[uss_qualifier] Add ed318 test scenario

.dockerignore

@@ -2,3 +2,7 @@ build/workspace
 *.pyc
 .git
 .venv
+monitoring/uss_qualifier/output/*
+monitoring/uss_qualifier/htmlcov/*
+monitoring/mock_uss/output/*
+**/__pycache__

.github/actions/load-image/action.yml

@@ -0,0 +1,19 @@
+name: 'Load monitoring image'
+description: 'Load single monitoring image built by the build-monitoring-image job in the ci.yml workflow (composite action)'
+runs:
+  using: "composite"
+  steps:
+    - name: Download monitoring image
+      uses: actions/download-artifact@v5
+      with:
+        name: monitoring-docker-image
+        path: monitoring-image
+    - name: Load monitoring image
+      shell: bash
+      run: |
+        set -euo pipefail
+        docker load --input monitoring-image/monitoring-image.tar
+        cp monitoring-image/monitoring/image monitoring/image
+        cp monitoring-image/monitoring/image-dev monitoring/image-dev
+        touch monitoring/image monitoring/image-dev
+        rm -rf monitoring-image

.github/workflows/ci.yml

@@ -5,8 +5,50 @@ on:
     branches:
     - main
 jobs:
+  build-monitoring-images:
+    name: Build monitoring images
+    permissions:
+      contents: read
+    runs-on: ubuntu-latest
+    steps:
+    - name: Job information
+      run: |
+        echo "Job information"
+        echo "Trigger: ${{ github.event_name }}"
+        echo "Host: ${{ runner.os }}"
+        echo "Repository: ${{ github.repository }}"
+        echo "Branch: ${{ github.ref }}"
+        docker images
+        docker version
+        docker compose version
+    - name: Checkout
+      uses: actions/checkout@v6
+      with:
+        submodules: true
+        fetch-tags: true
+        fetch-depth: 0
+        filter: tree:0
+    - name: Build monitoring images
+      run: |
+        make image
+        make image-dev
+    - name: Save monitoring image artifact
+      run: |
+        docker save interuss/monitoring interuss/monitoring-dev -o monitoring-image.tar
+        mkdir -p image-artifact/monitoring
+        mv monitoring-image.tar image-artifact/
+        cp monitoring/image image-artifact/monitoring/
+        cp monitoring/image-dev image-artifact/monitoring/
+    - name: Upload monitoring image artifact
+      uses: actions/upload-artifact@v7
+      with:
+        name: monitoring-docker-image
+        path: image-artifact
+
   hygiene-tests:
     name: Repository hygiene
+    needs:
+      - build-monitoring-images
     # https://docs.github.com/en/actions/writing-workflows/workflow-syntax-for-github-actions#permissions
     permissions:
       contents: read
@@ -23,16 +65,45 @@ jobs:
         docker version
         docker compose version
     - name: Checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
         submodules: true
+    - name: Load monitoring image
+      uses: ./.github/actions/load-image
     - name: Automated hygiene verification
       run: make check-hygiene
-    - name: Unit tests
-      run: make unit-test
+
+  unit-tests:
+    name: Unit tests
+    needs:
+      - build-monitoring-images
+    permissions:
+      contents: read
+    runs-on: ubuntu-latest
+    steps:
+      - name: Job information
+        run: |
+          echo "Job information"
+          echo "Trigger: ${{ github.event_name }}"
+          echo "Host: ${{ runner.os }}"
+          echo "Repository: ${{ github.repository }}"
+          echo "Branch: ${{ github.ref }}"
+          docker images
+          docker version
+          docker compose version
+      - name: Checkout
+        uses: actions/checkout@v6
+        with:
+          submodules: true
+      - name: Load monitoring image
+        uses: ./.github/actions/load-image
+      - name: Unit tests
+        run: make unit-test
 
   mock_uss-test:
     name: mock_uss tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -44,6 +115,8 @@ jobs:
 
   uss_qualifier-noop-test:
     name: uss_qualifier configurations.dev.noop tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -57,6 +130,8 @@ jobs:
 
   uss_qualifier-geoawareness_cis-test:
     name: uss_qualifier configurations.dev.geoawareness_cis tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -70,6 +145,8 @@ jobs:
 
   uss_qualifier-generate_rid_test_data-test:
     name: uss_qualifier configurations.dev.generate_rid_test_data tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -83,6 +160,8 @@ jobs:
 
   uss_qualifier-geospatial_comprehension-test:
     name: uss_qualifier configurations.dev.geospatial_comprehension tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -96,6 +175,8 @@ jobs:
 
   uss_qualifier-general_flight_auth-test:
     name: uss_qualifier configurations.dev.general_flight_auth tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -109,6 +190,8 @@ jobs:
 
   uss_qualifier-message_signing-test:
     name: uss_qualifier configurations.dev.message_signing tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -122,6 +205,8 @@ jobs:
 
   uss_qualifier-dss_probing-test:
     name: uss_qualifier configurations.dev.dss_probing tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -135,6 +220,8 @@ jobs:
 
   uss_qualifier-f3548_self_contained-test:
     name: uss_qualifier configurations.dev.f3548_self_contained tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -148,6 +235,8 @@ jobs:
 
   uss_qualifier-utm_implementation_us-test:
     name: uss_qualifier configurations.dev.utm_implementation_us tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -161,6 +250,8 @@ jobs:
 
   uss_qualifier-netrid_v22a-test:
     name: uss_qualifier configurations.dev.netrid_v22a tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -174,6 +265,8 @@ jobs:
 
   uss_qualifier-netrid_v19-test:
     name: uss_qualifier configurations.dev.netrid_v19 tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -187,6 +280,8 @@ jobs:
 
   uss_qualifier-uspace-test:
     name: uss_qualifier configurations.dev.uspace tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -198,21 +293,50 @@ jobs:
         cd monitoring/uss_qualifier
         make test
 
-  uss_qualifier-minimal_probing-test:
-    name: uss_qualifier configurations.dev.minimal_probing tests
+  uss_qualifier-minimal_probing_simulations-crdb-test:
+    name: uss_qualifier configurations.dev.minimal_probing_simulations tests with crdb
+    needs:
+      - build-monitoring-images
+    permissions:
+      contents: read
+    uses: ./.github/workflows/monitoring-test.yml
+    with:
+      name: uss_qualifier-minimal_probing_simulations-crdb-test
+      script: |
+        export CONFIG_NAME="configurations.dev.minimal_probing"
+        export NUM_USS=2
+        export NUM_NODES=2
+        export DB_TYPE=crdb
+        export INTRA_USS_NETEM_CONF="delay 250us 25us 25% distribution normal loss 0.0025% 10%"
+        export INTER_USS_NETEM_CONF="delay 25ms 7.5ms 50% distribution paretonormal loss 0.025% 25%"
+
+        cd monitoring/uss_qualifier
+        make test
+
+  uss_qualifier-minimal_probing_simulations-ybdb-test:
+    name: uss_qualifier configurations.dev.minimal_probing_simulations tests with ybdb
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
     with:
-      name: uss_qualifier-minimal_probing-test
+      name: uss_qualifier-minimal_probing_simulations-ybdb-test
       script: |
         export CONFIG_NAME="configurations.dev.minimal_probing"
+        export NUM_USS=2
+        export NUM_NODES=2
+        export DB_TYPE=ybdb
+        export INTRA_USS_NETEM_CONF="delay 250us 25us 25% distribution normal loss 0.0025% 10%"
+        export INTER_USS_NETEM_CONF="delay 25ms 7.5ms 50% distribution paretonormal loss 0.025% 25%"
 
         cd monitoring/uss_qualifier
         make test
 
   prober-test:
     name: prober tests
+    needs:
+      - build-monitoring-images
     permissions:
       contents: read
     uses: ./.github/workflows/monitoring-test.yml
@@ -248,21 +372,21 @@ jobs:
       group: ${{ github.workflow }}-${{ github.ref }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           submodules: true
           path: monitoring
 
       - name: Get uss_qualifier reports
-        uses: actions/download-artifact@v5
+        uses: actions/download-artifact@v8
         with:
           path: ./artifacts
 
       - name: Make site content
         run: ./monitoring/github_pages/make_site_content.sh
 
       - name: Deploy
-        uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e  # v4.0.0
+        uses: peaceiris/actions-gh-pages@84c30a85c19949d7eee79c4ff27748b70285e453  # v4.1.0
         if: github.ref == 'refs/heads/main'
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/dev-checks.yml

@@ -11,20 +11,13 @@ jobs:
     name: Clone on Windows
     runs-on: windows-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: Checkout on Windows
         run: echo "Project successfully cloned on ${{ runner.os }}. See `Set up Job` stage for more details about the Runner."
   macos:
     name: Clone on Mac
     runs-on: macos-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: Checkout on Mac
         run: echo "Project successfully cloned on ${{ runner.os }}. See `Set up Job` stage for more details about the Runner."
-  ubuntu:
-    name: Clone on Ubuntu
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v5
-      - name: Checkout on Ubuntu
-        run: echo "Project successfully cloned on ${{ runner.os }}. See `Set up Job` stage for more details about the Runner."

.github/workflows/image-publish.yml

@@ -27,7 +27,7 @@ jobs:
 
     steps:
       - name: Install Cosign
-        uses: sigstore/cosign-installer@v3.10.0
+        uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6  # v4.1.2
       - name: Job information
         run: |
           echo "Job information"
@@ -39,13 +39,13 @@ jobs:
           cosign version
 
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           submodules: true
           fetch-depth: 0
 
       - name: Log in to Docker Hub
-        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1  # v3.5.0
+        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121  # v4.1.0
         with:
           registry: docker.io
           username: ${{ secrets.DOCKER_USERNAME }}

.github/workflows/monitoring-test.yml

@@ -30,22 +30,24 @@ jobs:
         docker version
         docker compose version
     - name: Checkout
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6
       with:
         submodules: true
+    - name: Load monitoring image
+      uses: ./.github/actions/load-image
     - name: Run ${{ inputs.name }} test
       run: ${{ inputs.script }}
     - name: Save containers and tracer logs as artifact
       if: always()
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
       with:
         name: monitoring-test-${{ inputs.name }}-logs
         path: |
           logs
           monitoring/mock_uss/output
     - name: Save USS qualifier reports as artifact
       if: always()
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v7
       with:
         name: monitoring-test-${{ inputs.name }}-reports
         path: |

.github/workflows/no-response.yml

@@ -11,6 +11,8 @@ on:
 
 jobs:
   noResponse:
+    permissions:
+      issues: write
     runs-on: ubuntu-latest
     steps:
       - uses: lee-dohm/no-response@9bb0a4b5e6a45046f00353d5de7d90fb8bd773bb