-
Notifications
You must be signed in to change notification settings - Fork 7
120 lines (114 loc) · 5.12 KB
/
on-code-change.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
# This workflow is triggered every time a change is pushed to any branches
# Github actions command reference: https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
name: On Code Change (PR)
# The workflow could also be triggered on PRs
on:
pull_request:
types: [opened, reopened, synchronize]
jobs:
update-signature:
name: Update module signature
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: jahia/jahia-modules-action/update-signature@v2
with:
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
nexus_enterprise_releases_url: ${{ secrets.NEXUS_ENTERPRISE_RELEASES_URL }}
static-analysis:
name: Static Analysis (linting, vulns)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: Jahia/jahia-modules-action/static-analysis@v2
with:
node_version: 18
auditci_level: critical
build:
name: Build Module
needs: update-signature
runs-on: ubuntu-latest
container:
image: jahia/cimg-mvn-cache:ga_cimg_openjdk_11.0.20-node
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
steps:
- uses: actions/checkout@v4
- uses: jahia/jahia-modules-action/build@v2
with:
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
module_id: siteSettings
sonar-analysis:
name: Sonar Analysis
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: jahia/jahia-modules-action/sonar-analysis@v2
with:
primary_release_branch: master
github_pr_id: ${{github.event.number}}
sonar_url: ${{ secrets.SONAR_URL }}
sonar_token: ${{ secrets.SONAR_TOKEN }}
integration-tests:
name: Integration Tests
needs: build
# Use self-hosted if you want to run on our own runners
# you would typically want to use self-hosted runners for integration tests
runs-on: self-hosted
# Timeout is important as it forces the job to fail if it hangs for any reason,
# If not specified it will be left running until workflow run limit is reached (72h)
timeout-minutes: 45
steps:
# The helper is used to print instructions, such as how to connect to the runner.
# It should be defined as a workflow step (vs a step in an action itself) since some
# annotations are only posted upon completion of the step (i.e. you'd only see
# the connection instructions annotation posted once the integration tests are done)
- uses: jahia/jahia-modules-action/helper@v2
- uses: actions/checkout@v4
- uses: KengoTODA/actions-setup-docker-compose@main
with:
version: "1.29.2"
- uses: actions/setup-node@v4
with:
node-version: "lts/*"
- uses: jahia/jahia-modules-action/integration-tests@v2
with:
module_id: siteSettings
testrail_project: Site Settings Module
jahia_artifact_name: Integration-Tests-Standalone
tests_manifest: provisioning-manifest-build.yml
jahia_image: jahia/jahia-ee-dev:8-SNAPSHOT
should_use_build_artifacts: true
github_artifact_name: siteSettings-${{ github.run_number }}
jahia_artifact_name: siteSettings-${{ github.run_number }}
bastion_ssh_private_key: ${{ secrets.BASTION_SSH_PRIVATE_KEY_JAHIACI }}
jahia_license: ${{ secrets.JAHIA_LICENSE_8X_FULL }}
docker_username: ${{ secrets.DOCKERHUB_USERNAME }}
docker_password: ${{ secrets.DOCKERHUB_PASSWORD }}
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
# Test report is useful when posting annotation if multiple similar jobs are performed
# For example, there could be one report for standalone and one report for cluster test
# It is not needed if there is only one type of integration tests within the workflow
tests_report_name: Test report (Standalone)
testrail_username: ${{ secrets.TESTRAIL_USERNAME }}
testrail_password: ${{ secrets.TESTRAIL_PASSWORD }}
incident_pagerduty_api_key: ${{ secrets.INCIDENT_PAGERDUTY_API_KEY }}
incident_pagerduty_reporter_email: ${{ secrets.INCIDENT_PAGERDUTY_REPORTER_EMAIL }}
incident_pagerduty_reporter_id: ${{ secrets.INCIDENT_PAGERDUTY_REPORTER_ID }}
incident_google_spreadsheet_id: ${{ secrets.INCIDENT_GOOGLE_SPREADSHEET_ID }}
incident_google_client_email: ${{ secrets.INCIDENT_GOOGLE_CLIENT_EMAIL }}
incident_google_api_key_base64: ${{ secrets.INCIDENT_GOOGLE_API_KEY_BASE64 }}
zencrepes_secret: ${{ secrets.ZENCREPES_WEBHOOK_SECRET }}
- name: Test Report
uses: dorny/test-reporter@v1
if: success() || failure()
with:
name: Tests Report (Standalone)
path: tests/artifacts/results/xml_reports/**/*.xml
reporter: java-junit
fail-on-error: "false"