Skip to content

add the post-cert-succession root to the monitor #730

add the post-cert-succession root to the monitor

add the post-cert-succession root to the monitor #730

Workflow file for this run

name: Tests
on:
push:
branches:
- main
pull_request:
branches:
- main
schedule:
- cron: "0 1 * * *"
# Restrict tests to the most recent commit.
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
build:
name: Build Docker Images
runs-on: ubuntu-22.04
outputs:
testcases: ${{ steps.enum-tests.outputs.testcases }}
steps:
- name: Clone repository
uses: actions/checkout@v4
- name: Build images
shell: bash
run: make generate build
- name: Save images
shell: bash
run: |
mkdir -p docker-cache
docker save -o docker-cache/autograph-images.tar autograph-app autograph-app-hsm
- name: Enumerate tests
id: enum-tests
shell: bash
run: |
echo -n "testcases=" >> $GITHUB_OUTPUT
yq -o=json '.services | keys' tools/autograph-client/integration-tests.yml | jq -c >> $GITHUB_OUTPUT
- uses: actions/upload-artifact@v4
with:
name: autograph-images-${{ github.sha }}
path: docker-cache/
lint:
name: Linting
runs-on: ubuntu-22.04
permissions:
# Required: allow read access to the content for analysis.
contents: read
# Optional: allow read access to pull request. Use with `only-new-issues` option.
pull-requests: read
# Optional: allow write access to checks to allow the action to annotate code in the PR.
checks: write
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version-file: "./go.mod"
- name: golangci-lint
# If you bump this version, double check that we shouldn't also bump
# GOLANGCI_LINT_VERSION in the Makefile. (The version here is for the
# GitHub Action and the one in the Makefile is for the actual version of
# golangci-lint.)
uses: golangci/[email protected]
with:
args: --timeout 5m
unit-tests:
name: Run Unit Tests
runs-on: ubuntu-22.04
needs:
- build
steps:
- name: Clone repository
uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: autograph-images-${{ github.sha }}
path: docker-cache/
- name: Load images
shell: bash
run: docker load -i docker-cache/autograph-images.tar
- name: Run Tests
shell: bash
run: |
docker compose run unit-test
integration-tests:
name: Run Integration Tests
runs-on: ubuntu-22.04
needs:
- build
strategy:
fail-fast: false # Don't cancel other jobs if a test fails
matrix:
testcase: ${{ fromJSON(needs.build.outputs.testcases) }}
steps:
- name: Clone repository
uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: autograph-images-${{ github.sha }}
path: docker-cache/
- name: Load images
shell: bash
run: docker load -i docker-cache/autograph-images.tar
- name: Running ${{ matrix.testcase }}
shell: bash
run: docker compose -f tools/autograph-client/integration-tests.yml run ${{ matrix.testcase }}
- name: Fetching autograph logs
shell: bash
if: ${{ always() }}
run: |
if echo "${{ matrix.testcase }}" | grep -q hsm; then
docker compose -f tools/autograph-client/integration-tests.yml logs app-hsm
else
docker compose -f tools/autograph-client/integration-tests.yml logs app
fi
# A hack around matrix jobs not reporting their status up through the job that
# created them. See
# https://github.com/orgs/community/discussions/26822#discussioncomment-8285141
# and
# https://github.com/orgs/community/discussions/26822#discussioncomment-3305794
integration-tests-results:
if: ${{ always() }}
name: Check Integration Test Results (See the individual Run Integration Tests jobs for details)
runs-on: ubuntu-22.04
needs:
- integration-tests
steps:
- name: See the individual Run Integration Tests jobs for details
run:
exit 1
# see https://stackoverflow.com/a/67532120/4907315
if: >-
${{
contains(needs.*.result, 'failure')
|| contains(needs.*.result, 'cancelled')
|| contains(needs.*.result, 'skipped')
}}