2022-11-22 03:09:13 +00:00
name : Backend Tests
2022-11-10 21:00:44 +00:00
on :
- push
- pull_request
2022-11-11 13:56:12 +00:00
defaults :
run :
working-directory : spiffworkflow-backend
2022-11-10 21:00:44 +00:00
jobs :
2022-11-11 17:39:46 +00:00
tests :
name : ${{ matrix.session }} ${{ matrix.python }} / ${{ matrix.os }} ${{ matrix.database }}
runs-on : ${{ matrix.os }}
strategy :
fail-fast : false
matrix :
include :
2023-03-28 19:56:57 +00:00
- { python : "3.11" , os : "ubuntu-latest" , session : "safety" }
2022-11-13 04:24:09 +00:00
- { python : "3.11" , os : "ubuntu-latest" , session : "mypy" }
- { python : "3.10" , os : "ubuntu-latest" , session : "mypy" }
- { python : "3.9" , os : "ubuntu-latest" , session : "mypy" }
2022-11-11 17:39:46 +00:00
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "mysql" ,
}
2022-11-13 04:24:09 +00:00
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "postgres" ,
}
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "sqlite" ,
}
- {
python : "3.10" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "sqlite" ,
}
- {
python : "3.9" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "sqlite" ,
}
- {
python : "3.10" ,
os : "windows-latest" ,
session : "tests" ,
database : "sqlite" ,
}
- {
python : "3.11" ,
os : "macos-latest" ,
session : "tests" ,
database : "sqlite" ,
}
- {
# typeguard 2.13.3 is broken with TypeDict in 3.11.
# probably the next release fixes it.
# https://github.com/agronholm/typeguard/issues/242
python : "3.11" ,
os : "ubuntu-latest" ,
session : "typeguard" ,
database : "sqlite" ,
}
- { python : "3.11" , os : "ubuntu-latest" , session : "xdoctest" }
- { python : "3.11" , os : "ubuntu-latest" , session : "docs-build" }
2022-11-11 17:39:46 +00:00
env :
2023-02-16 12:59:51 +00:00
FLASK_SESSION_SECRET_KEY : super_secret_key
2022-11-11 17:39:46 +00:00
FORCE_COLOR : "1"
2023-02-16 12:59:51 +00:00
NOXSESSION : ${{ matrix.session }}
2022-11-11 17:39:46 +00:00
PRE_COMMIT_COLOR : "always"
2023-02-16 12:59:51 +00:00
SPIFFWORKFLOW_BACKEND_DATABASE_PASSWORD : password
SPIFFWORKFLOW_BACKEND_DATABASE_TYPE : ${{ matrix.database }}
2022-11-11 17:39:46 +00:00
steps :
- name : Check out the repository
2023-02-24 19:14:17 +00:00
uses : actions/checkout@v3.3.0
2022-11-11 17:39:46 +00:00
- name : Set up Python ${{ matrix.python }}
2023-04-20 15:06:49 +00:00
uses : actions/setup-python@v4.6.0
2022-11-11 17:39:46 +00:00
with :
python-version : ${{ matrix.python }}
- name : Upgrade pip
run : |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name : Upgrade pip in virtual environments
shell : python
run : |
import os
import pip
with open(os.environ["GITHUB_ENV"], mode="a") as io:
print(f"VIRTUALENV_PIP={pip.__version__}", file=io)
- name : Install Poetry
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name : Install Nox
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
nox --version
2023-02-27 22:10:14 +00:00
- name : Checkout Samples
if : matrix.database == 'sqlite'
uses : actions/checkout@v3
with :
repository : sartography/sample-process-models
path : sample-process-models
2023-02-27 22:21:34 +00:00
- name : Poetry Install
if : matrix.database == 'sqlite'
run : poetry install
2023-02-27 22:00:34 +00:00
- name : Setup sqlite
if : matrix.database == 'sqlite'
2023-02-28 00:16:06 +00:00
env :
SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR : "${GITHUB_WORKSPACE}/sample-process-models"
run : ./bin/recreate_db clean rmall
2023-02-27 22:00:34 +00:00
2022-11-11 17:39:46 +00:00
- name : Setup Mysql
uses : mirromutth/mysql-action@v1.1
with :
host port : 3306
container port : 3306
mysql version : "8.0"
2023-02-09 22:07:36 +00:00
mysql database : "spiffworkflow_backend_unit_testing"
2022-11-11 17:39:46 +00:00
mysql root password : password
2023-03-03 18:13:01 +00:00
collation server : 'utf8mb4_0900_as_cs'
2022-11-11 17:39:46 +00:00
if : matrix.database == 'mysql'
- name : Setup Postgres
2023-02-09 22:07:36 +00:00
run : docker run --name postgres-spiff -p 5432:5432 -e POSTGRES_PASSWORD=spiffworkflow_backend -e POSTGRES_USER=spiffworkflow_backend -e POSTGRES_DB=spiffworkflow_backend_unit_testing -d postgres
2022-11-11 17:39:46 +00:00
if : matrix.database == 'postgres'
- name : Run Nox
run : |
nox --force-color --python=${{ matrix.python }}
- name : Upload coverage data
# pin to upload coverage from only one matrix entry, otherwise coverage gets confused later
2022-11-13 02:51:35 +00:00
if : always() && matrix.session == 'tests' && matrix.python == '3.11' && matrix.os == 'ubuntu-latest' && matrix.database == 'mysql'
2023-02-24 19:31:39 +00:00
uses : "actions/upload-artifact@v3"
2022-11-13 02:51:35 +00:00
# this action doesn't seem to respect working-directory so include working-directory value in path
2022-11-11 17:39:46 +00:00
with :
name : coverage-data
2022-11-13 02:51:35 +00:00
path : "spiffworkflow-backend/.coverage.*"
2022-11-11 17:39:46 +00:00
- name : Upload documentation
if : matrix.session == 'docs-build'
2023-02-24 19:31:39 +00:00
uses : actions/upload-artifact@v3
2022-11-11 17:39:46 +00:00
with :
name : docs
path : docs/_build
- name : Upload logs
if : failure() && matrix.session == 'tests'
2023-02-24 19:31:39 +00:00
uses : "actions/upload-artifact@v3"
2022-11-11 17:39:46 +00:00
with :
name : logs-${{matrix.python}}-${{matrix.os}}-${{matrix.database}}
path : "./log/*.log"
2023-03-28 21:14:58 +00:00
# burnettk created an account at https://app.snyk.io/org/kevin-jfx
# and added his SNYK_TOKEN secret under the spiff-arena repo.
2023-03-28 20:55:13 +00:00
snyk :
2023-03-28 20:42:48 +00:00
runs-on : ubuntu-latest
steps :
- uses : actions/checkout@master
- name : Run Snyk to check for vulnerabilities
uses : snyk/actions/python@master
2023-03-28 20:55:13 +00:00
with :
args : spiffworkflow-backend
2023-03-28 20:42:48 +00:00
env :
SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
2022-11-11 17:39:46 +00:00
run_pre_commit_checks :
runs-on : ubuntu-latest
defaults :
run :
working-directory : .
steps :
- name : Check out the repository
2023-02-24 19:14:17 +00:00
uses : actions/checkout@v3.3.0
2022-11-11 17:39:46 +00:00
- name : Set up Python
2023-04-20 15:06:49 +00:00
uses : actions/setup-python@v4.6.0
2022-11-11 17:39:46 +00:00
with :
python-version : "3.11"
- name : Install Poetry
run : |
2023-03-06 19:22:59 +00:00
pipx install --pip-args=--constraint=spiffworkflow-backend/.github/workflows/constraints.txt poetry
2022-11-11 17:39:46 +00:00
poetry --version
- name : Poetry Install
run : poetry install
- name : run_pre_commit
run : ./bin/run_pre_commit_in_ci
check_docker_start_script :
runs-on : ubuntu-latest
steps :
- name : Check out the repository
2023-02-24 19:14:17 +00:00
uses : actions/checkout@v3.3.0
2023-01-09 19:35:36 +00:00
- name : Checkout Samples
uses : actions/checkout@v3
with :
repository : sartography/sample-process-models
path : sample-process-models
2022-11-11 17:39:46 +00:00
- name : start_backend
run : ./bin/build_and_run_with_docker_compose
timeout-minutes : 20
env :
2023-01-06 21:33:20 +00:00
SPIFFWORKFLOW_BACKEND_RUN_DATA_SETUP : "false"
2022-11-11 17:39:46 +00:00
- name : wait_for_backend
run : ./bin/wait_for_server_to_be_up 5
coverage :
runs-on : ubuntu-latest
2022-11-13 04:20:34 +00:00
needs : [ tests, run_pre_commit_checks, check_docker_start_script]
2022-11-11 17:39:46 +00:00
steps :
- name : Check out the repository
2023-02-24 19:14:17 +00:00
uses : actions/checkout@v3.3.0
2022-11-11 17:39:46 +00:00
with :
# Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
fetch-depth : 0
- name : Set up Python
2023-04-20 15:06:49 +00:00
uses : actions/setup-python@v4.6.0
2022-11-11 17:39:46 +00:00
with :
python-version : "3.11"
- name : Upgrade pip
run : |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name : Install Poetry
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name : Install Nox
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
nox --version
- name : Download coverage data
uses : actions/download-artifact@v3.0.1
with :
name : coverage-data
2022-11-13 04:04:29 +00:00
# this action doesn't seem to respect working-directory so include working-directory value in path
path : spiffworkflow-backend
2022-11-11 17:39:46 +00:00
- name : Combine coverage data and display human readable report
run : |
find . -name \*.pyc -delete
2022-11-13 04:18:17 +00:00
nox --force-color --session=coverage
2022-11-11 17:39:46 +00:00
- name : Create coverage report
run : |
nox --force-color --session=coverage -- xml
- name : Upload coverage report
2023-04-21 15:02:55 +00:00
uses : codecov/codecov-action@v3.1.3
2022-11-11 17:39:46 +00:00
- name : SonarCloud Scan
2023-04-24 15:07:47 +00:00
uses : sonarsource/sonarcloud-github-action@v1.9
2022-11-11 17:39:46 +00:00
# thought about just skipping dependabot
# if: ${{ github.actor != 'dependabot[bot]' }}
# but figured all pull requests seems better, since none of them will have access to sonarcloud.
# however, with just skipping pull requests, the build associated with "Triggered via push" is also associated with the pull request and also fails hitting sonarcloud
# if: ${{ github.event_name != 'pull_request' }}
# so just skip everything but main
if : github.ref_name == 'main'
2022-11-14 19:25:27 +00:00
with :
2023-03-28 12:22:17 +00:00
projectBaseDir : spiffworkflow-backend
2022-11-11 17:39:46 +00:00
env :
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
# part about saving PR number and then using it from auto-merge-dependabot-prs from:
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run
- name : Save PR number
if : ${{ github.event_name == 'pull_request' }}
env :
PR_NUMBER : ${{ github.event.number }}
run : |
mkdir -p ./pr
echo "$PR_NUMBER" > ./pr/pr_number
- uses : actions/upload-artifact@v3
with :
name : pr_number
path : pr/