chore(deps): bump the frequent group across 1 directory with 3 updates #28800
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Tests | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - main | |
| - "release/*" | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.sha }} | |
| cancel-in-progress: true | |
| env: | |
| FBLA_SRCHYDRATION_TEST_DATA: ${{ secrets.FBLA_SRCHYDRATION_TEST_DATA }} | |
| permissions: | |
| contents: read # Required for actions/checkout | |
| jobs: | |
| integration: | |
| name: Integration | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| strategy: | |
| matrix: | |
| FEATURES: [ oss ,enterprise ] | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 | |
| with: | |
| role-to-assume: ${{ vars.AWS_ECR_READ_ONLY_IAM_ROLE_ARN }} | |
| aws-region: ${{ vars.AWS_ECR_REGION }} | |
| role-session-name: ${{ github.event.repository.name }} | |
| - name: Login to ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1 | |
| - name: Unset AWS Credentials | |
| run: | | |
| echo "AWS_ACCESS_KEY_ID=" >> $GITHUB_ENV | |
| echo "AWS_SECRET_ACCESS_KEY=" >> $GITHUB_ENV | |
| echo "AWS_SESSION_TOKEN=" >> $GITHUB_ENV | |
| echo "AWS_REGION=" >> $GITHUB_ENV | |
| echo "AWS_DEFAULT_REGION=" >> $GITHUB_ENV | |
| - name: Disable IPv6 (temporary fix) | |
| run: | | |
| sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 | |
| sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1 | |
| - name: Checkout | |
| uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - run: go version | |
| - run: go mod download # Not required, used to segregate module download vs test times | |
| - name: enterprise | |
| if: matrix.FEATURES == 'enterprise' | |
| run: go test -v ./integration_test/docker_test/docker_test.go -count 1 | |
| env: | |
| ENTERPRISE_TOKEN: ${{ secrets.ENTERPRISE_TOKEN }} | |
| DOCKERHUB_REGISTRY_MIRROR: 422074288268.dkr.ecr.us-east-1.amazonaws.com/docker-hub | |
| DOCKERHUB_REGISTRY_MIRROR_USERNAME: ${{ steps.login-ecr.outputs.docker_username_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| DOCKERHUB_REGISTRY_MIRROR_PASSWORD: ${{ steps.login-ecr.outputs.docker_password_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| - name: oss | |
| if: matrix.FEATURES == 'oss' | |
| run: go test -v ./integration_test/docker_test/docker_test.go -count 1 | |
| env: | |
| RSERVER_ENABLE_MULTITENANCY: false | |
| DOCKERHUB_REGISTRY_MIRROR: 422074288268.dkr.ecr.us-east-1.amazonaws.com/docker-hub | |
| DOCKERHUB_REGISTRY_MIRROR_USERNAME: ${{ steps.login-ecr.outputs.docker_username_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| DOCKERHUB_REGISTRY_MIRROR_PASSWORD: ${{ steps.login-ecr.outputs.docker_password_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| warehouse-integration: | |
| name: Warehouse Integration | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| destination: [ bigquery, clickhouse, datalake, deltalake, mssql, azure-synapse, postgres, redshift, snowflake ] | |
| include: | |
| - package: warehouse/integrations/bigquery | |
| destination: bigquery | |
| - package: warehouse/integrations/clickhouse | |
| destination: clickhouse | |
| - package: warehouse/integrations/datalake | |
| destination: datalake | |
| - package: warehouse/integrations/deltalake | |
| destination: deltalake | |
| - package: warehouse/integrations/mssql | |
| destination: mssql | |
| - package: warehouse/integrations/azure-synapse | |
| destination: azure-synapse | |
| - package: warehouse/integrations/postgres | |
| destination: postgres | |
| - package: warehouse/integrations/redshift | |
| destination: redshift | |
| - package: warehouse/integrations/snowflake | |
| destination: snowflake | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 | |
| with: | |
| role-to-assume: ${{ vars.AWS_ECR_READ_ONLY_IAM_ROLE_ARN }} | |
| aws-region: ${{ vars.AWS_ECR_REGION }} | |
| role-session-name: ${{ github.event.repository.name }} | |
| - name: Login to ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1 | |
| - name: Unset AWS Credentials | |
| run: | | |
| echo "AWS_ACCESS_KEY_ID=" >> $GITHUB_ENV | |
| echo "AWS_SECRET_ACCESS_KEY=" >> $GITHUB_ENV | |
| echo "AWS_SESSION_TOKEN=" >> $GITHUB_ENV | |
| echo "AWS_REGION=" >> $GITHUB_ENV | |
| echo "AWS_DEFAULT_REGION=" >> $GITHUB_ENV | |
| - name: Configure Docker registry mirror | |
| run: | | |
| echo '{ | |
| "registry-mirrors": ["https://422074288268.dkr.ecr.us-east-1.amazonaws.com/docker-hub"] | |
| }' | sudo tee /etc/docker/daemon.json | |
| sudo systemctl restart docker | |
| docker info | grep -iA 1 mirror | |
| - name: Disable IPv6 (temporary fix) | |
| run: | | |
| sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 | |
| sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1 | |
| - name: Checkout | |
| uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - name: Setup Go | |
| uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - run: go version | |
| - run: go mod download # Not required, used to segregate module download vs test times | |
| - name: Set Redshift Ginkgo AWS Credentials | |
| if: matrix.destination == 'redshift' | |
| run: | | |
| echo "Setting Redshift Ginkgo AWS Credentials..." | |
| echo "AWS_ACCESS_KEY_ID=${{ secrets.AWS_REDSHIFT_GINKGO_ACCESS_KEY_ID }}" >> $GITHUB_ENV | |
| echo "AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_REDSHIFT_GINKGO_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV | |
| - name: Warehouse Service Integration [ ${{ matrix.destination }} ] | |
| run: make test-warehouse package=${{ matrix.package }} | |
| env: | |
| BIGQUERY_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.BIGQUERY_INTEGRATION_TEST_CREDENTIALS }} | |
| DATABRICKS_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.DATABRICKS_INTEGRATION_TEST_CREDENTIALS }} | |
| REDSHIFT_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.REDSHIFT_INTEGRATION_TEST_CREDENTIALS }} | |
| REDSHIFT_IAM_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.REDSHIFT_IAM_INTEGRATION_TEST_CREDENTIALS }} | |
| REDSHIFT_SERVERLESS_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.REDSHIFT_SERVERLESS_INTEGRATION_TEST_CREDENTIALS }} | |
| REDSHIFT_SERVERLESS_IAM_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.REDSHIFT_SERVERLESS_IAM_INTEGRATION_TEST_CREDENTIALS }} | |
| SNOWFLAKE_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.SNOWFLAKE_INTEGRATION_TEST_CREDENTIALS }} | |
| SNOWFLAKE_RBAC_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.SNOWFLAKE_RBAC_INTEGRATION_TEST_CREDENTIALS }} | |
| SNOWFLAKE_KEYPAIR_UNENCRYPTED_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.SNOWFLAKE_KEYPAIR_UNENCRYPTED_INTEGRATION_TEST_CREDENTIALS }} | |
| RSERVER_FILE_MANAGER_USE_AWS_SDK_V2: "true" | |
| DOCKERHUB_REGISTRY_MIRROR: 422074288268.dkr.ecr.us-east-1.amazonaws.com/docker-hub | |
| DOCKERHUB_REGISTRY_MIRROR_USERNAME: ${{ steps.login-ecr.outputs.docker_username_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| DOCKERHUB_REGISTRY_MIRROR_PASSWORD: ${{ steps.login-ecr.outputs.docker_password_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| RACE_ENABLED: "true" | |
| FORCE_RUN_INTEGRATION_TESTS: "true" | |
| - name: Upload coverage report | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: ${{ matrix.destination }} | |
| path: coverage.txt | |
| unit: | |
| name: Unit | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 | |
| with: | |
| role-to-assume: ${{ vars.AWS_ECR_READ_ONLY_IAM_ROLE_ARN }} | |
| aws-region: ${{ vars.AWS_ECR_REGION }} | |
| role-session-name: ${{ github.event.repository.name }} | |
| - name: Login to ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1 | |
| - name: Unset AWS Credentials | |
| run: | | |
| echo "AWS_ACCESS_KEY_ID=" >> $GITHUB_ENV | |
| echo "AWS_SECRET_ACCESS_KEY=" >> $GITHUB_ENV | |
| echo "AWS_SESSION_TOKEN=" >> $GITHUB_ENV | |
| echo "AWS_REGION=" >> $GITHUB_ENV | |
| echo "AWS_DEFAULT_REGION=" >> $GITHUB_ENV | |
| - name: Disable IPv6 (temporary fix) | |
| run: | | |
| sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 | |
| sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1 | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - run: go version | |
| - run: go mod download # Not required, used to segregate module download vs test times | |
| - name: tests | |
| run: make test exclude="/rudder-server/(cluster|jobsdb|integration_test|processor|regulation-worker|router|services|suppression-backup-service|warehouse)" | |
| env: | |
| RSERVER_PROCESSOR_ENABLE_CONCURRENT_STORE: "true" | |
| DOCKERHUB_REGISTRY_MIRROR: 422074288268.dkr.ecr.us-east-1.amazonaws.com/docker-hub | |
| DOCKERHUB_REGISTRY_MIRROR_USERNAME: ${{ steps.login-ecr.outputs.docker_username_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| DOCKERHUB_REGISTRY_MIRROR_PASSWORD: ${{ steps.login-ecr.outputs.docker_password_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| FORCE_RUN_INTEGRATION_TESTS: "true" | |
| - name: Upload coverage report | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: unit | |
| path: coverage.txt | |
| package-unit: | |
| name: Package Unit | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: read | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| package: | |
| - cluster | |
| - jobsdb | |
| - integration_test/backendconfigunavailability | |
| - integration_test/docker_test | |
| - integration_test/multi_tenant_test | |
| - integration_test/partitionmigration | |
| - integration_test/reporting_dropped_events | |
| - integration_test/reporting_error_index | |
| - integration_test/warehouse | |
| - integration_test/retl_test | |
| - integration_test/snowpipestreaming | |
| - integration_test/srchydration | |
| - integration_test/tracing | |
| - integration_test/trackedusersreporting | |
| - integration_test/pytransformer_contract | |
| - integration_test/transformer_contract | |
| - processor | |
| - regulation-worker | |
| - router | |
| - services | |
| - services/rsources | |
| - services/dedup | |
| - suppression-backup-service | |
| - warehouse | |
| include: | |
| - package: services | |
| exclude: services/rsources | |
| - package: services | |
| exclude: services/dedup | |
| - package: warehouse | |
| race: true | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@a03048d87541d1d9fcf2ecf528a4a65ba9bd7838 # v5.0.0 | |
| with: | |
| role-to-assume: ${{ vars.AWS_ECR_READ_ONLY_IAM_ROLE_ARN }} | |
| aws-region: ${{ vars.AWS_ECR_REGION }} | |
| role-session-name: ${{ github.event.repository.name }} | |
| - name: Login to ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076 # v2.0.1 | |
| - name: Unset AWS Credentials | |
| run: | | |
| echo "AWS_ACCESS_KEY_ID=" >> $GITHUB_ENV | |
| echo "AWS_SECRET_ACCESS_KEY=" >> $GITHUB_ENV | |
| echo "AWS_SESSION_TOKEN=" >> $GITHUB_ENV | |
| echo "AWS_REGION=" >> $GITHUB_ENV | |
| echo "AWS_DEFAULT_REGION=" >> $GITHUB_ENV | |
| - name: Disable IPv6 (temporary fix) | |
| if: matrix.package != 'services/dedup' | |
| run: | | |
| sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 | |
| sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1 | |
| - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - run: go version | |
| - run: go mod download | |
| - name: Package Unit [ ${{ matrix.package }} ] | |
| env: | |
| TEST_KAFKA_CONFLUENT_CLOUD_HOST: ${{ secrets.TEST_KAFKA_CONFLUENT_CLOUD_HOST }} | |
| TEST_KAFKA_CONFLUENT_CLOUD_KEY: ${{ secrets.TEST_KAFKA_CONFLUENT_CLOUD_KEY }} | |
| TEST_KAFKA_CONFLUENT_CLOUD_SECRET: ${{ secrets.TEST_KAFKA_CONFLUENT_CLOUD_SECRET }} | |
| TEST_KAFKA_AZURE_EVENT_HUBS_CLOUD_HOST: ${{ secrets.TEST_KAFKA_AZURE_EVENT_HUBS_CLOUD_HOST }} | |
| TEST_KAFKA_AZURE_EVENT_HUBS_CLOUD_EVENTHUB_NAME: ${{ secrets.TEST_KAFKA_AZURE_EVENT_HUBS_CLOUD_EVENTHUB_NAME }} | |
| TEST_KAFKA_AZURE_EVENT_HUBS_CLOUD_CONNECTION_STRING: ${{ secrets.TEST_KAFKA_AZURE_EVENT_HUBS_CLOUD_CONNECTION_STRING }} | |
| TEST_S3_DATALAKE_CREDENTIALS: ${{ secrets.TEST_S3_DATALAKE_CREDENTIALS }} | |
| BIGQUERY_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.BIGQUERY_INTEGRATION_TEST_CREDENTIALS }} | |
| SNOWPIPE_STREAMING_KEYPAIR_UNENCRYPTED_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.SNOWPIPE_STREAMING_KEYPAIR_UNENCRYPTED_INTEGRATION_TEST_CREDENTIALS }} | |
| SNOWPIPE_STREAMING_KEYPAIR_ENCRYPTED_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.SNOWPIPE_STREAMING_KEYPAIR_ENCRYPTED_INTEGRATION_TEST_CREDENTIALS }} | |
| SNOWFLAKE_PRIVILEGE_INTEGRATION_TEST_CREDENTIALS: ${{ secrets.SNOWFLAKE_PRIVILEGE_INTEGRATION_TEST_CREDENTIALS }} | |
| RSERVER_PROCESSOR_ENABLE_CONCURRENT_STORE: "true" | |
| DOCKERHUB_REGISTRY_MIRROR: 422074288268.dkr.ecr.us-east-1.amazonaws.com/docker-hub | |
| DOCKERHUB_REGISTRY_MIRROR_USERNAME: ${{ steps.login-ecr.outputs.docker_username_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| DOCKERHUB_REGISTRY_MIRROR_PASSWORD: ${{ steps.login-ecr.outputs.docker_password_422074288268_dkr_ecr_us_east_1_amazonaws_com }} | |
| RACE_ENABLED: ${{ matrix.race || false }} | |
| RSERVER_OAUTH_TEST_CREDENTIALS: ${{ secrets.RSERVER_OAUTH_TEST_CREDENTIALS }} | |
| FORCE_RUN_INTEGRATION_TESTS: "true" | |
| run: make test exclude="${{ matrix.exclude }}" package=${{ matrix.package }} | |
| - name: Sanitize name for Artifact | |
| run: | | |
| name=$(echo -n "${{ matrix.package }}" | sed -e 's/[ \t:\/\\"<>|*?]/-/g' -e 's/--*/-/g') | |
| echo "ARTIFACT_NAME=$name" >> $GITHUB_ENV | |
| - name: Upload coverage report | |
| uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 | |
| with: | |
| name: ${{ env.ARTIFACT_NAME }}-unit | |
| path: coverage.txt | |
| coverage: | |
| name: Coverage | |
| runs-on: ubuntu-latest | |
| needs: | |
| - warehouse-integration | |
| - unit | |
| - package-unit | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 | |
| - name: Setup Go | |
| uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 | |
| with: | |
| go-version-file: 'go.mod' | |
| - name: Download coverage reports | |
| uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 | |
| - name: Merge Coverage | |
| run: | | |
| go install github.com/wadey/gocovmerge@latest | |
| gocovmerge */coverage.txt > coverage.txt | |
| - uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 | |
| with: | |
| fail_ci_if_error: true | |
| files: ./coverage.txt | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| all-green: | |
| name: All | |
| if: always() | |
| runs-on: ubuntu-latest | |
| needs: | |
| - integration | |
| - warehouse-integration | |
| - unit | |
| - package-unit | |
| steps: | |
| - name: Harden the runner (Audit all outbound calls) | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - uses: re-actors/alls-green@05ac9388f0aebcb5727afa17fcccfecd6f8ec5fe # v1.2.2 | |
| with: | |
| jobs: ${{ toJSON(needs) }} |