-
Notifications
You must be signed in to change notification settings - Fork 20
175 lines (147 loc) · 5.67 KB
/
preflight.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
name: Preflight
on: [pull_request]
defaults:
run:
shell: bash
jobs:
check-commit-message:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Check commit message
run: |
errors=
readarray -t long_lines < \
<(git log -1 --pretty=format:%B ${{ github.event.pull_request.head.sha }} | grep -E '^.{73,}$')
if [[ ${#long_lines[@]} -ne 0 ]]; then
printf "ERROR: The following lines are longer than 72 characters:\n"
printf " > %s\n" "${long_lines[@]}"
errors=true
fi
if [[ $errors == true ]]; then
exit 2
fi
preflight:
runs-on: ubuntu-latest
timeout-minutes: 10
env:
REPORTS_DIR: .preflight-reports
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Checkout albs-sign-file repository
uses: actions/checkout@v4
with:
repository: AlmaLinux/albs-sign-file
path: albs-sign-file
- name: Set up Docker Buildx
# https://github.com/marketplace/actions/docker-setup-buildx
uses: docker/setup-buildx-action@v3
- name: Build Docker image
# https://github.com/marketplace/actions/build-and-push-docker-images
uses: docker/build-push-action@v5
with:
context: .
target: web-server-tests
load: true
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Get changed .py files
# https://github.com/marketplace/actions/paths-changes-filter
uses: dorny/paths-filter@v3
id: changed-files
with:
list-files: shell
filters: |
py:
- added|modified: '**/*.py'
src:
- added|modified: 'alws/**/*.py'
- added|modified: 'scripts/**/*.py'
- name: Prepare GPG key
run: |
mv albs-sign-file ../
bash tests/prepare_gpg_key.sh
- name: Prepare working directory
run: |
mkdir -p $REPORTS_DIR
mkdir -p ../{alts,albs-frontend,albs-node,albs-sign-node,alma-tests-cacher}
ln -sf tests/test-vars.env vars.env
- name: Start services
run: docker compose up -d test_db sign_file
- name: Run pylint
if: ${{ steps.changed-files.outputs.src == 'true' }}
run: |
docker compose run --rm web_server_tests bash -c "
pylint --exit-zero ${{ steps.changed-files.outputs.src_files }} \
| tee $REPORTS_DIR/pylint-report.txt"
- name: Run black
if: ${{ steps.changed-files.outputs.py == 'true' }}
run: |
docker compose run --rm web_server_tests bash -c "
black --check --diff --color ${{ steps.changed-files.outputs.py_files }} \
| tee >(sed 's/\x1B\[[0-9;]*m//g' > $REPORTS_DIR/black-report.txt)"
- name: Run isort
if: ${{ steps.changed-files.outputs.py == 'true' }}
run: |
docker compose run --rm web_server_tests bash -c "
isort --check-only --diff --color ${{ steps.changed-files.outputs.py_files }} \
| tee >(sed 's/\x1B\[[0-9;]*m//g' > $REPORTS_DIR/isort-report.txt)"
- name: Run bandit
if: ${{ steps.changed-files.outputs.src == 'true' }}
run: |
docker compose run --rm web_server_tests bash -c "
bandit -c pyproject.toml ${{ steps.changed-files.outputs.src_files }} \
| tee >(sed 's/\x1B\[[0-9;]*m//g' > $REPORTS_DIR/bandit-report.txt)"
- name: Run pytest
run: |
docker compose run --rm web_server_tests bash -o pipefail -c "
pytest -v --cov \
--junit-xml=$REPORTS_DIR/pytest-report.xml \
--cov-report=xml:$REPORTS_DIR/pytest-coverage.xml \
--cov-report=term | tee $REPORTS_DIR/pytest-output.txt"
- name: Check migrations
run: docker compose run --rm web_server_tests alembic --config tests/test-alembic.ini upgrade head
- name: Stop services
if: always()
run: docker compose down --volumes
- name: Generate .md reports
if: success() || failure()
run: |
awk 'NR == 1 {next}; /^-+ coverage:/ {exit}; {print}' $REPORTS_DIR/pytest-output.txt \
> $REPORTS_DIR/pytest-report.txt
awk '/^-+ coverage:/, /^TOTAL/' $REPORTS_DIR/pytest-output.txt \
> $REPORTS_DIR/coverage-report.txt
for tool in coverage pytest pylint black isort bandit; do
if [[ -s $REPORTS_DIR/${tool}-report.txt ]]; then
{
printf "<details><summary>${tool^} report</summary>\n"
printf '\n```\n'
cat $REPORTS_DIR/${tool}-report.txt
printf '\n```\n'
printf '\n</details>\n\n'
} > $REPORTS_DIR/${tool}-report.md
fi
done
- name: Save environment
if: success() || failure()
run: |
{
echo "PR_NUMBER=${{ github.event.number }}"
} > $REPORTS_DIR/environment.txt
- name: Upload Pytest reports
if: success() || failure()
# https://github.com/actions/upload-artifact
uses: actions/upload-artifact@v4
with:
name: preflight-reports
path: ${{ env.REPORTS_DIR }}
compression-level: 9
- name: Publish Job Summary
if: success() || failure()
run: |
cat $REPORTS_DIR/{coverage,pytest,pylint,black,isort,bandit}-report.md \
> $GITHUB_STEP_SUMMARY 2>/dev/null || true