Or 2938 vertpervcode #357
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "[CICD] Pre-merge (Coffee break)" | |
| on: | |
| pull_request: | |
| types: [ opened, reopened, synchronize ] | |
| branches: | |
| - main | |
| jobs: | |
| analyze-code: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Parse repository name | |
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | |
| shell: bash | |
| - name: Setup .NET Core | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ vars.VBR_DOTNET_VERSION_9 }} | |
| - name: .NET version | |
| shell: bash | |
| run: dotnet --info | |
| - name: Cache SonarCloud packages | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/sonar/cache | |
| key: ${{ runner.os }}-sonar | |
| restore-keys: ${{ runner.os }}-sonar | |
| - name: Set up JDK 17 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: 17 | |
| distribution: oracle | |
| - name: Restore dotnet tools | |
| shell: bash | |
| run: | | |
| dotnet tool restore | |
| - name: Cache SonarCloud scanner | |
| id: cache-sonar-scanner | |
| uses: actions/cache@v4 | |
| with: | |
| path: ./.sonar/scanner | |
| key: ${{ runner.os }}-sonar-scanner | |
| restore-keys: ${{ runner.os }}-sonar-scanner | |
| - name: Install SonarCloud scanner | |
| if: steps.cache-sonar-scanner.outputs.cache-hit != 'true' | |
| shell: bash | |
| run: | | |
| mkdir .sonar | |
| mkdir .sonar/scanner | |
| dotnet tool update dotnet-sonarscanner --tool-path ./.sonar/scanner | |
| - name: Start sonar scanner | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.VBR_ACTIONS_TOKEN }} # Needed to get PR information, if any | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| shell: bash | |
| run: | | |
| ./.sonar/scanner/dotnet-sonarscanner begin /k:"Informatievlaanderen_association-registry" /o:"informatievlaanderen" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io" /d:sonar.cs.dotcover.reportsPaths=dotCover.Output.html | |
| - name: Dotnet restore | |
| shell: bash | |
| run: dotnet restore --runtime linux-x64 | |
| - name: Dotnet build | |
| shell: bash | |
| run: dotnet build --no-restore | |
| - name: Analyze with sonar scanner | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.VBR_ACTIONS_TOKEN }} # Needed to get PR information, if any | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| shell: bash | |
| run: | | |
| ./.sonar/scanner/dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}" | |
| build-sync-lambda: | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| runs-on: ubuntu-latest | |
| name: Build Sync Lambda | |
| steps: | |
| - name: Check version | |
| shell: bash | |
| run: echo $SEMVER | |
| env: | |
| SEMVER: ${{ needs.set-release-version.outputs.version }} | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Parse repository name | |
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | |
| shell: bash | |
| - name: Setup .NET Core | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ vars.VBR_DOTNET_VERSION_9 }} | |
| - name: .NET version | |
| shell: bash | |
| run: dotnet --info | |
| - name: Restore dotnet tools | |
| shell: bash | |
| run: | | |
| dotnet tool restore | |
| - name: Package lambda | |
| if: inputs.semver != 'none' | |
| shell: bash | |
| run: cd src/AssociationRegistry.KboMutations.SyncLambda && dotnet lambda package AssociationRegistry.KboMutations.SyncLambda.csproj --region ${{ secrets.VBR_AWS_REGION }} | |
| run-tests: | |
| if: github.repository_owner == 'Informatievlaanderen' | |
| name: Run Tests | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| projects: | |
| [ | |
| "test/AssociationRegistry.Test", | |
| "test/AssociationRegistry.Test.Acm.Api", | |
| "test/AssociationRegistry.Test.Admin.Api", | |
| "test/AssociationRegistry.Test.Admin.AddressSync", | |
| "test/AssociationRegistry.Test.E2E", | |
| "test/AssociationRegistry.Test.PowerBi.ExportHost", | |
| "test/AssociationRegistry.Test.Public.Api", | |
| "test/AssociationRegistry.Test.Projections", | |
| ] | |
| steps: | |
| - name: Display disk space | |
| run: | | |
| df -h | |
| - name: Delete huge unnecessary tools folder | |
| run: rm -rf /opt/hostedtoolcache | |
| - name: Display disk space | |
| run: | | |
| df -h | |
| - name: Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: Run es container | |
| shell: bash | |
| if: matrix.projects == 'test/AssociationRegistry.Test.Public.Api' || matrix.projects == 'test/AssociationRegistry.Test.Admin.Api' || matrix.projects == 'test/AssociationRegistry.Test.E2E' || matrix.projects == 'test/AssociationRegistry.Test.Projections' | |
| run: | | |
| docker run -d --name elasticsearch -p 9200:9200 -m 2g -e ELASTIC_PASSWORD=local_development -e discovery.type=single-node -e xpack.security.transport.ssl.enabled=false docker.elastic.co/elasticsearch/elasticsearch:8.18.1 | |
| - name: Run localstack container | |
| shell: bash | |
| if: matrix.projects == 'test/AssociationRegistry.Test.Public.Api' || matrix.projects == 'test/AssociationRegistry.Test.Admin.Api' || matrix.projects == 'test/AssociationRegistry.Test.E2E' | |
| run: | | |
| docker run -d --name localstack -v ${{ github.workspace }}/.localstack/init:/etc/localstack/init -p 4566:4566 -p 4510-4559:4510-4559 -e SERVICES=sqs,s3 -e DOCKER_HOST=unix:///var/run/docker.sock -e DEFAULT_REGION=us-east-1 -e DEBUG=1 -e PORT_WEB_UI=8080 localstack/localstack | |
| - name: Run wiremock container | |
| shell: bash | |
| if: matrix.projects == 'test/AssociationRegistry.Test.Admin.Api' || matrix.projects == 'test/AssociationRegistry.Test.E2E' || matrix.projects == 'test/AssociationRegistry.Test' | |
| run: | | |
| docker run -d --name wiremock -v ${{ github.workspace }}/wiremock:/home/wiremock -p 8080:8080 wiremock/wiremock:2.35.0-1 --global-response-templating --verbose | |
| - name: Run ACM container | |
| shell: bash | |
| if: matrix.projects == 'test/AssociationRegistry.Test.Acm.Api' || matrix.projects == 'test/AssociationRegistry.Test.Admin.Api' || matrix.projects == 'test/AssociationRegistry.Test.E2E' | |
| run: | | |
| docker run -d --name acm -p 5051:80 -v ${{ github.workspace }}/identityserver:/home/identityserver ghcr.io/informatievlaanderen/identity-server-fake:1284967 | |
| - name: Run template db container | |
| shell: bash | |
| run: | | |
| docker run -d --name db -p 5432:5432 -e POSTGRES_USER=root -e POSTGRES_PASSWORD=root postgres:15.0 | |
| - name: Create OpenTelemetry config from secret | |
| run: echo "${{ secrets.OTEL_COLLECTOR_CONFIG }}" > otel-collector-config.yaml | |
| - name: Run OpenTelemetry container | |
| shell: bash | |
| run: | | |
| docker run -d --name otel-collector -p 4317:4317 -v ${{ github.workspace }}/otel-collector-config.yaml:/etc/otel-collector-config.yaml otel/opentelemetry-collector-contrib --config=/etc/otel-collector-config.yaml | |
| - name: Cache Python | |
| uses: actions/cache@v4 | |
| env: | |
| cache-name: cache-pip | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-build-${{ env.cache-name }} | |
| - name: Parse repository name | |
| run: echo REPOSITORY_NAME=$(echo "$GITHUB_REPOSITORY" | awk -F / '{print $2}' | sed -e "s/:refs//") >> $GITHUB_ENV | |
| shell: bash | |
| - name: Setup .NET Core | |
| uses: actions/setup-dotnet@v4 | |
| with: | |
| dotnet-version: ${{ vars.VBR_DOTNET_VERSION_9 }} | |
| - name: .NET version | |
| shell: bash | |
| run: dotnet --info | |
| - name: Restore dotnet tools | |
| shell: bash | |
| run: | | |
| dotnet tool restore | |
| - name: Dotnet restore | |
| shell: bash | |
| run: dotnet restore --runtime linux-x64 | |
| - name: Dotnet build | |
| shell: bash | |
| run: dotnet build --no-restore | |
| - name: Wait for db container | |
| shell: bash | |
| run: | | |
| timeout 90s bash -c "until docker exec db pg_isready ; do sleep 5 ; done" | |
| - name: Setup golden master template | |
| shell: bash | |
| run: | | |
| echo "Setting up golden master template with full migrations..." | |
| # First: Build and run local migrations to create base schema (like docker-compose) | |
| cd migrations/local && docker build . --build-arg CI_BUILD_NUMBER=0.0.0 \ | |
| --build-arg GIT_HASH=local-dev \ | |
| -t local-migrations-ci && cd ../.. | |
| docker run --rm --network host \ | |
| -e APP_CONNSTRING_HOST=127.0.0.1 \ | |
| -e APP_CONNSTRING_DB=golden_master_template \ | |
| -e APP_CONNSTRING_PORT=5432 \ | |
| -e APP_CONNSTRING_USERNAME=root \ | |
| -e APP_CONNSTRING_PASSWORD=root \ | |
| -e DATABASE_TYPE=postgresql \ | |
| -e GRATE_VERSION=0.0.0 \ | |
| local-migrations-ci | |
| # Second: Build and run admin API migrations (no volumes needed) | |
| cd migrations/production/admin.api && docker build . \ | |
| --build-arg CI_BUILD_NUMBER=ci-build \ | |
| --build-arg GIT_HASH=${{ github.sha }} \ | |
| -t admin-api-migrations-ci && cd ../../.. | |
| docker run --rm --network host \ | |
| -e APP_CONNSTRING_HOST=127.0.0.1 \ | |
| -e APP_CONNSTRING_DB=golden_master_template \ | |
| -e APP_CONNSTRING_PORT=5432 \ | |
| -e APP_CONNSTRING_USERNAME=root \ | |
| -e APP_CONNSTRING_PASSWORD=root \ | |
| -e DATABASE_TYPE=postgresql \ | |
| -e GRATE_VERSION=0.0.0 \ | |
| admin-api-migrations-ci | |
| # Run admin projections migrations | |
| cd migrations/production/admin.projections && docker build . \ | |
| --build-arg CI_BUILD_NUMBER=ci-build \ | |
| --build-arg GIT_HASH=${{ github.sha }} \ | |
| -t admin-projections-migrations-ci && cd ../../.. | |
| docker run --rm --network host \ | |
| -e APP_CONNSTRING_HOST=127.0.0.1 \ | |
| -e APP_CONNSTRING_DB=golden_master_template \ | |
| -e APP_CONNSTRING_PORT=5432 \ | |
| -e APP_CONNSTRING_USERNAME=root \ | |
| -e APP_CONNSTRING_PASSWORD=root \ | |
| -e DATABASE_TYPE=postgresql \ | |
| -e GRATE_VERSION=0.0.0 \ | |
| admin-projections-migrations-ci | |
| # Run public projections migrations (depends on admin-api, not admin-projections) | |
| cd migrations/production/public.projections && docker build . \ | |
| --build-arg CI_BUILD_NUMBER=ci-build \ | |
| --build-arg GIT_HASH=${{ github.sha }} \ | |
| -t public-projections-migrations-ci && cd ../../.. | |
| docker run --rm --network host \ | |
| -e APP_CONNSTRING_HOST=127.0.0.1 \ | |
| -e APP_CONNSTRING_DB=golden_master_template \ | |
| -e APP_CONNSTRING_PORT=5432 \ | |
| -e APP_CONNSTRING_USERNAME=root \ | |
| -e APP_CONNSTRING_PASSWORD=root \ | |
| -e DATABASE_TYPE=postgresql \ | |
| -e GRATE_VERSION=0.0.0 \ | |
| public-projections-migrations-ci | |
| # Run ACM API migrations (depends on admin-api, not public-projections) | |
| cd migrations/production/acm.api && docker build . \ | |
| --build-arg CI_BUILD_NUMBER=ci-build \ | |
| --build-arg GIT_HASH=${{ github.sha }} \ | |
| -t acm-api-migrations-ci && cd ../../.. | |
| docker run --rm --network host \ | |
| -e APP_CONNSTRING_HOST=127.0.0.1 \ | |
| -e APP_CONNSTRING_DB=golden_master_template \ | |
| -e APP_CONNSTRING_PORT=5432 \ | |
| -e APP_CONNSTRING_USERNAME=root \ | |
| -e APP_CONNSTRING_PASSWORD=root \ | |
| -e DATABASE_TYPE=postgresql \ | |
| -e GRATE_VERSION=0.0.0 \ | |
| acm-api-migrations-ci | |
| echo "Golden master template setup complete!" | |
| - name: Create verenigingsregister database from golden master template | |
| shell: bash | |
| run: | | |
| echo "Creating verenigingsregister database from golden master template..." | |
| docker exec db psql -U root -d postgres -c "DROP DATABASE IF EXISTS verenigingsregister WITH (FORCE);" | |
| docker exec db psql -U root -d postgres -c "CREATE DATABASE verenigingsregister WITH TEMPLATE golden_master_template;" | |
| echo "Successfully created verenigingsregister database from template" | |
| - name: Run all tests | |
| env: | |
| LIVEMAGDAOPTIONS__CLIENTCERTIFICATE: ${{ secrets.LIVEMAGDAOPTIONS_CLIENTCERTIFICATE }} | |
| LIVEMAGDAOPTIONS__CLIENTCERTIFICATEPASSWORD: ${{ secrets.LIVEMAGDAOPTIONS_CLIENTCERTIFICATEPASSWORD }} | |
| LIVEMAGDAOPTIONS__GEEFONDERNEMINGENDPOINT: ${{ secrets.LIVEMAGDAOPTIONS_GEEFONDERNEMINGENDPOINT }} | |
| LIVEMAGDAOPTIONS__AFZENDER: ${{ secrets.LIVEMAGDAOPTIONS_AFZENDER }} | |
| LIVEMAGDAOPTIONS__HOEDANIGHEID: ${{ secrets.LIVEMAGDAOPTIONS_HOEDANIGHEID }} | |
| LIVEMAGDAOPTIONS__ONTVANGER: ${{ secrets.LIVEMAGDAOPTIONS_ONTVANGER }} | |
| IGNORE_MAGDA_TESTS: ${{ secrets.LIVEMAGDAOPTIONS_CLIENTCERTIFICATE == '' && 'true' || 'false' }} | |
| run: | | |
| if [[ "${{matrix.projects}}" == "test/AssociationRegistry.Test.E2E" ]]; then | |
| dotnet test ${{matrix.projects}} --logger html -- -parallel none | |
| else | |
| dotnet test ${{matrix.projects}} --logger html | |
| fi | |
| # - name: Archive code coverage results | |
| # if: ${{ always() }} | |
| # uses: actions/upload-artifact@v4 | |
| # with: | |
| # name: test-report | |
| # path: ${{matrix.projects}}/TestResults/*.html | |
| - name: Shows logs ACM container | |
| if: ${{ failure() }} | |
| shell: bash | |
| run: | | |
| docker logs acm | |
| - name: Shows logs elasticsearch container | |
| if: ${{ failure() }} | |
| shell: bash | |
| run: | | |
| docker logs elasticsearch | |
| - name: Shows logs localstack container | |
| if: ${{ failure() }} | |
| shell: bash | |
| run: | | |
| docker logs localstack | |
| - name: Shows logs wiremock container | |
| if: ${{ failure() }} | |
| shell: bash | |
| run: | | |
| docker logs wiremock | |
| - name: Shows logs db container | |
| if: ${{ failure() }} | |
| shell: bash | |
| run: | | |
| docker logs db | |
| - name: Shows logs db otel | |
| if: ${{ failure() }} | |
| shell: bash | |
| run: | | |
| docker logs otel-collector | |
| notify: | |
| if: ${{ always() }} | |
| name: Notify slack | |
| runs-on: ubuntu-latest | |
| needs: [ run-tests ] | |
| steps: | |
| - name: Post to a Slack channel | |
| id: slack | |
| uses: slackapi/[email protected] | |
| with: | |
| # Slack channel id, channel name, or user id to post message. | |
| # See also: https://api.slack.com/methods/chat.postMessage#channels | |
| channel-id: ${{ secrets.SLACK_CHANNEL_ID }} | |
| # For posting a simple plain text message | |
| slack-message: "GitHub build result: ${{ job.status }}\n${{ github.event.pull_request.html_url || github.event.head_commit.url }}" | |
| env: | |
| SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} |