-
Notifications
You must be signed in to change notification settings - Fork 3
151 lines (138 loc) · 5.9 KB
/
Copy pathpull-request-main.yml
File metadata and controls
151 lines (138 loc) · 5.9 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
name: pull-request-main
on:
merge_group:
pull_request:
branches:
- main
jobs:
ci-lint:
name: Lint
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Linting Go
uses: smartcontractkit/.github/actions/ci-lint-go@ci-lint-go/v2 # ci-lint-go@2.0.0
with:
only-new-issues: "false"
golangci-lint-version: v2.5.0
ci-lint-misc:
name: Lint GH Actions and scripts
runs-on: ubuntu-latest
permissions:
contents: read
steps:
- name: Linting Misc (yaml + sh files)
uses: smartcontractkit/.github/actions/ci-lint-misc@eeb76b5870e3c17856d5a60fd064a053c023b5f5 # ci-lint-misc@1.0.0
ci-test:
name: Tests
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
# disable the checkptr runtime check due a false positive in github.com/xssnick/tonutils-go
# causing tests in ci to fail "fatal error: checkptr: pointer arithmetic result points to invalid allocation"
# https://github.com/xssnick/tonutils-go/issues/310
# Exclude provider packages which use Docker containers and remote catalog tests
go-test-cmd: go test -race -gcflags=all=-d=checkptr=0 -coverprofile=coverage.txt $(go list ./... | grep -v '/provider' | grep -v '/catalog/remote')
use-go-cache: true
artifact-name: unit-tests
ci-test-provider:
name: Provider Tests
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Build and test provider packages
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
# disable the checkptr runtime check due a false positive in github.com/xssnick/tonutils-go
# causing tests in ci to fail "fatal error: checkptr: pointer arithmetic result points to invalid allocation"
# https://github.com/xssnick/tonutils-go/issues/310
# -p 2 -parallel 3 = 2 packages, 3 tests max = 6 containers max
# Only run provider packages which use Docker containers
go-test-cmd: go test -race -gcflags=all=-d=checkptr=0 -p 2 -parallel 3 -coverprofile=coverage.txt $(go list ./... | grep '/provider')
use-go-cache: true
artifact-name: provider-tests
ci-test-catalog-remote:
name: Catalog Remote Tests
runs-on: ubuntu-latest
timeout-minutes: 15
permissions:
id-token: write
contents: read
actions: read
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Configure AWS credentials for ECR
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
with:
role-to-assume: ${{ secrets.ECR_READ_ROLE_ARN }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Get latest catalog service tag from ECR
id: get-catalog-tag
run: |
# Fetch the latest semantic version tag from ECR
# Sort images by push date (latest first) and find the first semver tag
LATEST_TAG=$(aws ecr describe-images \
--repository-name op-catalog-service \
--region ${{ secrets.AWS_REGION }} \
--registry-id ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }} \
--query 'reverse(sort_by(imageDetails,& imagePushedAt))' \
--output json | \
jq -r '
[.[] |
select(.imageTags != null) |
.imageTags[] |
select(test("^v[0-9]+\\.[0-9]+\\.[0-9]+$"))
] | first
')
if [[ -z "${LATEST_TAG}" ]] || [[ "${LATEST_TAG}" == "null" ]]; then
echo "::error::Could not find a valid semantic version tag in ECR"
exit 1
fi
echo "Latest catalog service tag from ECR: ${LATEST_TAG}"
echo "tag=${LATEST_TAG}" >> "${GITHUB_OUTPUT}"
- name: Pull Catalog Service ECR Image
uses: smartcontractkit/.github/actions/pull-private-ecr-image@2f8f0baf38e46140c6a119eb551a56eaaabcc09e # pull-private-ecr-image@1.0.0
with:
aws-account-number: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}
aws-region: ${{ secrets.AWS_REGION }}
aws-role-arn: ${{ secrets.ECR_READ_ROLE_ARN }}
ecr-repository: "op-catalog-service"
image-tag: ${{ steps.get-catalog-tag.outputs.tag }}
- name: Run Catalog Remote Integration Tests
uses: smartcontractkit/.github/actions/ci-test-go@dfcba48f05933158428bce867d790e3d5a9baa6b # ci-test-go@1.1.0
with:
# Must cd into datastore/catalog/remote because TestMain only runs from package directory
go-test-cmd: cd datastore/catalog/remote && go test -v -race -timeout 10m -gcflags=all=-d=checkptr=0 -coverprofile=../../../coverage.txt
use-go-cache: true
artifact-name: catalog-remote-tests
env:
CATALOG_SERVICE_IMAGE: ${{ secrets.AWS_ACCOUNT_NUMBER_PROD }}.dkr.ecr.${{ secrets.AWS_REGION }}.amazonaws.com/op-catalog-service:${{ steps.get-catalog-tag.outputs.tag }}
sonarqube:
name: Sonar Scan
if: github.event_name == 'pull_request'
runs-on: ubuntu-24.04
needs: [ci-test, ci-test-provider, ci-test-catalog-remote, ci-lint-misc, ci-lint]
permissions:
contents: read
actions: read
steps:
- name: Scan with Sonarqube
uses: smartcontractkit/.github/actions/ci-sonarqube-go@01d931b0455a754d12e7143cc54a5a3521a8f6f6 # ci-sonarqube-go@0.3.1
with:
sonar-token: ${{ secrets.SONAR_TOKEN }}
sonar-host-url: ${{ secrets.SONAR_HOST_URL }}