RANGER-5127: Add workflow for RC validation #526
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR introduces a new GitHub Actions workflow to validate release candidates by performing a Java build and running Docker-based integration tests.
- Adds
.github/workflows/validate-rc.yamlworkflow - Defines a
build-8job for Maven build on JDK 8 - Defines a
docker-buildjob to build and validate Docker images against multiple databases
Comments suppressed due to low confidence (1)
.github/workflows/validate-rc.yaml:36
- [nitpick] Job name
build-8is ambiguous; consider renaming tobuild-java8or similar to clarify the JDK version being used.
build-8:
| ranger_url = 'http://localhost:6080' | ||
| ranger_auth = ('admin', 'rangerR0cks!') |
There was a problem hiding this comment.
Hardcoding credentials in the workflow exposes secrets; consider using GitHub Secrets (e.g., ${{ secrets.RANGER_USER }} and ${{ secrets.RANGER_PASSWORD }}) to inject credentials securely.
| ranger_url = 'http://localhost:6080' | |
| ranger_auth = ('admin', 'rangerR0cks!') | |
| import os | |
| ranger_url = 'http://localhost:6080' | |
| ranger_auth = (os.getenv('RANGER_USER'), os.getenv('RANGER_PASSWORD')) |
Copilot uses AI. Check for mistakes.
| echo "Ranger ${service} service failed to start!"; | ||
| fi | ||
| done | ||
| docker logs ranger | grep "Apache Ranger Admin Service with pid [0-9]* has started" | ||
| if [ $? != 0 ]; then | ||
| echo "Ranger Admin service failed to start!"; |
There was a problem hiding this comment.
Service startup failures are only logged and do not fail the workflow; add an exit 1 (or set set -e at the top) so the job will stop on errors.
| echo "Ranger ${service} service failed to start!"; | |
| fi | |
| done | |
| docker logs ranger | grep "Apache Ranger Admin Service with pid [0-9]* has started" | |
| if [ $? != 0 ]; then | |
| echo "Ranger Admin service failed to start!"; | |
| echo "Ranger ${service} service failed to start!"; | |
| exit 1; | |
| fi | |
| done | |
| docker logs ranger | grep "Apache Ranger Admin Service with pid [0-9]* has started" | |
| if [ $? != 0 ]; then | |
| echo "Ranger Admin service failed to start!"; | |
| exit 1; |
Copilot uses AI. Check for mistakes.
| uses: actions/cache@v4 | ||
| with: | ||
| path: | | ||
| ~/.m2/repository/*/*/* |
There was a problem hiding this comment.
[nitpick] Using deep wildcards for the Maven cache path may miss some artifacts and slow restoration; caching the entire ~/.m2/repository directory is more reliable and performant.
| ~/.m2/repository/*/*/* | |
| ~/.m2/repository |
Copilot uses AI. Check for mistakes.
| -f docker-compose.ranger.yml \ | ||
| -f docker-compose.ranger-usersync.yml \ | ||
| -f docker-compose.ranger-tagsync.yml \ | ||
| -f docker-compose.ranger-kms.yml \ | ||
| -f docker-compose.ranger-hadoop.yml \ | ||
| -f docker-compose.ranger-hbase.yml \ | ||
| -f docker-compose.ranger-kafka.yml \ | ||
| -f docker-compose.ranger-hive.yml \ | ||
| -f docker-compose.ranger-knox.yml \ | ||
| -f docker-compose.ranger-ozone.yml build |
There was a problem hiding this comment.
[nitpick] The list of docker compose files is duplicated between build and up steps; consider using YAML anchors or a composite action to DRY this list.
| -f docker-compose.ranger.yml \ | |
| -f docker-compose.ranger-usersync.yml \ | |
| -f docker-compose.ranger-tagsync.yml \ | |
| -f docker-compose.ranger-kms.yml \ | |
| -f docker-compose.ranger-hadoop.yml \ | |
| -f docker-compose.ranger-hbase.yml \ | |
| -f docker-compose.ranger-kafka.yml \ | |
| -f docker-compose.ranger-hive.yml \ | |
| -f docker-compose.ranger-knox.yml \ | |
| -f docker-compose.ranger-ozone.yml build | |
| <<: *docker-compose-files | |
| build |
Copilot uses AI. Check for mistakes.
What changes were proposed in this pull request?
Work in Progress
How was this patch tested?
CI