2022-11-21 22:09:13 -05:00
name : Backend Tests
2022-11-10 16:00:44 -05:00
on :
- push
- pull_request
2022-11-11 08:56:12 -05:00
defaults :
run :
working-directory : spiffworkflow-backend
2022-11-10 16:00:44 -05:00
jobs :
2022-11-11 12:39:46 -05:00
tests :
name : ${{ matrix.session }} ${{ matrix.python }} / ${{ matrix.os }} ${{ matrix.database }}
runs-on : ${{ matrix.os }}
strategy :
fail-fast : false
matrix :
include :
2023-03-28 15:56:57 -04:00
- { python : "3.11" , os : "ubuntu-latest" , session : "safety" }
2022-11-12 23:24:09 -05:00
- { python : "3.11" , os : "ubuntu-latest" , session : "mypy" }
- { python : "3.10" , os : "ubuntu-latest" , session : "mypy" }
2022-11-11 12:39:46 -05:00
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "mysql" ,
}
2022-11-12 23:24:09 -05:00
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "postgres" ,
}
- {
python : "3.11" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "sqlite" ,
}
- {
python : "3.10" ,
os : "ubuntu-latest" ,
session : "tests" ,
database : "sqlite" ,
}
2023-05-17 14:06:50 -04:00
# FIXME: tests cannot pass on windows and we currently cannot debug
# since none of us have a windows box that can run the python app.
# so ignore windows tests until we can get it fixed.
# - {
# python: "3.10",
# os: "windows-latest",
# session: "tests",
# database: "sqlite",
# }
2022-11-12 23:24:09 -05:00
- {
python : "3.11" ,
os : "macos-latest" ,
session : "tests" ,
database : "sqlite" ,
}
- {
# typeguard 2.13.3 is broken with TypeDict in 3.11.
# probably the next release fixes it.
# https://github.com/agronholm/typeguard/issues/242
python : "3.11" ,
os : "ubuntu-latest" ,
session : "typeguard" ,
database : "sqlite" ,
}
- { python : "3.11" , os : "ubuntu-latest" , session : "xdoctest" }
2023-05-19 09:15:19 -04:00
# - { python: "3.11", os: "ubuntu-latest", session: "docs-build" }
2022-11-11 12:39:46 -05:00
env :
2023-02-16 07:59:51 -05:00
FLASK_SESSION_SECRET_KEY : super_secret_key
2022-11-11 12:39:46 -05:00
FORCE_COLOR : "1"
2023-02-16 07:59:51 -05:00
NOXSESSION : ${{ matrix.session }}
2022-11-11 12:39:46 -05:00
PRE_COMMIT_COLOR : "always"
2023-02-16 07:59:51 -05:00
SPIFFWORKFLOW_BACKEND_DATABASE_PASSWORD : password
SPIFFWORKFLOW_BACKEND_DATABASE_TYPE : ${{ matrix.database }}
2023-05-24 11:10:40 -04:00
SPIFFWORKFLOW_BACKEND_RUNNING_IN_CI : 'true'
2022-11-11 12:39:46 -05:00
steps :
- name : Check out the repository
2023-02-24 14:14:17 -05:00
uses : actions/checkout@v3.3.0
2022-11-11 12:39:46 -05:00
- name : Set up Python ${{ matrix.python }}
2023-05-29 21:32:25 +00:00
uses : actions/setup-python@v4.6.1
2022-11-11 12:39:46 -05:00
with :
python-version : ${{ matrix.python }}
- name : Upgrade pip
run : |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name : Upgrade pip in virtual environments
shell : python
run : |
import os
import pip
with open(os.environ["GITHUB_ENV"], mode="a") as io:
print(f"VIRTUALENV_PIP={pip.__version__}", file=io)
- name : Install Poetry
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name : Install Nox
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
nox --version
2023-05-19 07:05:58 -04:00
# when we get an imcompatible sqlite migration again and need to combine all migrations into one for the benefit of sqlite
# see if we can get the sqlite-specific block in the noxfile.py to work instead of this block in the github workflow,
# which annoyingly runs python setup outside of the nox environment (which seems to be flakier on poetry install).
# - name: Checkout Samples
# if: matrix.database == 'sqlite'
# uses: actions/checkout@v3
# with:
# repository: sartography/sample-process-models
# path: sample-process-models
# - name: Poetry Install
# if: matrix.database == 'sqlite'
# run: poetry install
# - name: Setup sqlite
# if: matrix.database == 'sqlite'
# env:
# SPIFFWORKFLOW_BACKEND_BPMN_SPEC_ABSOLUTE_DIR: "${GITHUB_WORKSPACE}/sample-process-models"
# run: ./bin/recreate_db clean rmall
2023-02-27 17:00:34 -05:00
2022-11-11 12:39:46 -05:00
- name : Setup Mysql
uses : mirromutth/mysql-action@v1.1
with :
host port : 3306
container port : 3306
mysql version : "8.0"
2023-02-09 17:07:36 -05:00
mysql database : "spiffworkflow_backend_unit_testing"
2022-11-11 12:39:46 -05:00
mysql root password : password
2023-03-03 13:13:01 -05:00
collation server : 'utf8mb4_0900_as_cs'
2022-11-11 12:39:46 -05:00
if : matrix.database == 'mysql'
- name : Setup Postgres
2023-02-09 17:07:36 -05:00
run : docker run --name postgres-spiff -p 5432:5432 -e POSTGRES_PASSWORD=spiffworkflow_backend -e POSTGRES_USER=spiffworkflow_backend -e POSTGRES_DB=spiffworkflow_backend_unit_testing -d postgres
2022-11-11 12:39:46 -05:00
if : matrix.database == 'postgres'
- name : Run Nox
run : |
nox --force-color --python=${{ matrix.python }}
- name : Upload coverage data
# pin to upload coverage from only one matrix entry, otherwise coverage gets confused later
2022-11-12 21:51:35 -05:00
if : always() && matrix.session == 'tests' && matrix.python == '3.11' && matrix.os == 'ubuntu-latest' && matrix.database == 'mysql'
2023-02-24 19:31:39 +00:00
uses : "actions/upload-artifact@v3"
2022-11-12 21:51:35 -05:00
# this action doesn't seem to respect working-directory so include working-directory value in path
2022-11-11 12:39:46 -05:00
with :
name : coverage-data
2022-11-12 21:51:35 -05:00
path : "spiffworkflow-backend/.coverage.*"
2022-11-11 12:39:46 -05:00
2023-05-19 09:15:19 -04:00
# - name: Upload documentation
# if: matrix.session == 'docs-build'
# uses: actions/upload-artifact@v3
# with:
# name: docs
# path: docs/_build
#
2022-11-11 12:39:46 -05:00
- name : Upload logs
if : failure() && matrix.session == 'tests'
2023-02-24 19:31:39 +00:00
uses : "actions/upload-artifact@v3"
2022-11-11 12:39:46 -05:00
with :
name : logs-${{matrix.python}}-${{matrix.os}}-${{matrix.database}}
path : "./log/*.log"
2023-03-28 17:14:58 -04:00
# burnettk created an account at https://app.snyk.io/org/kevin-jfx
# and added his SNYK_TOKEN secret under the spiff-arena repo.
2023-03-28 16:55:13 -04:00
snyk :
2023-03-28 16:42:48 -04:00
runs-on : ubuntu-latest
steps :
- uses : actions/checkout@master
- name : Run Snyk to check for vulnerabilities
uses : snyk/actions/python@master
2023-03-28 16:55:13 -04:00
with :
args : spiffworkflow-backend
2023-03-28 16:42:48 -04:00
env :
SNYK_TOKEN : ${{ secrets.SNYK_TOKEN }}
2022-11-11 12:39:46 -05:00
run_pre_commit_checks :
runs-on : ubuntu-latest
defaults :
run :
working-directory : .
steps :
- name : Check out the repository
2023-02-24 14:14:17 -05:00
uses : actions/checkout@v3.3.0
2022-11-11 12:39:46 -05:00
- name : Set up Python
2023-05-29 21:32:25 +00:00
uses : actions/setup-python@v4.6.1
2022-11-11 12:39:46 -05:00
with :
python-version : "3.11"
- name : Install Poetry
run : |
2023-03-06 14:22:59 -05:00
pipx install --pip-args=--constraint=spiffworkflow-backend/.github/workflows/constraints.txt poetry
2022-11-11 12:39:46 -05:00
poetry --version
- name : Poetry Install
run : poetry install
- name : run_pre_commit
run : ./bin/run_pre_commit_in_ci
check_docker_start_script :
runs-on : ubuntu-latest
steps :
- name : Check out the repository
2023-02-24 14:14:17 -05:00
uses : actions/checkout@v3.3.0
2023-01-09 14:35:36 -05:00
- name : Checkout Samples
uses : actions/checkout@v3
with :
repository : sartography/sample-process-models
path : sample-process-models
2022-11-11 12:39:46 -05:00
- name : start_backend
run : ./bin/build_and_run_with_docker_compose
timeout-minutes : 20
env :
2023-01-06 16:33:20 -05:00
SPIFFWORKFLOW_BACKEND_RUN_DATA_SETUP : "false"
2022-11-11 12:39:46 -05:00
- name : wait_for_backend
run : ./bin/wait_for_server_to_be_up 5
coverage :
runs-on : ubuntu-latest
2022-11-12 23:20:34 -05:00
needs : [ tests, run_pre_commit_checks, check_docker_start_script]
2022-11-11 12:39:46 -05:00
steps :
- name : Check out the repository
2023-02-24 14:14:17 -05:00
uses : actions/checkout@v3.3.0
2022-11-11 12:39:46 -05:00
with :
# Disabling shallow clone is recommended for improving relevancy of reporting in sonarcloud
fetch-depth : 0
- name : Set up Python
2023-05-29 21:32:25 +00:00
uses : actions/setup-python@v4.6.1
2022-11-11 12:39:46 -05:00
with :
python-version : "3.11"
- name : Upgrade pip
run : |
pip install --constraint=.github/workflows/constraints.txt pip
pip --version
- name : Install Poetry
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt poetry
poetry --version
- name : Install Nox
run : |
pipx install --pip-args=--constraint=.github/workflows/constraints.txt nox
pipx inject --pip-args=--constraint=.github/workflows/constraints.txt nox nox-poetry
nox --version
- name : Download coverage data
2023-02-24 19:31:31 +00:00
uses : actions/download-artifact@v3.0.2
2022-11-11 12:39:46 -05:00
with :
name : coverage-data
2022-11-12 23:04:29 -05:00
# this action doesn't seem to respect working-directory so include working-directory value in path
path : spiffworkflow-backend
2022-11-11 12:39:46 -05:00
- name : Combine coverage data and display human readable report
run : |
find . -name \*.pyc -delete
2022-11-12 23:18:17 -05:00
nox --force-color --session=coverage
2022-11-11 12:39:46 -05:00
- name : Create coverage report
run : |
nox --force-color --session=coverage -- xml
- name : Upload coverage report
2023-05-16 15:03:27 +00:00
uses : codecov/codecov-action@v3.1.4
2022-11-11 12:39:46 -05:00
- name : SonarCloud Scan
2023-04-24 15:07:47 +00:00
uses : sonarsource/sonarcloud-github-action@v1.9
2022-11-11 12:39:46 -05:00
# thought about just skipping dependabot
# if: ${{ github.actor != 'dependabot[bot]' }}
# but figured all pull requests seems better, since none of them will have access to sonarcloud.
# however, with just skipping pull requests, the build associated with "Triggered via push" is also associated with the pull request and also fails hitting sonarcloud
# if: ${{ github.event_name != 'pull_request' }}
# so just skip everything but main
if : github.ref_name == 'main'
2022-11-14 14:25:27 -05:00
with :
2023-03-28 08:22:17 -04:00
projectBaseDir : spiffworkflow-backend
2022-11-11 12:39:46 -05:00
env :
GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN : ${{ secrets.SONAR_TOKEN }}
# part about saving PR number and then using it from auto-merge-dependabot-prs from:
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run
- name : Save PR number
if : ${{ github.event_name == 'pull_request' }}
env :
PR_NUMBER : ${{ github.event.number }}
run : |
mkdir -p ./pr
echo "$PR_NUMBER" > ./pr/pr_number
- uses : actions/upload-artifact@v3
with :
name : pr_number
path : pr/