mirror of
https://github.com/super-linter/super-linter.git
synced 2024-11-10 02:53:36 -05:00
0c6e9a5778
- Remove test leftovers before initializing the workspace against which fix mode tests run. This prevents ownership issues. - Pass container image build metadata as outputs of the container image build job so we can include the validate-container-image-labels target as other test target when we build the test matrix. - Manually include the 'test' target when building the test suite matrix so we run it as part of the test suite to ensure that tests don't pollute each other's working directory. Fix #5994
326 lines
12 KiB
YAML
326 lines
12 KiB
YAML
name: Build and Test
|
|
|
|
on:
|
|
pull_request:
|
|
push:
|
|
merge_group:
|
|
workflow_dispatch:
|
|
|
|
# Don't grant any access by default
|
|
permissions: {}
|
|
|
|
jobs:
|
|
# Set build metadata before running any other job so we can reuse them for
|
|
# both the standandard and the slim images, and for verification as well.
|
|
# We can't run this as part of the build-container-image job because it
|
|
# runs multiple times due to its matrix configuration, leading to race
|
|
# conditions when verifying container image labels.
|
|
set-build-metadata:
|
|
name: Set build metadata
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
outputs:
|
|
CONTAINER_IMAGE_BUILD_DATE: ${{ steps.set-container-image-build-metadata.outputs.CONTAINER_IMAGE_BUILD_DATE }}
|
|
CONTAINER_IMAGE_BUILD_REVISION: ${{ steps.set-container-image-build-metadata.outputs.CONTAINER_IMAGE_BUILD_REVISION }}
|
|
CONTAINER_IMAGE_BUILD_VERSION: ${{ steps.set-container-image-build-metadata.outputs.CONTAINER_IMAGE_BUILD_VERSION }}
|
|
steps:
|
|
- name: Set build metadata
|
|
id: set-container-image-build-metadata
|
|
run: |
|
|
if [[ ${{ github.event_name }} == 'push' ]] || [[ ${{ github.event_name }} == 'merge_group' ]]; then
|
|
BUILD_REVISION=${{ github.sha }}
|
|
BUILD_VERSION=${{ github.sha }}
|
|
elif [[ ${{ github.event_name }} == 'pull_request' ]]; then
|
|
BUILD_REVISION=${{ github.event.pull_request.head.sha }}
|
|
BUILD_VERSION=${{ github.event.pull_request.head.sha }}
|
|
else
|
|
echo "[ERROR] Event not supported when setting build revision and build version"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${BUILD_REVISION}" ]; then
|
|
echo "[ERROR] BUILD_REVISION is empty"
|
|
exit 1
|
|
fi
|
|
|
|
if [ -z "${BUILD_VERSION}" ]; then
|
|
echo "[ERROR] BUILD_VERSION is empty"
|
|
exit 1
|
|
fi
|
|
|
|
BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
|
|
|
|
echo "Build date: ${BUILD_DATE}"
|
|
echo "Build revision: ${BUILD_REVISION}"
|
|
echo "Build version: ${BUILD_VERSION}"
|
|
|
|
{
|
|
echo "BUILD_DATE=${BUILD_DATE}"
|
|
echo "BUILD_REVISION=${BUILD_REVISION}"
|
|
echo "BUILD_VERSION=${BUILD_VERSION}"
|
|
} >> "${GITHUB_ENV}"
|
|
|
|
{
|
|
echo "CONTAINER_IMAGE_BUILD_DATE=${BUILD_DATE}"
|
|
echo "CONTAINER_IMAGE_BUILD_REVISION=${BUILD_REVISION}"
|
|
echo "CONTAINER_IMAGE_BUILD_VERSION=${BUILD_VERSION}"
|
|
} >> "${GITHUB_OUTPUT}"
|
|
|
|
build-container-image:
|
|
name: Build and Test
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
needs:
|
|
- set-build-metadata
|
|
concurrency:
|
|
# Ref: https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
|
|
# github.head_ref: head_ref or source branch of the pull request
|
|
# github.ref: ref of the branch that triggered the workflow
|
|
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}-${{ github.event_name }}-${{ matrix.images.target }}
|
|
cancel-in-progress: true
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
images:
|
|
- prefix: slim-
|
|
target: slim
|
|
- prefix: ""
|
|
target: standard
|
|
timeout-minutes: 60
|
|
env:
|
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
|
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "super-linter-${{ matrix.images.prefix }}latest"
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Free Disk space
|
|
shell: bash
|
|
run: |
|
|
sudo rm -rf /usr/local/lib/android || true
|
|
sudo rm -rf /usr/share/dotnet || true
|
|
sudo rm -rf /opt/ghc || true
|
|
sudo rm -rf /usr/local/.ghcup || true
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
|
|
- name: Build Image
|
|
uses: docker/build-push-action@v6
|
|
with:
|
|
context: .
|
|
file: ./Dockerfile
|
|
build-args: |
|
|
BUILD_DATE=${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_DATE }}
|
|
BUILD_REVISION=${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_REVISION }}
|
|
BUILD_VERSION=${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_VERSION }}
|
|
cache-from: type=registry,ref=${{ env.CONTAINER_IMAGE_ID }}-buildcache
|
|
outputs: type=docker,dest=/tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
|
|
push: false
|
|
secrets: |
|
|
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
|
|
tags: |
|
|
${{ env.CONTAINER_IMAGE_ID }}
|
|
target: "${{ matrix.images.target }}"
|
|
|
|
# Load the image here because the docker/build-push-action doesn't support multiple exporters yet
|
|
# Ref: https://github.com/docker/build-push-action/issues/413
|
|
# Ref: https://github.com/moby/buildkit/issues/1555
|
|
- name: Load image
|
|
run: |
|
|
docker load <"/tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar"
|
|
|
|
- name: Print environment info
|
|
run: |
|
|
make info
|
|
|
|
- name: Upload ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
uses: actions/upload-artifact@v4.3.4
|
|
with:
|
|
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}
|
|
path: /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
|
|
|
|
test-local-action:
|
|
name: Test the Super-linter GitHub Action
|
|
runs-on: ubuntu-latest
|
|
needs: build-container-image
|
|
permissions:
|
|
contents: read
|
|
strategy:
|
|
matrix:
|
|
images:
|
|
- container-image-id: super-linter-latest
|
|
prefix: ""
|
|
target: standard
|
|
- container-image-id: super-linter-slim-latest
|
|
prefix: slim-
|
|
target: slim
|
|
env:
|
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
|
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "super-linter-${{ matrix.images.prefix }}latest"
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Download ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
uses: actions/download-artifact@v4.1.8
|
|
with:
|
|
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}
|
|
path: /tmp
|
|
|
|
- name: Load ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
run: |
|
|
docker load --input /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
|
|
docker image ls -a
|
|
|
|
- name: Update action.yml
|
|
run: |
|
|
echo "yq version: $(yq --version)"
|
|
yq '.runs.image = "docker://" + env(CONTAINER_IMAGE_ID)' -i action.yml
|
|
echo "Action file contents:"
|
|
cat action.yml
|
|
|
|
- name: Test Local Action (debug log)
|
|
uses: ./
|
|
env:
|
|
LOG_LEVEL: DEBUG
|
|
CREATE_LOG_FILE: true
|
|
VALIDATE_ALL_CODEBASE: false
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GITLEAKS_CONFIG_FILE: .gitleaks-ignore-tests.toml
|
|
FILTER_REGEX_EXCLUDE: ".*(/test/linters/|CHANGELOG.md).*"
|
|
RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES: "default.json,hoge.json"
|
|
TYPESCRIPT_STANDARD_TSCONFIG_FILE: ".github/linters/tsconfig.json"
|
|
|
|
- name: Get the contents of the log file
|
|
run: |
|
|
sudo cat super-linter.log
|
|
sudo rm -v super-linter.log
|
|
|
|
- name: Test Local Action (default log)
|
|
uses: ./
|
|
env:
|
|
VALIDATE_ALL_CODEBASE: false
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
GITLEAKS_CONFIG_FILE: .gitleaks-ignore-tests.toml
|
|
FILTER_REGEX_EXCLUDE: ".*(/test/linters/|CHANGELOG.md).*"
|
|
TYPESCRIPT_STANDARD_TSCONFIG_FILE: ".github/linters/tsconfig.json"
|
|
|
|
build-test-suite-matrix:
|
|
name: Build test suite matrix
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
outputs:
|
|
matrix: ${{ steps.generate-matrix.outputs.test-cases }}
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Generate test cases matrix
|
|
id: generate-matrix
|
|
run: |
|
|
TEST_TARGETS=$(make -pRrq 2>&1 | grep 'test:' | tr -d '\n' | sed -e "s/^test: //" | jq --raw-input --slurp --compact-output 'split(" ")')
|
|
echo "TEST_TARGETS: ${TEST_TARGETS}"
|
|
echo "test-cases=${TEST_TARGETS}" >> "${GITHUB_OUTPUT}"
|
|
|
|
run-test-suite:
|
|
name: Run test cases
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
needs:
|
|
- set-build-metadata
|
|
- build-container-image
|
|
- build-test-suite-matrix
|
|
strategy:
|
|
matrix:
|
|
test-case: ${{ fromJson(needs.build-test-suite-matrix.outputs.matrix) }}
|
|
images:
|
|
- container-image-id: super-linter-latest
|
|
prefix: ""
|
|
target: standard
|
|
- container-image-id: super-linter-slim-latest
|
|
prefix: slim-
|
|
target: slim
|
|
include:
|
|
# Also run the test target to check if running the whole test suite
|
|
# in the same execution environment prevents it from succeeding
|
|
- test-case: test
|
|
env:
|
|
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
|
|
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
|
|
CONTAINER_IMAGE_OUTPUT_IMAGE_NAME: "super-linter-${{ matrix.images.prefix }}latest"
|
|
BUILD_DATE: ${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_DATE }}
|
|
BUILD_REVISION: ${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_REVISION }}
|
|
BUILD_VERSION: ${{ needs.set-build-metadata.outputs.CONTAINER_IMAGE_BUILD_VERSION }}
|
|
steps:
|
|
- name: Checkout Code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Download ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
uses: actions/download-artifact@v4.1.8
|
|
with:
|
|
name: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}
|
|
path: /tmp
|
|
|
|
- name: Load ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} container image
|
|
run: |
|
|
docker load --input /tmp/${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }}.tar
|
|
docker image ls -a
|
|
|
|
- name: "Test case: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} - ${{ matrix.test-case }}"
|
|
run: |
|
|
echo "Running: ${{ env.CONTAINER_IMAGE_OUTPUT_IMAGE_NAME }} - ${{ matrix.test-case }}"
|
|
make ${{ matrix.test-case }}
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
# The purpose of this job is to run only when the run-test-suite job runs to completion.
|
|
# We can use this job as a required status check in a branch protection rule without
|
|
# having to select each individual job that dynamically add to the test matrix.
|
|
test-success-placeholder:
|
|
name: Check if all the tests passed
|
|
if: ${{ always() }}
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
needs:
|
|
- run-test-suite
|
|
- test-local-action
|
|
steps:
|
|
- name: Test suite success
|
|
if: ${{ !(contains(needs.*.result, 'failure')) && !contains(needs.*.result, 'cancelled') && !contains(needs.*.result, 'skipped') }}
|
|
run: exit 0
|
|
- name: Test suite failures
|
|
if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') || contains(needs.*.result, 'skipped') }}
|
|
run: exit 1
|
|
|
|
preview-release-notes:
|
|
if: github.event_name == 'pull_request' && github.repository == github.event.pull_request.head.repo.full_name && github.repository == 'super-linter/super-linter'
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
steps:
|
|
- uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Setup authentication token
|
|
run: |
|
|
echo "${{ secrets.GITHUB_TOKEN }}" > .github-personal-access-token
|
|
|
|
- name: Generate a preview of the release notes
|
|
run: |
|
|
make release-please-dry-run
|