Merge pull request #1270 from camunda/korthout-1269-identity-setup-re… #2103
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build and test | |
on: | |
push: | |
branches: | |
- main | |
- stable/* | |
- release-* | |
pull_request: { } | |
merge_group: { } | |
workflow_call: { } | |
concurrency: | |
cancel-in-progress: true | |
group: "${{ github.workflow }}-${{ github.ref }}" | |
defaults: | |
run: | |
# use bash shell by default to ensure pipefail behavior is the default | |
# see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference | |
shell: bash | |
jobs: | |
code-formatting: | |
name: check code formatting | |
timeout-minutes: 15 | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Java environment | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 21 | |
cache: maven | |
- name: Check format | |
run: mvn spotless:check | |
- name: Check license | |
run: mvn license:check | |
build-and-test-embedded: | |
name: Run tests on ${{ matrix.os }} | |
timeout-minutes: 15 | |
needs: code-formatting | |
runs-on: ${{ matrix.os }} | |
strategy: | |
fail-fast: false | |
max-parallel: 3 | |
matrix: | |
os: [ ubuntu-latest, macos-latest, windows-latest ] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Java environment | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 21 | |
cache: maven | |
- name: Build | |
id: build | |
run: mvn -B -U -pl "-:zeebe-process-test-qa-testcontainers" -P !localBuild "-Dsurefire.rerunFailingTestsCount=5" clean install | |
- name: Archive Test Results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: Unit Test Results ${{ matrix.os }} | |
path: "*/target/surefire-reports/" | |
retention-days: 7 | |
build-and-test-testcontainers: | |
name: Run tests on ubuntu-latest using testcontainers | |
timeout-minutes: 15 | |
needs: code-formatting | |
runs-on: ubuntu-latest | |
env: | |
IMAGE_NAME: "qa-tests" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Java environment | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 21 | |
cache: maven | |
- name: Package | |
run: mvn -B -U -P !localBuild clean package -DskipTests | |
- name: Build engine docker container | |
run: | | |
cd engine-agent | |
docker build . -t ${{ env.IMAGE_NAME }}:${{ github.sha }} | |
- name: Update image tag in config | |
run: | | |
cd extension-testcontainer/src/main/resources | |
sed -i '/container.image.name=/ s/=.*/=${{ env.IMAGE_NAME }}/' config.properties | |
sed -i '/container.image.tag=/ s/=.*/=${{ github.sha }}/' config.properties | |
cat config.properties | |
env: | |
IMAGE_NAME_KEY: container.image.name | |
IMAGE_TAG_KEY: container.image.tag | |
- name: Downgrade Java environment | |
uses: actions/setup-java@v4 | |
with: | |
distribution: temurin | |
java-version: 8 | |
cache: maven | |
# Deleting .mvn/jvm.config is a workaround for JDK8, which does not support the --add-exports options | |
- name: Build | |
id: build | |
run: | | |
rm .mvn/jvm.config | |
mvn clean -B -U -pl ":zeebe-process-test-qa-testcontainers" -P !localBuild -am "-Dsurefire.rerunFailingTestsCount=5" install -DskipChecks | |
- name: Archive Test Results | |
uses: actions/upload-artifact@v4 | |
if: always() | |
with: | |
name: Unit Test Results Testcontainers | |
path: "*/target/surefire-reports/" | |
retention-days: 7 | |
test-summary: | |
# Check all tests, including the unit test matrix. | |
# New test jobs must be added to the `needs` lists! | |
name: Test summary | |
runs-on: ubuntu-latest | |
needs: | |
- code-formatting | |
- build-and-test-embedded | |
- build-and-test-testcontainers | |
steps: | |
- run: exit 0 | |
# We need to upload the event file as an artifact in order to support publishing the results of | |
# forked repositories (https://github.com/EnricoMi/publish-unit-test-result-action#support-fork-repositories-and-dependabot-branches) | |
event_file: | |
name: "Event File" | |
runs-on: ubuntu-latest | |
steps: | |
- name: Upload | |
uses: actions/upload-artifact@v4 | |
with: | |
name: Event File | |
path: ${{ github.event_path }} | |
retention-days: 1 | |
auto-merge: | |
# This workflow will auto merge a PR authored by dependabot[bot]. It runs only on open PRs ready for | |
# review. | |
# | |
# It will merge the PR only if: it is authored by dependabot[bot], is a minor or patch semantic | |
# update, and all CI checks are successful (ignoring the soon-to-be-removed Jenkins check). | |
# | |
# The workflow is divided into multiple sequential jobs to allow giving only minimal permissions to | |
# the GitHub token passed around. | |
# | |
# Once we're using the merge queue feature, I think we can simplify this workflow a lot by relying | |
# on dependabot merging PRs via its commands, as it will always wait for checks to be green before | |
# merging. | |
name: Auto-merge dependabot, camundait, and backport PRs | |
runs-on: ubuntu-latest | |
needs: [ test-summary ] | |
if: github.repository == 'camunda/zeebe-process-test' && (github.actor == 'dependabot[bot]' || github.actor == 'camundait' || github.actor == 'backport-action') | |
permissions: | |
checks: read | |
pull-requests: write | |
steps: | |
- uses: actions/checkout@v4 | |
- id: metadata | |
if: github.actor == 'dependabot[bot]' | |
name: Fetch dependency metadata | |
uses: dependabot/[email protected] | |
with: | |
github-token: "${{ secrets.GITHUB_TOKEN }}" | |
- id: approve-and-merge-dependabot | |
name: Approve and merge dependabot PR | |
if: github.actor == 'dependabot[bot]' && (steps.metadata.outputs.update-type == 'version-update:semver-patch' || steps.metadata.outputs.update-type == 'version-update:semver-minor') | |
run: > | |
gh pr review --approve "$PR_URL" | |
gh pr merge --auto --merge "$PR_URL" | |
env: | |
PR_URL: ${{github.event.pull_request.html_url}} | |
GH_TOKEN: ${{secrets.GITHUB_TOKEN}} | |
- id: approve-and-merge-backport | |
name: Approve and merge backport PR | |
if: github.actor != 'dependabot[bot]' | |
run: > | |
gh pr review --approve "$PR_URL" | |
gh pr merge --auto --merge "$PR_URL" | |
env: | |
PR_URL: ${{github.event.pull_request.html_url}} | |
GH_TOKEN: ${{secrets.GITHUB_TOKEN}} | |