Skip to content

chore(pkg/server): automatic generation of self-signed HTTPS certificate #4084

chore(pkg/server): automatic generation of self-signed HTTPS certificate

chore(pkg/server): automatic generation of self-signed HTTPS certificate #4084

Workflow file for this run

name: pullCI
on: [pull_request]
jobs:
build:
name: build-and-test
strategy:
matrix:
include:
- os: ubuntu-latest
go: "1.17"
- os: ubuntu-latest
go: "1.18"
testWithMinio: true
- os: ubuntu-latest
go: "1.18"
testWithFips: true
- os: ubuntu-latest
go: "1.19"
test: true
- os: windows-latest
go: "1.18"
testClientOnly: true
noWebconsole: true
- os: macos-latest
go: "1.18"
testClientOnly: true
runs-on: ${{ matrix.os }}
steps:
- uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go }}
- uses: actions/checkout@v4
- name: Test
run: make test
if: matrix.test
- name: Test (with minio)
run: |
# Spawn minio docker container in the background
docker run -d -t -p 9000:9000 --name minio \
-e "MINIO_ACCESS_KEY=minioadmin" \
-e "MINIO_SECRET_KEY=minioadmin" \
minio/minio server /data
# Create immudb bucket
docker run --net=host -t --entrypoint /bin/sh minio/mc -c "
mc alias set local http://localhost:9000 minioadmin minioadmin &&
mc mb local/immudb
"
# Run go tests with minio
GO_TEST_FLAGS="-tags minio" make test
# Stop minio
docker rm -f minio
if: matrix.testWithMinio
- name: Test (with fips build)
run: |
make test/fips
if: matrix.testWithFips
- name: Test Client
run: make test-client
if: matrix.testClientOnly
shell: bash
- name: Build with webconsole
run: |
sudo apt update && sudo apt install curl -y
WEBCONSOLE=default SWAGGER=true make all
if: "!matrix.noWebconsole"
- name: Build without webconsole
run: make all
if: matrix.noWebconsole
- name: Make binaries executable
run: chmod +x immudb immuclient immuadmin
if: runner.os != 'Windows'
- name: Testing immudb operations
run: |
IMMUCLIENT=./immuclient*
IMMUADMIN=./immuadmin*
IMMUDB=./immudb*
# Run immuclient before a server starts, make sure it fails
set -euxo pipefail
${IMMUCLIENT} || echo "Test #1 OK - immuclient failed to connect (no server started)"
${IMMUDB} -d
sleep 5
${IMMUCLIENT} login --username immudb --password immudb || { echo "Test #2 Login (Default credentials) Failed"; exit 1; }
echo -n "immudb" | ${IMMUCLIENT} login --username immudb || { echo "Test #3 Login (Default credentials from stdin) Failed"; exit 1; }
${IMMUCLIENT} safeset test3 githubaction || { echo "Test #4 Failed to safeset simple values"; exit 1; }
sg=$(${IMMUCLIENT} safeget test3)
grep -q "githubaction" <<< $sg || { echo "Test #5 Failed safeget responded with $sg"; exit 1; }
grep -q "verified" <<< $sg || { echo "Test #6 Failed safeset didn't get verified"; exit 1; }
grep -q "true" <<< $sg || { echo "Test #7 Failed safeset didn't get verified"; exit 1; }
shell: bash
- name: Testing immudb webconsole
if: "!matrix.noWebconsole"
run: |
# Find <title>immudb webconsole</title>
webconsole_page=$(curl -s localhost:8080) || { echo "Test #8 web console unreachable"; exit 1; }
grep -q "<title>immudb webconsole</title>" <<< $webconsole_page || { echo "Test #9 Failed, web console reachable but title not found"; exit 1; }
gosec:
name: Run Gosec Security Scanner
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/checkout@v4
- uses: securego/[email protected]
with:
args: -fmt=json -out=results-$JOB_ID.json -no-fail ./...
coveralls:
name: Coverage
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v5
with:
go-version: "1.18"
- uses: actions/checkout@v4
- run: |
# Spawn minio docker container in the background
docker run -d -t -p 9000:9000 --name minio \
-e "MINIO_ACCESS_KEY=minioadmin" \
-e "MINIO_SECRET_KEY=minioadmin" \
minio/minio server /data
# Create immudb bucket
docker run --net=host -t --entrypoint /bin/sh minio/mc -c "
mc alias set local http://localhost:9000 minioadmin minioadmin &&
mc mb local/immudb
"
export PATH=$PATH:$(go env GOPATH)/bin
set -o pipefail
./ext-tools/go-acc ./... --covermode=atomic --ignore test,immuclient,immuadmin,helper,fs,cmdtest,sservice,version,tools,webconsole,protomodel,schema,swagger --tags minio || true
cat coverage.txt | grep -v "test" | grep -v "schema" | grep -v "protomodel" | grep -v "swagger" | grep -v "webserver.go" | grep -v "immuclient" | grep -v "immuadmin" | grep -v "helper" | grep -v "fs" | grep -v "cmdtest" | grep -v "sservice" | grep -v "version" | grep -v "tools" | grep -v "webconsole" > coverage.out
./ext-tools/goveralls -coverprofile=coverage.out -service=gh-ci
# Stop minio
docker rm -f minio
env:
COVERALLS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
sonarsource:
name: Coverage
runs-on: ubuntu-latest
if: github.event.pull_request.head.repo.full_name == github.repository
steps:
- uses: actions/checkout@v4
- name: Analyze with SonarCloud
uses: sonarsource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
performance-test-suite-detect-runners:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.detect-runners.outputs.matrix }}
env:
PERF_TEST_RUNS_ON: ${{ secrets.PERF_TEST_RUNS_ON }}
PERF_TEST_RUNS_ON_DEFAULT: |
{
"targets": [
{
"name": "github-ubuntu-latest",
"runs-on": "ubuntu-latest"
}
]
}
steps:
- id: detect-runners
run: |
RES="$(echo "${PERF_TEST_RUNS_ON:-${PERF_TEST_RUNS_ON_DEFAULT}}" | jq -c '.targets')"
echo "Detected targets:"
echo "$RES" | jq .
echo "matrix=${RES}" >> $GITHUB_OUTPUT
performance-test-suite:
needs: performance-test-suite-detect-runners
strategy:
matrix:
target: ${{ fromJson(needs.performance-test-suite-detect-runners.outputs.matrix) }}
name: Performance Test Suite (${{ matrix.target.name }})
runs-on: ${{ matrix.target.runs-on }}
steps:
- uses: actions/setup-go@v5
with:
go-version: "1.18"
- uses: actions/checkout@v4
- run: go build -o perf-test-suite ./test/performance-test-suite/cmd/perf-test/
- run: ./perf-test-suite > perf-test-results.json
- name: Upload test results
uses: actions/upload-artifact@v4
with:
name: Performance Test Results (${{ matrix.target.name }})
path: perf-test-results.json