Bump the npm-production group across 1 directory with 2 updates (#566) #1671
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json | |
# docs: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions | |
name: 🧪 Tests | |
on: | |
push: | |
branches: [master, main] | |
paths-ignore: ['**.md'] | |
tags-ignore: ['**'] | |
pull_request: | |
paths-ignore: ['**.md'] | |
concurrency: | |
group: ${{ github.ref }} | |
cancel-in-progress: true | |
jobs: | |
gitleaks: | |
name: Check for GitLeaks | |
runs-on: ubuntu-latest | |
steps: | |
- {uses: actions/checkout@v4, with: {fetch-depth: 0}} | |
- uses: gacts/gitleaks@v1 | |
validate-openapi: | |
name: Validate OpenAPI schemas | |
runs-on: ubuntu-latest | |
container: stoplight/spectral:5.9 | |
steps: | |
- uses: actions/checkout@v4 | |
- run: spectral lint --verbose --fail-severity warn ./api/*.y*ml # Tool page: <https://github.com/stoplightio/spectral> | |
build-frontend: | |
name: Lint and build the frontend | |
runs-on: ubuntu-latest | |
env: {FORCE_COLOR: 'true', NPM_CONFIG_UPDATE_NOTIFIER: 'false'} | |
defaults: {run: {working-directory: ./web}} | |
steps: | |
- uses: actions/checkout@v4 | |
- {uses: actions/setup-node@v4, with: {node-version: 22, cache: 'npm', cache-dependency-path: web/package-lock.json}} | |
- run: npm ci --no-audit --prefer-offline && npm run generate | |
- run: npm run lint | |
- run: npm run build | |
- uses: actions/upload-artifact@v4 | |
with: {path: ./web/dist, name: frontend-dist, if-no-files-found: error, retention-days: 1} | |
golangci-lint: | |
name: Run GolangCI-lint | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- {uses: actions/setup-go@v5, with: {go-version-file: go.mod}} | |
- run: | | |
mkdir ./web/dist && touch ./web/dist/index.html # is needed for go:embed | |
go install "github.com/deepmap/oapi-codegen/v2/cmd/[email protected]" | |
go generate ./... | |
- uses: golangci/golangci-lint-action@v6 | |
go-test: | |
name: Run unit-tests (Go) | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- {uses: actions/setup-go@v5, with: {go-version-file: go.mod}} | |
- run: | | |
mkdir ./web/dist && touch ./web/dist/index.html # is needed for go:embed | |
go install "github.com/deepmap/oapi-codegen/v2/cmd/[email protected]" | |
go generate ./... | |
- run: go test -race -covermode=atomic ./... | |
build-app: | |
name: Build the app (${{ matrix.os }} / ${{ matrix.arch }}) | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
os: [linux, windows, darwin] # linux, freebsd, darwin, windows | |
arch: [amd64] # amd64, 386 | |
needs: [validate-openapi, golangci-lint, go-test, build-frontend] | |
steps: | |
- uses: actions/checkout@v4 | |
- {uses: actions/setup-go@v5, with: {go-version-file: go.mod}} | |
- uses: actions/download-artifact@v4 | |
with: {path: web/dist, name: frontend-dist} | |
- run: | | |
go install "github.com/deepmap/oapi-codegen/v2/cmd/[email protected]" | |
go generate ./... | |
- {uses: gacts/github-slug@v1, id: slug} | |
- env: | |
GOOS: ${{ matrix.os }} | |
GOARCH: ${{ matrix.arch }} | |
CGO_ENABLED: 0 | |
LDFLAGS: -s -w -X gh.tarampamp.am/webhook-tester/internal/version.version=${{ steps.slug.outputs.commit-hash-short }} | |
run: go build -trimpath -ldflags "$LDFLAGS" -o /tmp/webhook-tester ./cmd/webhook-tester/ | |
- name: Try to execute | |
if: matrix.os == 'linux' | |
run: /tmp/webhook-tester --version && /tmp/webhook-tester -h | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: webhook-tester-${{ matrix.os }}-${{ matrix.arch }} | |
path: /tmp/webhook-tester | |
if-no-files-found: error | |
retention-days: 3 | |
build-docker-image: | |
name: Build the docker image | |
runs-on: ubuntu-latest | |
#needs: [validate-openapi, golangci-lint, go-test, build-frontend] # speed up tests pipeline | |
steps: | |
- uses: actions/checkout@v4 | |
- {uses: gacts/github-slug@v1, id: slug} | |
- uses: docker/build-push-action@v6 | |
with: | |
context: . | |
push: false | |
build-args: "APP_VERSION=${{ steps.slug.outputs.commit-hash-short }}" | |
tags: app:local | |
- run: docker run --rm app:local --version | |
- run: docker save app:local > ./docker-image.tar | |
- uses: actions/upload-artifact@v4 | |
with: {path: ./docker-image.tar, name: docker-image, retention-days: 1} | |
scan-docker-image: | |
name: Scan the docker image | |
runs-on: ubuntu-latest | |
needs: [build-docker-image] | |
steps: | |
- uses: actions/checkout@v4 # is needed for `upload-sarif` action | |
- uses: actions/download-artifact@v4 | |
with: {name: docker-image} | |
- uses: aquasecurity/[email protected] | |
with: | |
input: docker-image.tar | |
format: sarif | |
severity: MEDIUM,HIGH,CRITICAL | |
exit-code: 1 | |
output: trivy-results.sarif | |
- uses: github/codeql-action/upload-sarif@v3 | |
if: always() | |
continue-on-error: true | |
with: {sarif_file: trivy-results.sarif} | |
e2e-test-app: | |
name: End-to-End tests (${{ matrix.storage-driver }} storage, ${{ matrix.pubsub-driver }} pubsub) | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
storage-driver: [memory, redis] | |
pubsub-driver: [memory, redis] | |
services: | |
redis: | |
image: redis:7-alpine | |
ports: ['6379:6379/tcp'] | |
options: --health-cmd "redis-cli ping" --health-interval 3s --health-timeout 2s --health-retries 3 | |
needs: [build-app] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: {name: webhook-tester-linux-amd64} | |
- run: | | |
chmod +x ./webhook-tester | |
./webhook-tester serve --port 8081 \ | |
--storage-driver "${{ matrix.storage-driver }}" \ | |
--pubsub-driver "${{ matrix.pubsub-driver }}" \ | |
--redis-dsn "redis://127.0.0.1:6379/0" & | |
- uses: gacts/install-hurl@v1 | |
- run: hurl --color --test --fail-at-end --variable host=127.0.0.1 --variable port=8081 ./test/hurl/*/*.hurl | |
e2e-docker-image: | |
name: Docker image End-to-End tests | |
runs-on: ubuntu-latest | |
services: | |
redis: | |
image: redis:7-alpine | |
ports: ['6379:6379/tcp'] | |
options: --health-cmd "redis-cli ping" --health-interval 3s --health-timeout 2s --health-retries 3 | |
needs: [build-docker-image] | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: actions/download-artifact@v4 | |
with: {name: docker-image} | |
- name: Load the image with the app | |
run: docker load < docker-image.tar | |
- name: Run docker image with app | |
run: | | |
docker run --rm -d \ | |
--network host \ | |
--name app \ | |
-p "8081:8081/tcp" \ | |
-e "STORAGE_DRIVER=redis" \ | |
-e "PUBSUB_DRIVER=redis" \ | |
-e "REDIS_DSN=redis://127.0.0.1:6379/0" \ | |
-e "LISTEN_PORT=8081" \ | |
app:local | |
- uses: gacts/install-hurl@v1 | |
- run: hurl --color --test --fail-at-end --variable host=127.0.0.1 --variable port=8081 ./test/hurl/*/*.hurl | |
- if: always() | |
run: docker kill app |