generated from pagopa/pagopa-functions-template
-
Notifications
You must be signed in to change notification settings - Fork 0
185 lines (162 loc) · 5.63 KB
/
code_review.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
name: Code Review
# Controls when the workflow will run
on:
pull_request:
branches:
- main
types:
- opened
- synchronize
- reopened
push:
branches:
- main
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
PROJECT_KEY: pagopa_pagopa-pdf-engine
permissions:
id-token: write
contents: read
deployments: write
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
code-review-java:
name: Code Review Java
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/[email protected]
- name: Code Review
uses: ./.github/maven_code_review
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
sonar_token: ${{ secrets.SONAR_TOKEN }}
project_key: ${{env.PROJECT_KEY}}
jdk_version: 17
maven_version: 3.9.3
coverage_exclusions: "**/config/*,**/*Mock*,**/model/**,**/entity/*,**/producer/**,**/enumeration/**"
cpd_exclusions: "**/model/**,**/entity/*"
code-review-node:
name: Code Review Node
runs-on: ubuntu-latest
steps:
- name: Checkout source code
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v1
with:
node-version: 20
- name: Install dependencies
run: yarn --cwd ./node install
- name: Start Node Server
run: yarn --cwd ./node run start-detached
- name: Run tests
run: yarn --cwd ./node run test:coverage
- name: SonarQube Scan
if: ${{ github.event_name == 'pull_request' }}
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: https://sonarcloud.io
GITHUB_TOKEN: ${{ inputs.github_token }}
with:
projectBaseDir: ./node
args: >
-Dsonar.organization=pagopa
-Dsonar.projectKey=${{ env.PROJECT_KEY }}
-Dsonar.javascript.lcov.reportPaths=./node/coverage/lcov-report/lcov.info
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.login=${{ inputs.sonar_token }}
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
-Dsonar.pullrequest.branch=${{ github.head_ref }}
-Dsonar.pullrequest.base=${{ github.base_ref }}
- name: SonarQube Scan
if: ${{ github.event_name != 'pull_request' }}
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: https://sonarcloud.io
GITHUB_TOKEN: ${{ inputs.github_token }}
with:
projectBaseDir: ./node
args: >
-Dsonar.organization=pagopa
-Dsonar.projectKey=${{ env.PROJECT_KEY }}
-Dsonar.javascript.lcov.reportPaths=./node/coverage/lcov-report/lcov.info
-Dsonar.branch.name=${{ github.head_ref }}
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.login=${{ inputs.sonar_token }}
smoke-test:
name: Smoke Test
runs-on: ubuntu-latest
environment:
name: dev
steps:
- name: Checkout
id: checkout
uses: actions/checkout@1f9a0c22da41e6ebfa534300ef656657ea2c6707
- name: Login
id: login
# from https://github.com/Azure/login/commits/master
uses: azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
with:
client-id: ${{ secrets.CLIENT_ID }}
tenant-id: ${{ secrets.TENANT_ID }}
subscription-id: ${{ secrets.SUBSCRIPTION_ID }}
- name: Run Service on Docker
shell: bash
id: run_service_docker
run: |
cd ./docker
chmod +x ./run_docker.sh
./run_docker.sh local
- name: Run Integration Tests
shell: bash
id: run_integration_test
run: |
export SUBKEY=${{ secrets.SUBKEY }}
export CANARY=${{ inputs.canary }}
export CUCUMBER_PUBLISH_TOKEN=${{ secrets.CUCUMBER_PUBLISH_TOKEN }}
cd ./integration-test
chmod +x ./run_integration_test.sh
./run_integration_test.sh local
delete_github_deployments:
runs-on: ubuntu-latest
needs: smoke-test
if: ${{ always() }}
steps:
- name: Dump GitHub context
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: echo "$GITHUB_CONTEXT"
- name: Delete Previous deployments
uses: actions/github-script@v6
env:
SHA_HEAD: ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.sha) || github.sha}}
with:
script: |
const { SHA_HEAD } = process.env
const deployments = await github.rest.repos.listDeployments({
owner: context.repo.owner,
repo: context.repo.repo,
sha: SHA_HEAD
});
await Promise.all(
deployments.data.map(async (deployment) => {
await github.rest.repos.createDeploymentStatus({
owner: context.repo.owner,
repo: context.repo.repo,
deployment_id: deployment.id,
state: 'inactive'
});
return github.rest.repos.deleteDeployment({
owner: context.repo.owner,
repo: context.repo.repo,
deployment_id: deployment.id
});
})
);