Skip to content

ci: Add options to run VLAB/HLAB tests on manual dispatch #936

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 24, 2025
Merged

ci: Add options to run VLAB/HLAB tests on manual dispatch #936

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
1b16d22
ci: Add options to run VLAB/HLAB tests on manual dispatch
qmonnet Oct 24, 2025
becb0f8
docs(ci): Add GitHub workflows README documentation
qmonnet Oct 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
162 changes: 162 additions & 0 deletions .github/workflows/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,162 @@
# GitHub Workflows

This document provides an overview of the CI/CD workflows used in this
repository. These workflows help maintain code quality, automate dependency
management, and validate changes before they are merged.

## Table of Contents

- [Main Development Workflow](#main-development-workflow-devyml)
- [Linting and Validation Workflows](#linting-and-validation-workflows)
- [Dependency Management](#dependency-management)
- [License and Security Scanning](#license-and-security-scanning)
- [Merge Control](#merge-control)

---

## Main Development Workflow (`dev.yml`)

### Purpose

Primary CI workflow that ensures developer experience is good by building and
testing the codebase in a vanilla Ubuntu environment using standard tooling.

The workflow runs several jobs. Some of them only run if users opt in, such as
the VLAB/HLAB tests. See the lists of dispatch options and Pull Requests labels
below for details.

### Triggers

- Pull Requests
- Pushes to `main` branch
- Merge group checks
- Manual dispatch (workflow\_dispatch)

### Main steps

1. Check code changes to determine which tests are required
2. Build and test across multiple profiles and environments:
- Profiles: `debug`, `release`, `fuzz`
- Build modes: sterile (clean environment) and developer (local-like
environment)
3. Run cargo deny checks for license and security issues
4. Push container images (for sterile release/debug builds)
5. Execute tests:
- Regular tests using `cargo nextest`
- Shuttle tests (concurrent execution testing)
- Fuzz tests with coverage
6. Run `cargo clippy` for linting
7. Generate documentation with `rustdoc`
8. Upload test results and coverage to Codecov
9. Publish test reports with flaky test detection
10. Run VLAB/HLAB integration tests (virtual/hybrid lab environments)

### Manual dispatch options

- `debug_enabled` - Enable tmate session for debugging on failure
- `debug_justfile` - Show debug statements from just recipes
- `run_vlab_tests` - Run VLAB (virtual lab) tests
- `run_hlab_tests` - Run HLAB (hybrid lab) tests
- `enable_release_tests` - Enable release tests for VLAB/HLAB

### Pull Request label options

- `ci:+vlab` - Run VLAB tests on this PR
- `ci:+hlab` - Run HLAB tests on this PR
- `ci:+release` - Enable release tests for VLAB/HLAB on this PR

### Job matrix

- Profiles: debug, release, fuzz
- Build modes: sterile and developer environments
- VLAB configurations: spine-leaf fabric mode, with/without gateway,
L2VNI/L3VNI VPC modes

### Artifacts

- Test results (JUnit XML)
- Coverage reports (Codecov JSON)
- Container images pushed to GitHub Container Registry

---

## Linting and Validation Workflows for Pull Requests

### Rust Code Formatting (`lint-cargo-fmt.yml`)

Ensure Rust code is consistently formatted using `rustfmt`.

### License Headers Check (`lint-license-headers.yml`)

Verify that all source files have SPDX license headers and copyright notices.

### Commit Message Validation (`lint-commitlint.yml`)

Ensure commit messages follow the [Conventional Commits] specification.

[Conventional Commits]: https://www.conventionalcommits.org/

Accepted commit title prefixes:

- `build`, `bump`, `chore`, `ci`, `docs`, `feat`, `fix`, `perf`, `refactor`,
`revert`, `style`, `test`

### Dependabot Configuration Validation (`lint-validate-dependabot.yml`)

Validate the Dependabot configuration file for correctness.

Triggers for Pull Requests that modify `.github/dependabot.yml` or the
associated workflow file.

---

## Dependency Management

### Automated Dependency Updates (`bump.yml`)

#### Purpose

Automatically check for and update Cargo dependencies, creating a Pull Request
with the changes. Each package is upgraded in a separate commit to ease review.

#### Triggers

- Weekly schedule: Mondays at 3:18 AM UTC
- Manual dispatch (workflow\_dispatch)

#### Manual dispatch options

- `debug_enabled` - Enable tmate session for debugging on failure

#### Main steps

1. Install required tools (`just`, `cargo-edit`, `cargo-deny`)
2. Set up build environment
3. Run `cargo deny check` (pre-upgrade, continue on error)
4. Run `cargo update` to update within version constraints
5. Run `cargo upgrade` to find and apply upgrades (including incompatible versions)
6. Create individual commits for each package upgrade
7. Run `cargo deny check` again (post-upgrade, must pass)
8. Create a Pull Request with all upgrade commits

---

## License and Security Scanning

### FOSSA Scan (`fossa.yml`)

Perform license compliance and security vulnerability scanning using FOSSA.
Reports are available on the [FOSSA Dashboard].

[FOSSA Dashboard]: https://app.fossa.com/projects/custom%252B43661%252Fgithub.202132.xyz%252Fgithedgehog%252Fdataplane/

---

## Merge Control

### Mergeability Check (`mergeability.yml`)

Block Pull Request merges based if the `dont-merge` label is set.

Runs and checks for the presence of the label on various Pull Request events:
`synchronize`, `opened`, `reopened`, `labeled`, `unlabeled`.
19 changes: 17 additions & 2 deletions .github/workflows/dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,21 @@ on:
description: "enable to see debug statements from just recipes"
required: false
default: false
run_vlab_tests:
type: "boolean"
description: "Run VLAB tests"
required: false
default: false
run_hlab_tests:
type: "boolean"
description: "Run hybrid HLAB tests"
required: false
default: false
enable_release_tests:
type: "boolean"
description: "Enable release tests for VLAB/HLAB tests"
required: false
default: false

concurrency:
group: "${{ github.workflow }}:${{ github.event.pull_request.number || github.event.after || github.event.merge_group && github.run_id }}"
Expand Down Expand Up @@ -306,15 +321,15 @@ jobs:

uses: githedgehog/fabricator/.github/workflows/run-vlab.yaml@master
with:
skip: ${{ matrix.hybrid && !contains(github.event.pull_request.labels.*.name, 'ci:+hlab') || !matrix.hybrid && !contains(github.event.pull_request.labels.*.name, 'ci:+vlab') }}
skip: ${{ matrix.hybrid && !(inputs.run_hlab_tests == true || contains(github.event.pull_request.labels.*.name, 'ci:+hlab')) || !matrix.hybrid && !(inputs.run_vlab_tests == true || contains(github.event.pull_request.labels.*.name, 'ci:+vlab')) }}
fabricatorref: master
prebuild: "just bump dataplane HEAD.x86_64-unknown-linux-gnu.debug.${{ github.sha }}"
fabricmode: ${{ matrix.fabricmode }}
gateway: ${{ matrix.gateway }}
includeonie: ${{ matrix.includeonie }}
buildmode: ${{ matrix.buildmode }}
vpcmode: ${{ matrix.vpcmode }}
releasetest: ${{ contains(github.event.pull_request.labels.*.name, 'ci:+release') }}
releasetest: ${{ inputs.run_release_tests == true || contains(github.event.pull_request.labels.*.name, 'ci:+release') }}
hybrid: ${{ matrix.hybrid }}

strategy:
Expand Down
Loading