2023-10-19 18:38:40 +00:00
name : Tests
2022-11-10 21:00:44 +00:00
on :
2024-02-01 17:28:56 +00:00
push :
# hitting just main on push suffices to avoid duplicate runs for PRs, since PRs never update main.
# more ideas at https://github.com/orgs/community/discussions/26940 including branches-ignore
branches :
- main
pull_request :
2022-11-10 21:00:44 +00:00
2022-11-11 13:56:12 +00:00
defaults :
run :
working-directory : spiffworkflow-backend
2022-11-10 21:00:44 +00:00
jobs :
2023-10-19 18:38:40 +00:00
tests-backend :
2022-11-11 17:39:46 +00:00
name : ${{ matrix.session }} ${{ matrix.python }} / ${{ matrix.os }} ${{ matrix.database }}
runs-on : ${{ matrix.os }}
strategy :
fail-fast : false
matrix :
include :
2024-01-24 13:00:10 +00:00
- { python : "3.12" , os : "ubuntu-latest" , session : "safety" }
- { python : "3.12" , os : "ubuntu-latest" , session : "mypy" }
2023-03-28 19:56:57 +00:00
- { python : "3.11" , os : "ubuntu-latest" , session : "safety" }
2022-11-13 04:24:09 +00:00
- { python : "3.11" , os : "ubuntu-latest" , session : "mypy" }
- { python : "3.10" , os : "ubuntu-latest" , session : "mypy" }
2022-11-11 17:39:46 +00:00
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "mysql" ,
}
2024-01-24 13:00:10 +00:00
- {
python : "3.12" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "mysql" ,
upload_coverage : true ,
}
2022-11-13 04:24:09 +00:00
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "postgres" ,
}
2024-01-24 13:00:10 +00:00
- {
python : "3.12" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "postgres" ,
}
2022-11-13 04:24:09 +00:00
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "sqlite" ,
}
2024-01-24 13:00:10 +00:00
- {
python : "3.12" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "sqlite" ,
}
2022-11-13 04:24:09 +00:00
- {
python : "3.10" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "sqlite" ,
}
2023-05-17 18:06:50 +00:00
# FIXME: tests cannot pass on windows and we currently cannot debug
# since none of us have a windows box that can run the python app.
# so ignore windows tests until we can get it fixed.
# - {
# python: "3.10",
# os: "windows-latest",
# session: "tests",
# database: "sqlite",
# }
2022-11-13 04:24:09 +00:00
- {
python : "3.11" ,
os : "macos-latest" ,
session : "tests" ,
database : "sqlite" ,
}
- {
# typeguard 2.13.3 is broken with TypeDict in 3.11.
# probably the next release fixes it.
# https://github.com/agronholm/typeguard/issues/242
python : "3.11" ,
os : "ubuntu-latest" ,
session : "typeguard" ,
database : "sqlite" ,
}
2024-01-24 13:00:10 +00:00
- {
# typeguard 2.13.3 is broken with TypeDict in 3.11.
# probably the next release fixes it.
# https://github.com/agronholm/typeguard/issues/242
python : "3.12" ,
os : "ubuntu-latest" ,
session : "typeguard" ,
database : "sqlite" ,
}
2023-06-13 14:46:26 +00:00
# - { python: "3.11", os: "ubuntu-latest", session: "xdoctest" }
2023-05-19 13:15:19 +00:00
# - { python: "3.11", os: "ubuntu-latest", session: "docs-build" }
2022-11-11 17:39:46 +00:00
env :
2023-02-16 12:59:51 +00:00
FLASK_SESSION_SECRET_KEY : super_secret_key
2022-11-11 17:39:46 +00:00
FORCE_COLOR : "1"
PRE_COMMIT_COLOR : "always"
2023-02-16 12:59:51 +00:00
SPIFFWORKFLOW_BACKEND_DATABASE_PASSWORD : password
SPIFFWORKFLOW_BACKEND_DATABASE_TYPE : ${{ matrix.database }}
2024-01-11 14:14:25 +00:00
SPIFFWORKFLOW_BACKEND_RUNNING_IN_CI : "true"
2022-11-11 17:39:46 +00:00
steps :
- name : Check out the repository
2024-02-12 15:15:20 +00:00
uses : actions/checkout@v4
2022-11-11 17:39:46 +00:00
- name : Set up Python ${{ matrix.python }}
2024-02-16 15:04:49 +00:00
uses : actions/setup-python@v5.0.0
2022-11-11 17:39:46 +00:00
with :
python-version : ${{ matrix.python }}
- name : Upgrade pip
run : |
2023-08-03 15:49:30 +00:00
pip install --constraint=../.github/workflows/constraints.txt pip
2022-11-11 17:39:46 +00:00
pip --version
- name : Upgrade pip in virtual environments
shell : python
run : |
import os
import pip
with open(os.environ["GITHUB_ENV"], mode="a") as io:
print(f"VIRTUALENV_PIP={pip.__version__}", file=io)
- name : Install Poetry
run : |
2023-08-03 15:49:30 +00:00
pipx install --pip-args=--constraint=../.github/workflows/constraints.txt poetry
2022-11-11 17:39:46 +00:00
poetry --version
2023-05-19 11:05:58 +00:00
# when we get an imcompatible sqlite migration again and need to combine all migrations into one for the benefit of sqlite
# see if we can get the sqlite-specific block in the noxfile.py to work instead of this block in the github workflow,
# which annoyingly runs python setup outside of the nox environment (which seems to be flakier on poetry install).
# - name: Checkout Samples
# if: matrix.database == 'sqlite'
2024-02-12 15:15:20 +00:00
# uses: actions/checkout@v4
2023-05-19 11:05:58 +00:00
# with:
# repository: sartography/sample-process-models
# path: sample-process-models
# - name: Poetry Install
# if: matrix.database == 'sqlite'
# run: poetry install
# - name: Setup sqlite
# if: matrix.database == 'sqlite'
# env:
# SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR: "${GITHUB_WORKSPACE}/sample-process-models"
# run: ./bin/recreate_db clean rmall
2023-02-27 22:00:34 +00:00
2022-11-11 17:39:46 +00:00
- name : Setup Mysql
uses : mirromutth/mysql-action@v1.1
with :
host port : 3306
container port : 3306
mysql version : "8.0"
2023-02-09 22:07:36 +00:00
mysql database : "spiffworkflow_backend_unit_testing"
2022-11-11 17:39:46 +00:00
mysql root password : password
2024-01-11 14:14:25 +00:00
collation server : "utf8mb4_0900_as_cs"
2022-11-11 17:39:46 +00:00
if : matrix.database == 'mysql'
- name : Setup Postgres
2023-02-09 22:07:36 +00:00
run : docker run --name postgres-spiff -p 5432:5432 -e POSTGRES_PASSWORD=spiffworkflow_backend -e POSTGRES_USER=spiffworkflow_backend -e POSTGRES_DB=spiffworkflow_backend_unit_testing -d postgres
2022-11-11 17:39:46 +00:00
if : matrix.database == 'postgres'
2023-08-03 15:49:30 +00:00
- name : Install mysqlclient lib dependencies
if : matrix.os == 'macos-latest'
2024-02-07 17:52:02 +00:00
# mysql 8.3 causes failure in poetry install so pin to 8.0. https://github.com/feast-dev/feast/issues/3916
# 8.0 is keg-only, so we have to force link it in order for pkg-config and everything to find it.
2022-11-11 17:39:46 +00:00
run : |
2024-02-07 17:52:02 +00:00
brew install mysql@8.0 pkg-config && brew link mysql@8.0
2023-08-03 15:49:30 +00:00
- name : Run Session
run : |
./bin/run_ci_session ${{ matrix.session }}
2022-11-11 17:39:46 +00:00
- name : Upload coverage data
# pin to upload coverage from only one matrix entry, otherwise coverage gets confused later
2023-08-03 15:49:30 +00:00
if : matrix.upload_coverage
2024-02-06 16:06:51 +00:00
uses : "actions/upload-artifact@v4"
2022-11-13 02:51:35 +00:00
# this action doesn't seem to respect working-directory so include working-directory value in path
2022-11-11 17:39:46 +00:00
with :
name : coverage-data
2022-11-13 02:51:35 +00:00
path : "spiffworkflow-backend/.coverage.*"
2022-11-11 17:39:46 +00:00
2023-05-19 13:15:19 +00:00
# - name: Upload documentation
# if: matrix.session == 'docs-build'
2024-02-06 16:06:51 +00:00
# uses: actions/upload-artifact@v4
2023-05-19 13:15:19 +00:00
# with:
# name: docs
# path: docs/_build
#
2022-11-11 17:39:46 +00:00
- name : Upload logs
if : failure() && matrix.session == 'tests'
2024-02-06 16:06:51 +00:00
uses : "actions/upload-artifact@v4"
2022-11-11 17:39:46 +00:00
with :
name : logs-${{matrix.python}}-${{matrix.os}}-${{matrix.database}}
2023-11-30 18:51:01 +00:00
path : "./spiffworkflow-backend/log/*.log"
2022-11-11 17:39:46 +00:00
run_pre_commit_checks :
runs-on : ubuntu-latest
defaults :
run :
working-directory : .
steps :
- name : Check out the repository
2024-02-12 15:15:20 +00:00
uses : actions/checkout@v4
2022-11-11 17:39:46 +00:00
- name : Set up Python
2024-02-16 15:04:49 +00:00
uses : actions/setup-python@v5.0.0
2022-11-11 17:39:46 +00:00
with :
python-version : "3.11"
- name : Install Poetry
run : |
2023-08-03 15:49:30 +00:00
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
2022-11-11 17:39:46 +00:00
poetry --version
- name : Poetry Install
run : poetry install
- name : run_pre_commit
run : ./bin/run_pre_commit_in_ci
check_docker_start_script :
2023-10-19 18:22:52 +00:00
permissions :
contents : read # for actions/checkout to fetch code
security-events : write # for github/codeql-action/upload-sarif to upload SARIF results
actions : read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
2022-11-11 17:39:46 +00:00
runs-on : ubuntu-latest
steps :
- name : Check out the repository
2024-02-12 15:15:20 +00:00
uses : actions/checkout@v4
2023-01-09 19:35:36 +00:00
- name : Checkout Samples
2024-02-12 15:15:20 +00:00
uses : actions/checkout@v4
2023-01-09 19:35:36 +00:00
with :
repository : sartography/sample-process-models
path : sample-process-models
2022-11-11 17:39:46 +00:00
- name : start_backend
run : ./bin/build_and_run_with_docker_compose
timeout-minutes : 20
env :
2023-01-06 21:33:20 +00:00
SPIFFWORKFLOW_BACKEND_RUN_DATA_SETUP : "false"
2022-11-11 17:39:46 +00:00
- name : wait_for_backend
2023-12-06 16:21:32 +00:00
run : ./bin/wait_for_backend_to_be_up 5
2022-11-11 17:39:46 +00:00
coverage :
runs-on : ubuntu-latest
2023-10-19 18:38:40 +00:00
needs : [ tests-backend, run_pre_commit_checks, check_docker_start_script]
2022-11-11 17:39:46 +00:00
steps :
- name : Check out the repository
2024-02-12 15:15:20 +00:00
uses : actions/checkout@v4
2022-11-11 17:39:46 +00:00
with :
# Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
fetch-depth : 0
- name : Set up Python
2024-02-16 15:04:49 +00:00
uses : actions/setup-python@v5.0.0
2022-11-11 17:39:46 +00:00
with :
python-version : "3.11"
- name : Upgrade pip
run : |
2023-08-03 15:49:30 +00:00
pip install --constraint=../.github/workflows/constraints.txt pip
2022-11-11 17:39:46 +00:00
pip --version
- name : Install Poetry
run : |
2023-08-03 15:49:30 +00:00
pipx install --pip-args=--constraint=../.github/workflows/constraints.txt poetry
2022-11-11 17:39:46 +00:00
poetry --version
- name : Download coverage data
2024-02-15 15:20:56 +00:00
uses : actions/download-artifact@v4.1.2
2022-11-11 17:39:46 +00:00
with :
name : coverage-data
2022-11-13 04:04:29 +00:00
# this action doesn't seem to respect working-directory so include working-directory value in path
path : spiffworkflow-backend
2022-11-11 17:39:46 +00:00
2023-08-03 15:49:30 +00:00
- name : Run Coverage
2022-11-11 17:39:46 +00:00
run : |
2023-08-03 15:49:30 +00:00
./bin/run_ci_session coverage
2022-11-11 17:39:46 +00:00
- name : Upload coverage report
2024-02-19 15:21:49 +00:00
uses : codecov/codecov-action@v4.0.1
2022-11-11 17:39:46 +00:00
- name : SonarCloud Scan
2024-01-29 15:53:03 +00:00
uses : sonarsource/sonarcloud-github-action@v2.1.1
2022-11-11 17:39:46 +00:00
# thought about just skipping dependabot
# if: ${{ github.actor != 'dependabot[bot]' }}
# but figured all pull requests seems better, since none of them will have access to sonarcloud.
# however, with just skipping pull requests, the build associated with "Triggered via push" is also associated with the pull request and also fails hitting sonarcloud
# if: ${{ github.event_name != 'pull_request' }}
# so just skip everything but main
if : github.ref_name == 'main'
2022-11-14 19:25:27 +00:00
with :
2023-03-28 12:22:17 +00:00
projectBaseDir : spiffworkflow-backend
2022-11-11 17:39:46 +00:00
env :
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
# part about saving PR number and then using it from auto-merge-dependabot-prs from:
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run
2024-02-02 18:43:01 +00:00
- name : Write PR number to spiffworkflow-backend/pr dir
2022-11-11 17:39:46 +00:00
if : ${{ github.event_name == 'pull_request' }}
env :
PR_NUMBER : ${{ github.event.number }}
run : |
mkdir -p ./pr
echo "$PR_NUMBER" > ./pr/pr_number
2024-02-02 18:43:01 +00:00
- name : Upload PR number as artifact
2024-02-06 16:06:51 +00:00
uses : actions/upload-artifact@v4
2024-02-02 18:43:01 +00:00
if : ${{ github.event_name == 'pull_request' }}
2022-11-11 17:39:46 +00:00
with :
name : pr_number
2024-02-02 18:35:46 +00:00
# at https://github.com/sartography/spiff-arena/actions/runs/7757308061/job/21156982087, for example,
# it said: "Warning: No files were found with the provided path: pr", so assuming this is running
# from spiff-arena root rather than the default working-directory we specified, and therefore
# trying to explicitly add spiffworkflow-backend to path
path : spiffworkflow-backend/pr/
2024-02-02 18:43:01 +00:00
if-no-files-found : error
2023-10-19 18:38:40 +00:00
tests-frontend :
runs-on : ubuntu-latest
needs : [ tests-backend, run_pre_commit_checks, check_docker_start_script]
defaults :
run :
working-directory : spiffworkflow-frontend
steps :
- name : Development Code
2024-02-12 15:15:20 +00:00
uses : actions/checkout@v4
2023-10-19 18:38:40 +00:00
with :
# Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
fetch-depth : 0
ref : ${{ github.event.workflow_run.head_sha }}
- name : Setup Node
2024-02-07 15:11:25 +00:00
uses : actions/setup-node@v4
2023-10-19 18:38:40 +00:00
with :
node-version : 18. x
- run : npm install
- run : npm run lint
- run : npm test
- run : npm run build --if-present
- name : SonarCloud Scan
# thought about just skipping dependabot
# if: ${{ github.actor != 'dependabot[bot]' }}
# but figured all pull requests seems better, since none of them will have access to sonarcloud.
# however, with just skipping pull requests, the build associated with "Triggered via push" is also associated with the pull request and also fails hitting sonarcloud
# if: ${{ github.event_name != 'pull_request' }}
# so just skip everything but main
if : github.ref_name == 'main'
2024-01-29 15:53:03 +00:00
uses : sonarsource/sonarcloud-github-action@v2.1.1
2023-10-19 18:38:40 +00:00
with :
projectBaseDir : spiffworkflow-frontend
env :
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
cypress-run :
runs-on : ubuntu-latest
needs : [ tests-backend, run_pre_commit_checks, check_docker_start_script]
defaults :
run :
working-directory : spiffworkflow-frontend
steps :
- name : Checkout
2024-02-12 15:15:20 +00:00
uses : actions/checkout@v4
2023-10-19 18:38:40 +00:00
with :
ref : ${{ github.event.workflow_run.head_sha }}
- name : Checkout Samples
2024-02-12 15:15:20 +00:00
uses : actions/checkout@v4
2023-10-19 18:38:40 +00:00
with :
repository : sartography/sample-process-models
path : sample-process-models
- name : start_keycloak
working-directory : ./spiffworkflow-backend
run : ./keycloak/bin/start_keycloak
- name : start_backend
working-directory : ./spiffworkflow-backend
run : ./bin/build_and_run_with_docker_compose
timeout-minutes : 20
env :
SPIFFWORKFLOW_BACKEND_LOAD_FIXTURE_DATA : "true"
SPIFFWORKFLOW_BACKEND_PERMISSIONS_FILE_NAME : "acceptance_tests.yml"
- name : start_frontend
# working-directory: ./spiffworkflow-frontend
run : ./bin/build_and_run_with_docker_compose
- name : wait_for_backend
working-directory : ./spiffworkflow-backend
2023-12-06 16:21:32 +00:00
run : ./bin/wait_for_backend_to_be_up 5
2023-10-19 18:38:40 +00:00
- name : wait_for_frontend
# working-directory: ./spiffworkflow-frontend
run : ./bin/wait_for_frontend_to_be_up 5
- name : wait_for_keycloak
working-directory : ./spiffworkflow-backend
run : ./keycloak/bin/wait_for_keycloak 5
- name : Dump GitHub context
env :
GITHUB_CONTEXT : ${{ toJson(github) }}
run : |
echo "$GITHUB_CONTEXT"
- name : Cypress run
2024-02-05 15:23:04 +00:00
uses : cypress-io/github-action@v6
2023-10-19 18:38:40 +00:00
with :
working-directory : ./spiffworkflow-frontend
browser : chrome
# only record on push, not pull_request, since we do not have secrets for PRs,
# so the required CYPRESS_RECORD_KEY will not be available.
# we have limited runs in cypress cloud, so only record main builds
# the direct check for github.event_name == 'push' is for if we want to go back to triggering this workflow
# directly, rather than when Backend Tests complete.
# note that github.event.workflow_run is referring to the Backend Tests workflow and another option
# for github.event.workflow_run.event is 'pull_request', which we want to ignore.
record : ${{ github.ref_name == 'main' && ((github.event_name == 'workflow_run' && github.event.workflow_run.event == 'push') || (github.event_name == 'push')) }}
env :
# pass the Dashboard record key as an environment variable
CYPRESS_RECORD_KEY : ${{ secrets.CYPRESS_RECORD_KEY }}
# pass GitHub token to allow accurately detecting a build vs a re-run build
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
CYPRESS_SPIFFWORKFLOW_FRONTEND_AUTH_WITH_KEYCLOAK : "true"
- name : get_backend_logs_from_docker_compose
if : failure()
working-directory : ./spiffworkflow-backend
run : ./bin/get_logs_from_docker_compose >./log/docker_compose.log
- name : Upload logs
if : failure()
2024-02-06 16:06:51 +00:00
uses : "actions/upload-artifact@v4"
2023-10-19 18:38:40 +00:00
with :
name : spiffworkflow-backend-logs
path : "./spiffworkflow-backend/log/*.log"
# https://github.com/cypress-io/github-action#artifacts
- name : upload_screenshots
2024-02-06 16:06:51 +00:00
uses : actions/upload-artifact@v4
2023-10-19 18:38:40 +00:00
if : failure()
with :
name : cypress-screenshots
path : ./spiffworkflow-frontend/cypress/screenshots
# Test run video was always captured, so this action uses "always()" condition
- name : upload_videos
2024-02-06 16:06:51 +00:00
uses : actions/upload-artifact@v4
2023-10-19 18:38:40 +00:00
if : failure()
with :
name : cypress-videos
path : ./spiffworkflow-frontend/cypress/videos
