Skip to content

chore(deps): update varnish docker tag to v7.6.1 #3209

chore(deps): update varnish docker tag to v7.6.1

chore(deps): update varnish docker tag to v7.6.1 #3209

name: CI (mandatory checks)
on:
push:
branches-ignore:
- staging
- prod
- devel
- gh-readonly-queue/**
tags-ignore:
- staging
- prod
pull_request:
merge_group:
workflow_dispatch:
workflow_call:
env:
USER_ID: 1001
DOCKER_BUILDKIT: 1
COMPOSE_DOCKER_CLI_BUILD: 1
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref_name }}
cancel-in-progress: true
jobs:
api-cs-check:
name: 'Lint: API (php-cs-fixer)'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: shivammathur/setup-php@v2
with:
php-version: '8.3.12'
tools: composer:2.8.0
coverage: none
- name: Get Composer Cache Directory
id: composer-cache
run: 'echo "dir=$(composer config cache-files-dir)" | tr -d "\n" >> $GITHUB_OUTPUT'
working-directory: api
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-composer-
- run: composer install --no-interaction --no-plugins --no-scripts --prefer-dist
working-directory: api
- run: php vendor/bin/php-cs-fixer fix --config=.php-cs-fixer.php -v --dry-run --diff
working-directory: api
frontend-eslint:
name: 'Lint: Frontend (ESLint)'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/setup-node@v4
with:
node-version: '22.9.0'
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --no-audit
working-directory: frontend
- run: |
npm run lint:check:eslint
result=$(npm run lint:check:prettier)
echo $result
if echo $result | grep -E "Code style issues found"; then
exit 1
fi
working-directory: frontend
client-print-eslint:
name: 'Lint: ClientPrint (ESLint)'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/setup-node@v4
with:
node-version: '22.9.0'
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --no-audit
working-directory: pdf
- run: |
npm run lint:check:eslint
result=$(npm run lint:check:prettier)
echo $result
if echo $result | grep -E "Code style issues found"; then
exit 1
fi
working-directory: pdf
print-eslint:
name: 'Lint: Print (ESLint)'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/setup-node@v4
with:
node-version: '22.9.0'
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --no-audit
working-directory: print
- run: |
npm run lint:check:eslint
result=$(npm run lint:check:prettier)
echo $result
if echo $result | grep -E "Code style issues found"; then
exit 1
fi
working-directory: print
e2e-lint:
name: 'Lint: e2e (ESLint)'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/setup-node@v4
with:
node-version: '22.9.0'
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --no-audit
working-directory: e2e
- run: |
npm run lint:check:eslint
result=$(npm run lint:check:prettier)
echo $result
if echo $result | grep -E "Code style issues found"; then
exit 1
fi
working-directory: e2e
api-tests:
name: 'Tests: API'
runs-on: ubuntu-latest
env:
TEST_DATABASE_URL: postgresql://ecamp3:ecamp3@localhost:5432/ecamp3test?serverVersion=15&charset=utf8
services:
postgres:
image: 'postgres:15-alpine'
env:
POSTGRES_DB: 'ecamp3test'
POSTGRES_PASSWORD: 'ecamp3'
POSTGRES_USER: 'ecamp3'
ports:
- '5432:5432'
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: shivammathur/setup-php@v2
with:
php-version: '8.3.12'
extensions: intl-73.1
tools: composer:2.8.0
coverage: pcov
- name: Get Composer Cache Directory
id: composer-cache
run: 'echo "dir=$(composer config cache-files-dir)" | tr -d "\n" >> $GITHUB_OUTPUT'
working-directory: api
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ${{ steps.composer-cache.outputs.dir }}
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
restore-keys: |
${{ runner.os }}-composer-
- run: composer install --prefer-dist --no-progress --no-interaction
working-directory: api
- run: |
mkdir -p var/cache var/log
jwt_passphrase=${JWT_PASSPHRASE:-$(grep ''^JWT_PASSPHRASE='' .env | cut -f 2 -d ''='')}
echo "Generating public / private keys for JWT"
mkdir -p config/jwt
echo "$jwt_passphrase" | openssl genpkey -out config/jwt/private.pem -pass stdin -aes256 -algorithm rsa -pkeyopt rsa_keygen_bits:4096
echo "$jwt_passphrase" | openssl pkey -in config/jwt/private.pem -passin stdin -out config/jwt/public.pem -pubout
setfacl -R -m u:www-data:rX -m u:"$(whoami)":rwX config/jwt
setfacl -dR -m u:www-data:rX -m u:"$(whoami)":rwX config/jwt
working-directory: api
- run: php bin/console doctrine:migrations:migrate --no-interaction -e test
working-directory: api
- run: composer test
working-directory: api
env:
PERFORMANCE_TEST_DEBUG_OUTPUT: ${{ vars.PERFORMANCE_TEST_DEBUG_OUTPUT }}
- name: send coveralls report
run: |
sed -i "s|$(pwd)/api/|api/|g" api/build/logs/clover.xml
api/vendor/bin/php-coveralls -v \
--coverage_clover api/build/logs/clover.xml \
--json_path api/build/logs/coveralls-upload.json
env:
COVERALLS_REPO_TOKEN: ${{ secrets.GITHUB_TOKEN }}
COVERALLS_PARALLEL: true
COVERALLS_FLAG_NAME: api
frontend-tests:
name: 'Tests: Frontend'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/setup-node@v4
with:
node-version: '22.9.0'
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --no-audit
working-directory: pdf
- run: npm run build
working-directory: pdf
- run: npm ci --no-audit
working-directory: frontend
- run: npm run build
working-directory: frontend
- run: npm run test:unit
working-directory: frontend
- name: replace paths in lcov.info that they reflect repo path
run: |
sed -i "s|src/|frontend/src/|g" frontend/data/coverage/lcov.info
- name: Coveralls Parallel
uses: coverallsapp/github-action@v2
with:
flag-name: frontend
parallel: true
fail-on-error: false
print-tests:
name: 'Tests: Print'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/setup-node@v4
with:
node-version: '22.9.0'
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --no-audit
working-directory: print
- run: npm run build
working-directory: print
env:
NODE_OPTIONS: --openssl-legacy-provider
- run: npm run test
working-directory: print
- name: replace paths in lcov.info that they reflect repo path
run: |
sed -i "s|SF:|SF:print/|g" print/coverage/lcov.info
- name: Coveralls Parallel
uses: coverallsapp/github-action@v2
with:
flag-name: print
parallel: true
fail-on-error: false
pdf-tests:
name: 'Tests: PDF'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
- uses: actions/setup-node@v4
with:
node-version: '22.9.0'
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
with:
path: ~/.npm
key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-
- run: npm ci --no-audit
working-directory: pdf
- run: npm run build
working-directory: pdf
- run: npm run test:unit
working-directory: pdf
- name: replace paths in lcov.info that they reflect repo path
run: |
sed -i "s|src/|pdf/src/|g" pdf/data/coverage/lcov.info
- name: Coveralls Parallel
uses: coverallsapp/github-action@v2
with:
flag-name: pdf
parallel: true
fail-on-error: false
e2e-tests-build:
name: 'Tests: End-to-end build'
uses: ./.github/workflows/reusable-e2e-tests-build.yml
e2e-tests-run:
name: 'Tests: End-to-end run'
needs:
- e2e-tests-build
uses: ./.github/workflows/reusable-e2e-tests-run.yml
coveralls-finished:
name: 'Finish coveralls report'
needs:
- api-tests
- frontend-tests
- print-tests
- pdf-tests
runs-on: ubuntu-latest
steps:
- uses: coverallsapp/github-action@v2
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
parallel-finished: true
carryforward: "api,frontend,print,pdf"
fail-on-error: false
workflow-success:
name: workflow-success
needs:
- api-cs-check
- frontend-eslint
- print-eslint
- e2e-lint
- client-print-eslint
- api-tests
- frontend-tests
- print-tests
- pdf-tests
- e2e-tests-run
runs-on: ubuntu-latest
if: always()
steps:
- name: Fail if not all jobs were successful
uses: actions/github-script@v7
with:
script: |
const needs = `${{ toJSON(needs) }}`;
const needsObject = JSON.parse(needs);
for (const [key, value] of Object.entries(needsObject)) {
if (value.result != 'success') {
core.setFailed(`Job ${key} failed`);
}
}
ci-passed-event:
name: 'Send out CI success event'
if: github.event_name == 'push' && (github.event.pull_request && github.event.pull_request.number)
needs:
- workflow-success
runs-on: ubuntu-latest
steps:
- uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3
with:
event-type: ci-passed
client-payload: '{"ref": "${{ github.ref }}", "sha": "${{ github.sha }}"}'