Skip to content

[TT-11896] Add OAS IPAccessControl #13295

[TT-11896] Add OAS IPAccessControl

[TT-11896] Add OAS IPAccessControl #13295

Workflow file for this run

# yamllint disable rule:line-length
---
name: CI tests
on:
pull_request:
branches:
- master
- release-**
types:
- opened
- reopened
- synchronize
- ready_for_review
push:
branches:
- master
- release-**
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.event_name == 'pull_request' }}
env:
PYTHON_VERSION: "3.11"
PROTOCOL_BUFFERS_PYTHON_IMPLEMENTATION: python
jobs:
golangci-lint:
runs-on: ubuntu-latest
if: ${{ !github.event.pull_request.draft }}
steps:
- name: "Checkout PR"
uses: TykTechnologies/github-actions/.github/actions/checkout-pr@main
with:
token: ${{ secrets.ORG_GH_TOKEN }}
- name: "Get base ref"
run: |
git fetch origin ${{ github.base_ref }}
git rev-parse origin/${{ github.base_ref }}
- name: Setup Golang
uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache-dependency-path: go.sum
- name: Cache
uses: actions/cache@v4
with:
path: |
~/.cache/golangci-lint
key: 'golangci-lint-${{ runner.os }}-${{ hashFiles(''**/go.sum'') }}'
restore-keys: |
golangci-lint-${{ runner.os }}-
- name: Setup CI Tooling
uses: shrink/actions-docker-extract@v3
with:
image: tykio/ci-tools:latest
path: /usr/local/bin/golangci-lint
destination: /usr/local/bin
- run: golangci-lint version && golangci-lint cache status
- name: golangci-lint
if: ${{ github.event_name == 'pull_request' }}
run: |
golangci-lint run --out-format colored-line-number,checkstyle:golangci-lint-report.json --issues-exit-code=0 --new-from-rev=origin/${{ github.base_ref }} -v ./...
- name: golangci-lint-on-push
if: ${{ github.event_name == 'push' }}
run: |
golangci-lint run --out-format checkstyle:golangci-lint-report.json --issues-exit-code=0 -v ./...
- uses: actions/upload-artifact@v4
if: ${{ always() }}
with:
name: golangcilint
retention-days: 1
path: |
golangci-lint-report.json
test:
name: Go ${{ matrix.go-version }} Redis ${{ matrix.redis-version }}
if: ${{ !github.event.pull_request.draft }}
needs: golangci-lint
# Runs on is pinned to a version that provides python 3.10.
# See: https://github.com/actions/runner-images?tab=readme-ov-file#available-images
# Avoid using ubuntu-latest as it would upgrade python unattended.
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
redis-version: [7]
go-version: [1.23.x]
env:
REDIS_IMAGE: redis:${{ matrix.redis-version }}
steps:
- name: Checkout Tyk
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.ref }}
# Regardless that the base image provides a python release, we need
# setup-python so it properly configures the python3-venv.
- name: Setup Python
uses: actions/setup-python@v5
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Print runtime python version
run: python3 -c 'import sys; print("%d.%d" % (sys.version_info[0], sys.version_info[1]))'
- name: Print runtime pip version
run: pip -V && pip3 -V
- name: Setup CI Tooling
uses: shrink/actions-docker-extract@v3
with:
image: tykio/ci-tools:latest
path: /usr/local/bin/.
destination: /usr/local/bin
- name: Setup Golang
uses: actions/setup-go@v5
with:
go-version-file: go.mod
cache-dependency-path: go.sum
- name: Install Dependencies and basic hygiene test
id: hygiene
run: |
sudo apt-get install libluajit-5.1-dev
python -m pip install --upgrade pip
pip install setuptools
pip install google
pip install 'protobuf==4.24.4'
task --version
task lint
git add --all
git diff HEAD > git-state.log
git_state_count=$(wc -l < git-state.log)
if [[ $git_state_count -ne 0 ]]
then
echo "git-state<<EOF" >> $GITHUB_OUTPUT
cat git-state.log >> $GITHUB_OUTPUT
echo "EOF" >> $GITHUB_OUTPUT
echo "task lint made git state dirty, please run task lint locally and update PR"
echo
cat git-state.log
exit 1
fi
- name: Bring up test services
run: task services:up
- name: Preflight Python tests
if: runner.debug == '1'
run: TYK_LOGLEVEL=debug go test -p 1 -parallel 1 -race -v ./dlpython ./coprocess/...
- name: Run Gateway Tests
id: ci-tests
run: |
task test:e2e-combined args="-race -timeout=15m"
task test:coverage
- uses: actions/upload-artifact@v4
if: ${{ always() }}
with:
name: coverage
retention-days: 1
path: coverage/gateway-all.cov
- uses: actions/upload-artifact@v4
if: ${{ always() }}
with:
name: testjson
retention-days: 1
path: coverage/gateway-all.json
sonar-cloud-analysis:
runs-on: ubuntu-latest
if: ${{ !github.event.pull_request.draft }}
needs: [test, golangci-lint]
steps:
- name: "Checkout repository"
uses: TykTechnologies/github-actions/.github/actions/checkout-pr@main
with:
token: ${{ secrets.ORG_GH_TOKEN }}
- name: Download coverage artifacts
uses: actions/download-artifact@v4
with:
name: coverage
- name: Download golangcilint artifacts
uses: actions/download-artifact@v4
with:
name: golangcilint
- name: Check reports existence
id: check_files
uses: andstor/file-existence-action@v3
with:
files: 'gateway-all.cov, golangci-lint-report.json'
fail: true
- name: Install Dependencies
env:
TOKEN: '${{ secrets.ORG_GH_TOKEN }}'
run: git config --global url."https://${TOKEN}@github.com".insteadOf "https://github.com"
- name: SonarCloud Scan
if: always()
uses: sonarsource/sonarcloud-github-action@master
with:
args: >
-Dsonar.organization=tyktechnologies
-Dsonar.projectKey=TykTechnologies_tyk
-Dsonar.sources=.
-Dsonar.exclusions=**/testdata/*,test/**,coprocess/**/*,ci/**,smoke-tests/**,apidef/oas/schema/schema.gen.go,templates/**
-Dsonar.coverage.exclusions=**/*_test.go,**/mock/*
-Dsonar.test.inclusions=**/*_test.go
-Dsonar.tests=.
-Dsonar.go.coverage.reportPaths=gateway-all.cov
-Dsonar.go.golangci-lint.reportPaths=golangci-lint-report.json
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}