Skip to content

chore(deps): update github-actions #621

chore(deps): update github-actions

chore(deps): update github-actions #621

Workflow file for this run

name: ci
on:
push:
branches:
- master
- beta
release:
types: [created]
pull_request:
branches:
- master
- beta
permissions: read-all
jobs:
build:
uses: miracum/.github/.github/workflows/standard-build.yaml@b2389048770aa5b9ed439810bf84911fbb07f645 # v1.12.3
permissions:
contents: write
id-token: write
packages: write
pull-requests: write
actions: read
security-events: write
with:
enable-build-test-layer: true
enable-upload-test-image: true
secrets:
github-token: ${{ secrets.GITHUB_TOKEN }}
add-test-coverage:
runs-on: ubuntu-22.04
needs:
- build
permissions:
# for add Coverage PR Comment
pull-requests: write
if: ${{ github.event_name == 'pull_request' }}
steps:
# <https://docs.docker.com/storage/containerd/>
# via <https://github.com/docker/setup-buildx-action/issues/257>
- name: Set up containerd image store
shell: bash
run: |
jq '. | .+{"features": {"containerd-snapshotter": true}}' /etc/docker/daemon.json > /tmp/docker-daemon-with-containerd.json
sudo mv /tmp/docker-daemon-with-containerd.json /etc/docker/daemon.json
cat /etc/docker/daemon.json
sudo systemctl restart docker
docker info -f '{{ .DriverStatus }}'
- name: Download test image
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.build.outputs.image-slug }}-test
path: /tmp
- name: Load test image
run: |
docker load --input /tmp/image-test.tar
docker image ls
- name: Copy unit test coverage reports from test container
env:
UNIT_TEST_IMAGE: ${{ fromJson(needs.build.outputs.test-image-meta-json).tags[0] }}
run: |
docker create --name=unit-test-container "${UNIT_TEST_IMAGE}"
docker cp unit-test-container:/test ${{ github.workspace }}/test
- name: Add coverage to PR
id: jacoco
uses: madrapps/jacoco-report@7c362aca34caf958e7b1c03464bd8781db9f8da7 # v1.7.1
with:
paths: |
${{ github.workspace }}/test/jacoco/test/jacocoTestReport.xml
token: ${{ secrets.GITHUB_TOKEN }}
min-coverage-overall: 40
min-coverage-changed-files: 60
update-comment: true
title: "## Code Coverage Report"
test:
name: run k8s smoke test
runs-on: ubuntu-22.04
if: ${{ github.event_name == 'pull_request' || github.ref_name == 'beta' }}
needs:
- build
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Create KinD cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
with:
cluster_name: kind
- name: Download image
if: ${{ github.event_name == 'pull_request' }}
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.build.outputs.image-slug }}
path: /tmp
- name: Load image into KinD
if: ${{ github.event_name == 'pull_request' }}
run: |
kind load image-archive /tmp/image.tar
# list images in cluster
docker exec kind-control-plane crictl images
- name: Install test chart
env:
IMAGE_TAG: ${{ needs.build.outputs.image-version }}
run: |
helm dep up tests/k8s
# start by first installing the Strimzi and Prometheus operators
helm upgrade --install \
--set "stream-processors.enabled=false" \
--set "stream-processors.processors.obds-to-fhir.container.image.tag=${IMAGE_TAG}" \
--wait \
--timeout=10m \
obds-to-fhir-test \
tests/k8s
kubectl wait kafka/obds-to-fhir-kafka --for=condition=Ready --timeout=300s
# install the actual obds-to-fhir stream processor
helm upgrade --install \
--set "stream-processors.enabled=true" \
--set "stream-processors.processors.obds-to-fhir.container.image.tag=${IMAGE_TAG}" \
--wait \
--timeout=10m \
obds-to-fhir-test \
tests/k8s
- name: Run Helm test to make sure everything started correctly
run: |
helm test obds-to-fhir-test
- name: Print cluster logs
if: always()
run: |
kubectl cluster-info dump -o yaml | tee kind-cluster-dump.txt
- name: Upload cluster dump
if: always()
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: kind-cluster-dump.txt
path: |
kind-cluster-dump.txt
lint:
uses: miracum/.github/.github/workflows/standard-lint.yaml@b2389048770aa5b9ed439810bf84911fbb07f645 # v1.12.3
permissions:
contents: read
pull-requests: write
issues: write
security-events: write
actions: read
with:
codeql-languages: '["java"]'
enable-codeql: true
java-version: "21"
secrets:
github-token: ${{ secrets.GITHUB_TOKEN }}
release:
uses: miracum/.github/.github/workflows/standard-release.yaml@b2389048770aa5b9ed439810bf84911fbb07f645 # v1.12.3
needs:
- lint
- build
permissions:
contents: write
pull-requests: write
issues: write
secrets:
semantic-release-token: ${{ secrets.MIRACUM_BOT_SEMANTIC_RELEASE_TOKEN }}