Migrate CI workflow from CircleCI #919
Conversation
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
6530f40 to
8214d01
Compare
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
8214d01 to
c3d3685
Compare
|
Info: is there a particular reason we should move out of Circle? |
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
c3d3685 to
2a08e71
Compare
There's been a general trend to simplify Codidact's operations and reduce dependencies on external services/credentials, which add additional complexity and are used for only a limited purpose. In early Jan, CircleCI had a security incident impacting GitHub tokens: https://circleci.com/blog/jan-4-2023-incident-report/ In light of the above information, I think it may be prudent to either move out of CircleCI or at least give sufficient consideration to that course of action. |
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
2a08e71 to
b9a01f8
Compare
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
b9a01f8 to
f525636
Compare
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
f525636 to
3c92d4f
Compare
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
3c92d4f to
539675b
Compare
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
539675b to
694559e
Compare
|
This has diverged from the Circle workflow now - we also have system tests, and both tests and system tests are run against ruby 2.7 and 3.1. |
|
@ArtOfCode- I think it may still be valuable to switch over to GitHub actions. Updating this PR to match should not be too difficult as it contains sort of the same information (and still uses CircleCI's docker images). |
sau226
force-pushed
the
convert-codidact-qpixel-to-actions-20221213-061700
branch
from
694559e to
b906e1e
Compare
|
I'm closing this one at the moment. We don't seem to have had any major reasons to move away from Circle in the last year. This would also need review for correctness against current process. |
|
Permission to reopen, @ArtOfCode- under my responsibility? We've recently had trouble where no one with access has been available to simply rerun a jobs on CircleCI, our system tests there are also flaky, which contributes to the previous problem significantly. Additionally, it's a third-party dependency that is not mission-critical (speaking from experience that CI done via GH Actions fully covers our use-case, is at least second-party, and will allow us to setup up our own runners going forward). Prior art as to why CircleCI is problematic:
|
|
@Oaphi no objection |
Much obliged! |
Oaphi
added
area: testing
|
@sau226 apologies in advance for converting the PR to draft for now - need to look through it, possibly bring it up to date and devise a path forward if everything checks out given that this is a breaking change to the CI pipeline. |
This PR uses a modified output from the GitHub Actions Importer to migrate all workflows from CircleCI to GitHub Actions itself.
By using GitHub Actions, we can ensure that CI can be managed adjacent to code without needing to depend on a third party service (CircleCI), and integrates it natively into GitHub (on PRs etc).
You'll need to create 3 actions secrets to make this config work. These secrets are stored as
MASTER_KEY,COVERALLS_REPO_TOKENandDEV_SSH_KEYin CircleCI env vars. Add the actions secrets with same name and value as the CircleCI env vars.As this is a test of the migration tool, the migrated workflow will still be using CircleCI docker images, at least for now. We can migrate to alternatives once we feel comfortable with having integrated actions in GitHub.