-
-
Notifications
You must be signed in to change notification settings - Fork 206
179 lines (174 loc) · 5.51 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
name: CI
on:
push:
branches:
- main
pull_request: ~
workflow_dispatch: ~
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
tests:
name: Tests
runs-on: ubuntu-latest
permissions:
contents: 'read'
id-token: 'write'
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Build Docker Images
uses: docker/bake-action@v3
with:
pull: true
load: true
files: |
docker-compose.yml
docker-compose.override.yml
set: |
*.cache-from=type=gha,scope=${{github.ref}}
*.cache-from=type=gha,scope=refs/heads/main
*.cache-to=type=gha,scope=${{github.ref}},mode=max
-
name: Start Services
run: docker compose up --wait --no-build
-
name: Debug Services
if: failure()
run: |
docker compose ps
docker compose logs
-
name: Check HTTP Reachability
run: curl -v -o /dev/null http://localhost
-
name: Check API Reachability
run: curl -vk -o /dev/null https://localhost
-
name: Check PWA Reachability
run: "curl -vk -o /dev/null -H 'Accept: text/html' https://localhost"
-
name: Create Test Database
run: |
docker compose exec -T php bin/console -e test doctrine:database:create
docker compose exec -T php bin/console -e test doctrine:migrations:migrate --no-interaction
-
name: Run PHPUnit Tests
run: docker compose exec -T php bin/phpunit
-
name: Doctrine Schema Validator
run: docker compose exec -T php bin/console doctrine:schema:validate
-
name: Run Psalm Analysis
run: docker compose exec -T php vendor/bin/psalm
-
name: Run PWA Lint
run: docker compose exec -T pwa pnpm lint
# run e2e tests iso-prod
e2e-tests:
name: E2E Tests
runs-on: ubuntu-latest
permissions:
contents: 'read'
id-token: 'write'
env:
PHP_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/php:latest
PWA_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/pwa:latest
CADDY_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/caddy:latest
KEYCLOAK_DOCKER_IMAGE: eu.gcr.io/${{ secrets.GKE_PROJECT }}/keycloak:latest
APP_SECRET: ba63418865d58089f7f070e0a437b6d16b1fb970
CADDY_MERCURE_JWT_SECRET: 33b04d361e437e0d7d715600fc24fdefba317154
NEXTAUTH_SECRET: 77e4c3f5a6fb652b6245a5df8a704e04ad90bc7e
POSTGRES_PASSWORD: aae5bf316ef5fe87ad806c6a9240fff68bcfdaf7
KEYCLOAK_POSTGRES_PASSWORD: 26d7f630f1524eb210bbf496443f2038a9316e9e
KEYCLOAK_ADMIN_PASSWORD: 2f31e2fad93941b818449fd8d57fd019b6ce7fa5
KEYCLOAK_HTTPS_CERTIFICATE_FILE: ./helm/api-platform/keycloak/certs/tls.crt
KEYCLOAK_HTTPS_CERTIFICATE_KEY_FILE: ./helm/api-platform/keycloak/certs/tls.pem
# https://docs.docker.com/compose/environment-variables/envvars/#compose_file
COMPOSE_FILE: docker-compose.yml:docker-compose.prod.yml:docker-compose.e2e.yml
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Build Docker Images
uses: docker/bake-action@v3
with:
pull: true
load: true
files: |
docker-compose.yml
docker-compose.prod.yml
set: |
*.cache-from=type=gha,scope=${{github.ref}}-e2e
*.cache-from=type=gha,scope=${{github.ref}}
*.cache-from=type=gha,scope=refs/heads/main
*.cache-to=type=gha,scope=${{github.ref}}-e2e,mode=max
-
name: Start Services
run: docker compose up --wait --no-build
-
name: Debug Services
if: failure()
run: |
docker compose ps
docker compose logs
-
name: Load Fixtures
run: docker compose run --rm --env APP_ENV=dev php bin/console doctrine:fixtures:load --no-interaction
-
name: Cache Playwright Binaries
uses: actions/cache@v3
with:
path: ~/.cache/ms-playwright
key: ${{ runner.os }}-playwright
-
name: Install PNPM
uses: pnpm/action-setup@v2
with:
version: 8.6.2
-
name: Install Dependencies
working-directory: pwa
run: pnpm install
-
name: Install Playwright Browsers
working-directory: pwa
run: pnpm exec playwright install --with-deps
-
name: Run Playwright @read
working-directory: pwa
# don't run @read and @write scenarios to prevent conflict between them
run: pnpm exec playwright test --grep @read
-
name: Run Playwright @write
working-directory: pwa
# use 1 worker to prevent conflict between scenarios
run: pnpm exec playwright test --grep @write --workers=1
-
uses: actions/upload-artifact@v3
if: failure()
with:
name: playwright-screenshots
path: pwa/test-results
lint:
name: Docker Lint
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Lint Dockerfiles
uses: hadolint/hadolint-action@v3.1.0
with:
recursive: true