-
Notifications
You must be signed in to change notification settings - Fork 1
199 lines (167 loc) · 6.06 KB
/
ci_tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
name: CI - Tests
on:
pull_request:
push:
branches:
- 'main'
- 'push-action/**' # Allow pushing to protected branches (using CasperWA/push-protected)
jobs:
basic-tests:
name: External
uses: SINTEF/ci-cd/.github/workflows/[email protected]
with:
# General setup
install_extras: "[dev]"
# pre-commit
python_version_pre-commit: "3.10"
# pylint & safety
python_version_pylint_safety: "3.10"
run_pylint: false
# Build dist
python_version_package: "3.10"
build_libs: flit
build_cmd: flit build
# Build documentation
run_build_docs: false
docker:
name: Docker
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
docker_target: ["development", "production"]
env:
# "Regular" entities service configuration values
ENTITIES_SERVICE_MONGO_URI: mongodb://localhost:27017
ENTITIES_SERVICE_X509_CERTIFICATE_FILE: docker_security/test-client.pem
ENTITIES_SERVICE_CA_FILE: docker_security/test-ca.pem
# These are used in the Dockerfile as well as in pytest
ENTITIES_SERVICE_HOST: localhost
ENTITIES_SERVICE_PORT: 8000
steps:
- name: Checkout ${{ github.repository }}
uses: actions/checkout@v4
- name: Setup Python 3.10
uses: actions/setup-python@v5
with:
python-version: "3.10"
- name: Run MongoDB
run: |
# Create folder for certificates
mkdir -p docker_security
chmod 777 docker_security
# Generate certificates
cd docker_security && ${{ github.workspace }}/.github/docker_init/setup_mongo_security.sh
cd ${{ github.workspace }}
# Pull mongo:7 image and run it
docker pull mongo:7
docker run --rm -d \
--env MONGO_INITDB_ROOT_USERNAME=root \
--env MONGO_INITDB_ROOT_PASSWORD=root \
--name "mongo" \
--network "host" \
--volume "${{ github.workspace }}/.github/docker_init/create_x509_user.js:/docker-entrypoint-initdb.d/0_create_x509_user.js" \
--volume "${{ github.workspace }}/docker_security:/mongo_tls" \
mongo:7 \
--tlsMode allowTLS --tlsCertificateKeyFile /mongo_tls/test-server1.pem --tlsCAFile /mongo_tls/test-ca.pem
sleep 10 # Wait for the database to start
- name: Build Docker image
run: |
docker build \
--pull \
--tag entities-service \
--target ${{ matrix.docker_target }} \
.
- name: Install test dependencies
run: |
python -m pip install -U pip
pip install -U setuptools wheel
pip install -U -e .[testing]
- name: Run Docker container
run: |
# Create logging directory and file
mkdir -p logs
touch -a logs/entities_service.log
# Run the service in the background
docker run --rm -d \
--env ENTITIES_SERVICE_MONGO_URI \
--env ENTITIES_SERVICE_X509_CERTIFICATE_FILE \
--env ENTITIES_SERVICE_CA_FILE \
--env PORT=${ENTITIES_SERVICE_PORT} \
--env RUN_TIME=40 \
--env STOP_TIME=3 \
--name "entities-service" \
--network "host" \
--volume "${PWD}:/app" \
--entrypoint "./.github/utils/coverage_entrypoint.sh" \
entities-service \
${{ matrix.docker_target }}
sleep 5 # Wait for the service to start
- name: Run tests
run: |
{
pytest -vv --live-backend --cov-report=
} || {
echo "Failed! Here's the Docker logs for the service:" &&
docker logs entities-service &&
echo -e "\nAnd the service log:" &&
cat logs/entities_service.log &&
exit 1
}
- name: Collect coverage
run: |
# We have mapped the current working directory with the service's working
# directory in Docker. This means that we can, first of all, stop the service
# via a file touch, and then collect the coverage data from the service.
#
# See the .github/utils/coverage_entrypoint.sh file for more details on the
# stopping mechanism.
touch stop_gunicorn
sleep 3 # Wait for the service to stop
mv .coverage .coverage.pytest
coverage combine --data-file=.coverage.final --rcfile=pyproject.toml .coverage.pytest .coverage.docker
coverage xml --data-file=.coverage.final --rcfile=pyproject.toml -o coverage.xml
coverage report --data-file=.coverage.final --rcfile=pyproject.toml --show-missing --skip-covered --skip-empty
- name: Upload coverage
if: github.repository_owner == 'SINTEF'
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: coverage.xml
fail_ci_if_error: true
env_vars: OS,PYTHON
flags: docker
env:
OS: ubuntu-latest
PYTHON: '3.10'
pytest:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
python_version: ["3.10", "3.11", "3.12"]
steps:
- name: Checkout ${{ github.repository }}
uses: actions/checkout@v4
- name: Setup Python ${{ matrix.python_version }}
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python_version }}
- name: Install test dependencies
run: |
python -m pip install -U pip
pip install -U setuptools wheel flit
pip install -U -e .[testing]
- name: Run pytest
run: pytest -vv --cov-report=xml
- name: Upload coverage
if: github.repository_owner == 'SINTEF'
uses: codecov/codecov-action@v3
with:
token: ${{ secrets.CODECOV_TOKEN }}
fail_ci_if_error: true
env_vars: OS,PYTHON
flags: local
env:
OS: ubuntu-latest
PYTHON: ${{ matrix.python_version }}