-
-
Notifications
You must be signed in to change notification settings - Fork 201
181 lines (176 loc) · 5.47 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
name: CI
on:
push:
branches:
- main
pull_request: ~
workflow_dispatch: ~
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
tests:
name: Tests
runs-on: ubuntu-latest
permissions:
contents: 'read'
id-token: 'write'
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Build Docker images
uses: docker/bake-action@v4
with:
pull: true
load: true
files: |
compose.yaml
compose.override.yaml
set: |
*.cache-from=type=gha,scope=${{github.ref}}
*.cache-from=type=gha,scope=refs/heads/main
*.cache-to=type=gha,scope=${{github.ref}},mode=max
-
name: Start services
run: docker compose up --wait --no-build
-
name: Debug services
if: failure()
run: |
docker compose ps
docker compose logs
-
name: Check HTTP reachability
run: curl -v -o /dev/null http://localhost
-
name: Check API reachability
run: curl -vk -o /dev/null https://localhost
-
name: Check PWA reachability
run: "curl -vk -o /dev/null -H 'Accept: text/html' https://localhost"
-
name: Create test database
run: docker compose exec -T php bin/console -e test doctrine:database:create
-
name: Run migrations
run: docker compose exec -T php bin/console -e test doctrine:migrations:migrate --no-interaction
-
name: Run PHPUnit
run: docker compose exec -T php bin/phpunit
-
name: Doctrine Schema Validator
run: docker compose exec -T php bin/console -e test doctrine:schema:validate
-
name: Run Psalm
run: docker compose exec -T php vendor/bin/psalm
-
name: Lint PWA
run: docker compose exec -T pwa pnpm lint
# run e2e tests iso-prod
e2e-tests:
name: E2E Tests
runs-on: ubuntu-latest
permissions:
contents: 'read'
id-token: 'write'
env:
PHP_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/php:latest
PWA_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/pwa:latest
KEYCLOAK_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/keycloak:latest
APP_SECRET: ba63418865d58089f7f070e0a437b6d16b1fb970
CADDY_MERCURE_JWT_SECRET: 33b04d361e437e0d7d715600fc24fdefba317154
NEXTAUTH_SECRET: 77e4c3f5a6fb652b6245a5df8a704e04ad90bc7e
POSTGRES_PASSWORD: aae5bf316ef5fe87ad806c6a9240fff68bcfdaf7
KEYCLOAK_POSTGRES_PASSWORD: 26d7f630f1524eb210bbf496443f2038a9316e9e
KEYCLOAK_ADMIN_PASSWORD: 2f31e2fad93941b818449fd8d57fd019b6ce7fa5
KEYCLOAK_HTTPS_CERTIFICATE_FILE: ./helm/api-platform/keycloak/certs/tls.crt
KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE: ./helm/api-platform/keycloak/certs/tls.pem
# https://docs.docker.com/compose/environment-variables/envvars/#compose_file
COMPOSE_FILE: compose.yaml:compose.prod.yaml:compose.e2e.yaml
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Build Docker Images
uses: docker/bake-action@v4
with:
pull: true
load: true
files: |
compose.yaml
compose.prod.yaml
set: |
*.cache-from=type=gha,scope=${{github.ref}}-e2e
*.cache-from=type=gha,scope=${{github.ref}}
*.cache-from=type=gha,scope=refs/heads/main
*.cache-to=type=gha,scope=${{github.ref}}-e2e,mode=max
-
name: Start Services
run: docker compose up --wait --no-build
-
name: Debug Services
if: failure()
run: |
docker compose ps
docker compose logs
-
name: Load Fixtures
run: docker compose run --rm php bin/console doctrine:fixtures:load --no-interaction
-
name: Cache Playwright Binaries
uses: actions/cache@v3
with:
path: ~/.cache/ms-playwright
key: ${{ runner.os }}-playwright
-
name: Install PNPM
uses: pnpm/action-setup@v2
with:
version: 8.6.2
-
name: Install Dependencies
working-directory: pwa
run: pnpm install
-
name: Install Playwright Browsers
working-directory: pwa
run: pnpm exec playwright install --with-deps
-
name: Run Playwright @read
working-directory: pwa
# don't run @read and @write scenarios to prevent conflict between them
run: pnpm exec playwright test --grep @read
-
name: Run Playwright @write
working-directory: pwa
# run all e2e tests even if @read ones fail
if: ${{ !cancelled() }}
# use 1 worker to prevent conflict between scenarios
run: pnpm exec playwright test --grep @write --workers=1
-
uses: actions/upload-artifact@v3
if: failure()
with:
name: playwright-screenshots
path: pwa/test-results
lint:
name: Docker Lint
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Lint Dockerfiles
uses: hadolint/[email protected]
with:
recursive: true