+done
+docker buildx build \
+  --build-arg ubuntu_release=focal \
+  --build-arg ubuntu_release_no=20.04 \
+  --build-arg postgresql_major=15 \
+  --build-arg postgresql_release=15.1 \
+  --build-arg CPPFLAGS=-mcpu=neoverse-n1 \
+  --file=docker/Dockerfile \
+  --target=pg-deb \
+  --tag=supabase/postgres:deb \
+  --platform=linux/arm64 \
+  --load \
+  .
+mkdir -p /tmp/build ansible/files/postgres
+docker save supabase/postgres:deb | tar xv -C /tmp/build
+for layer in /tmp/build/*/layer.tar; do
+  tar xvf "$layer" -C ansible/files/postgres --strip-components 1
+done
+
+# build AMI
+AWS_PROFILE=supabase-dev packer build \
+  -var-file=development-arm.vars.pkr.hcl \
+  -var-file=common.vars.pkr.hcl \
+  -var "ansible_arguments=" \
+  -var "postgres-version=ci-ami-test" \
+  -var "region=ap-southeast-1" \
+  -var 'ami_regions=["ap-southeast-1"]' \
+  -var "force-deregister=true" \
+  amazon-arm64.pkr.hcl
+
+# run tests
+AWS_PROFILE=supabase-dev pytest -vv -s testinfra/test_*.py
 ```

testinfra/test_all_in_one.py

@@ -1,4 +1,5 @@
 from docker.models.containers import Container
+from os import path
 from time import sleep
 from typing import cast
 import docker
@@ -24,7 +25,7 @@
 # scope='session' uses the same container for all the tests;
 # scope='function' uses a new container per test function.
 @pytest.fixture(scope="session")
-def host(request):
+def host():
     # We build the image with the Docker CLI in path instead of using docker-py
     # (official Docker SDK for Python) because the latter doesn't use BuildKit,
     # so things like `ARG TARGETARCH` don't work:
@@ -36,11 +37,11 @@ def host(request):
             "buildx",
             "build",
             "--file",
-            "docker/all-in-one/Dockerfile",
+            path.join(path.dirname(__file__), "../docker/all-in-one/Dockerfile"),
             "--load",
             "--tag",
             all_in_one_image_tag,
-            ".",
+            path.join(path.dirname(__file__), ".."),
         ]
     )