druid/.github/workflows/cron-job-its.yml at master · TessaIO/druid · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

name: "Cron Job ITs"
on:
  schedule: # Runs by default on master branch
    - cron: '0 3 * * *' # Runs every day at 3:00 AM UTC
  pull_request:
    paths:
      - 'owasp-dependency-check-suppressions.xml'
    branches:
      - master
      - '[0-9]+.[0-9]+.[0-9]+' # release branches
      - '[0-9]+.[0-9]+.[0-9]+-[A-Za-z0-9]+' # release branches
  push:
    branches:
      - '[0-9]+.[0-9]+.[0-9]+' # release branches
      - '[0-9]+.[0-9]+.[0-9]+-[A-Za-z0-9]+' # release branches

jobs:
  build:
    if: (github.event_name == 'schedule' && github.repository == 'apache/druid')
    name: build (jdk17)
    runs-on: ubuntu-latest
    steps:
      - name: Checkout branch
        uses: actions/checkout@v4

      - name: setup java
        uses: actions/setup-java@v4
        with:
          java-version: '17'
          distribution: 'zulu'

      - name: Cache Maven m2 repository
        id: maven
        uses: actions/cache@v4
        with:
          path: ~/.m2/repository
          key: maven-${{ runner.os }}-17-${{ github.sha }}

      - name: Maven build
        id: maven_build
        run: |
          ./it.sh ci

  integration-index-tests-middleManager:
    strategy:
      fail-fast: false
      matrix:
        testing_group: [kafka-index, kafka-index-slow, kafka-transactional-index, kafka-transactional-index-slow, kafka-data-format, realtime-index, append-ingestion]
    uses: ./.github/workflows/reusable-standard-its.yml
    needs: build
    with:
      build_jdk: 17
      runtime_jdk: 17
      testing_groups: -Dgroups=${{ matrix.testing_group }}
      use_indexer: middleManager
      group: ${{ matrix.testing_group }}

  integration-index-tests-indexer:
    strategy:
      fail-fast: false
      matrix:
        testing_group: [ input-source, kafka-index, kafka-transactional-index, kafka-index-slow, kafka-transactional-index-slow, kafka-data-format, append-ingestion ]
    uses: ./.github/workflows/reusable-standard-its.yml
    needs: build
    with:
      build_jdk: 17
      runtime_jdk: 17
      testing_groups: -Dgroups=${{ matrix.testing_group }}
      use_indexer: indexer
      group: ${{ matrix.testing_group }}

  integration-query-tests-middleManager:
    strategy:
      fail-fast: false
      matrix:
        testing_group: [ query, security ]
    uses: ./.github/workflows/reusable-standard-its.yml
    needs: build
    with:
      build_jdk: 17
      runtime_jdk: 17
      testing_groups: -Dgroups=${{ matrix.testing_group }}
      use_indexer: middleManager
      override_config_path: ./environment-configs/test-groups/prepopulated-data
      group: ${{ matrix.testing_group }}

  security_vulnerabilities:
    if: github.repository == 'apache/druid'
    name: security vulnerabilities
    runs-on: ubuntu-latest
    steps:
      - name: Checkout branch
        uses: actions/checkout@v4

      - name: setup java
        uses: actions/setup-java@v4
        with:
          java-version: '17'
          distribution: 'zulu'
          cache: maven

      - name: maven build # needed to rebuild in case of maven snapshot resolution fails
        run: mvn clean install -P dist -P skip-static-checks,skip-tests -Dmaven.javadoc.skip=true -Dcyclonedx.skip=true -Dweb.console.skip=true

      - name: security vulnerabilities check
        run: |
          mvn dependency-check:purge dependency-check:check || { echo "
          The OWASP dependency check has found security vulnerabilities. Please use a newer version
          of the dependency that does not have vulnerabilities. To see a report run
          `mvn dependency-check:check`
          If the analysis has false positives,
          they can be suppressed by adding entries to owasp-dependency-check-suppressions.xml (for more
          information, see https://jeremylong.github.io/DependencyCheck/general/suppression.html).
          " && false; }