mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-01-27 10:18:54 +00:00
40aba05742
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> <h2>v4.2.2</h2> <h2>What's Changed</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.1...v4.2.2">https://github.com/actions/checkout/compare/v4.2.1...v4.2.2</a></p> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="08c6903cd8"><code>08c6903</code></a> Prepare v5.0.0 release (<a href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li> <li><a href="9f265659d3"><code>9f26565</code></a> Update actions checkout to use node 24 (<a href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/v4...v5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
236 lines
7.9 KiB
YAML
236 lines
7.9 KiB
YAML
name: Elixir
|
|
on:
|
|
workflow_call:
|
|
|
|
jobs:
|
|
unit-test:
|
|
runs-on: ubuntu-24.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
permissions:
|
|
checks: write
|
|
env:
|
|
MIX_ENV: test
|
|
POSTGRES_HOST: localhost
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- uses: ./.github/actions/setup-postgres
|
|
- uses: ./.github/actions/setup-elixir
|
|
with:
|
|
mix_env: ${{ env.MIX_ENV }}
|
|
- name: Compile Application
|
|
run: mix compile --warnings-as-errors
|
|
- name: Setup Database
|
|
run: |
|
|
mix ecto.create
|
|
mix ecto.migrate
|
|
- name: Run Tests
|
|
env:
|
|
E2E_DEFAULT_WAIT_SECONDS: 20
|
|
CI_ASSERT_RECEIVE_TIMEOUT_MS: 250
|
|
run: |
|
|
mix_test="mix test --warnings-as-errors --exclude flaky:true --exclude acceptance:true"
|
|
$mix_test || $mix_test --failed
|
|
- name: Test Report
|
|
uses: dorny/test-reporter@dc3a92680fcc15842eef52e8c4606ea7ce6bd3f3 # v2.1.1
|
|
if:
|
|
${{ github.event.pull_request.head.repo.full_name == github.repository
|
|
&& (success() || failure()) }}
|
|
with:
|
|
name: Elixir Unit Test Report
|
|
path: elixir/_build/test/lib/*/test-junit-report.xml
|
|
reporter: java-junit
|
|
|
|
type-check:
|
|
runs-on: ubuntu-24.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
env:
|
|
# We need to set MIX_ENV to dev to make sure that we won't type-check our test helpers
|
|
MIX_ENV: dev
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- uses: ./.github/actions/setup-elixir
|
|
id: setup-beam
|
|
with:
|
|
mix_env: ${{ env.MIX_ENV }}
|
|
- name: Compile Application
|
|
run: mix compile --warnings-as-errors
|
|
- uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
|
|
name: Restore PLT cache
|
|
id: plt_cache
|
|
with:
|
|
path: elixir/priv/plts
|
|
key: dialyzer-ubuntu-24.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ steps.setup-beam.outputs.otp-version }}-${{ hashFiles('elixir/mix.lock') }}
|
|
# This will make sure that we can incrementally build the PLT from older cache and save it under a new key
|
|
restore-keys: |
|
|
dialyzer-ubuntu-24.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ steps.setup-beam.outputs.otp-version }}-
|
|
- name: Create PLTs
|
|
if: ${{ steps.plt_cache.outputs.cache-hit != 'true' }}
|
|
run: mix dialyzer --plt
|
|
- uses: actions/cache/save@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
|
|
if: ${{ github.ref_name == 'main' }}
|
|
name: Save PLT cache
|
|
with:
|
|
key: ${{ steps.plt_cache.outputs.cache-primary-key }}
|
|
path: elixir/priv/plts
|
|
- name: Run Dialyzer
|
|
run: mix dialyzer --format dialyxir
|
|
|
|
static-analysis:
|
|
runs-on: ubuntu-24.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
env:
|
|
MIX_ENV: test
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- uses: ./.github/actions/setup-elixir
|
|
with:
|
|
mix_env: ${{ env.MIX_ENV }}
|
|
- name: Compile Application
|
|
run: mix compile --force --warnings-as-errors
|
|
- name: Check Formatting
|
|
run: mix format --check-formatted
|
|
- name: Check For Retired Packages
|
|
run: mix hex.audit
|
|
- name: Check For Vulnerable Packages
|
|
run: mix deps.audit
|
|
- name: Run Sobelow vulnerability scanner for web app
|
|
working-directory: ./elixir/apps/web
|
|
run: mix sobelow --skip
|
|
- name: Run Credo
|
|
run: mix credo --strict
|
|
- name: Check for unused deps
|
|
run: mix deps.unlock --check-unused
|
|
|
|
migrations-and-seed-test:
|
|
runs-on: ubuntu-24.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
env:
|
|
MIX_ENV: dev
|
|
POSTGRES_HOST: localhost
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- uses: ./.github/actions/setup-postgres
|
|
- uses: ./.github/actions/setup-elixir
|
|
with:
|
|
mix_env: ${{ env.MIX_ENV }}
|
|
- name: Compile
|
|
run: mix compile --warnings-as-errors
|
|
- name: Create Database
|
|
run: mix ecto.create
|
|
- name: Migrate DB to base ref and seed
|
|
run: |
|
|
git fetch --depth=1 origin ${{ github.base_ref }}
|
|
git checkout ${{ github.base_ref }}
|
|
mix deps.get
|
|
mix ecto.migrate
|
|
mix ecto.seed
|
|
# Then checkout current ref and rerun migrations
|
|
- name: Run new migrations
|
|
run: |
|
|
git checkout ${{ github.sha }}
|
|
mix deps.get
|
|
mix ecto.migrate
|
|
mix ecto.reset
|
|
mix ecto.migrate
|
|
mix ecto.seed
|
|
|
|
acceptance-test:
|
|
name: acceptance-test-${{ matrix.MIX_TEST_PARTITION }}
|
|
permissions:
|
|
checks: write
|
|
runs-on: ubuntu-24.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
env:
|
|
MIX_ENV: test
|
|
POSTGRES_HOST: localhost
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
MIX_TEST_PARTITIONS: 1
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
MIX_TEST_PARTITION: [1]
|
|
services:
|
|
vault:
|
|
image: vault:1.12.2
|
|
env:
|
|
VAULT_ADDR: "http://127.0.0.1:8200"
|
|
VAULT_DEV_ROOT_TOKEN_ID: "firezone"
|
|
ports:
|
|
- 8200:8200/tcp
|
|
options: --cap-add=IPC_LOCK
|
|
steps:
|
|
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
- uses: ./.github/actions/setup-postgres
|
|
- uses: nanasess/setup-chromedriver@e93e57b843c0c92788f22483f1a31af8ee48db25 # v2.3.0
|
|
- run: |
|
|
export DISPLAY=:99
|
|
chromedriver --url-base=/wd/hub &
|
|
sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
|
|
- uses: ./.github/actions/setup-elixir
|
|
with:
|
|
mix_env: ${{ env.MIX_ENV }}
|
|
- uses: ./.github/actions/setup-node
|
|
with:
|
|
npmjs-token: ${{ secrets.NPMJS_TOKEN }}
|
|
lockfile-dir: ./elixir/apps/web/assets
|
|
- name: Compile Application
|
|
run: mix compile --warnings-as-errors
|
|
- name: Install Front-End Dependencies
|
|
run: |
|
|
cd apps/web
|
|
mix assets.setup
|
|
- name: Build Web Assets
|
|
run: |
|
|
cd apps/web
|
|
mix assets.build
|
|
# Run tests
|
|
- name: Setup Database
|
|
run: |
|
|
mix ecto.create
|
|
mix ecto.migrate
|
|
- name: Run Acceptance Tests
|
|
env:
|
|
MIX_TEST_PARTITION: ${{ matrix.MIX_TEST_PARTITION }}
|
|
E2E_DEFAULT_WAIT_SECONDS: 20
|
|
run: |
|
|
mix test --only acceptance:true \
|
|
--partitions=${{ env.MIX_TEST_PARTITIONS }} \
|
|
--no-compile \
|
|
--no-archives-check \
|
|
--no-deps-check \
|
|
|| pkill -f chromedriver \
|
|
|| mix test --only acceptance:true --failed \
|
|
|| pkill -f chromedriver \
|
|
|| mix test --only acceptance:true --failed
|
|
- name: Save Screenshots
|
|
if:
|
|
${{ github.event.pull_request.head.repo.full_name == github.repository
|
|
&& always() }}
|
|
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
|
|
with:
|
|
name: screenshots-${{ matrix.MIX_TEST_PARTITION }}
|
|
path: elixir/apps/web/screenshots
|
|
- name: Test Report
|
|
uses: dorny/test-reporter@dc3a92680fcc15842eef52e8c4606ea7ce6bd3f3 # v2.1.1
|
|
if:
|
|
${{ github.event.pull_request.head.repo.full_name == github.repository
|
|
&& (success() || failure()) }}
|
|
with:
|
|
name: Elixir Acceptance Test Report
|
|
path: elixir/_build/test/lib/*/test-junit-report.xml
|
|
reporter: java-junit
|