[catpowder] Feature: Add port-based filtering to catpowder backend #4135
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copyright (c) Microsoft Corporation. | |
# Licensed under the MIT license. | |
name: Main Catpowder | |
concurrency: | |
group: catpowder | |
cancel-in-progress: false | |
on: | |
pull_request: | |
types: [opened, synchronize] | |
push: | |
branches: | |
- main | |
- unstable | |
- dev | |
env: | |
LIBOS: catpowder | |
SERVER: ${{ secrets.CATPOWDER_HOSTNAME_A }} | |
CLIENT: ${{ secrets.CATPOWDER_HOSTNAME_B }} | |
SERVER_ADDR: 10.3.1.20 | |
CLIENT_ADDR: 10.3.1.21 | |
jobs: | |
debug-pipeline: | |
name: Debug Pipeline | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup SSH | |
shell: bash | |
run: | | |
mkdir -p $HOME/.ssh/ | |
echo "${{ secrets.SSHKEY }}" > "$HOME/.ssh/id_rsa" | |
chmod 400 $HOME/.ssh/id_rsa | |
echo "Host *" > $HOME/.ssh/config | |
echo -e "\tStrictHostKeyChecking no" >> $HOME/.ssh/config | |
echo -e "\tIdentityFile $HOME/.ssh/id_rsa" >> $HOME/.ssh/config | |
echo -e "\tIdentitiesOnly yes" >> $HOME/.ssh/config | |
echo -e "\tPasswordAuthentication no" >> $HOME/.ssh/config | |
echo -e "\tUser ${{ secrets.USERNAME }}" >> $HOME/.ssh/config | |
echo -e "\tPort ${{ secrets.PORTNUM }}" >> $HOME/.ssh/config | |
- name: Bootstrap VMs | |
shell: bash | |
run: | | |
echo "Running iptables rule on SERVER" | |
ssh $SERVER "sudo iptables -C OUTPUT -p tcp -o eth1 --tcp-flags RST RST -j DROP || \ | |
sudo iptables -A OUTPUT -p tcp -o eth1 --tcp-flags RST RST -j DROP" | |
echo "Running ip addr flush on SERVER" | |
ssh $SERVER "sudo ip -br addr show dev eth1 | grep -q ' UP ' && \ | |
sudo ip addr flush dev eth1" | |
echo "Running iptables rule on CLIENT" | |
ssh $CLIENT "sudo iptables -C OUTPUT -p tcp -o eth1 --tcp-flags RST RST -j DROP || \ | |
sudo iptables -A OUTPUT -p tcp -o eth1 --tcp-flags RST RST -j DROP" | |
echo "Running ip addr flush on CLIENT" | |
ssh $CLIENT "sudo ip -br addr show dev eth1 | grep -q ' UP ' && \ | |
sudo ip addr flush dev eth1" | |
- name: Run | |
run: | | |
if [[ "${{ github.event_name }}" == "pull_request" ]]; then | |
branch_name="${{ github.head_ref }}" | |
else | |
branch_name="${{ github.ref_name }}" | |
fi | |
python3 tools/demikernel_ci.py \ | |
--platform linux \ | |
--server $SERVER \ | |
--client $CLIENT \ | |
--repository demikernel \ | |
--branch origin/$branch_name \ | |
--debug \ | |
--libos $LIBOS \ | |
--test-unit --test-integration --test-system all \ | |
--delay 2 \ | |
--server-addr $SERVER_ADDR \ | |
--client-addr $CLIENT_ADDR | |
- name: Archive Logs | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: debug-pipeline-logs | |
path: | | |
**/*.stdout.txt | |
**/*.stderr.txt | |
release-pipeline: | |
name: Release Pipeline | |
needs: debug-pipeline | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup SSH | |
shell: bash | |
run: | | |
mkdir -p $HOME/.ssh/ | |
echo "${{ secrets.SSHKEY }}" > "$HOME/.ssh/id_rsa" | |
chmod 400 $HOME/.ssh/id_rsa | |
echo "Host *" > $HOME/.ssh/config | |
echo -e "\tStrictHostKeyChecking no" >> $HOME/.ssh/config | |
echo -e "\tIdentityFile $HOME/.ssh/id_rsa" >> $HOME/.ssh/config | |
echo -e "\tIdentitiesOnly yes" >> $HOME/.ssh/config | |
echo -e "\tPasswordAuthentication no" >> $HOME/.ssh/config | |
echo -e "\tUser ${{ secrets.USERNAME }}" >> $HOME/.ssh/config | |
echo -e "\tPort ${{ secrets.PORTNUM }}" >> $HOME/.ssh/config | |
- name: Bootstrap VMs | |
shell: bash | |
run: | | |
echo "Running iptables rule on SERVER" | |
ssh $SERVER "sudo iptables -C OUTPUT -p tcp -o eth1 --tcp-flags RST RST -j DROP || \ | |
sudo iptables -A OUTPUT -p tcp -o eth1 --tcp-flags RST RST -j DROP" | |
echo "Running ip addr flush on SERVER" | |
ssh $SERVER "sudo ip -br addr show dev eth1 | grep -q ' UP ' && \ | |
sudo ip addr flush dev eth1" | |
echo "Running iptables rule on CLIENT" | |
ssh $CLIENT "sudo iptables -C OUTPUT -p tcp -o eth1 --tcp-flags RST RST -j DROP || \ | |
sudo iptables -A OUTPUT -p tcp -o eth1 --tcp-flags RST RST -j DROP" | |
echo "Running ip addr flush on CLIENT" | |
ssh $CLIENT "sudo ip -br addr show dev eth1 | grep -q ' UP ' && \ | |
sudo ip addr flush dev eth1" | |
- name: Run | |
run: | | |
if [[ "${{ github.event_name }}" == "pull_request" ]]; then | |
branch_name="${{ github.head_ref }}" | |
else | |
branch_name="${{ github.ref_name }}" | |
fi | |
python3 tools/demikernel_ci.py \ | |
--platform linux \ | |
--server $SERVER \ | |
--client $CLIENT \ | |
--repository demikernel \ | |
--branch origin/$branch_name \ | |
--libos $LIBOS \ | |
--test-unit --test-integration --test-system all \ | |
--delay 2 \ | |
--server-addr $SERVER_ADDR \ | |
--client-addr $CLIENT_ADDR | |
- name: Archive Logs | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: release-pipeline-logs | |
path: | | |
**/*.stdout.txt | |
**/*.stderr.txt | |
report-performance: | |
name: Report Performance | |
needs: release-pipeline | |
runs-on: ubuntu-latest | |
permissions: | |
actions: read | |
contents: read | |
deployments: read | |
packages: none | |
pull-requests: write | |
security-events: write | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Download Release Pipeline Logs | |
uses: actions/download-artifact@v4 | |
with: | |
name: release-pipeline-logs | |
path: ./release_pipeline_logs | |
- name: Setup FlameGraph Repository | |
run: | | |
git clone https://github.com/brendangregg/FlameGraph.git /tmp/FlameGraph | |
- name: Parse Statistics | |
id: parse-stats | |
run: | | |
if [[ "${{ github.event_name }}" == "pull_request" ]]; then | |
branch_name="${{ github.head_ref }}" | |
else | |
branch_name="${{ github.ref_name }}" | |
fi | |
pip install pandas tabulate | |
stats=$(python3 tools/perf.py \ | |
--branch origin/$branch_name \ | |
--libos $LIBOS \ | |
--log-dir ./release_pipeline_logs) | |
if [[ "${{ github.event_name }}" == "pull_request" ]]; then | |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) | |
echo "MESSAGE<<$EOF" >> $GITHUB_OUTPUT | |
echo "$stats" >> $GITHUB_OUTPUT | |
echo "$EOF" >> $GITHUB_OUTPUT | |
fi | |
- name: Archive Performance Data | |
uses: actions/upload-artifact@v4 | |
with: | |
name: performance-data | |
path: | | |
**/perf_data.csv | |
**/flamegraph.svg | |
- name: Report Statistics | |
if: github.event_name == 'pull_request' | |
uses: actions/github-script@v7 | |
with: | |
github-token: ${{secrets.GITHUB_TOKEN}} | |
script: | | |
const message = `${{ steps.parse-stats.outputs.MESSAGE }}` | |
github.rest.issues.createComment({ | |
issue_number: context.issue.number, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
body: message | |
}) |