-
Notifications
You must be signed in to change notification settings - Fork 3
185 lines (164 loc) · 5.69 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
name: ci
on:
push:
branches:
- master
- beta
release:
types:
- created
pull_request:
branches:
- master
- beta
workflow_dispatch: {}
permissions: read-all
jobs:
build:
uses: miracum/.github/.github/workflows/standard-build.yaml@26fdadd65c14ba321e4c3a167f86df9b41b3e813 # v1.12.6
permissions:
contents: write
id-token: write
packages: write
pull-requests: write
actions: read
security-events: write
with:
enable-build-test-layer: true
enable-upload-test-image: true
secrets:
github-token: ${{ secrets.GITHUB_TOKEN }}
add-test-coverage:
runs-on: ubuntu-22.04
needs:
- build
permissions:
# for add Coverage PR Comment
pull-requests: write
if: ${{ github.event_name == 'pull_request' }}
steps:
# <https://docs.docker.com/storage/containerd/>
# via <https://github.com/docker/setup-buildx-action/issues/257>
- name: Set up containerd image store
shell: bash
run: |
jq '. | .+{"features": {"containerd-snapshotter": true}}' /etc/docker/daemon.json > /tmp/docker-daemon-with-containerd.json
sudo mv /tmp/docker-daemon-with-containerd.json /etc/docker/daemon.json
cat /etc/docker/daemon.json
sudo systemctl restart docker
docker info -f '{{ .DriverStatus }}'
- name: Download test image
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.build.outputs.image-slug }}-test
path: /tmp
- name: Load test image
run: |
docker load --input /tmp/image-test.tar
docker image ls
- name: Copy unit test coverage reports from test container
env:
UNIT_TEST_IMAGE: ${{ fromJson(needs.build.outputs.test-image-meta-json).tags[0] }}
run: |
docker create --name=unit-test-container "${UNIT_TEST_IMAGE}"
docker cp unit-test-container:/test ${{ github.workspace }}/test
- name: Add coverage to PR
id: jacoco
uses: madrapps/jacoco-report@7c362aca34caf958e7b1c03464bd8781db9f8da7 # v1.7.1
with:
paths: |
${{ github.workspace }}/test/jacoco/test/jacocoTestReport.xml
token: ${{ secrets.GITHUB_TOKEN }}
min-coverage-overall: 40
min-coverage-changed-files: 60
update-comment: true
title: "## Code Coverage Report"
test:
name: run k8s smoke test
runs-on: ubuntu-22.04
if: ${{ github.event_name == 'pull_request' || github.ref_name == 'beta' }}
needs:
- build
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Create KinD cluster
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0
with:
cluster_name: kind
- name: Download image
if: ${{ github.event_name == 'pull_request' }}
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: ${{ needs.build.outputs.image-slug }}
path: /tmp
- name: Load image into KinD
if: ${{ github.event_name == 'pull_request' }}
run: |
kind load image-archive /tmp/image.tar
# list images in cluster
docker exec kind-control-plane crictl images
- name: Install test chart
env:
IMAGE_TAG: ${{ needs.build.outputs.image-version }}
run: |
helm dep up tests/k8s
# start by first installing the Strimzi and Prometheus operators
helm upgrade --install \
--set "stream-processors.enabled=false" \
--set "stream-processors.processors.obds-to-fhir.container.image.tag=${IMAGE_TAG}" \
--wait \
--timeout=10m \
obds-to-fhir-test \
tests/k8s
kubectl wait kafka/obds-to-fhir-kafka --for=condition=Ready --timeout=300s
# install the actual obds-to-fhir stream processor
helm upgrade --install \
--set "stream-processors.enabled=true" \
--set "stream-processors.processors.obds-to-fhir.container.image.tag=${IMAGE_TAG}" \
--wait \
--timeout=10m \
obds-to-fhir-test \
tests/k8s
- name: Run Helm test to make sure everything started correctly
run: |
helm test obds-to-fhir-test
- name: Print cluster logs
if: always()
run: |
kubectl cluster-info dump -o yaml | tee kind-cluster-dump.txt
- name: Upload cluster dump
if: always()
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: kind-cluster-dump.txt
path: |
kind-cluster-dump.txt
lint:
uses: miracum/.github/.github/workflows/standard-lint.yaml@26fdadd65c14ba321e4c3a167f86df9b41b3e813 # v1.12.6
permissions:
contents: read
pull-requests: write
issues: write
security-events: write
actions: read
with:
codeql-languages: '["java"]'
enable-codeql: true
java-version: "21"
secrets:
github-token: ${{ secrets.GITHUB_TOKEN }}
release:
uses: miracum/.github/.github/workflows/standard-release.yaml@26fdadd65c14ba321e4c3a167f86df9b41b3e813 # v1.12.6
if: ${{ github.ref_name == 'master' || github.event_name == 'workflow_dispatch' }}
needs:
- lint
- build
permissions:
contents: write
pull-requests: write
issues: write
secrets:
semantic-release-token: ${{ secrets.MIRACUM_BOT_SEMANTIC_RELEASE_TOKEN }}