build(deps): bump aws-actions/configure-aws-credentials from 1 to 3 #609
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test Code (Style, Tests) | |
on: | |
push: | |
pull_request: | |
branches: [ main ] | |
paths-ignore: | |
- '**.md' | |
- 'docs/**' | |
- 'CODEOWNERS' | |
- 'LICENSE' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
Checkstyle: | |
permissions: | |
id-token: write | |
checks: write | |
pull-requests: write | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Run Checkstyle | |
run: ./gradlew checkstyleMain checkstyleTest checkstyleTestFixtures | |
Dependency-analysis: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Dependency rules report # possible severity values: <'fail'|'warn'|'ignore'> | |
run: ./gradlew buildHealth applyDependencyRules -Pdependency.analysis=warn -Pdependency.analysis.clear.artifacts=false | |
- name: Dependency analysis report | |
run: cat build/reports/dependency-analysis/build-health-report.txt | |
OpenAPI-Definitions: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
# do this first so that git is clear | |
# delete - recreate - assert no change | |
- name: Check that static SwaggerUI HTML content is up-to-date | |
run: | | |
rm -rf docs/swaggerui | |
./gradlew generateSwaggerUI | |
git diff --exit-code | |
- name: Save previous OpenAPI definition | |
run: yq -P 'sort_keys(..)' resources/openapi/openapi.yaml > openapi-git-sorted.yaml | |
- name: Generate OpenAPI definitions from code | |
run: | | |
./gradlew resolve | |
./gradlew mergeOpenApiFiles | |
# Can be used (and yq tasks removed) when https://github.com/kpramesh2212/openapi-merger-plugin/pull/11/files is merged | |
#- name: Check OpenAPI definitions match code | |
# run: git diff --exit-code | |
- name: Check OpenAPI definitions match code | |
run: | | |
yq -P 'sort_keys(..)' resources/openapi/openapi.yaml > openapi-ci-sorted.yaml | |
diff openapi-git-sorted.yaml openapi-ci-sorted.yaml | |
Unit-Tests: | |
runs-on: ubuntu-latest | |
env: | |
JACOCO: true | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Run unit tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: ./gradlew test jacocoTestReport | |
Sanity-Check: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Check Sample 01 | |
run: | | |
./gradlew :samples:01-basic-connector:shadowJar | |
echo "Checking Sample 01" | |
java -jar samples/01-basic-connector/build/libs/basic-connector.jar > log.txt & | |
sleep 5 | |
grep "INFO.*edc-.*ready" log.txt | |
rm log.txt | |
killall java | |
- name: Check Sample 02 | |
run: | | |
./gradlew :samples:02-health-endpoint:shadowJar | |
echo "Checking Sample 02" | |
java -jar samples/02-health-endpoint/build/libs/connector-health.jar > log.txt & | |
sleep 5 | |
grep "INFO.*edc-.*ready" log.txt | |
rm log.txt | |
killall java | |
- name: Check Sample 03 | |
run: | | |
./gradlew :samples:03-configuration:shadowJar | |
echo "Checking Sample 03" | |
java -Dedc.fs.config=samples/03-configuration/config.properties -jar samples/03-configuration/build/libs/filsystem-config-connector.jar > log.txt & | |
sleep 5 | |
grep "INFO.*edc-.*ready" log.txt | |
rm log.txt | |
killall java | |
- name: Check Sample 04.0 (Consumer) | |
run: | | |
./gradlew :samples:04.0-file-transfer:consumer:shadowJar | |
echo "Checking Sample 04 - Consumer" | |
java -Dedc.fs.config=samples/04.0-file-transfer/consumer/config.properties -jar samples/04.0-file-transfer/consumer/build/libs/consumer.jar > log.txt & | |
sleep 5 | |
grep "INFO.*edc-.*ready" log.txt | |
rm log.txt | |
killall java | |
- name: Check Sample 04.0 (Provider) | |
run: | | |
echo "Checking Sample 04 - Provider" | |
./gradlew :samples:04.0-file-transfer:provider:shadowJar | |
java -Dedc.fs.config=samples/04.0-file-transfer/provider/config.properties -jar samples/04.0-file-transfer/provider/build/libs/provider.jar > log.txt & | |
sleep 5 | |
grep "INFO.*edc-.*ready" log.txt | |
rm log.txt | |
killall java | |
- name: Check Sample 04.2 (Command-Q/Watchdog) | |
run: | | |
echo "Checking Sample 04.2 - Command-Q/Watchdog" | |
./gradlew :samples:04.2-modify-transferprocess:consumer:shadowJar | |
java -Dedc.fs.config=samples/04.2-modify-transferprocess/consumer/config.properties -jar samples/04.2-modify-transferprocess/consumer/build/libs/consumer.jar > log.txt & | |
sleep 5 | |
grep "INFO.*edc-.*ready" log.txt | |
rm log.txt | |
killall java | |
# we cannot check sample 5 currently because we'd need repo secrets for that (client id,...) | |
Helm-Chart: | |
runs-on: ubuntu-latest | |
name: Test Helm chart in minikube | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Install and start minikube | |
run: | | |
curl -fLo minikube https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 | |
chmod +x minikube | |
./minikube start --wait all | |
- name: Build JARs | |
run: ./gradlew system-tests:runtimes:file-transfer-consumer:shadowJar system-tests:runtimes:file-transfer-provider:shadowJar --no-daemon | |
- name: Test | |
run: | | |
eval $(minikube -p minikube docker-env) | |
chmod +x system-tests/minikube/minikube-test.sh | |
system-tests/minikube/minikube-test.sh | |
- name: Kubernetes logs | |
if: always() | |
run: | | |
set -x | |
kubectl get pods | |
kubectl logs deployment/provider-dataspace-connector --tail=200 | |
kubectl logs deployment/consumer-dataspace-connector --tail=200 | |
Azure-Storage-Integration-Tests: | |
runs-on: ubuntu-latest | |
services: | |
azurite: | |
image: mcr.microsoft.com/azure-storage/azurite | |
ports: | |
- 10000:10000 | |
env: | |
AZURITE_ACCOUNTS: account1:key1;account2:key2 | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Azure Storage Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: | | |
./gradlew -p extensions test -DincludeTags="AzureStorageIntegrationTest" | |
./gradlew -p system-tests/azure-tests test -DincludeTags="AzureStorageIntegrationTest" | |
- name: "Publish Gatling report" | |
uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: Gatling reports | |
path: '**/build/reports/gatling/**' | |
Check-Cosmos-Key: | |
runs-on: ubuntu-latest | |
steps: | |
- id: has-cosmos-key | |
env: | |
HAS_COSMOS_KEY: ${{ secrets.COSMOS_KEY }} | |
if: "${{ env.HAS_COSMOS_KEY != '' }}" | |
run: echo "::set-output name=defined::true" | |
outputs: | |
has-cosmos-key: ${{ steps.has-cosmos-key.outputs.defined }} | |
Azure-CosmosDB-Integration-Tests: | |
# run only if COSMOS_KEY is present | |
needs: [ Check-Cosmos-Key ] | |
if: needs.Check-Cosmos-Key.outputs.has-cosmos-key == 'true' | |
runs-on: ubuntu-latest | |
env: | |
COSMOS_KEY: ${{ secrets.COSMOS_KEY }} | |
COSMOS_URL: ${{ secrets.COSMOS_URL }} | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Azure CosmosDB Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: ./gradlew -p extensions test -DincludeTags="AzureCosmosDbIntegrationTest" | |
Aws-Integration-Tests: | |
runs-on: ubuntu-latest | |
env: | |
S3_ACCESS_KEY_ID: root | |
S3_SECRET_ACCESS_KEY: password | |
services: | |
minio: | |
image: bitnami/minio:latest | |
ports: | |
- 9000:9000 | |
env: | |
MINIO_ROOT_USER: root | |
MINIO_ROOT_PASSWORD: password | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: AWS Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: ./gradlew -p extensions test -DincludeTags="AwsS3IntegrationTest" | |
Daps-Integration-Tests: | |
runs-on: ubuntu-latest | |
steps: | |
- name: reset permissions to permit checkout (because the omejdn volumes) | |
run: sudo chown -R $USER:$USER ${{ github.workspace }} | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- run: docker run -d --rm -p 4567:4567 -v ${{ github.workspace }}/extensions/common/iam/oauth2/daps/src/test/resources/config:/opt/config -v ${{ github.workspace }}/extensions/common/iam/oauth2/daps/src/test/resources/keys:/opt/keys ghcr.io/fraunhofer-aisec/omejdn-server:1.4.2 | |
- name: Daps Integration Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: ./gradlew -p extensions/common/iam/oauth2/daps test -DincludeTags="DapsIntegrationTest" | |
Postgresql-Integration-Tests: | |
runs-on: ubuntu-latest | |
services: | |
postgres: | |
image: postgres:14.2 | |
ports: | |
- 5432:5432 | |
env: | |
POSTGRES_PASSWORD: password | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Postgresql Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: ./gradlew test -DincludeTags="PostgresqlIntegrationTest" | |
Hashicorp-Vault-Integration-Tests: | |
runs-on: ubuntu-latest | |
services: | |
vault: | |
image: vault:1.9.7 | |
ports: | |
- 8200:8200 | |
env: | |
VAULT_DEV_ROOT_TOKEN_ID: test-token | |
VAULT_TOKEN: test-token | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: ./.github/actions/setup-build | |
- name: Hashicorp Vault Integration Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: ./gradlew -p extensions test -DincludeTags="HashicorpVaultIntegrationTest" | |
End-To-End-Tests: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: End to End Integration Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: ./gradlew test -DincludeTags="EndToEndTest" | |
- name: "Publish Gatling report" | |
uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: Gatling reports | |
path: '**/build/reports/gatling/**' | |
Component-Tests: | |
env: | |
JACOCO: true | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Component Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: ./gradlew test jacocoTestReport -DincludeTags="ComponentTest" | |
OpenTelemetry-Integration-Tests: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: Download opentelemetry javaagent | |
run: wget -q https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases/download/v1.12.0/opentelemetry-javaagent.jar | |
- name: OpenTelemetry Integration Tests | |
uses: ./.github/actions/run-tests | |
with: | |
command: | | |
./gradlew -p extensions/common/micrometer test -DincludeTags="OpenTelemetryIntegrationTest" | |
./gradlew -p system-tests/tests test -DincludeTags="OpenTelemetryIntegrationTest" | |
Check-Cloud-Environments: | |
environment: Azure-dev | |
runs-on: ubuntu-latest | |
# Grant permissions to obtain federated identity credentials | |
# see https://docs.github.com/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- id: has-azure | |
env: | |
HAS_AZURE: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
if: "${{ env.HAS_AZURE != '' }}" | |
run: echo "::set-output name=defined::true" | |
outputs: | |
has-azure: ${{ steps.has-azure.outputs.defined }} | |
Azure-Cloud-Integration-Test: | |
needs: [ Check-Cloud-Environments ] | |
if: needs.Check-Cloud-Environments.outputs.has-azure == 'true' | |
environment: Azure-dev | |
runs-on: ubuntu-latest | |
# Grant permissions to obtain federated identity credentials | |
# see https://docs.github.com/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure | |
permissions: | |
id-token: write | |
contents: read | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: ./.github/actions/setup-build | |
- name: 'Az CLI login' | |
uses: azure/login@v1 | |
with: | |
client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
- name: "Fetch Terraform outputs" | |
run: printf "$RUNTIME_SETTINGS" > resources/azure/testing/runtime_settings.properties | |
env: | |
RUNTIME_SETTINGS: ${{ secrets.RUNTIME_SETTINGS }} | |
- name: Data Plane Azure Data Factory Test | |
uses: ./.github/actions/run-tests | |
env: | |
AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} | |
AZURE_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} | |
AZURE_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} | |
with: | |
command: | | |
./gradlew -p extensions/data-plane/data-plane-data-factory test -DincludeTags="AzureDataFactoryIntegrationTest" | |
./gradlew -p system-tests/azure-data-factory-tests test -DincludeTags="AzureDataFactoryIntegrationTest" | |
- name: "Publish Gatling report" | |
uses: actions/upload-artifact@v3 | |
if: always() | |
with: | |
name: Gatling reports | |
path: '**/build/reports/gatling/**' | |
Upload-Test-Report: | |
needs: | |
- Unit-Tests | |
- Azure-Storage-Integration-Tests | |
- Azure-CosmosDB-Integration-Tests | |
- Aws-Integration-Tests | |
- Daps-Integration-Tests | |
- End-To-End-Tests | |
- Postgresql-Integration-Tests | |
- Component-Tests | |
- OpenTelemetry-Integration-Tests | |
- Azure-Cloud-Integration-Test | |
permissions: | |
checks: write | |
pull-requests: write | |
runs-on: ubuntu-latest | |
if: always() | |
steps: | |
- name: Download Artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
path: artifacts | |
- name: Publish Test Results | |
uses: EnricoMi/publish-unit-test-result-action@v2 | |
if: always() | |
with: | |
junit_files: "**/test-results/**/*.xml" | |
Upload-Coverage-Report-To-Codecov: | |
needs: | |
- Unit-Tests | |
- Component-Tests | |
runs-on: ubuntu-latest | |
if: always() | |
steps: | |
# Sources are needed for Codecov report | |
- uses: actions/checkout@v3 | |
- name: Download Artifacts | |
uses: actions/download-artifact@v3 | |
with: | |
path: artifacts | |
- name: CodeCov | |
uses: codecov/codecov-action@v3 |