-
Notifications
You must be signed in to change notification settings - Fork 311
179 lines (148 loc) · 6.58 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
name: CI
on:
push:
branches: [ main ]
pull_request:
branches: [ main ]
schedule:
- cron: '30 2 * * *' # Every night at 2:30am UTC (if you change this schedule, also change the if statement in the test steps)
jobs:
build:
name: "Build"
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
with:
path: encr.dev
- name: Set up Node
uses: actions/setup-node@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: 'encr.dev/go.mod'
check-latest: true
cache-dependency-path: 'encr.dev/go.sum'
- name: Build
run: cd encr.dev && go build ./...
- name: Build for Windows
run: cd encr.dev && go build ./...
env:
GOOS: windows
test:
name: "Test"
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
with:
path: encr.dev
- name: Set up Node
uses: actions/setup-node@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: 'encr.dev/go.mod'
check-latest: true
cache-dependency-path: 'encr.dev/go.sum'
- name: Install go-junit-report
run: go install github.com/jstemmer/go-junit-report/v2@7933520 # Note: this is an untagged latest release, as the v2.0.0 tag has a bug which doesn't work with the reporting tool
- name: Install encore-go
run: |
URL=$(curl -s https://api.github.com/repos/encoredev/go/releases/latest | grep "browser_download_url.*linux_x86-64.tar.gz" | cut -d : -f 2,3 | tr -d \")
curl --fail -L -o encore-go.tar.gz $URL && tar -C . -xzf ./encore-go.tar.gz
# If we're not running on a schedule, we only want to run tests on changed code
- name: Run tests on changed code on the CLI
run: cd encr.dev && go test -v -short -tags=dev_build 2>&1 ./... | go-junit-report -set-exit-code > cli-test-report.xml
if: github.event.schedule != '30 2 * * *'
env:
ENCORE_GOROOT: ${{ github.workspace }}/encore-go
ENCORE_RUNTIME_PATH: ${{ github.workspace }}/encr.dev/runtime
- name: Run tests on changed runtime code
run: cd encr.dev/runtime && go test -v -short -tags=dev_build 2>&1 ./... | go-junit-report -set-exit-code > runtime-test-report.xml
if: github.event.schedule != '30 2 * * *'
# Each night we want to run all tests multiple times to catch any flaky tests
# We will shuffle the order in which tests are run and run them 25 times looking
# for failures. We will also fail fast so that we don't waste time running tests
# that are already failing.
- name: Run all tests multiple times on the CLI
run: cd encr.dev && go test -v --count=5 -failfast -shuffle=on -timeout=30m -tags=dev_build 2>&1 ./... | go-junit-report -iocopy -set-exit-code -out cli-test-report.xml
if: github.event.schedule == '30 2 * * *'
env:
ENCORE_GOROOT: ${{ github.workspace }}/encore-go
ENCORE_RUNTIME_PATH: ${{ github.workspace }}/encr.dev/runtime
- name: Run all tests multiple times on the runtime
run: cd encr.dev/runtime && go test -v --count=5 -failfast -shuffle=on -timeout=30m -tags=dev_build 2>&1 ./... | go-junit-report -iocopy -set-exit-code -out runtime-test-report.xml
if: github.event.schedule == '30 2 * * *'
# We upload the test results as artifacts so that in PR's
# we can use a separate action to post a comment with the
# test results.
#
# See: https://github.com/EnricoMi/publish-unit-test-result-action#support-fork-repositories-and-dependabot-branches
- name: Upload Test Results
if: always()
uses: actions/upload-artifact@v3
with:
name: Test Results
path: encr.dev/**/*-test-report.xml
- name: Report Nightly Failure
uses: ravsamhq/notify-slack-action@bca2d7f5660b833a27bda4f6b8bef389ebfefd25
if: ${{ failure() && github.event.schedule == '30 2 * * *' }}
with:
status: ${{ job.status }} # required
notification_title: "{workflow} has {status_message}"
message_format: "{emoji} *{workflow}* {status_message} in <{repo_url}|{repo}>"
footer: "Linked Repo <{repo_url}|{repo}> | <{workflow_url}|View Workflow>"
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_ALERT_WEBHOOK_URL }} # required
# Run static analysis on the PR
static-analysis:
name: "Static Analysis"
# We're using buildjet for this as it's very slow on Github's own runners
runs-on: buildjet-4vcpu-ubuntu-2204
# Skip any PR created by dependabot to avoid permission issues:
if: (github.actor != 'dependabot[bot]')
permissions:
checks: write
contents: read
pull-requests: write
steps:
- uses: actions/checkout@v3
- uses: reviewdog/action-setup@8e48baae926e97848f0863ae248f3b08e089c81f
with:
reviewdog_version: latest
- name: Install jq
uses: dcarbone/install-jq-action@91d8da7268538e8a0ae0c8b72af44f1763228455
- name: Install semgrep
run: |
python3 -m pip install semgrep
python3 -m pip install --upgrade requests
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
cache: false
- name: Install ci tools
run: |
go install honnef.co/go/tools/cmd/staticcheck@master
go install github.com/kisielk/errcheck@latest
go install github.com/gordonklaus/ineffassign@latest
- name: Run reviewdog
env:
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
# Fail the build if there where any static analysis errors within files which where changed
# within this PR. Note: we'll ignore changes made on files which where not modified in this PR.
#
# If we want to fail on any errors only within the lines modified, change to "-filter-mode=added"
# If we want to fail on any errors found in files modified, change to "-filter-mode=file"
# If you want to fail on any errors found in the entire codebase, change to "-filter-mode=nofilter"
run: reviewdog -fail-on-error -filter-mode=file -reporter=github-pr-review
# This job is needed for forked repo's
# See: https://github.com/EnricoMi/publish-unit-test-result-action#support-fork-repositories-and-dependabot-branches
event_file:
name: "Upload Event File"
runs-on: ubuntu-latest
steps:
- name: Upload
uses: actions/upload-artifact@v3
with:
name: Event File
path: ${{ github.event_path }}