Add check customization schema and migration #1842
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: [main] | |
pull_request: | |
release: | |
types: [published] | |
workflow_dispatch: | |
repository_dispatch: | |
types: [start-ci] | |
env: | |
MIX_ENV: test | |
jobs: | |
elixir-deps: | |
name: Elixir dependencies | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{ github.token }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup | |
id: setup-elixir | |
uses: erlef/setup-beam@v1 | |
with: | |
version-file: .tool-versions | |
version-type: strict | |
env: | |
ImageOS: ubuntu20 | |
- name: Retrieve Cached Dependencies | |
uses: actions/cache@v4 | |
id: mix-cache | |
with: | |
path: | | |
deps | |
_build/test | |
priv/plts | |
key: ${{ runner.os }}-${{ steps.setup-elixir.outputs.otp-version }}-${{ steps.setup-elixir.outputs.elixir-version }}-${{ hashFiles('mix.lock') }} | |
- name: Install Dependencies | |
if: steps.mix-cache.outputs.cache-hit != 'true' | |
run: | | |
mkdir -p priv/plts | |
mix local.rebar --force | |
mix local.hex --force | |
mix deps.get | |
mix deps.compile --warnings-as-errors | |
mix dialyzer --plt | |
static-code-analysis: | |
name: Static Code Analysis | |
needs: [elixir-deps, api-bc-check] | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{ github.token }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup | |
id: setup-elixir | |
uses: erlef/setup-beam@v1 | |
with: | |
version-file: .tool-versions | |
version-type: strict | |
env: | |
ImageOS: ubuntu20 | |
- name: Retrieve Elixir Cached Dependencies | |
uses: actions/cache@v4 | |
id: mix-cache | |
with: | |
path: | | |
deps | |
_build/test | |
priv/plts | |
key: ${{ runner.os }}-${{ steps.setup-elixir.outputs.otp-version }}-${{ steps.setup-elixir.outputs.elixir-version }}-${{ hashFiles('mix.lock') }} | |
- name: Check for Unused Dependencies | |
run: mix deps.unlock --check-unused | |
- name: Check Code Format | |
run: mix format --check-formatted | |
- name: Run Credo | |
run: mix credo --strict | |
- name: Run Dialyzer | |
run: mix dialyzer | |
test: | |
name: Test | |
needs: [elixir-deps, api-bc-check] | |
runs-on: ubuntu-20.04 | |
services: | |
postgres: | |
image: postgres | |
env: | |
POSTGRES_PASSWORD: postgres | |
POSTGRES_DB: wanda_test | |
ports: | |
- 5434:5432 | |
# Set health checks to wait until postgres has started | |
options: >- | |
--health-cmd pg_isready | |
--health-interval 10s | |
--health-timeout 5s | |
--health-retries 5 | |
rabbitmq: | |
image: rabbitmq | |
env: | |
RABBITMQ_DEFAULT_USER: wanda | |
RABBITMQ_DEFAULT_PASS: wanda | |
ports: | |
- 5674:5672 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{ github.token }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup | |
id: setup-elixir | |
uses: erlef/setup-beam@v1 | |
with: | |
version-file: .tool-versions | |
version-type: strict | |
- name: Retrieve Cached Dependencies | |
uses: actions/cache@v4 | |
id: mix-cache | |
with: | |
path: | | |
deps | |
_build/test | |
priv/plts | |
key: ${{ runner.os }}-${{ steps.setup-elixir.outputs.otp-version }}-${{ steps.setup-elixir.outputs.elixir-version }}-${{ hashFiles('mix.lock') }} | |
- name: Compile | |
run: mix compile --warnings-as-errors | |
- name: Run test | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: mix coveralls.github --warnings-as-errors --color --trace | |
main-branch-deps: | |
name: Rebuild main branch dependencies | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
if: github.ref_name != 'main' | |
with: | |
access_token: ${{ github.token }} | |
- name: Checkout main branch | |
uses: actions/checkout@v4 | |
if: github.ref_name != 'main' | |
with: | |
ref: main | |
- name: Set up Elixir | |
id: setup-elixir | |
uses: erlef/setup-beam@v1 | |
if: github.ref_name != 'main' | |
with: | |
version-file: .tool-versions | |
version-type: strict | |
- name: Retrieve Cached Dependencies - main branch | |
uses: actions/cache@v4 | |
id: mix-cache-main | |
if: github.ref_name != 'main' | |
with: | |
path: | | |
deps | |
_build/test | |
priv/plts | |
key: ${{ runner.os }}-${{ steps.setup-elixir.outputs.otp-version }}-${{ steps.setup-elixir.outputs.elixir-version }}-${{ hashFiles('mix.lock') }} | |
- name: Install missing dependencies | |
if: steps.mix-cache-main.outputs.cache-hit != 'true' && github.ref_name != 'main' | |
run: | | |
mkdir -p priv/plts | |
mix local.rebar --force | |
mix local.hex --force | |
mix deps.get | |
mix deps.compile --warnings-as-errors | |
mix dialyzer --plt | |
api-bc-check: | |
name: API bc check | |
needs: [elixir-deps, main-branch-deps] | |
runs-on: ubuntu-20.04 | |
strategy: | |
matrix: | |
include: | |
- version: V1 | |
- version: V2 | |
- version: V3 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{ github.token }} | |
- name: Checkout current branch | |
uses: actions/checkout@v4 | |
- name: Set up Elixir | |
id: setup-elixir | |
uses: erlef/setup-beam@v1 | |
with: | |
version-file: .tool-versions | |
version-type: strict | |
- name: Retrieve Cached Dependencies - current branch | |
uses: actions/cache@v4 | |
id: mix-cache-current | |
with: | |
path: | | |
deps | |
_build/test | |
priv/plts | |
key: ${{ runner.os }}-${{ steps.setup-elixir.outputs.otp-version }}-${{ steps.setup-elixir.outputs.elixir-version }}-${{ hashFiles('mix.lock') }} | |
- name: Generate current openapi.json | |
run: | | |
mix openapi.spec.json --start-app=false --spec WandaWeb.Schemas.${{ matrix.version }}.ApiSpec /tmp/specs/current-spec.json | |
- name: Checkout main branch | |
uses: actions/checkout@v4 | |
with: | |
ref: main | |
- name: Retrieve Cached Dependencies - main branch | |
uses: actions/cache@v4 | |
id: mix-cache-main | |
with: | |
path: | | |
deps | |
_build/test | |
priv/plts | |
key: ${{ runner.os }}-${{ steps.setup-elixir.outputs.otp-version }}-${{ steps.setup-elixir.outputs.elixir-version }}-${{ hashFiles('mix.lock') }} | |
- name: Generate main openapi.json | |
run: | | |
mix openapi.spec.json --start-app=false --spec WandaWeb.Schemas.${{ matrix.version }}.ApiSpec /tmp/specs/main-spec.json | |
- name: Locate generated specs | |
run: mv /tmp/specs . | |
- name: Find difference between OpenAPI specifications | |
run: | | |
docker run -v "$(pwd)/specs:/specs" --rm openapitools/openapi-diff:2.0.1 \ | |
/specs/main-spec.json \ | |
/specs/current-spec.json \ | |
--fail-on-incompatible \ | |
--markdown /specs/changes.md \ | |
--json /specs/changes.json \ | |
--text /specs/changes.txt \ | |
--html /specs/changes.html | |
- name: Upload OpenAPI diff report | |
uses: actions/upload-artifact@v4 | |
if: failure() | |
with: | |
name: openapi-diff-report-${{ matrix.version }} | |
path: specs/ | |
build-and-push-container-images: | |
name: Build and push container images | |
runs-on: ubuntu-20.04 | |
if: github.event_name == 'release' || (github.event_name == 'push' && github.ref_name == 'main') || github.event_name == 'workflow_dispatch' | |
needs: [static-code-analysis, test] | |
permissions: | |
contents: read | |
packages: write | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_REPOSITORY: ghcr.io/${{ github.repository_owner }}/trento-wanda | |
IMAGE_TAG: "${{ (github.event_name == 'release' && github.event.release.tag_name) || (github.event_name == 'push' && github.ref_name == 'main' && 'rolling') || github.sha }}" | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v3 | |
- name: Log in to the Container registry | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 | |
with: | |
images: ${{ env.IMAGE_REPOSITORY }} | |
- name: Build and push container image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
push: true | |
tags: ${{ env.IMAGE_REPOSITORY }}:${{ env.IMAGE_TAG }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
build-demo-img: | |
name: Build the docker image for the demo environment | |
runs-on: ubuntu-20.04 | |
if: vars.DEPLOY_DEMO == 'true' && (github.event_name == 'release' || (github.event_name == 'push' && github.ref_name == 'main') || github.event_name == 'workflow_dispatch') | |
needs: [static-code-analysis, test] | |
permissions: | |
contents: read | |
packages: write | |
env: | |
MIX_ENV: demo | |
REGISTRY: ghcr.io | |
IMAGE_REPOSITORY: ghcr.io/${{ github.repository_owner }}/trento-wanda | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v3 | |
- name: Log in to the Container registry | |
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Extract metadata (tags, labels) for Docker | |
id: meta | |
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 | |
with: | |
images: ${{ env.IMAGE_REPOSITORY }} | |
- name: Build and push container image | |
uses: docker/build-push-action@v6 | |
with: | |
context: . | |
push: true | |
tags: ${{ env.IMAGE_REPOSITORY }}:${{ env.MIX_ENV }} | |
labels: ${{ steps.meta.outputs.labels }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
build-args: MIX_ENV=${{ env.MIX_ENV }} | |
- name: Remotely trigger trento-web demo deployment | |
uses: peter-evans/repository-dispatch@v3 | |
with: | |
token: ${{ secrets.WEB_REPO_DISPATCH_PAT }} | |
repository: ${{ github.repository_owner }}/web | |
event-type: deploy-demo | |
generate-docs: | |
name: Generate project documentation | |
runs-on: ubuntu-20.04 | |
if: github.event_name == 'push' && github.ref_name == 'main' | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Elixir | |
id: setup-elixir | |
uses: erlef/setup-beam@v1 | |
with: | |
version-file: .tool-versions | |
version-type: strict | |
- name: Retrieve Cached Dependencies | |
uses: actions/cache@v4 | |
id: mix-cache | |
with: | |
path: | | |
deps | |
_build/test | |
priv/plts | |
key: ${{ runner.os }}-${{ steps.setup-elixir.outputs.otp-version }}-${{ steps.setup-elixir.outputs.elixir-version }}-${{ hashFiles('mix.lock') }} | |
- name: Build docs | |
uses: lee-dohm/generate-elixir-docs@v1 | |
- name: Generate openapi.json | |
run: mix openapi.spec.json --start-app=false --spec WandaWeb.Schemas.V1.ApiSpec | |
- name: Generate Swagger UI | |
uses: Legion2/swagger-ui-action@v1 | |
with: | |
output: ./doc/swaggerui | |
spec-file: openapi.json | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Publish to Pages | |
uses: peaceiris/actions-gh-pages@v4 | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
publish_dir: ./doc | |
obs-commit: | |
name: Commit the container image on OBS | |
runs-on: ubuntu-20.04 | |
if: github.event_name == 'release' || (github.event_name == 'push' && github.ref_name == 'main') || github.event_name == 'workflow_dispatch' | |
needs: [static-code-analysis, test] | |
container: | |
image: ghcr.io/trento-project/continuous-delivery:main | |
env: | |
GITHUB_OAUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
DEST_FOLDER: "/tmp/osc_project" | |
NAME: trento-wanda-image | |
OBS_USER: ${{ secrets.OBS_USER }} | |
OBS_PASS: ${{ secrets.OBS_PASS }} | |
OBS_PROJECT: ${{ secrets.OBS_PROJECT }} | |
FOLDER: packaging/suse/container | |
REPOSITORY: ${{ github.repository }} | |
options: -u 0:0 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{ github.token }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- uses: actions-ecosystem/action-get-latest-tag@v1 | |
id: latest-tag | |
with: | |
semver_only: true | |
initial_version: 0.0.1 | |
- name: Setup rust | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: 1.66 | |
- name: Get mix deps | |
run: mix local.hex --force && mix local.rebar --force && mix deps.clean --all && mix deps.get | |
- name: cargo vendor | |
run: | | |
cd deps/rhai_rustler/native/rhai_rustler | |
cargo vendor | |
printf '\n\n[source.crates-io]\nreplace-with = "vendored-sources"\n\n[source.vendored-sources]\ndirectory = "vendor"\n' >> .cargo/config | |
- name: Configure OSC | |
# OSC credentials must be configured beforehand as the HOME variables cannot be changed from /github/home | |
# that is used to run osc commands | |
run: | | |
mkdir -p $HOME/.config/osc | |
cp /home/osc/.config/osc/oscrc $HOME/.config/osc | |
/scripts/init_osc_creds.sh | |
- name: Prepare .changes file | |
# The .changes file is updated only in release creation. This current task should be improved | |
# in order to add the current rolling release notes | |
if: github.event_name == 'release' | |
run: | | |
CHANGES_FILE=$NAME.changes | |
osc checkout $OBS_PROJECT $NAME $CHANGES_FILE | |
mv $CHANGES_FILE $FOLDER | |
VERSION=${{ steps.latest-tag.outputs.tag }} | |
hack/gh_release_to_obs_changeset.py $REPOSITORY -a [email protected] -t $VERSION -f $FOLDER/$CHANGES_FILE | |
- name: Set version | |
run: | | |
git config --global --add safe.directory /__w/wanda/wanda | |
VERSION=$(./hack/get_version_from_git.sh) | |
# "+" character is not allowed in OBS dockerfile version strings | |
VERSION=${VERSION//[+]/-} | |
sed -i 's~%%VERSION%%~'"${VERSION}"'~' $FOLDER/Dockerfile | |
- name: Commit on OBS | |
run: | | |
OBS_PACKAGE=$OBS_PROJECT/$NAME | |
osc checkout $OBS_PACKAGE -o $DEST_FOLDER | |
cp -r $FOLDER/* $DEST_FOLDER | |
tar --transform 's,^./,/wanda/,' -zcvf $DEST_FOLDER/wanda.tar.gz --exclude=./.git ./* | |
cd $DEST_FOLDER | |
osc ar | |
osc commit -m "New development version of $NAME released" | |
obs-commit-rpm: | |
name: Commit the RPM package on OBS | |
needs: [static-code-analysis, test] | |
runs-on: ubuntu-20.04 | |
if: github.event_name == 'release' || (github.event_name == 'push' && github.ref_name == 'main') || github.event_name == 'workflow_dispatch' | |
container: | |
image: ghcr.io/trento-project/continuous-delivery:main | |
env: | |
OBS_USER: ${{ secrets.OBS_USER }} | |
OBS_PASS: ${{ secrets.OBS_PASS }} | |
OBS_PROJECT: ${{ secrets.OBS_PROJECT }} | |
OSC_CHECKOUT_DIR: /tmp/trento-wanda-package | |
REPOSITORY: ${{ github.repository }} | |
FOLDER: packaging/suse/rpm | |
options: -u 0:0 | |
steps: | |
- name: Cancel Previous Runs | |
uses: styfle/[email protected] | |
with: | |
access_token: ${{ github.token }} | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Configure OSC | |
run: | | |
mkdir -p $HOME/.config/osc | |
cp /home/osc/.config/osc/oscrc $HOME/.config/osc | |
/scripts/init_osc_creds.sh | |
- name: Prepare _service file | |
run: | | |
git config --global --add safe.directory /__w/wanda/wanda | |
VERSION=$(./hack/get_version_from_git.sh) | |
sed -i 's~%%REVISION%%~${{ github.sha }}~' $FOLDER/_service && \ | |
sed -i 's~%%REPOSITORY%%~'"${REPOSITORY}"'~' $FOLDER/_service && \ | |
sed -i 's~%%VERSION%%~'"${VERSION}"'~' $FOLDER/_service | |
- name: Setup rust | |
uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: 1.66 | |
- name: Get mix deps | |
run: mix local.hex --force && mix deps.clean --all && mix deps.get | |
- name: Cargo vendor | |
run: | | |
cd deps/rhai_rustler/native/rhai_rustler | |
cargo vendor | |
printf '\n\n[source.crates-io]\nreplace-with = "vendored-sources"\n\n[source.vendored-sources]\ndirectory = "vendor"\n' >> .cargo/config | |
- name: Create deps tarball | |
run: tar -c deps | gzip -n > deps.tar.gz | |
- name: Checkout and prepare OBS package | |
run: | | |
osc checkout $OBS_PROJECT trento-wanda -o $OSC_CHECKOUT_DIR | |
cp $FOLDER/_service $OSC_CHECKOUT_DIR | |
cp $FOLDER/trento-wanda.spec $OSC_CHECKOUT_DIR | |
rm -vf $OSC_CHECKOUT_DIR/*.tar.gz | |
pushd $OSC_CHECKOUT_DIR | |
osc service manualrun | |
cp /__w/wanda/wanda/deps.tar.gz . | |
- name: Prepare trento-wanda.changes file | |
# The .changes file is updated only in release creation. This current task should be improved | |
# in order to add the current rolling release notes | |
if: github.event_name == 'release' | |
run: | | |
git config --global --add safe.directory /__w/wanda/wanda | |
VERSION=$(./hack/get_version_from_git.sh) | |
TAG=$(echo $VERSION | cut -f1 -d+) | |
hack/gh_release_to_obs_changeset.py $REPOSITORY -a [email protected] -t $TAG -f $OSC_CHECKOUT_DIR/trento-wanda.changes | |
- name: Commit changes into OBS | |
run: | | |
pushd $OSC_CHECKOUT_DIR | |
osc ar | |
osc commit -m "GitHub Actions automated update to reference ${{ github.sha }}" |