chore(pkg/server): automatic generation of self-signed HTTPS certificate #4084
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: pullCI | |
on: [pull_request] | |
jobs: | |
build: | |
name: build-and-test | |
strategy: | |
matrix: | |
include: | |
- os: ubuntu-latest | |
go: "1.17" | |
- os: ubuntu-latest | |
go: "1.18" | |
testWithMinio: true | |
- os: ubuntu-latest | |
go: "1.18" | |
testWithFips: true | |
- os: ubuntu-latest | |
go: "1.19" | |
test: true | |
- os: windows-latest | |
go: "1.18" | |
testClientOnly: true | |
noWebconsole: true | |
- os: macos-latest | |
go: "1.18" | |
testClientOnly: true | |
runs-on: ${{ matrix.os }} | |
steps: | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.go }} | |
- uses: actions/checkout@v4 | |
- name: Test | |
run: make test | |
if: matrix.test | |
- name: Test (with minio) | |
run: | | |
# Spawn minio docker container in the background | |
docker run -d -t -p 9000:9000 --name minio \ | |
-e "MINIO_ACCESS_KEY=minioadmin" \ | |
-e "MINIO_SECRET_KEY=minioadmin" \ | |
minio/minio server /data | |
# Create immudb bucket | |
docker run --net=host -t --entrypoint /bin/sh minio/mc -c " | |
mc alias set local http://localhost:9000 minioadmin minioadmin && | |
mc mb local/immudb | |
" | |
# Run go tests with minio | |
GO_TEST_FLAGS="-tags minio" make test | |
# Stop minio | |
docker rm -f minio | |
if: matrix.testWithMinio | |
- name: Test (with fips build) | |
run: | | |
make test/fips | |
if: matrix.testWithFips | |
- name: Test Client | |
run: make test-client | |
if: matrix.testClientOnly | |
shell: bash | |
- name: Build with webconsole | |
run: | | |
sudo apt update && sudo apt install curl -y | |
WEBCONSOLE=default SWAGGER=true make all | |
if: "!matrix.noWebconsole" | |
- name: Build without webconsole | |
run: make all | |
if: matrix.noWebconsole | |
- name: Make binaries executable | |
run: chmod +x immudb immuclient immuadmin | |
if: runner.os != 'Windows' | |
- name: Testing immudb operations | |
run: | | |
IMMUCLIENT=./immuclient* | |
IMMUADMIN=./immuadmin* | |
IMMUDB=./immudb* | |
# Run immuclient before a server starts, make sure it fails | |
set -euxo pipefail | |
${IMMUCLIENT} || echo "Test #1 OK - immuclient failed to connect (no server started)" | |
${IMMUDB} -d | |
sleep 5 | |
${IMMUCLIENT} login --username immudb --password immudb || { echo "Test #2 Login (Default credentials) Failed"; exit 1; } | |
echo -n "immudb" | ${IMMUCLIENT} login --username immudb || { echo "Test #3 Login (Default credentials from stdin) Failed"; exit 1; } | |
${IMMUCLIENT} safeset test3 githubaction || { echo "Test #4 Failed to safeset simple values"; exit 1; } | |
sg=$(${IMMUCLIENT} safeget test3) | |
grep -q "githubaction" <<< $sg || { echo "Test #5 Failed safeget responded with $sg"; exit 1; } | |
grep -q "verified" <<< $sg || { echo "Test #6 Failed safeset didn't get verified"; exit 1; } | |
grep -q "true" <<< $sg || { echo "Test #7 Failed safeset didn't get verified"; exit 1; } | |
shell: bash | |
- name: Testing immudb webconsole | |
if: "!matrix.noWebconsole" | |
run: | | |
# Find <title>immudb webconsole</title> | |
webconsole_page=$(curl -s localhost:8080) || { echo "Test #8 web console unreachable"; exit 1; } | |
grep -q "<title>immudb webconsole</title>" <<< $webconsole_page || { echo "Test #9 Failed, web console reachable but title not found"; exit 1; } | |
gosec: | |
name: Run Gosec Security Scanner | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- uses: actions/checkout@v4 | |
- uses: securego/[email protected] | |
with: | |
args: -fmt=json -out=results-$JOB_ID.json -no-fail ./... | |
coveralls: | |
name: Coverage | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: "1.18" | |
- uses: actions/checkout@v4 | |
- run: | | |
# Spawn minio docker container in the background | |
docker run -d -t -p 9000:9000 --name minio \ | |
-e "MINIO_ACCESS_KEY=minioadmin" \ | |
-e "MINIO_SECRET_KEY=minioadmin" \ | |
minio/minio server /data | |
# Create immudb bucket | |
docker run --net=host -t --entrypoint /bin/sh minio/mc -c " | |
mc alias set local http://localhost:9000 minioadmin minioadmin && | |
mc mb local/immudb | |
" | |
export PATH=$PATH:$(go env GOPATH)/bin | |
set -o pipefail | |
./ext-tools/go-acc ./... --covermode=atomic --ignore test,immuclient,immuadmin,helper,fs,cmdtest,sservice,version,tools,webconsole,protomodel,schema,swagger --tags minio || true | |
cat coverage.txt | grep -v "test" | grep -v "schema" | grep -v "protomodel" | grep -v "swagger" | grep -v "webserver.go" | grep -v "immuclient" | grep -v "immuadmin" | grep -v "helper" | grep -v "fs" | grep -v "cmdtest" | grep -v "sservice" | grep -v "version" | grep -v "tools" | grep -v "webconsole" > coverage.out | |
./ext-tools/goveralls -coverprofile=coverage.out -service=gh-ci | |
# Stop minio | |
docker rm -f minio | |
env: | |
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
sonarsource: | |
name: Coverage | |
runs-on: ubuntu-latest | |
if: github.event.pull_request.head.repo.full_name == github.repository | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Analyze with SonarCloud | |
uses: sonarsource/sonarcloud-github-action@master | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
performance-test-suite-detect-runners: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.detect-runners.outputs.matrix }} | |
env: | |
PERF_TEST_RUNS_ON: ${{ secrets.PERF_TEST_RUNS_ON }} | |
PERF_TEST_RUNS_ON_DEFAULT: | | |
{ | |
"targets": [ | |
{ | |
"name": "github-ubuntu-latest", | |
"runs-on": "ubuntu-latest" | |
} | |
] | |
} | |
steps: | |
- id: detect-runners | |
run: | | |
RES="$(echo "${PERF_TEST_RUNS_ON:-${PERF_TEST_RUNS_ON_DEFAULT}}" | jq -c '.targets')" | |
echo "Detected targets:" | |
echo "$RES" | jq . | |
echo "matrix=${RES}" >> $GITHUB_OUTPUT | |
performance-test-suite: | |
needs: performance-test-suite-detect-runners | |
strategy: | |
matrix: | |
target: ${{ fromJson(needs.performance-test-suite-detect-runners.outputs.matrix) }} | |
name: Performance Test Suite (${{ matrix.target.name }}) | |
runs-on: ${{ matrix.target.runs-on }} | |
steps: | |
- uses: actions/setup-go@v5 | |
with: | |
go-version: "1.18" | |
- uses: actions/checkout@v4 | |
- run: go build -o perf-test-suite ./test/performance-test-suite/cmd/perf-test/ | |
- run: ./perf-test-suite > perf-test-results.json | |
- name: Upload test results | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Performance Test Results (${{ matrix.target.name }}) | |
path: perf-test-results.json |