mirror of
https://github.com/outbackdingo/firezone.git
synced 2026-03-21 14:41:47 +00:00
86165825a1
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update action to node20 by <a href="https://github.com/takost"><code>@takost</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li> <li>feat: save-always flag by <a href="https://github.com/to-s"><code>@to-s</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/takost"><code>@takost</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li> <li><a href="https://github.com/to-s"><code>@to-s</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v4.0.0">https://github.com/actions/cache/compare/v3...v4.0.0</a></p> <h2>v3.3.3</h2> <h2>What's Changed</h2> <ul> <li>Cache v3.3.3 by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1302">actions/cache#1302</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/robherley"><code>@robherley</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1302">actions/cache#1302</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.3.3">https://github.com/actions/cache/compare/v3...v3.3.3</a></p> <h2>v3.3.2</h2> <h2>What's Changed</h2> <ul> <li>Fixed readme with new segment timeout values by <a href="https://github.com/kotewar"><code>@kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1133">actions/cache#1133</a></li> <li>Readme fixes by <a href="https://github.com/kotewar"><code>@kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1134">actions/cache#1134</a></li> <li>Updated description of the lookup-only input for main action by <a href="https://github.com/kotewar"><code>@kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1130">actions/cache#1130</a></li> <li>Change two new actions mention as quoted text by <a href="https://github.com/bishal-pdMSFT"><code>@bishal-pdMSFT</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1131">actions/cache#1131</a></li> <li>Update Cross-OS Caching tips by <a href="https://github.com/pdotl"><code>@pdotl</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1122">actions/cache#1122</a></li> <li>Bazel example (Take <a href="https://redirect.github.com/actions/cache/issues/2">#2</a>️⃣) by <a href="https://github.com/vorburger"><code>@vorburger</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1132">actions/cache#1132</a></li> <li>Remove actions to add new PRs and issues to a project board by <a href="https://github.com/jorendorff"><code>@jorendorff</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1187">actions/cache#1187</a></li> <li>Consume latest toolkit and fix dangling promise bug by <a href="https://github.com/chkimes"><code>@chkimes</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1217">actions/cache#1217</a></li> <li>Bump action version to 3.3.2 by <a href="https://github.com/bethanyj28"><code>@bethanyj28</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1236">actions/cache#1236</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/vorburger"><code>@vorburger</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1132">actions/cache#1132</a></li> <li><a href="https://github.com/jorendorff"><code>@jorendorff</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1187">actions/cache#1187</a></li> <li><a href="https://github.com/chkimes"><code>@chkimes</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1217">actions/cache#1217</a></li> <li><a href="https://github.com/bethanyj28"><code>@bethanyj28</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1236">actions/cache#1236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.3.2">https://github.com/actions/cache/compare/v3...v3.3.2</a></p> <h2>v3.3.1</h2> <h2>What's Changed</h2> <ul> <li>Reduced download segment size to 128 MB and timeout to 10 minutes by <a href="https://github.com/kotewar"><code>@kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1129">actions/cache#1129</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.3.1">https://github.com/actions/cache/compare/v3...v3.3.1</a></p> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Bug: Permission is missing in cache delete example by <a href="https://github.com/kotokaze"><code>@kotokaze</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1123">actions/cache#1123</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>3.0.0</h3> <ul> <li>Updated minimum runner version support from node 12 -> node 16</li> </ul> <h3>3.0.1</h3> <ul> <li>Added support for caching from GHES 3.5.</li> <li>Fixed download issue for files > 2GB during restore.</li> </ul> <h3>3.0.2</h3> <ul> <li>Added support for dynamic cache size cap on GHES.</li> </ul> <h3>3.0.3</h3> <ul> <li>Fixed avoiding empty cache save when no files are available for caching. (<a href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li> </ul> <h3>3.0.4</h3> <ul> <li>Fixed tar creation error while trying to create tar with path as <code>~/</code> home folder on <code>ubuntu-latest</code>. (<a href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li> </ul> <h3>3.0.5</h3> <ul> <li>Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (<a href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li> </ul> <h3>3.0.6</h3> <ul> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/809">#809</a> - zstd -d: no such file or directory error</li> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/833">#833</a> - cache doesn't work with github workspace directory</li> </ul> <h3>3.0.7</h3> <ul> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/810">#810</a> - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.</li> </ul> <h3>3.0.8</h3> <ul> <li>Fix zstd not working for windows on gnu tar in issues <a href="https://redirect.github.com/actions/cache/issues/888">#888</a> and <a href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li> <li>Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable <code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li> </ul> <h3>3.0.9</h3> <ul> <li>Enhanced the warning message for cache unavailablity in case of GHES.</li> </ul> <h3>3.0.10</h3> <ul> <li>Fix a bug with sorting inputs.</li> <li>Update definition for restore-keys in README.md</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="13aacd865c"><code>13aacd8</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1242">#1242</a> from to-s/main</li> <li><a href="53b35c5439"><code>53b35c5</code></a> Merge branch 'main' into main</li> <li><a href="65b8989fab"><code>65b8989</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1284">#1284</a> from takost/update-to-node-20</li> <li><a href="d0be34d544"><code>d0be34d</code></a> Fix dist</li> <li><a href="66cf064d47"><code>66cf064</code></a> Merge branch 'main' into update-to-node-20</li> <li><a href="1326563738"><code>1326563</code></a> Merge branch 'main' into main</li> <li><a href="e71876755e"><code>e718767</code></a> Fix format</li> <li><a href="01229828ff"><code>0122982</code></a> Apply workaround for earlyExit</li> <li><a href="3185ecfd61"><code>3185ecf</code></a> Update "only-" actions to node20</li> <li><a href="25618a0a67"><code>25618a0</code></a> Bump version</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/v3...v4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
516 lines
18 KiB
YAML
516 lines
18 KiB
YAML
name: Elixir
|
|
on:
|
|
workflow_call:
|
|
|
|
jobs:
|
|
unit-test:
|
|
runs-on: ubuntu-22.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
permissions:
|
|
checks: write
|
|
env:
|
|
MIX_ENV: test
|
|
POSTGRES_HOST: localhost
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
services:
|
|
postgres:
|
|
image: postgres:15.2
|
|
ports:
|
|
- 5432:5432
|
|
env:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
options: >-
|
|
--health-cmd pg_isready --health-interval 10s --health-timeout 5s
|
|
--health-retries 5
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Tool Versions
|
|
id: versions
|
|
uses: marocchino/tool-versions-action@v1.1.1
|
|
- uses: erlef/setup-beam@v1
|
|
id: setup-beam
|
|
with:
|
|
otp-version: ${{ steps.versions.outputs.erlang }}
|
|
elixir-version: ${{ steps.versions.outputs.elixir }}
|
|
- uses: actions/cache/restore@v4
|
|
name: Restore Elixir Deps Cache
|
|
id: cache
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Install Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.get --only $MIX_ENV
|
|
- name: Compile Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.compile --skip-umbrella-children
|
|
- uses: actions/cache/save@v4
|
|
name: Save Elixir Deps Cache
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Compile Application
|
|
run: mix compile --warnings-as-errors
|
|
- name: Setup Database
|
|
run: |
|
|
mix ecto.create
|
|
mix ecto.migrate
|
|
- name: Run Tests
|
|
env:
|
|
E2E_MAX_WAIT_SECONDS: 20
|
|
run: |
|
|
mix test --warnings-as-errors
|
|
- name: Test Report
|
|
uses: dorny/test-reporter@v1
|
|
if:
|
|
${{ github.event.pull_request.head.repo.full_name == github.repository
|
|
&& (success() || failure()) }}
|
|
with:
|
|
name: Elixir Unit Test Report
|
|
path: elixir/_build/test/lib/*/test-junit-report.xml
|
|
reporter: java-junit
|
|
|
|
type-check:
|
|
runs-on: ubuntu-22.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
env:
|
|
# We need to set MIX_ENV to dev to make sure that we won't type-check our test helpers
|
|
MIX_ENV: dev
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Tool Versions
|
|
id: versions
|
|
uses: marocchino/tool-versions-action@v1.1.1
|
|
- uses: erlef/setup-beam@v1
|
|
id: setup-beam
|
|
with:
|
|
otp-version: ${{ steps.versions.outputs.erlang }}
|
|
elixir-version: ${{ steps.versions.outputs.elixir }}
|
|
- uses: actions/cache/restore@v4
|
|
name: Restore Elixir Deps Cache
|
|
id: cache
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Install Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.get --only $MIX_ENV
|
|
- name: Compile Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.compile --skip-umbrella-children
|
|
- uses: actions/cache/save@v4
|
|
name: Save Elixir Deps Cache
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Compile Application
|
|
run: mix compile --warnings-as-errors
|
|
- uses: actions/cache/restore@v4
|
|
name: Restore PLT cache
|
|
id: plt_cache
|
|
with:
|
|
path: elixir/priv/plts
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ hashFiles('elixir/mix.lock') }}
|
|
# This will make sure that we can incrementally build the PLT from older cache and save it under a new key
|
|
restore-keys: |
|
|
ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-
|
|
- name: Create PLTs
|
|
if: ${{ steps.plt_cache.outputs.cache-hit != 'true' }}
|
|
run: mix dialyzer --plt
|
|
- uses: actions/cache/save@v4
|
|
if: ${{ steps.plt_cache.outputs.cache-hit != 'true' && github.ref == 'refs/heads/main' }}
|
|
name: Save PLT cache
|
|
with:
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ hashFiles('elixir/mix.lock') }}
|
|
path: elixir/priv/plts
|
|
- name: Run Dialyzer
|
|
run: mix dialyzer --format dialyxir
|
|
|
|
static-analysis:
|
|
runs-on: ubuntu-22.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
env:
|
|
MIX_ENV: test
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Tool Versions
|
|
id: versions
|
|
uses: marocchino/tool-versions-action@v1.1.1
|
|
- uses: erlef/setup-beam@v1
|
|
id: setup-beam
|
|
with:
|
|
otp-version: ${{ steps.versions.outputs.erlang }}
|
|
elixir-version: ${{ steps.versions.outputs.elixir }}
|
|
- uses: actions/cache/restore@v4
|
|
name: Restore Elixir Deps Cache
|
|
id: cache
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Install Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.get --only $MIX_ENV
|
|
- name: Compile Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.compile --skip-umbrella-children
|
|
- uses: actions/cache/save@v4
|
|
name: Save Elixir Deps Cache
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Compile Application
|
|
run: mix compile --force --warnings-as-errors
|
|
- name: Check Formatting
|
|
run: mix format --check-formatted
|
|
- name: Check For Retired Packages
|
|
run: mix hex.audit
|
|
- name: Check For Vulnerable Packages
|
|
run: mix deps.audit
|
|
- name: Run Sobelow vulnerability scanner for web app
|
|
working-directory: ./elixir/apps/web
|
|
run: mix sobelow --skip
|
|
- name: Run Credo
|
|
run: mix credo --strict
|
|
- name: Check for unused deps
|
|
run: mix deps.unlock --check-unused
|
|
|
|
migrations-and-seed-test:
|
|
runs-on: ubuntu-22.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
env:
|
|
MIX_ENV: dev
|
|
POSTGRES_HOST: localhost
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
MAIN_BRANCH: main
|
|
services:
|
|
postgres:
|
|
image: postgres:15.2
|
|
ports:
|
|
- 5432:5432
|
|
env:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
options: >-
|
|
--health-cmd pg_isready --health-interval 10s --health-timeout 5s
|
|
--health-retries 5
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- name: Install package dependencies
|
|
run: |
|
|
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list'
|
|
wget -qO- https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo tee /etc/apt/trusted.gpg.d/pgdg.asc &>/dev/null
|
|
sudo apt update
|
|
sudo apt-get install -q -y postgresql-client
|
|
- name: Tool Versions
|
|
id: versions
|
|
uses: marocchino/tool-versions-action@v1.1.1
|
|
- uses: erlef/setup-beam@v1
|
|
id: setup-beam
|
|
with:
|
|
otp-version: ${{ steps.versions.outputs.erlang }}
|
|
elixir-version: ${{ steps.versions.outputs.elixir }}
|
|
- uses: actions/cache/restore@v4
|
|
name: Restore Elixir Deps Cache
|
|
id: cache
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Install Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.get --only $MIX_ENV
|
|
- name: Compile Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.compile --skip-umbrella-children
|
|
- uses: actions/cache/save@v4
|
|
name: Save Elixir Deps Cache
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Compile
|
|
run: mix compile --warnings-as-errors
|
|
- name: Download main branch DB dump
|
|
id: download-artifact
|
|
if: ${{ !contains(github.ref, env.MAIN_BRANCH) }}
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
run: |
|
|
set -xe
|
|
|
|
REPO="${{ github.repository }}"
|
|
WORKFLOW="cd.yml"
|
|
ARTIFACT_NAME="db-dump"
|
|
DESTINATION="apps/domain/priv/repo"
|
|
|
|
ARTIFACTS_URL=$(
|
|
gh api \
|
|
-H "Accept: application/vnd.github+json" \
|
|
-H "X-GitHub-Api-Version: 2022-11-28" \
|
|
"/repos/${REPO}/actions/workflows/${WORKFLOW}/runs?event=push&branch=${{ env.MAIN_BRANCH }}&status=success&per_page=1" \
|
|
--jq ".workflow_runs[0].artifacts_url"
|
|
)
|
|
|
|
DOWNLOAD_URL=$(
|
|
gh api \
|
|
-H "Accept: application/vnd.github+json" \
|
|
-H "X-GitHub-Api-Version: 2022-11-28" \
|
|
"${ARTIFACTS_URL}" \
|
|
--jq '.artifacts[] | select(.name == "'${ARTIFACT_NAME}'") | .archive_download_url'
|
|
)
|
|
|
|
set +x
|
|
curl -H "Accept: application/vnd.github+json" -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" -L -o "${DESTINATION}.zip" "$DOWNLOAD_URL"
|
|
|
|
set -x
|
|
unzip "${DESTINATION}.zip" -d "${DESTINATION}"
|
|
rm "${DESTINATION}.zip"
|
|
- name: Create Database
|
|
run: |
|
|
mix ecto.create
|
|
- name: Restore DB dump
|
|
if: ${{ !contains(github.ref, env.MAIN_BRANCH) }}
|
|
env:
|
|
PGPASSWORD: postgres
|
|
run: |
|
|
mix ecto.load
|
|
- name: Run new migrations
|
|
run: |
|
|
mix ecto.migrate
|
|
- name: Dump DB
|
|
if: contains(github.ref, env.MAIN_BRANCH)
|
|
env:
|
|
PGPASSWORD: postgres
|
|
run: |
|
|
pg_dump firezone_dev \
|
|
-U postgres -h localhost \
|
|
--file apps/domain/priv/repo/structure.sql \
|
|
--no-acl \
|
|
--no-owner
|
|
- name: Upload main branch DB dump
|
|
if: contains(github.ref, env.MAIN_BRANCH)
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: db-dump
|
|
path: elixir/apps/domain/priv/repo/structure.sql
|
|
- name: Run Seed
|
|
run: mix ecto.seed
|
|
|
|
acceptance-test:
|
|
permissions:
|
|
checks: write
|
|
runs-on: ubuntu-22.04
|
|
defaults:
|
|
run:
|
|
working-directory: ./elixir
|
|
env:
|
|
MIX_ENV: test
|
|
POSTGRES_HOST: localhost
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
MIX_TEST_PARTITIONS: 1
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
MIX_TEST_PARTITION: [1]
|
|
services:
|
|
postgres:
|
|
image: postgres:15.2
|
|
ports:
|
|
- 5432:5432
|
|
env:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD: postgres
|
|
options: >-
|
|
--health-cmd pg_isready --health-interval 10s --health-timeout 5s
|
|
--health-retries 5
|
|
vault:
|
|
image: vault:1.12.2
|
|
env:
|
|
VAULT_ADDR: "http://127.0.0.1:8200"
|
|
VAULT_DEV_ROOT_TOKEN_ID: "firezone"
|
|
ports:
|
|
- 8200:8200/tcp
|
|
options: --cap-add=IPC_LOCK
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
- uses: nanasess/setup-chromedriver@v2
|
|
- run: |
|
|
export DISPLAY=:99
|
|
chromedriver --url-base=/wd/hub &
|
|
sudo Xvfb -ac :99 -screen 0 1280x1024x24 > /dev/null 2>&1 &
|
|
- name: Tool Versions
|
|
id: versions
|
|
uses: marocchino/tool-versions-action@v1.1.1
|
|
- uses: erlef/setup-beam@v1
|
|
id: setup-beam
|
|
with:
|
|
otp-version: ${{ steps.versions.outputs.erlang }}
|
|
elixir-version: ${{ steps.versions.outputs.elixir }}
|
|
- uses: ./.github/actions/setup-node
|
|
with:
|
|
node-version: ${{ steps.versions.outputs.nodejs }}
|
|
# Elixir cache
|
|
- uses: actions/cache/restore@v4
|
|
name: Restore Elixir Deps Cache
|
|
id: cache
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Install Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.get --only $MIX_ENV
|
|
- name: Compile Dependencies
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
run: mix deps.compile --skip-umbrella-children
|
|
- uses: actions/cache/save@v4
|
|
name: Save Elixir Deps Cache
|
|
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
|
|
env:
|
|
cache-name: elixir-deps-${{ env.MIX_ENV }}
|
|
with:
|
|
path: |
|
|
elixir/deps
|
|
elixir/_build/${{ env.MIX_ENV }}
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ steps.setup-beam.outputs.elixir-version }}-${{ env.cache-name }}-${{ hashFiles('elixir/mix.lock') }}
|
|
- name: Compile Application
|
|
run: mix compile --warnings-as-errors
|
|
# Front-End deps cache
|
|
- uses: actions/cache/restore@v4
|
|
name: pnpm Web Deps Cache
|
|
id: pnpm-web-deps-cache
|
|
env:
|
|
cache-name: pnpm-deps-web
|
|
with:
|
|
path: |
|
|
elixir/apps/web/assets/node_modules
|
|
elixir/esbuild-*
|
|
elixir/tailwind-*
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }}
|
|
- name: Install Front-End Dependencies
|
|
if: ${{ steps.pnpm-web-deps-cache.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
cd apps/web
|
|
mix assets.setup
|
|
- uses: actions/cache/save@v4
|
|
name: Save pnpm Deps Cache
|
|
if: ${{ steps.pnpm-web-deps-cache.outputs.cache-hit != 'true' }}
|
|
env:
|
|
cache-name: pnpm-deps-web
|
|
with:
|
|
path: |
|
|
elixir/apps/web/assets/node_modules
|
|
elixir/esbuild-*
|
|
elixir/tailwind-*
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/pnpm-lock.yaml') }}
|
|
# Front-End build cache, it rarely changes so we cache it aggressively too
|
|
- uses: actions/cache/restore@v4
|
|
name: Web Assets Cache
|
|
id: pnpm-web-build-cache
|
|
env:
|
|
cache-name: pnpm-build-web
|
|
with:
|
|
path: |
|
|
elixir/apps/web/assets/tmp
|
|
elixir/apps/web/priv/static
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }}
|
|
- name: Build Web Assets
|
|
if: ${{ steps.pnpm-web-build-cache.outputs.cache-hit != 'true' }}
|
|
run: |
|
|
cd apps/web
|
|
mix assets.build
|
|
- uses: actions/cache/save@v4
|
|
name: Save Web Assets Cache
|
|
if: ${{ steps.pnpm-web-build-cache.outputs.cache-hit != 'true' }}
|
|
env:
|
|
cache-name: pnpm-build-web
|
|
with:
|
|
path: |
|
|
elixir/apps/web/assets/tmp
|
|
elixir/apps/web/priv/static
|
|
key: ubuntu-22.04-${{ runner.arch }}-${{ env.cache-name }}-${{ hashFiles('elixir/apps/web/assets/**') }}
|
|
# Run tests
|
|
- name: Setup Database
|
|
run: |
|
|
mix ecto.create
|
|
mix ecto.migrate
|
|
- name: Run Acceptance Tests
|
|
env:
|
|
MIX_TEST_PARTITION: ${{ matrix.MIX_TEST_PARTITION }}
|
|
E2E_MAX_WAIT_SECONDS: 5
|
|
run: |
|
|
mix test --only acceptance:true \
|
|
--partitions=${{ env.MIX_TEST_PARTITIONS }} \
|
|
--no-compile \
|
|
--no-archives-check \
|
|
--no-deps-check \
|
|
|| pkill -f chromedriver \
|
|
|| mix test --only acceptance:true --failed \
|
|
|| pkill -f chromedriver \
|
|
|| mix test --only acceptance:true --failed
|
|
- name: Save Screenshots
|
|
if:
|
|
${{ github.event.pull_request.head.repo.full_name == github.repository
|
|
&& always() }}
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: screenshots-${{ matrix.MIX_TEST_PARTITION }}
|
|
path: elixir/apps/web/screenshots
|
|
- name: Test Report
|
|
uses: dorny/test-reporter@v1
|
|
if:
|
|
${{ github.event.pull_request.head.repo.full_name == github.repository
|
|
&& (success() || failure()) }}
|
|
with:
|
|
name: Elixir Acceptance Test Report
|
|
path: elixir/_build/test/lib/*/test-junit-report.xml
|
|
reporter: java-junit
|