docs/design-docs/continuous-integration.md

*6dbdd20aSAndroid Build Coastguard Worker# Perfetto CI design document
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThis CI is used on-top of (not in replacement of) AOSP's TreeHugger.
*6dbdd20aSAndroid Build Coastguard WorkerIt gives early testing signals and coverage on other OSes and older Android
*6dbdd20aSAndroid Build Coastguard Workerdevices not supported by TreeHugger.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerSee the [Testing](/docs/contributing/testing.md) page for more details about the
*6dbdd20aSAndroid Build Coastguard Workerproject testing strategy.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker## Architecture diagram
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker![Architecture diagram](/docs/images/continuous-integration.png)
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThere are four major components:
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker1. Frontend: AppEngine.
*6dbdd20aSAndroid Build Coastguard Worker2. Controller: AppEngine BG service.
*6dbdd20aSAndroid Build Coastguard Worker3. Workers: Compute Engine + Docker.
*6dbdd20aSAndroid Build Coastguard Worker4. Database: Firebase realtime database.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThey are coupled via the Firebase DB. The DB is the source of truth for the
*6dbdd20aSAndroid Build Coastguard Workerwhole CI.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker## Controller
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThe Controller orchestrates the CI. It's the most trusted piece of the system.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerIt is based on a background AppEngine service. Such service is only
*6dbdd20aSAndroid Build Coastguard Workertriggered by deferred tasks and periodic Cron jobs.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThe Controller is the only entity which performs authenticated access to Gerrit.
*6dbdd20aSAndroid Build Coastguard WorkerIt uses a non-privileged gmail account and has no meaningful voting power.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThe controller loop does mainly the following:
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- It periodically (every 15s) polls Gerrit for CLs updated in the last 24h.
*6dbdd20aSAndroid Build Coastguard Worker- It checks the list of CLs against the list of already known CLs in the DB.
*6dbdd20aSAndroid Build Coastguard Worker- For each new CL it enqueues `N` new jobs in the database, one for each
*6dbdd20aSAndroid Build Coastguard Worker  configuration defined in [config.py](/infra/ci/config.py) (e.g. `linux-debug`,
*6dbdd20aSAndroid Build Coastguard Worker  `android-release`, ...).
*6dbdd20aSAndroid Build Coastguard Worker- It monitors the state of jobs. When all jobs for a CL have been completed,
*6dbdd20aSAndroid Build Coastguard Worker  it posts a comment and adds the vote if the CL is marked as `Presubmit-Ready`.
*6dbdd20aSAndroid Build Coastguard Worker- It does some other less-relevant bookkeeping.
*6dbdd20aSAndroid Build Coastguard Worker- AppEngine is highly reliable and self-healing. If a task fails (e.g. because
*6dbdd20aSAndroid Build Coastguard Worker  of a Gerrit 500) it will be automatically re-tried with exponential backoff.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker## Frontend
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThe frontend is an AppEngine service that hosts the CI website @
*6dbdd20aSAndroid Build Coastguard Worker[ci.perfetto.dev](https://ci.perfetto.dev).
*6dbdd20aSAndroid Build Coastguard WorkerConversely to the Controller, it is exposed to the public via HTTP.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- It's an almost fully static website based on HTML and Javascript.
*6dbdd20aSAndroid Build Coastguard Worker- The only backend-side code ([frontend.py](/infra/ci/frontend/main.py))
*6dbdd20aSAndroid Build Coastguard Worker  is used to proxy XHR GET requests to Gerrit, due to the lack of Gerrit
*6dbdd20aSAndroid Build Coastguard Worker  CORS headers.
*6dbdd20aSAndroid Build Coastguard Worker- Such XHR requests are GET-only and anonymous.
*6dbdd20aSAndroid Build Coastguard Worker- The frontend python code also serves as a memcache layer for Gerrit requests
*6dbdd20aSAndroid Build Coastguard Worker  that return immutable data (e.g. revision logs) to reduce the likeliness of
*6dbdd20aSAndroid Build Coastguard Worker  hitting Gerrit errors / timeouts.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker## Worker GCE VM
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThe actual testing job happens inside these Google Compute Engine VMs.
*6dbdd20aSAndroid Build Coastguard WorkerThe GCE instance is running a CrOS-based
*6dbdd20aSAndroid Build Coastguard Worker[Container-Optimized](https://cloud.google.com/container-optimized-os/docs/) OS.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThe whole system image is read-only. The VM itself is stateless. No state is
*6dbdd20aSAndroid Build Coastguard Workerpersisted outside of the DB and Google Cloud Storage (only for UI artifacts).
*6dbdd20aSAndroid Build Coastguard WorkerThe SSD is used only as a scratch disk and is cleared on each reboot.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerVMs are dynamically spawned using the Google Cloud Autoscaler and use a
*6dbdd20aSAndroid Build Coastguard WorkerStackdriver Custom Metric pushed by the Controller as cost function.
*6dbdd20aSAndroid Build Coastguard WorkerSuch metric is the number of queued + running jobs.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerEach VM runs two types of Docker containers: _worker_ and the _sandbox_.
*6dbdd20aSAndroid Build Coastguard WorkerThey are in a 1:1 relationship, each worker controls at most one sandbox
*6dbdd20aSAndroid Build Coastguard Workerassociated. Workers are always alive (they work in polling-mode), while
*6dbdd20aSAndroid Build Coastguard Workersandboxes are started and stopped by the worker on-demand.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerOn each GCE instance there are M (currently 10) worker containers running and
*6dbdd20aSAndroid Build Coastguard Workerhence up to M sandboxes.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### Worker containers
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerWorker containers are trusted entities. They can impersonate the GCE service
*6dbdd20aSAndroid Build Coastguard Workeraccount and have R/W access to the DB. They can also spawn sandbox containers.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerTheir behavior depends only on code that is manually deployed and doesn't depend
*6dbdd20aSAndroid Build Coastguard Workeron the checkout under test. The reason why workers are Docker containers is NOT
*6dbdd20aSAndroid Build Coastguard Workersecurity but only reproducibility and maintenance.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerEach worker does the following:
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Poll for an available job from the `/jobs_queued` sub-tree of the DB.
*6dbdd20aSAndroid Build Coastguard Worker- Move such job into `/jobs_running`.
*6dbdd20aSAndroid Build Coastguard Worker- Start the sandbox container, passing down the job config and the git revision
*6dbdd20aSAndroid Build Coastguard Worker  via env vars.
*6dbdd20aSAndroid Build Coastguard Worker- Stream the sandbox stdout to the `/logs` sub-tree of the DB.
*6dbdd20aSAndroid Build Coastguard Worker- Terminate the sandbox container prematurely in case of timeouts or job
*6dbdd20aSAndroid Build Coastguard Worker  cancellations requested by the Controller.
*6dbdd20aSAndroid Build Coastguard Worker- Upload UI artifacts to GCS.
*6dbdd20aSAndroid Build Coastguard Worker- Update the DB to reflect completion of jobs, removing the entry from
*6dbdd20aSAndroid Build Coastguard Worker  `/jobs_running` and updating the `/jobs/$jobId/status` fields.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### Sandbox containers
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerSandbox containers are untrusted entities. They can access the internet
*6dbdd20aSAndroid Build Coastguard Worker(for git pull / install-build-deps) but they cannot impersonate the GCE service
*6dbdd20aSAndroid Build Coastguard Workeraccount, cannot write into the DB, cannot write into GCS buckets.
*6dbdd20aSAndroid Build Coastguard WorkerDocker here is used both as an isolation boundary and for reproducibility /
*6dbdd20aSAndroid Build Coastguard Workerdebugging.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerEach sandbox does the following:
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Checkout the code at the revision specified in the job config.
*6dbdd20aSAndroid Build Coastguard Worker- Run one of the [test/ci/](/test/ci/) scripts which will build and run tests.
*6dbdd20aSAndroid Build Coastguard Worker- Return either a success (0) or fail (!= 0) exit code.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerA sandbox container is almost completely stateless with the only exception of
*6dbdd20aSAndroid Build Coastguard Workerthe semi-ephemeral `/ci/cache` mount-point. This mount-point is tmpfs-based
*6dbdd20aSAndroid Build Coastguard Worker(hence cleared on reboot) but is shared across all sandboxes. It's used only to
*6dbdd20aSAndroid Build Coastguard Workermaintain the shared ccache.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker# Data model
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThe whole CI is based on
*6dbdd20aSAndroid Build Coastguard Worker[Firebase Realtime DB](https://firebase.google.com/docs/database).
*6dbdd20aSAndroid Build Coastguard WorkerIt is a high-scale JSON object accessible via a simple REST API.
*6dbdd20aSAndroid Build Coastguard WorkerClients can GET/PUT/PATCH/DELETE individual sub-nodes without having a local
*6dbdd20aSAndroid Build Coastguard Workerfull-copy of the DB.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker```bash
*6dbdd20aSAndroid Build Coastguard Worker/ci
*6dbdd20aSAndroid Build Coastguard Worker    # For post-submit jobs.
*6dbdd20aSAndroid Build Coastguard Worker    /branches
*6dbdd20aSAndroid Build Coastguard Worker        /main-20190626000853
*6dbdd20aSAndroid Build Coastguard Worker        # ┃     ┗━ Committer-date of the HEAD of the branch.
*6dbdd20aSAndroid Build Coastguard Worker        # ┗━ Branch name
*6dbdd20aSAndroid Build Coastguard Worker        {
*6dbdd20aSAndroid Build Coastguard Worker            author: "[email protected]"
*6dbdd20aSAndroid Build Coastguard Worker            rev: "0552edf491886d2bb6265326a28fef0f73025b6b"
*6dbdd20aSAndroid Build Coastguard Worker            subject: "Cloud-based CI"
*6dbdd20aSAndroid Build Coastguard Worker            time_committed: "2019-07-06T02:35:14Z"
*6dbdd20aSAndroid Build Coastguard Worker            jobs:
*6dbdd20aSAndroid Build Coastguard Worker            {
*6dbdd20aSAndroid Build Coastguard Worker                20190708153242--branches-main-20190626000853--android-...: 0
*6dbdd20aSAndroid Build Coastguard Worker                20190708153242--branches-main-20190626000853--linux-...:  0
*6dbdd20aSAndroid Build Coastguard Worker                ...
*6dbdd20aSAndroid Build Coastguard Worker            }
*6dbdd20aSAndroid Build Coastguard Worker        }
*6dbdd20aSAndroid Build Coastguard Worker        /main-20190701235742 {...}
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker    # For pre-submit jobs.
*6dbdd20aSAndroid Build Coastguard Worker    /cls
*6dbdd20aSAndroid Build Coastguard Worker        /1000515-65
*6dbdd20aSAndroid Build Coastguard Worker        {
*6dbdd20aSAndroid Build Coastguard Worker            change_id:    "platform%2F...~I575be190"
*6dbdd20aSAndroid Build Coastguard Worker            time_queued:  "2019-07-08T15:32:42Z"
*6dbdd20aSAndroid Build Coastguard Worker            time_ended:   "2019-07-08T15:33:25Z"
*6dbdd20aSAndroid Build Coastguard Worker            revision_id:  "18c2e4d0a96..."
*6dbdd20aSAndroid Build Coastguard Worker            wants_vote:   true
*6dbdd20aSAndroid Build Coastguard Worker            voted:        true
*6dbdd20aSAndroid Build Coastguard Worker            jobs: {
*6dbdd20aSAndroid Build Coastguard Worker                20190708153242--cls-1000515-65--android-clang:  0
*6dbdd20aSAndroid Build Coastguard Worker                ...
*6dbdd20aSAndroid Build Coastguard Worker                20190708153242--cls-1000515-65--ui-clang:       0
*6dbdd20aSAndroid Build Coastguard Worker            }
*6dbdd20aSAndroid Build Coastguard Worker        }
*6dbdd20aSAndroid Build Coastguard Worker        /1000515-66 {...}
*6dbdd20aSAndroid Build Coastguard Worker        ...
*6dbdd20aSAndroid Build Coastguard Worker        /1011130-3 {...}
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker    /cls_pending
*6dbdd20aSAndroid Build Coastguard Worker       # Effectively this is an array of pending CLs that we might need to
*6dbdd20aSAndroid Build Coastguard Worker       # vote on at the end. Only the keys matter, the values have no
*6dbdd20aSAndroid Build Coastguard Worker       # semantic and are always 0.
*6dbdd20aSAndroid Build Coastguard Worker       /1000515-65: 0
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker    /jobs
*6dbdd20aSAndroid Build Coastguard Worker        /20190708153242--cls-1000515-65--android-clang-arm-debug:
*6dbdd20aSAndroid Build Coastguard Worker        #  ┃               ┃             ┗━ Job type.
*6dbdd20aSAndroid Build Coastguard Worker        #  ┃               ┗━ Path of the CL or branch object.
*6dbdd20aSAndroid Build Coastguard Worker        #  ┗━ Datetime when the job was created.
*6dbdd20aSAndroid Build Coastguard Worker        {
*6dbdd20aSAndroid Build Coastguard Worker            src:          "cls/1000515-66"
*6dbdd20aSAndroid Build Coastguard Worker            status:       "QUEUED"
*6dbdd20aSAndroid Build Coastguard Worker                          "STARTED"
*6dbdd20aSAndroid Build Coastguard Worker                          "COMPLETED"
*6dbdd20aSAndroid Build Coastguard Worker                          "FAILED"
*6dbdd20aSAndroid Build Coastguard Worker                          "TIMED_OUT"
*6dbdd20aSAndroid Build Coastguard Worker                          "CANCELLED"
*6dbdd20aSAndroid Build Coastguard Worker                          "INTERRUPTED"
*6dbdd20aSAndroid Build Coastguard Worker            time_ended:   "2019-07-07T12:47:22Z"
*6dbdd20aSAndroid Build Coastguard Worker            time_queued:  "2019-07-07T12:34:22Z"
*6dbdd20aSAndroid Build Coastguard Worker            time_started: "2019-07-07T12:34:25Z"
*6dbdd20aSAndroid Build Coastguard Worker            type:         "android-clang-arm-debug"
*6dbdd20aSAndroid Build Coastguard Worker            worker:       "zqz2-worker-2"
*6dbdd20aSAndroid Build Coastguard Worker        }
*6dbdd20aSAndroid Build Coastguard Worker        /20190707123422--cls-1000515-66--android-clang-arm-rel {..}
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker    /jobs_queued
*6dbdd20aSAndroid Build Coastguard Worker        # Effectively this is an array. Only the keys matter, the values
*6dbdd20aSAndroid Build Coastguard Worker        # have no semantic and are always 0.
*6dbdd20aSAndroid Build Coastguard Worker        /20190708153242--cls-1000515-65--android-clang-arm-debug: 0
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker    /jobs_running
*6dbdd20aSAndroid Build Coastguard Worker        # Effectively this is an array. Only the keys matter, the values
*6dbdd20aSAndroid Build Coastguard Worker        # have no semantic and are always 0.
*6dbdd20aSAndroid Build Coastguard Worker        /20190707123422--cls-1000515-66--android-clang-arm-rel
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker    /logs
*6dbdd20aSAndroid Build Coastguard Worker        /20190707123422--cls-1000515-66--android-clang-arm-rel
*6dbdd20aSAndroid Build Coastguard Worker            /00a053-0000: "+ chmod 777 /ci/cache /ci/artifacts"
*6dbdd20aSAndroid Build Coastguard Worker            # ┃      ┗━ Monotonic counter to establish total order on log lines
*6dbdd20aSAndroid Build Coastguard Worker            # ┃         retrieved within the same read() batch.
*6dbdd20aSAndroid Build Coastguard Worker            # ┃
*6dbdd20aSAndroid Build Coastguard Worker            # ┗━ Hex-encoded timestamp, relative since start of test.
*6dbdd20aSAndroid Build Coastguard Worker            /00a053-0001: "+ chown perfetto.perfetto /ci/ramdisk"
*6dbdd20aSAndroid Build Coastguard Worker            ...
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker```
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker# Sequence Diagram
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThis is what happens, in order, on a worker instance from boot to the test run.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker```bash
*6dbdd20aSAndroid Build Coastguard Workermake -C /infra/ci worker-start
*6dbdd20aSAndroid Build Coastguard Worker┗━ gcloud start ...
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker[GCE] # From /infra/ci/worker/gce-startup-script.sh
*6dbdd20aSAndroid Build Coastguard Workerdocker run worker-1 ...
*6dbdd20aSAndroid Build Coastguard Worker...
*6dbdd20aSAndroid Build Coastguard Workerdocker run worker-N ...
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker[worker-X] # From /infra/ci/worker/Dockerfile
*6dbdd20aSAndroid Build Coastguard Worker┗━ /infra/ci/worker/worker.py
*6dbdd20aSAndroid Build Coastguard Worker  ┗━ docker run sandbox-X ...
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker[sandbox-X] # From /infra/ci/sandbox/Dockerfile
*6dbdd20aSAndroid Build Coastguard Worker┗━ /infra/ci/sandbox/init.sh
*6dbdd20aSAndroid Build Coastguard Worker  ┗━ /infra/ci/sandbox/testrunner.sh
*6dbdd20aSAndroid Build Coastguard Worker    ┣━ git fetch refs/changes/...
*6dbdd20aSAndroid Build Coastguard Worker    ┇  ...
*6dbdd20aSAndroid Build Coastguard Worker    ┇  # This env var is passed by the test definition
*6dbdd20aSAndroid Build Coastguard Worker    ┇  # specified in /infra/ci/config.py .
*6dbdd20aSAndroid Build Coastguard Worker    ┗━ $PERFETTO_TEST_SCRIPT
*6dbdd20aSAndroid Build Coastguard Worker       ┣━ # Which is one of these:
*6dbdd20aSAndroid Build Coastguard Worker       ┣━ /test/ci/android_tests.sh
*6dbdd20aSAndroid Build Coastguard Worker       ┣━ /test/ci/fuzzer_tests.sh
*6dbdd20aSAndroid Build Coastguard Worker       ┣━ /test/ci/linux_tests.sh
*6dbdd20aSAndroid Build Coastguard Worker       ┗━ /test/ci/ui_tests.sh
*6dbdd20aSAndroid Build Coastguard Worker          ┣━ ninja ...
*6dbdd20aSAndroid Build Coastguard Worker          ┗━ out/dist/{unit,integration,...}test
*6dbdd20aSAndroid Build Coastguard Worker```
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### [gce-startup-script.sh](/infra/ci/worker/gce-startup-script.sh)
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Is ran once per GVE vm, at (re)boot.
*6dbdd20aSAndroid Build Coastguard Worker- It prepares the tmpfs mountpoint for the shared ccache.
*6dbdd20aSAndroid Build Coastguard Worker- It wipes the SSD scratch disk for the build artifacts
*6dbdd20aSAndroid Build Coastguard Worker- It pulls the latest {worker, sandbox} container images from
*6dbdd20aSAndroid Build Coastguard Worker  the Google Cloud Container registry.
*6dbdd20aSAndroid Build Coastguard Worker- Sets up Docker and `iptables` (for the sandboxed network).
*6dbdd20aSAndroid Build Coastguard Worker- Starts `N` worker containers in Docker.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### [worker.py](/infra/ci/worker/worker.py)
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- It polls the DB to retrieve a job.
*6dbdd20aSAndroid Build Coastguard Worker- When a job is retrieved starts a sandbox container.
*6dbdd20aSAndroid Build Coastguard Worker- It streams the container stdout/stderr to the DB.
*6dbdd20aSAndroid Build Coastguard Worker- It upload the build artifacts to GCS.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### [testrunner.sh](/infra/ci/sandbox/testrunner.sh)
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- It is pinned in the container image. Does NOT depend on the particular
*6dbdd20aSAndroid Build Coastguard Worker  revision being tested.
*6dbdd20aSAndroid Build Coastguard Worker- Checks out the repo at the revision specified (by the Controller) in the
*6dbdd20aSAndroid Build Coastguard Worker  job config pulled from the DB.
*6dbdd20aSAndroid Build Coastguard Worker- Sets up ccache
*6dbdd20aSAndroid Build Coastguard Worker- Deals with caching of buildtools/.
*6dbdd20aSAndroid Build Coastguard Worker- Runs the test script specified in the job config from the checkout.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### [{android,fuzzer,linux,ui}_tests.sh](/test/ci/linux_tests.sh)
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Are NOT pinned in the container and are ran from the checked out revision.
*6dbdd20aSAndroid Build Coastguard Worker- Finally build and run the test.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker## Playbook
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### Frontend (JS/HTML/CSS) changes
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerTest-locally: `make -C infra/ci/frontend test`
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerDeploy with `make -C infra/ci/frontend deploy`
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### Controller changes
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerDeploy with `make -C infra/ci/controller deploy`
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerIt is possible to try locally via the `make -C infra/ci/controller test`
*6dbdd20aSAndroid Build Coastguard Workerbut this involves:
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Manually stopping the production AppEngine instance via the Cloud Console
*6dbdd20aSAndroid Build Coastguard Worker  (stopping via the `gcloud` cli doesn't seem to work, b/136828660)
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### Worker/Sandbox changes
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker1. Build and push the new docker containers with:
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker   `make -C infra/ci build push`
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker2. Restart the GCE instances, either manually or via
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker   `make -C infra/ci restart-workers`
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker### Purging the job queue
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard WorkerThis can be useful when there is an outage and too many jobs pile up.
*6dbdd20aSAndroid Build Coastguard Worker - Stop the workers: `make -C infra/ci stop-workers`
*6dbdd20aSAndroid Build Coastguard Worker - Open https://console.firebase.google.com/u/0/project/perfetto-ci/database/perfetto-ci/data/~2Fci
*6dbdd20aSAndroid Build Coastguard Worker - Delete the `jobs_running`, `jobs_queued`, `workers` subtrees
*6dbdd20aSAndroid Build Coastguard Worker - Restart the workers: `make -C infra/ci start-workers`
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker## Security considerations
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Both the Firebase DB and the gs://perfetto-artifacts GCS bucket are
*6dbdd20aSAndroid Build Coastguard Worker  world-readable and writable by the GAE and GCE service accounts.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- The GAE service account also has the ability to log into Gerrit using a
*6dbdd20aSAndroid Build Coastguard Worker  dedicated gmail.com account. The GCE service account doesn't.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Overall, no account in this project has any interesting privilege:
*6dbdd20aSAndroid Build Coastguard Worker  - The Gerrit account used for commenting on CLs is just a random gmail account
*6dbdd20aSAndroid Build Coastguard Worker    and has no special voting power.
*6dbdd20aSAndroid Build Coastguard Worker  - The service accounts of GAE and GCE don't have any special capabilities
*6dbdd20aSAndroid Build Coastguard Worker    outside of the CI project itself.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- This CI deals only with functional and performance testing and doesn't deal
*6dbdd20aSAndroid Build Coastguard Worker  with any sort of continuous deployment.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Presubmit jobs are only triggered if at least one of the following is true:
*6dbdd20aSAndroid Build Coastguard Worker  - The owner of the CL is a @google.com account.
*6dbdd20aSAndroid Build Coastguard Worker  - The user that applied the Presubmit-Ready label is a @google.com account.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Sandboxes are not too hard to escape (Docker is the only boundary) and can
*6dbdd20aSAndroid Build Coastguard Worker  pollute each other via the shared ccache.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- As such neither pre-submit nor post-submit build artifacts are considered
*6dbdd20aSAndroid Build Coastguard Worker  trusted. They are only used for establishing functional correctness and
*6dbdd20aSAndroid Build Coastguard Worker  performance regression testing.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- Binaries built by the CI are not ran on any other machines outside of the
*6dbdd20aSAndroid Build Coastguard Worker  CI project. They are deliberately not downloadable.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- The only build artifacts that are retained (for up to 30 days) and uploaded to
*6dbdd20aSAndroid Build Coastguard Worker  the GCS bucket are the UI artifacts. This is for the only sake of getting
*6dbdd20aSAndroid Build Coastguard Worker  visual previews of the HTML changes.
*6dbdd20aSAndroid Build Coastguard Worker
*6dbdd20aSAndroid Build Coastguard Worker- UI artifacts are served from a different origin (the GCS per-bucket API) than
*6dbdd20aSAndroid Build Coastguard Worker  the production UI.