-
Notifications
You must be signed in to change notification settings - Fork 19
382 lines (325 loc) · 13.4 KB
/
workflow.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
name: RSpec Jest Lint Workflow
on:
workflow_dispatch:
pull_request:
types: [opened, reopened, synchronize]
# Use this flag to turn on/off RSpec. Please go to the lint & js_test job to disable the boolean
env:
rspec_active: true
FORCE_COLOR: "1" #Forces color within GHA - Note RSPEC still won't use color see line 199 --tty for rspec color
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
jobs:
# This job runs the main deployment of caseflow
caseflow_rspec_job:
runs-on: ubuntu-8-cores-latest
timeout-minutes: 45
services:
postgres:
image: postgres:14.8
env:
POSTGRES_USER: root
POSTGRES_PASSWORD: password
POSTGRES_DB: caseflow_certification_test
ports:
- 5432:5432
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
redis:
image: redis:4.0.10
ports:
- 6379:6379
facols_db:
image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/facols:latest
credentials:
username: AWS
password: ${{ secrets.VAEC_ECR_PASSWORD }}
ports:
- 1521:1521
localstack:
image: localstack/localstack:0.14.5
ports:
- 4566:4566
env:
SERVICES: "sqs"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
strategy:
fail-fast: false
matrix:
ci_node_total: [12]
ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11]
container:
image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
options: --privileged # Necessary for Rspec to run with our configuration within GHA
credentials:
username: AWS
password: ${{ secrets.VAEC_ECR_PASSWORD }}
env:
DBUS_SESSION_BUS_ADDRESS: /dev/null
RAILS_ENV: test
NODE_ENV: test
BUNDLE_PATH: vendor/bundle
COVERAGE_DIR: /home/circleci/coverage-${{matrix.ci_node_index}} #circleci is the USER
POSTGRES_HOST: postgres
POSTGRES_USER: root
POSTGRES_PASSWORD: password
KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC: ${{ secrets.KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC }}
KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }}
KNAPSACK_PRO_CI_NODE_INDEX: ${{ matrix.ci_node_index }}
KNAPSACK_PRO_LOG_LEVEL: info
KNAPSACK_PRO_FIXED_QUEUE_SPLIT: true
KNAPSACK_PRO_TEST_FILE_EXCLUDE_PATTERN: "spec/seeds/**/*_spec.rb"
WD_INSTALL_DIR: .webdrivers
CI: true
REDIS_URL_CACHE: redis://redis:6379/0/cache/
TEST_VACOLS_HOST: facols_db
steps:
- uses: actions/checkout@v3
- name: install node version
uses: actions/setup-node@v4
with:
node-version: '16.16.0'
# If we don't explicitly set this, the runner doesn't find the path when trying to save the cache
- name: Set yarn cache directory
id: set-yarn-cache-dir
run: mkdir -p ~/.cache/yarn && yarn config set cache-folder ~/.cache/yarn
- name: restore yarn cache
id: cache-yarn-cache
uses: actions/cache/restore@v3
with:
# hashFiles('client/yarn.lock') will use a unique cache based on dependencies so that we don't
# create a cache for each target branch
key: yarn-cache-${{ hashFiles('client/yarn.lock') }}
# We are including node_modules because most of the time is used to build the dependencies
path: |
node_modules
client/node_modules
~/.cache/yarn
restore-keys: yarn-cache-${{ hashFiles('client/yarn.lock') }}
# We run yarn install after loading the cache to update any dependencies if their version is different
- name: Install Node Dependencies
run: ./ci-bin/capture-log "cd client && yarn install --frozen-lockfile --prefer-offline"
- name: Save Yarn Cache
if: steps.cache-yarn-cache.outputs.cache-hit != 'true'
uses: actions/cache/save@v3
with:
key: yarn-cache-${{ hashFiles('client/yarn.lock') }}
path: |
node_modules
client/node_modules
~/.cache/yarn
- name: setup testfiles directory
run: ./ci-bin/capture-log "mkdir -p tmp/testfiles"
- name: Install Chrome
run: |
apt-get update
wget --no-verbose -O /tmp/chrome.deb https://dl.google.com/linux/chrome/deb/pool/main/g/google-chrome-stable/google-chrome-stable_127.0.6533.119-1_amd64.deb \
&& apt install -y /tmp/chrome.deb \
&& rm /tmp/chrome.deb
echo "Chrome exe name: $(ls /usr/bin | chrome)"
echo "Chrome version: $(google-chrome --version)"
# wkhtmltopdf is a required library for certain rspec tests to pass
- name: Restore wkhtmltopdf
id: cache-wkhtmltopdf
uses: actions/cache/restore@v3
with:
key: ${{ runner.os }}-wkhtmltopdf
path: wkhtmltox_0.12.6-1.focal_amd64.deb
- name: Download wkhtmltopdf
if: steps.cache-wkhtmltopdf.outputs.cache-hit != 'true'
run: wget https://github.com/wkhtmltopdf/packaging/releases/download/0.12.6-1/wkhtmltox_0.12.6-1.focal_amd64.deb
- name: Install wkhtmltopdf
run: apt install ./wkhtmltox_0.12.6-1.focal_amd64.deb
- name: Cache wkhtmltopdf
if: steps.cache-wkhtmltopdf.outputs.cache-hit != 'true'
uses: actions/cache/save@v3
with:
key: ${{ runner.os }}-wkhtmltopdf
path: wkhtmltox_0.12.6-1.focal_amd64.deb
- name: Restore Ruby Dependencies
id: cache-ruby-dependencies
uses: actions/cache/restore@v3
with:
key: bundler-gems
path: vendor/bundle
restore-keys: bundler-gems
- name: Install/Update Ruby Dependencies
run: |
ruby -v
BASH_ENV="Bash"
echo 'export BUNDLER_VERSION=$(cat Gemfile.lock | tail -1 | tr -d " ")' >> "$BASH_ENV"
export BUNDLER_VERSION=$(cat Gemfile.lock | tail -1 | tr -d " ")
gem install bundler
bundle install --path vendor/bundle
- name: Cache Ruby Dependencies
if: steps.cache-ruby-dependencies.outputs.cache-hit != 'true'
uses: actions/cache/save@v3
with:
key: bundler-gems
path: vendor/bundle
- name: Install Dockerize
run: |
DOCKERIZE_VERSION="v0.6.1"
wget https://github.com/jwilder/dockerize/releases/download/${DOCKERIZE_VERSION}/dockerize-linux-amd64-${DOCKERIZE_VERSION}.tar.gz \
&& sudo tar -C /usr/local/bin -xzvf dockerize-linux-amd64-${DOCKERIZE_VERSION}.tar.gz \
&& rm dockerize-linux-amd64-${DOCKERIZE_VERSION}.tar.gz
- name: "Wait for database"
run: dockerize -wait tcp://postgres:5432 -timeout 1m
- name: "Wait for localstack"
run: dockerize -wait tcp://localstack:4566 -timeout 30s
- name: "Wait for FACOLS"
run: ./ci-bin/capture-log "bundle exec rake local:vacols:wait_for_connection"
- name: Database setup
run: |
./ci-bin/capture-log "bundle exec rake db:create:etl db:schema:load:etl"
./ci-bin/capture-log "bundle exec rake db:create:primary db:schema:load:primary"
./ci-bin/capture-log "make -f Makefile.example external-db-create"
# added line to create external table(s) that are needed for tests
# We don't want to seed DBs here because DatabaseCleaner just truncates it anyway. The setup_vacols
# rake task needs to be run because it adds data to two tables that are ignored by DBCleaner
- name: Seed databases
run: |
./ci-bin/capture-log "bundle exec rake spec:setup_vacols"
- name: Assets Precompile
run: |
./ci-bin/capture-log "bundle exec rake assets:precompile"
# Changing the user and permissions as Chrome/Chromedriver can't run as root
- name: RSpec via knapsack_pro Queue Mode
run: |
mkdir -p ./test-results/rspec
mkdir .webdrivers
touch log/selenium-chrome.log
chmod -R 777 ${GITHUB_WORKSPACE}
export GHA_NODE_INDEX=${{matrix.ci_node_index}}
runuser -u circleci bundle exec rake "knapsack_pro:queue:rspec[--format documentation --format RSpec::Github::Formatter --tty]"
# --format RSpec::Github::Formatter use in Rspec-github gem, adds more detailed info to GHA "Annotations"
# --tty forces Rspec to produce color
# circleci is the USER
# Artifacts --- circleci is the USER
- run: (cd /home/circleci && tar -zcvf coverage-${{matrix.ci_node_index}}.tar.gz coverage-${{matrix.ci_node_index}})
- uses: actions/upload-artifact@v3
if: success()
with:
path: /home/circleci/coverage-${{matrix.ci_node_index}}.tar.gz #circleci is the USER
- uses: actions/upload-artifact@v3
# Run even if there is a failure in the previous steps, but not if the run is cancelled
if: success() || failure()
name: capybara-artifacts
with:
path: ./tmp/capybara
- name: Rename examples.txt
if: success() || failure()
run: mv ./tmp/examples.txt ./tmp/examples-${{matrix.ci_node_index}}.txt
- uses: actions/upload-artifact@v3
if: success() || failure()
name: Upload tmp/examples.txt
with:
path: ./tmp/examples-${{matrix.ci_node_index}}.txt
- name: Compress test logs
if: failure()
run: tar -czvf ./log/test-${{matrix.ci_node_index}}.log.tar.gz ./log/test.log
- uses: actions/upload-artifact@v3
if: failure()
name: Upload test logs if failure
with:
path: ./log/test-${{matrix.ci_node_index}}.log.tar.gz
- name: Rename bullet.log
if: success() || failure()
run: mv ./log/bullet.log ./log/bullet-${{matrix.ci_node_index}}.log
- uses: actions/upload-artifact@v3
if: success() || failure()
name: bullet-${{matrix.ci_node_index}}.log
with:
path: ./log/bullet-${{matrix.ci_node_index}}.log
caseflow_jest_job:
# This job will run the jest, change the value below to false if you wish to turn it off.
if: true
runs-on: ubuntu-latest
container:
image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
credentials:
username: AWS
password: ${{ secrets.VAEC_ECR_PASSWORD }}
env:
DBUS_SESSION_BUS_ADDRESS: /dev/null
RAILS_ENV: test
NODE_ENV: test
JEST_DIR: /home/circleci/test-results/jest #circleci is the USER
TEST_REPORTER: jest-junit
JEST_JUNIT_OUTPUT_DIR: /home/circleci/test-results/jest #circleci is the USER
COVERAGE_DIR: /home/circleci/coverage #circleci is the USER
steps:
- name: Install Chrome
run: |
apt-get update
wget --no-verbose -O /tmp/chrome.deb https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb \
&& apt install -y /tmp/chrome.deb \
&& rm /tmp/chrome.deb
- name: Checkout
uses: actions/checkout@v3
- name: Install Python-2
run: |
sudo apt-get update
sudo apt-get install -y python2
- name: install node version
uses: actions/setup-node@v4
with:
node-version: '16.16.0'
- name: validate node version
run: ./ci-bin/capture-log "node -v"
- name: install_node_dependencies
run: ./ci-bin/capture-log "cd client && yarn install --frozen-lockfile"
- name: jest
shell: bash
run: |
npm install --save-dev jest
mkdir -p ./test-results/jest
pushd client
../ci-bin/capture-log "node_modules/.bin/jest --ci --reporters=default --reporters=jest-junit --maxWorkers=4"
- name: store_test_results
uses: actions/upload-artifact@v3
with:
path: ./test-results
- name: store logs
uses: actions/upload-artifact@v3
with:
path: ./all_logs.log
caseflow_lint_job:
# This job will run the security lint checker, change the value below to false if you wish to turn it off.
if: true
runs-on: ubuntu-latest
container:
image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
credentials:
username: AWS
password: ${{ secrets.VAEC_ECR_PASSWORD }}
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: "0"
- name: Install Ruby Dependencies
run: |
ruby -v
BUNDLER_V=$(cat ./Gemfile.lock | tail -1 | tr -d " ")
echo $BUNDLER_V
gem install bundler:$BUNDLER_V
bundle install --path vendor/bundle
- name: install node version
uses: actions/setup-node@v4
with:
node-version: '16.16.0'
- name: Install Node Dependencies
run: ./ci-bin/capture-log "cd client && yarn install --frozen-lockfile"
# - name: Danger
# run: ./ci-bin/capture-log "bundle exec danger"
# env:
# DANGER_GITHUB_API_TOKEN: ${{ secrets.DANGER_GITHUB_API_TOKEN }}
- name: Lint
run: ./ci-bin/capture-log "bundle exec rake lint"
if: ${{ always() }}
# - name: Security
# run: ./ci-bin/capture-log "bundle exec rake security"
# if: ${{ always() }}