Skip to content

ci(test): parallelize acceptance tests using dynamic matrix #692

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
tembleking merged 7 commits into from
Feb 5, 2026
Merged

ci(test): parallelize acceptance tests using dynamic matrix #692

Changes from 1 commit
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
300b836
ci(test): parallelize acceptance tests using dynamic matrix
tembleking Feb 5, 2026
17ae0f5
ci(test): add empty matrix handling, aggregator jobs, and rate limiting
tembleking Feb 5, 2026
8c2df5a
fix(test): use random email suffix to avoid collisions in parallel runs
tembleking Feb 5, 2026
34b62d2
fix(test): reduce IBM parallelism and fix flaky rule count test
tembleking Feb 5, 2026
916bb88
ci(test): reduce IBM max-parallel from 5 to 3
tembleking Feb 5, 2026
68bc69c
ci: add merge_group trigger to enable merge queue
tembleking Feb 5, 2026
6e10856
ci(test): revert IBM tests to sequential, keep Sysdig parallelized
tembleking Feb 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
181 changes: 132 additions & 49 deletions .github/workflows/test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,9 @@ jobs:
lint:
name: Lint
runs-on: ubuntu-latest

steps:
- name: Check out code
uses: actions/checkout@v4

- name: Lint
uses: golangci/golangci-lint-action@v8
with:
Expand All @@ -20,103 +18,188 @@ jobs:
test:
name: Unit Tests
runs-on: ubuntu-latest

steps:
- name: Check out code
uses: actions/checkout@v4

- name: Set up Go
uses: actions/setup-go@v5
with:
go-version-file: go.mod

- name: Test
run: make test

test-sysdig-monitor:
name: Sysdig Monitor Acceptance Tests
# ============================================
# Sysdig Secure - Dynamic Matrix
# ============================================
list-sysdig-secure-tests:
name: List Secure Tests
runs-on: ubuntu-latest
needs: test

outputs:
matrix: ${{ steps.list.outputs.matrix }}
steps:
- name: Check out code
uses: actions/checkout@v4
- uses: actions/checkout@v4
- id: list
run: |
files=$(grep -l "tf_acc_sysdig_secure" sysdig/*_test.go | xargs -I{} basename {} .go)
Comment thread
tembleking marked this conversation as resolved.
Outdated
matrix=$(echo "$files" | jq -R -s -c 'split("\n") | map(select(length > 0))')
echo "matrix=$matrix" >> $GITHUB_OUTPUT

- name: Set up Go
uses: actions/setup-go@v5
test-sysdig-secure:
name: "Secure: ${{ matrix.file }}"
runs-on: ubuntu-latest
needs: list-sysdig-secure-tests
strategy:
fail-fast: false
matrix:
file: ${{ fromJson(needs.list-sysdig-secure-tests.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod

- name: Test
run: make testacc
- name: Run tests from ${{ matrix.file }}
run: |
tests=$(grep -oh "func Test[A-Za-z0-9_]*" sysdig/${{ matrix.file }}.go | sed 's/func //' | tr '\n' '|' | sed 's/|$//')
Comment thread
tembleking marked this conversation as resolved.
if [ -n "$tests" ]; then
echo "Running tests: $tests"
CGO_ENABLED=1 TF_ACC=1 go test ./sysdig -v -tags=tf_acc_sysdig_secure -timeout 30m -race -run "^($tests)$"
else
echo "No tests found in file"
fi
env:
Comment thread
tembleking marked this conversation as resolved.
TEST_SUITE: tf_acc_sysdig_monitor
SYSDIG_MONITOR_API_TOKEN: ${{ secrets.KUBELAB_MONITOR_API_TOKEN }}
SYSDIG_SECURE_API_TOKEN: ${{ secrets.KUBELAB_SECURE_API_TOKEN }}

test-sysdig-secure:
name: Sysdig Secure Acceptance Tests
# ============================================
# Sysdig Monitor - Dynamic Matrix
# ============================================
list-sysdig-monitor-tests:
name: List Monitor Tests
runs-on: ubuntu-latest
needs: test

outputs:
matrix: ${{ steps.list.outputs.matrix }}
steps:
- name: Check out code
uses: actions/checkout@v4
- uses: actions/checkout@v4
- id: list
run: |
files=$(grep -l "tf_acc_sysdig_monitor" sysdig/*_test.go | xargs -I{} basename {} .go)
matrix=$(echo "$files" | jq -R -s -c 'split("\n") | map(select(length > 0))')
echo "matrix=$matrix" >> $GITHUB_OUTPUT

- name: Set up Go
uses: actions/setup-go@v5
test-sysdig-monitor:
name: "Monitor: ${{ matrix.file }}"
runs-on: ubuntu-latest
needs: list-sysdig-monitor-tests
strategy:
fail-fast: false
matrix:
file: ${{ fromJson(needs.list-sysdig-monitor-tests.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod

- name: Test
run: make testacc
- name: Run tests from ${{ matrix.file }}
run: |
tests=$(grep -oh "func Test[A-Za-z0-9_]*" sysdig/${{ matrix.file }}.go | sed 's/func //' | tr '\n' '|' | sed 's/|$//')
Comment thread
tembleking marked this conversation as resolved.
if [ -n "$tests" ]; then
echo "Running tests: $tests"
CGO_ENABLED=1 TF_ACC=1 go test ./sysdig -v -tags=tf_acc_sysdig_monitor -timeout 30m -race -run "^($tests)$"
Comment thread
tembleking marked this conversation as resolved.
else
echo "No tests found in file"
fi
env:
TEST_SUITE: tf_acc_sysdig_secure
SYSDIG_MONITOR_API_TOKEN: ${{ secrets.KUBELAB_MONITOR_API_TOKEN }}
SYSDIG_SECURE_API_TOKEN: ${{ secrets.KUBELAB_SECURE_API_TOKEN }}

test-ibm-monitor:
name: IBM Monitor Acceptance Tests
# ============================================
# IBM Monitor - Dynamic Matrix
# ============================================
list-ibm-monitor-tests:
name: List IBM Monitor Tests
runs-on: ubuntu-latest
needs: test

outputs:
matrix: ${{ steps.list.outputs.matrix }}
steps:
- name: Check out code
uses: actions/checkout@v4
- uses: actions/checkout@v4
- id: list
run: |
files=$(grep -l "tf_acc_ibm_monitor" sysdig/*_test.go | xargs -I{} basename {} .go)
matrix=$(echo "$files" | jq -R -s -c 'split("\n") | map(select(length > 0))')
echo "matrix=$matrix" >> $GITHUB_OUTPUT

- name: Set up Go
uses: actions/setup-go@v5
test-ibm-monitor:
name: "IBM Monitor: ${{ matrix.file }}"
runs-on: ubuntu-latest
needs: list-ibm-monitor-tests
strategy:
fail-fast: false
matrix:
file: ${{ fromJson(needs.list-ibm-monitor-tests.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod

- name: Test
run: make testacc
- name: Run tests from ${{ matrix.file }}
run: |
tests=$(grep -oh "func Test[A-Za-z0-9_]*" sysdig/${{ matrix.file }}.go | sed 's/func //' | tr '\n' '|' | sed 's/|$//')
Comment thread
tembleking marked this conversation as resolved.
Outdated
if [ -n "$tests" ]; then
echo "Running tests: $tests"
CGO_ENABLED=1 TF_ACC=1 go test ./sysdig -v -tags=tf_acc_ibm_monitor -timeout 30m -race -run "^($tests)$"
Comment thread
tembleking marked this conversation as resolved.
Outdated
else
echo "No tests found in file"
fi
env:
TEST_SUITE: tf_acc_ibm_monitor
SYSDIG_IBM_MONITOR_API_KEY: ${{ secrets.TERRAFORM_IBM_API_KEY }}
SYSDIG_IBM_MONITOR_INSTANCE_ID: ${{ secrets.TERRAFORM_IBM_MONITOR_INSTANCE_ID }}
SYSDIG_IBM_MONITOR_IAM_URL: "https://iam.cloud.ibm.com"
SYSDIG_MONITOR_URL: "https://eu-gb.monitoring.cloud.ibm.com"
IBM_EVENT_NOTIFICATION_INSTANCE_ID: ${{ secrets.IBM_EVENT_NOTIFICATION_INSTANCE_ID }}

test-ibm-secure:
name: IBM Secure Acceptance Tests
# ============================================
# IBM Secure - Dynamic Matrix
# ============================================
list-ibm-secure-tests:
name: List IBM Secure Tests
runs-on: ubuntu-latest
needs: test

outputs:
matrix: ${{ steps.list.outputs.matrix }}
steps:
- name: Check out code
uses: actions/checkout@v4
- uses: actions/checkout@v4
- id: list
run: |
files=$(grep -l "tf_acc_ibm_secure" sysdig/*_test.go | xargs -I{} basename {} .go)
matrix=$(echo "$files" | jq -R -s -c 'split("\n") | map(select(length > 0))')
echo "matrix=$matrix" >> $GITHUB_OUTPUT

- name: Set up Go
uses: actions/setup-go@v5
test-ibm-secure:
name: "IBM Secure: ${{ matrix.file }}"
runs-on: ubuntu-latest
needs: list-ibm-secure-tests
strategy:
fail-fast: false
matrix:
file: ${{ fromJson(needs.list-ibm-secure-tests.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: go.mod

- name: Test
run: make testacc
- name: Run tests from ${{ matrix.file }}
run: |
tests=$(grep -oh "func Test[A-Za-z0-9_]*" sysdig/${{ matrix.file }}.go | sed 's/func //' | tr '\n' '|' | sed 's/|$//')
Comment thread
tembleking marked this conversation as resolved.
Outdated
if [ -n "$tests" ]; then
echo "Running tests: $tests"
CGO_ENABLED=1 TF_ACC=1 go test ./sysdig -v -tags=tf_acc_ibm_secure -timeout 30m -race -run "^($tests)$"
Comment thread
tembleking marked this conversation as resolved.
Outdated
else
echo "No tests found in file"
fi
env:
TEST_SUITE: tf_acc_ibm_secure
SYSDIG_IBM_SECURE_API_KEY: ${{ secrets.TERRAFORM_IBM_API_KEY }}
SYSDIG_IBM_SECURE_INSTANCE_ID: ${{ secrets.TERRAFORM_IBM_SECURE_INSTANCE_ID }}
SYSDIG_IBM_SECURE_IAM_URL: "https://iam.cloud.ibm.com"
Expand Down
Loading