Continuous Integration (CI)
What is it?
CD/CI - Continuous Delivery / Continuous Integration is a DevOps methodology that speeds up software delivery
- Automates analysis, tests each code change
- Report errors
- Streamline software releasing
- Improves development / collaboration
What do we need?
We need to combine:
- Reproducible environment(s)
- Code analysis tools
- Formatters
- Linters
- Type Checkers
- Tests
The tooling Zoo 🪛🔧⚒️
Static analysis
- Syntax errors - beyond parsing:
- All languages follow a syntax spec.
- Easy for us to make mistakes/typos
- Some bugs - simple logical problems
- Conform to good practices
Static Analysis - Linters & formatters
The latest tool in the zoo is ruff.
It supports +900 linting rules
$ ruff check --output-format=concise helloworld.py
helloworld.py:3:1: SyntaxError: Unexpected indentation
helloworld.py:5:1: SyntaxError: Expected a statement
Found 2 errors.Static Analysis - Type checking
mypy is the go-to tool - leveraging type hints
mult.py
$ mypy mult.py
mult.py:6: error: Argument 2 to "mult_int" has incompatible type "str"; expected "int" [arg-type]
Found 1 error in 1 file (checked 1 source file)$ python3 mult.py
Mult 3*6 is:
666Use ruff and mypy
- Create a python script (e.g.
helloworld.py) that prints something - Install
ruffandmypyin your environment - Use them to lint, format your script
We have the tools, now what?
Setting up a CI pipeline
- Git repos / services are perfect place!
- Simply add the configuration files to the repo
- Checks are done everytime you push code
- CI verifies if commits meet expectation
- Provided on popular git hosting systems
- GitLab CI as pipelines
- GitHub Actions
What to expect?
- Brand-new environments should be created
- Even with versioned/pinned dependencies
- Static analysis errors should be immediately spotted
- Code style violations should be raised
- Compiling code should be done (if compiled language)
- e.g.
cpythonlatest linting check:![]()
- Tests must run and assess functionality
- e.g.
cpythonlatest tests![]()
- e.g.
How!?
- Define stages/steps in order of dependency
- For each prepare the environment and tools to be used
- Introduce variants
- e.g. using different
pythonversions - e.g. run with a pinned version of your environment
- e.g. run the latest (version) of your environment
- e.g. using different
Real case examples
- GitHub Actions workflow for CPython
- Course lectures on Gitlab CI
Gitlab CI
Configured with a file YAML file named .gitlab-ci.yaml
- Gitlab CI syntax: docs.gitlab.com/ci/yaml
- DKRZ Gitlab documentation: docs.dkrz.de ⚠️
- A couple of extra configurations are needed to use DKRZ’s
gitlab.dkrz.de’s CI - E.g. jobs running in slurm/levante (templates documented) or not
- A couple of extra configurations are needed to use DKRZ’s
Example of .gitlab-ci.yml
.gitlab-ci.yml
stages:
- static-analysis
default:
image: python # container image with basic python tools
tags:
- docker-any-image # note this is specific to DKRZ's gitlab
linter:
stage: static-analylsis
script:
- pip install ruff
- ruff check .
type-check:
stage: static-analysis
script:
- pip install mypy
- mypy .Example of .gitlab-ci.yml
.gitlab-ci.yml
Runners
In order to run the CI, code needs to run1 somewhere.
- Centrally provided (shared) runners
- Self-hosted
- Runners can be tagged, indicating functionality.
- e.g. different hardware/os/capabilities
- Jobs can select runners using their
tags.
(Docker) Images & Containers
- Images are compiled “environments” containing an entire operating system.
- e.g.
python: an operating system with Python pre-installed
- e.g.
The image keyword specifies an image for the executor to use
(Docker) Images & Containers
- Containers are active environments based on an image.
- i.e. a running virtual machine, created for a single job
- To use a container in Gitlab CI, you need a runner with a “Docker Executor”.
- e.g. using
docker-any-imagetag on DKRZ gitlab.
- e.g. using
Hands-on Session
Create a simple Gitlab CI pipeline job on your repository:
- It should use
pythonand print"Hello world!"
Important
⚠️ You need to enable CI/CD in Settings->General->“Visibility, project features, permissions” and enable enable instance runners under “Settings->CI/CD->Runners”.
Tip
Since you are using DKRZ’s Gitlab refer to the documentation:
Hands-on Session
Hands-on Session
- Create a python script that is checked by
ruff- It should lint and format of your code
- Bonus: use the type-checker
mypyas well
Hands-on Session
More on Gitlab CI
Artifacts
- Jobs have an ephemeral nature
- Files they create will be gone once completed
artifacts1 allows us to specify which files to keep- Used to pass data between jobs
- Save results (e.g. code report, documentation)
- Expected to disappear (eventually/explicitly)
Example with artifacts
.gitlab-ci.yml
$ cat output/result.txt
cat: output/result.txt: No such file or directoryThe pipeline fails, job2 starts from the same initial point as job1 and there is no persistency!
Example with artifacts
Matrix jobs
- Using
parallel:matrix1 one can run a job in parallel.- For each combination of values a job will be spawned.
Matrix jobs
- Using
parallel:matrix1 one can run a job in parallel.- For each combination of values a job will be spawned.
Take home messages
- Tools exist to make everyone’s life easier
- CI takes tools to the next level
- Makes problem detection and collaboration easier!
Shotgun buffet
Executors
In Gitlab different executors1 offer different isolation settings.
With
SSHandShellexecutors, a job that runsrm -rf /could destroy the state of the runner (persistency).The same using
Dockerwould only destroy the newly created isolated environment (not even the image)
Pre-commit hook 🪝
Automate the locally checking the code with git hooks 1.
- Inspect
.git/hooks/pre-commit.sample. What does it do? - Install pre-commit, configure it to use ruff-pre-commit
- Modify a python script (e.g.
helloworld.py) - Try to commit that modification
- Did the commit went through? What if you try to commit a syntax error?
Solution pre-commit
Using the pre-commit tool:
.pre-commit-config.yaml
