Merge branch 'dev' into graphql-mutations-v2 #4249
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test | |
on: | |
push: | |
workflow_call: | |
secrets: | |
CODECOV_TOKEN: | |
required: true | |
SONAR_TOKEN: | |
required: true | |
SONAR_HOST_URL: | |
required: true | |
jobs: | |
unittests: | |
name: Run unit tests | |
runs-on: ubuntu-latest | |
env: | |
DOCKER_BUILDKIT: 1 | |
BUILDKIT_PROGRESS: plain | |
CLOUDSDK_CORE_DISABLE_PROMPTS: 1 | |
# used for generating API | |
SM_DOCKER: samplemetadata:dev | |
defaults: | |
run: | |
shell: bash -eo pipefail -l {0} | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/setup-python@v5 | |
with: | |
python-version: '3.11' | |
- uses: actions/setup-java@v4 | |
with: | |
distribution: 'temurin' # See 'Supported distributions' for available options | |
java-version: '17' | |
- name: Setup build env | |
run: | | |
set -euxo pipefail | |
pip install --no-deps -r requirements-dev.txt | |
# openapi-generator | |
wget https://repo1.maven.org/maven2/org/openapitools/openapi-generator-cli/5.3.0/openapi-generator-cli-5.3.0.jar -O openapi-generator-cli.jar | |
# liquibase connector | |
pushd db/ | |
wget https://repo1.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/3.0.3/mariadb-java-client-3.0.3.jar | |
popd | |
# liquibase | |
VERSION=4.28.0 | |
curl -L https://github.com/liquibase/liquibase/releases/download/v${VERSION}/liquibase-${VERSION}.zip --output liquibase-${VERSION}.zip | |
unzip -o -d liquibase liquibase-${VERSION}.zip | |
echo "$(pwd)/liquibase" >> $GITHUB_PATH | |
- name: 'build image' | |
run: | | |
docker build \ | |
--build-arg SM_ENVIRONMENT=local \ | |
--tag $SM_DOCKER \ | |
-f deploy/api/Dockerfile \ | |
. | |
- name: 'build deployable API' | |
run: | | |
export OPENAPI_COMMAND="java -jar openapi-generator-cli.jar" | |
python regenerate_api.py | |
pip install . | |
- name: 'Run unit tests' | |
id: runtests | |
run: | | |
coverage run -m pytest --doctest-modules --doctest-continue-on-failure test/ --junitxml=test-execution.xml | |
rc=$? | |
coverage xml | |
echo "rc=$rc" >> $GITHUB_OUTPUT | |
- name: 'Upload coverage report' | |
uses: codecov/codecov-action@v4 | |
with: | |
files: ./coverage.xml | |
token: ${{ secrets.CODECOV_TOKEN }} | |
- name: 'Save coverage report as an Artifact' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: coverage-report | |
path: ./coverage.xml | |
- name: 'Save execution report as an Artifact' | |
uses: actions/upload-artifact@v4 | |
with: | |
name: execution-report | |
path: ./test-execution.xml | |
- name: 'build web front-end' | |
run: | | |
set -eo pipefail | |
pushd web | |
# installs package-lock, not what it thinks it should be | |
npm ci | |
npm run build | |
rc=$? | |
echo "web_rc=$rc" >> $GITHUB_OUTPUT | |
# eventually run web front-end tests | |
popd | |
- name: Fail if unit tests are not passing | |
if: ${{ steps.runtests.outputs.rc != 0}} | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.setFailed('Unittests failed with rc = ${{ steps.runtests.outputs.rc }}') | |
- name: Fail if web build fails | |
if: ${{ steps.runtests.outputs.rc != 0}} | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.setFailed('Web failed to build with rc = ${{ steps.runtests.outputs.web_rc }}') | |
sonarqube: | |
name: SonarQube scan | |
runs-on: ubuntu-latest | |
needs: unittests | |
environment: production | |
if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev' | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
# Download the coverage report artifact | |
- name: 'Download coverage and execution report' | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: '*-report' | |
# Perform the SonarQube scan | |
- uses: sonarsource/sonarqube-scan-action@master | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | |
# Optional: Fail the job if Quality Gate is red | |
# If you wish to fail your job when the Quality Gate is red, uncomment the | |
# following lines. This would typically be used to fail a deployment. | |
# - uses: sonarsource/sonarqube-quality-gate-action@master | |
# timeout-minutes: 5 | |
# env: | |
# SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} |