chore(deps): bump tar from 7.4.3 to 7.5.11 #41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Router CI | |
| on: | |
| pull_request: | |
| paths: | |
| - 'pnpm-lock.yaml' | |
| - 'composition-go/**/*' | |
| - 'demo/**/*' | |
| - 'router/**/*' | |
| - 'router-tests/**/*' | |
| - 'connect/**/*' | |
| - '.github/workflows/router-ci.yaml' | |
| concurrency: | |
| group: ${{github.workflow}}-${{github.head_ref}} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read # for actions/checkout to fetch code | |
| pull-requests: write # required for adding pull request comments | |
| packages: write # required for publishing packages | |
| env: | |
| CI: true | |
| ROUTER_REGISTRATION: false | |
| DO_NOT_TRACK: '1' | |
| # Both jobs need to kept in sync. We need to distinguish between forks and people with write access to the repository. | |
| jobs: | |
| # Runs for forks without access to repository secrets | |
| build_test_fork: | |
| if: github.event.pull_request.head.repo.full_name != github.repository | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/go | |
| with: | |
| cache-dependency-path: | | |
| router/go.sum | |
| router-tests/go.sum | |
| demo/go.sum | |
| - uses: ./.github/actions/go-mod-tidy | |
| with: | |
| working-directory: ./router | |
| - name: Install tools | |
| run: make setup-build-tools | |
| - name: Generate code | |
| run: make generate-go | |
| - name: Check if git is not dirty after generating files | |
| run: git diff --no-ext-diff --exit-code | |
| - name: Install dependencies | |
| working-directory: ./router | |
| run: go mod download | |
| - name: Run linters on router-tests | |
| uses: ./.github/actions/go-linter | |
| with: | |
| working-directory: ./router-tests | |
| - name: Run linters on router | |
| uses: ./.github/actions/go-linter | |
| with: | |
| working-directory: ./router | |
| - name: Test | |
| working-directory: ./router | |
| run: make test | |
| - name: Build | |
| working-directory: ./router | |
| run: make build | |
| # Runs for forks to test docker image is building | |
| build_image_fork: | |
| if: github.event.pull_request.head.repo.full_name != github.repository | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| strategy: | |
| matrix: | |
| docker_build_target: [ '', 'nonroot' ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/build-push-image | |
| with: | |
| docker_context: router | |
| dockerfile: router/Dockerfile | |
| docker_build_target: ${{ matrix.docker_build_target }} | |
| token: ${{secrets.GITHUB_TOKEN}} | |
| image_name: router | |
| image_description: 'Cosmo Router' | |
| push: 'false' | |
| # Runs for people with write access to the repository | |
| # that have access to the secrets | |
| build_test: | |
| if: github.event.pull_request.head.repo.full_name == github.repository | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Log in to Docker Container registry (With write access) | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: docker.io | |
| username: ${{secrets.DOCKER_USERNAME}} | |
| password: ${{secrets.DOCKER_PASSWORD}} | |
| - uses: ./.github/actions/go | |
| with: | |
| cache-dependency-path: | | |
| router/go.sum | |
| router-tests/go.sum | |
| demo/go.sum | |
| - uses: ./.github/actions/go-mod-tidy | |
| with: | |
| working-directory: ./router | |
| - name: Install tools | |
| run: make setup-build-tools | |
| - name: Generate code | |
| run: make generate-go | |
| - name: Check if git is not dirty after generating files | |
| run: git diff --no-ext-diff --exit-code | |
| - name: Install dependencies | |
| working-directory: ./router | |
| run: go mod download | |
| - name: Run linters on router-tests | |
| uses: ./.github/actions/go-linter | |
| with: | |
| working-directory: ./router-tests | |
| - name: Run linters on router | |
| uses: ./.github/actions/go-linter | |
| with: | |
| working-directory: ./router | |
| - name: Test | |
| working-directory: ./router | |
| run: make test | |
| - name: Build | |
| working-directory: ./router | |
| run: make build | |
| integration_test: | |
| runs-on: ubuntu-latest-l | |
| timeout-minutes: 30 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| test_target: | |
| [ | |
| './. ./fuzzquery ./lifecycle ./modules', | |
| './telemetry', | |
| './events', | |
| ] | |
| services: | |
| nats: | |
| image: ghcr.io/wundergraph/cosmo/nats:2.11.0-alpine | |
| options: >- | |
| --health-cmd "curl -f http://localhost:8222/healthz" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 4222:4222 | |
| - 8222:8222 | |
| - 6222:6222 | |
| redis: | |
| image: redis:7 | |
| # Set health checks to wait until redis has started | |
| options: >- | |
| --health-cmd "redis-cli ping" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| credentials: | |
| username: ${{secrets.DOCKER_USERNAME}} | |
| password: ${{secrets.DOCKER_PASSWORD}} | |
| ports: | |
| - 6379:6379 | |
| kafka: | |
| image: bitnami/kafka:3.7.0 | |
| options: >- | |
| --health-cmd "kafka-broker-api-versions.sh --version" | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| env: | |
| KAFKA_ENABLE_KRAFT: yes | |
| KAFKA_CFG_PROCESS_ROLES: controller,broker | |
| KAFKA_CFG_CONTROLLER_LISTENER_NAMES: CONTROLLER | |
| KAFKA_CFG_LISTENERS: PLAINTEXT://:9092,CONTROLLER://:9093 | |
| KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:PLAINTEXT,PLAINTEXT:PLAINTEXT | |
| KAFKA_CFG_CONTROLLER_QUORUM_VOTERS: 1@localhost:9093 | |
| KAFKA_CFG_TRANSACTION_PARTITION_VERIFICATION_ENABLE: false | |
| KAFKA_CFG_ADVERTISED_LISTENERS: PLAINTEXT://localhost:9092 | |
| KAFKA_CFG_NODE_ID: 1 | |
| ALLOW_PLAINTEXT_LISTENER: yes | |
| KAFKA_KRAFT_CLUSTER_ID: XkpGZQ27R3eTl3OdTm2LYA # 16 byte base64-encoded UUID | |
| ports: | |
| - '9092:9092' | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/go | |
| with: | |
| cache-dependency-path: | | |
| router-tests/go.sum | |
| - name: Install tools | |
| run: make setup-build-tools | |
| - name: Install dependencies | |
| working-directory: ./router-tests | |
| run: go mod download | |
| - name: Setup Redis Cluster (for Cluster tests) | |
| uses: vishnudxb/redis-cluster@1.0.9 | |
| with: | |
| master1-port: 7001 | |
| master2-port: 7002 | |
| master3-port: 7003 | |
| slave1-port: 7004 | |
| slave2-port: 7005 | |
| slave3-port: 7006 | |
| sleep-duration: 5 | |
| - name: Configure Redis Authentication & ACL | |
| run: | | |
| sudo apt-get install -y redis-tools | |
| docker ps -a | |
| # Set a password for each master node | |
| for port in 7001 7002 7003; do | |
| redis-cli -h 127.0.0.1 -p $port ACL SETUSER cosmo on ">test" "~*" "+@all" | |
| redis-cli -u "redis://cosmo:test@127.0.0.1:$port" ping | |
| echo "ACL user 'cosmo' created with full access on port $port" | |
| done | |
| - name: Run Integration tests ${{ matrix.test_target }} | |
| working-directory: ./router-tests | |
| run: make test test_params="-run '^Test[^(Flaky)]' --timeout=5m -p 1 --parallel 10" test_target="${{ matrix.test_target }}" | |
| - name: Run Flaky Integration tests ${{ matrix.test_target }} | |
| uses: nick-fields/retry@v3 | |
| with: | |
| timeout_minutes: 30 | |
| max_attempts: 5 | |
| retry_wait_seconds: 5 | |
| retry_on: error | |
| command: | | |
| cd router-tests | |
| make test test_params="-run '^TestFlaky' --timeout=5m --parallel 1" test_target="${{ matrix.test_target }}" | |
| image_scan: | |
| if: github.event.pull_request.head.repo.full_name == github.repository | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| strategy: | |
| matrix: | |
| docker_build_target: [ '', 'nonroot' ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/build-push-image | |
| id: docker_build | |
| with: | |
| docker_username: ${{secrets.DOCKER_USERNAME}} | |
| docker_password: ${{secrets.DOCKER_PASSWORD}} | |
| docker_context: router | |
| dockerfile: router/Dockerfile | |
| docker_build_target: ${{ matrix.docker_build_target }} | |
| token: ${{secrets.GITHUB_TOKEN}} | |
| image_name: router | |
| image_description: 'Cosmo Router' | |
| image_platforms: 'linux/amd64' | |
| load_Image: 'true' | |
| push: 'false' | |
| - uses: ./.github/actions/image-scan | |
| with: | |
| name: ${{ matrix.docker_build_target != '' && format('Router-{0}', matrix.docker_build_target) || 'Router' }} | |
| github_token: ${{secrets.GITHUB_TOKEN}} | |
| image_ref: ${{ steps.docker_build.outputs.image_ref }}${{ matrix.docker_build_target != '' && format('-{0}', matrix.docker_build_target) || '' }} | |
| build_push_image: | |
| # This is a limitation of GitHub. Only organization members can push to GitHub Container Registry | |
| # For now, we will disable the push to the GitHub Container Registry for external contributors | |
| if: github.event.pull_request.head.repo.full_name == github.repository | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| strategy: | |
| matrix: | |
| docker_build_target: [ '', 'nonroot' ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/build-push-image | |
| with: | |
| docker_username: ${{secrets.DOCKER_USERNAME}} | |
| docker_password: ${{secrets.DOCKER_PASSWORD}} | |
| docker_context: router | |
| dockerfile: router/Dockerfile | |
| docker_build_target: ${{ matrix.docker_build_target }} | |
| token: ${{secrets.GITHUB_TOKEN}} | |
| image_name: router | |
| image_description: 'Cosmo Router' |