Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Workflow linting and test separation #3684

Merged
merged 7 commits into from
Jan 23, 2024
Merged

Workflow linting and test separation #3684

merged 7 commits into from
Jan 23, 2024

Conversation

withinfocus
Copy link
Contributor

@withinfocus withinfocus commented Jan 18, 2024

Type of change

- [ ] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [X] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

Performs a number of cleanup tasks on wording and lint for YAML, and moves tests around for better alignment and organization.

Before you submit

  • Please check for formatting errors (dotnet format --verify-no-changes) (required)
  • If making database changes - make sure you also update Entity Framework queries and/or migrations
  • Please add unit tests where it makes sense to do so (encouraged but not required)
  • If this change requires a documentation update - notify the documentation team
  • If this change has particular deployment requirements - notify the DevOps team

Copy link

codecov bot commented Jan 18, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (aeca172) 32.42% compared to head (6524c55) 32.58%.

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #3684      +/-   ##
==========================================
+ Coverage   32.42%   32.58%   +0.15%     
==========================================
  Files        1212     1212              
  Lines       63353    63353              
  Branches     4762     4759       -3     
==========================================
+ Hits        20542    20641      +99     
+ Misses      41766    41752      -14     
+ Partials     1045      960      -85     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@withinfocus withinfocus marked this pull request as ready for review January 18, 2024 21:54
@withinfocus withinfocus requested a review from a team as a code owner January 18, 2024 21:54
Copy link
Member

@audreyality audreyality left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏ - for minor or nitpick changes
❓ - for questions
💭 - for open inquiry
🎨 - for suggestions / improvements
⚠️ - for concerns needing attention
🌱 - for future improvements

.github/workflows/_move_finalization_db_scripts.yml Outdated Show resolved Hide resolved
- "main"
- "rc"
- "hotfix-rc"
pull_request:
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❓ The way I read this is that you want to build on any push to main/rc/hotfix-rc, and all pull requests? The main thing I'm concerned about is that with nothing listed under pull_requests, that it's not clear PR branches will be built. Assuming I read it correctly, a comment indicating the behavior being relied upon here would be nice.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's correct, that an open-ended trigger applies to all of that type.

uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0

- name: Set up dotnet
- name: Set up .NET
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ I'd keep this dotnet to keep it consistent with the CLI command run on line 43.

.github/workflows/build.yml Show resolved Hide resolved
@@ -445,7 +402,7 @@ jobs:
if-no-files-found: error

build-mssqlmigratorutility:
name: Build MsSqlMigratorUtility
name: Build MSSQL migrator utility
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Here's another case where I think it's better to stick with the package name being built/installed. Or, barring that, fully spell out Microsoft SQL Server.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There's a few places where "MSSQL" is used and this is traditionally the shorthand and image name, at least in a lot of places.

BW_TEST_DATABASES__1__CONNECTIONSTRING: "server=localhost;uid=root;pwd=SET_A_PASSWORD_HERE_123;database=vault_dev"
# Default Dapper SqlServer
BW_TEST_DATABASES__2__TYPE: "SqlServer"
BW_TEST_DATABASES__2__CONNECTIONSTRING: "Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True;"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ This should use the same connection info as ./Migrate.ps1.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure what you're referring to here.

- name: Docker Compose down
if: always()
working-directory: "dev"
run: docker compose down
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❓ Is volume cleanup necessary?

dotnet --info
nuget help | grep Version
echo "GitHub ref: $GITHUB_REF"
echo "GitHub event: $GITHUB_EVENT"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎨 Since these are going to be seen by folks that might not know what they refer to, I'd be a bit more descriptive.

@@ -0,0 +1,57 @@
---
name: Testing
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⛏️ Maybe "dotnet" or ".Net" testing -- since the database tests are specific, this should be as well.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I kinda thought of this as the location for all logic-level and therefore "generic" tests, whereas the other file is specific infrastructure testing for a database.

jobs:
testing:
name: Run tests
runs-on: ubuntu-22.04
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

❓ Does this need to be tested on windows and *nix? I'm thinking mostly about path manipulation, fwiw, but it could also be important if we're running integration tests for IIS hosts.

.github/workflows/cleanup-after-pr.yml Outdated Show resolved Hide resolved
.github/workflows/cleanup-after-pr.yml Outdated Show resolved Hide resolved
@withinfocus
Copy link
Contributor Author

Made a few more changes based on comments but left a few things alone, perhaps with some ambivalence around making the change or not and being careful about reaching too far here. My goal was almost entirely to tidy and better represent the test step, so I didn't want to make logic changes that materially affect our CI processes.

@bitwarden-bot
Copy link

Logo
Checkmarx One – Scan Summary & Detailsaca2c71d-185f-4c5f-aea5-ff86496a8c50

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH Passwords And Secrets - Generic Password /test-database.yml: 93 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /test-database.yml: 155 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /test-database.yml: 159 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /test-database.yml: 74 Query to find passwords and secrets in infrastructure code.
HIGH Passwords And Secrets - Generic Password /test-database.yml: 87 Query to find passwords and secrets in infrastructure code.
MEDIUM Unpinned Actions Full Length Commit SHA /build.yml: 220 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /build.yml: 578 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /_move_finalization_db_scripts.yml: 27 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /build.yml: 499 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /_move_finalization_db_scripts.yml: 103 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...
MEDIUM Unpinned Actions Full Length Commit SHA /build.yml: 466 Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps...

Fixed Issues

Severity Issue Source File / Package
HIGH Passwords And Secrets - Generic Password /infrastructure-tests.yml: 91
HIGH Passwords And Secrets - Generic Password /infrastructure-tests.yml: 78
HIGH Passwords And Secrets - Generic Password /infrastructure-tests.yml: 97
HIGH Passwords And Secrets - Generic Password /database.yml: 65
HIGH Passwords And Secrets - Generic Password /database.yml: 69
MEDIUM Unpinned Actions Full Length Commit SHA /_move_finalization_db_scripts.yml: 29
MEDIUM Unpinned Actions Full Length Commit SHA /build.yml: 622
MEDIUM Unpinned Actions Full Length Commit SHA /build.yml: 542
MEDIUM Unpinned Actions Full Length Commit SHA /_move_finalization_db_scripts.yml: 105
MEDIUM Unpinned Actions Full Length Commit SHA /build.yml: 509
MEDIUM Unpinned Actions Full Length Commit SHA /build.yml: 263

@withinfocus withinfocus merged commit c63db73 into main Jan 23, 2024
48 checks passed
@withinfocus withinfocus deleted the workflow-lint branch January 23, 2024 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants