generated from CDCgov/template
-
Notifications
You must be signed in to change notification settings - Fork 6
126 lines (97 loc) · 2.77 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: Continuous Integration
on:
pull_request:
branches:
- main
workflow_call:
jobs:
unit-tests:
name: Unit Tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: corretto
cache: gradle
- name: Run unit tests
run: ./gradlew clean allUnitTests testCodeCoverageReport jacocoTestCoverageVerification
docker-build-test:
name: Docker Build Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: corretto
cache: gradle
- name: ShadowJar
run: ./gradlew shadowJar
- name: Run Container
run: docker compose up --build -d
e2e-tests:
name: End-to-end Tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: corretto
cache: gradle
- name: Run e2e tests
run: ./e2e-execute.sh
lint:
name: Linting
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # helps with Sonar scanning
- uses: actions/setup-java@v4
with:
java-version: 17
distribution: corretto
cache: gradle
- name: Code Formatting
run: ./gradlew spotlessCheck
- name: Sonar
run: ./gradlew allBuilds testCodeCoverageReport e2e:assemble rs-e2e:assemble sonar --info
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- name: Terraform Formatting
working-directory: operations
run: terraform fmt -recursive -check
securityScanAnalyze:
name: CodeQL Security Scan
uses: ./.github/workflows/codeql_reusable.yml
migration-test:
name: Database Migration Test
runs-on: ubuntu-latest
services:
postgres:
image: postgres:latest
env:
POSTGRES_DB: testdb
POSTGRES_USER: testuser
POSTGRES_PASSWORD: dogcow #pragma: allowlist secret
ports:
- 5432:5432
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- uses: actions/checkout@v4
- name: Run Db migration
uses: liquibase-github-actions/update@v4.30.0
with:
changelogFile: ./etor/databaseMigrations/root.yml
url: "jdbc:postgresql://postgres:5432/testdb"
username: testuser
password: dogcow #pragma: allowlist secret
labelFilter: '!azure'