Syse 360/add draft release support #45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| pull_request: | |
| push: | |
| tags: | |
| - 'v*' | |
| jobs: | |
| test-controller-api: | |
| runs-on: ubuntu-latest | |
| container: tykio/gromit:v1.8 | |
| outputs: | |
| conf: ${{ steps.params.outputs.api_conf }} | |
| db: ${{ steps.params.outputs.api_db }} | |
| cache_db: ${{ steps.params.outputs.api_cache_db }} | |
| pump: ${{ steps.params.outputs.pump }} | |
| sink: ${{ steps.params.outputs.sink }} | |
| gd_tag: ${{ steps.params.outputs.gd_tag }} | |
| versions: ${{ steps.params.outputs.versions }} | |
| exclude: ${{ steps.params.outputs.exclude }} | |
| steps: | |
| - name: set params | |
| id: params | |
| env: | |
| REPO: ${{ github.repository }} | |
| # Cover pull_request_target too | |
| BASE_REF: ${{startsWith(github.event_name, 'pull_request') && github.base_ref || github.ref}} | |
| TAGS: "master" | |
| IS_PR: ${{startsWith(github.event_name, 'pull_request') && 'yes' }} | |
| IS_TAG: ${{startsWith(github.ref, 'refs/tags') && 'yes' }} | |
| JOB: api | |
| run: gromit policy controller --loglevel debug | tee -a "$GITHUB_OUTPUT" | |
| api-tests: | |
| needs: [test-controller-api] | |
| runs-on: ubuntu-latest | |
| env: | |
| METADATA_REPORT_PATH: /tmp/metadata.toml | |
| XUNIT_REPORT_PATH: ${{ github.workspace }}/reports/pytest-report.xml | |
| permissions: | |
| id-token: write # This is required for requesting the Github JWT | |
| contents: read # This is required for actions/checkout | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| conf: ${{ fromJson(needs.test-controller-api.outputs.conf) }} | |
| db: ${{ fromJson(needs.test-controller-api.outputs.db) }} | |
| cache_db: ${{ fromJson(needs.test-controller-api.outputs.cache_db) }} | |
| pump: ${{ fromJson(needs.test-controller-api.outputs.pump) }} | |
| sink: ${{ fromJson(needs.test-controller-api.outputs.sink) }} | |
| include: | |
| - db: postgres15 | |
| markers: "and not sql" | |
| exclude: ${{ fromJson(needs.test-controller-api.outputs.exclude) }} | |
| steps: | |
| - uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::754489498669:role/ecr_rw_tyk | |
| role-session-name: cipush | |
| aws-region: eu-central-1 | |
| - id: ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| mask-password: 'true' | |
| # Only ${{ github.actor }} has access | |
| # See https://github.com/mxschmitt/action-tmate#use-registered-public-ssh-keys | |
| - name: Setup tmate session only in debug mode | |
| uses: mxschmitt/action-tmate@v3 | |
| if: runner.debug == '1' | |
| with: | |
| detached: true | |
| limit-access-to-actor: true | |
| - name: fetch env from tyk-ci | |
| uses: actions/checkout@v3 | |
| - name: env up | |
| shell: bash | |
| working-directory: auto | |
| id: env_up | |
| env: | |
| pull_policy: 'if_not_present' | |
| GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }} | |
| TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }} | |
| TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }} | |
| ECR: ${{ steps.ecr.outputs.registry }} | |
| VERSIONS: ${{ needs.test-controller-api.outputs.versions }} | |
| run: | | |
| echo "ECR=${ECR} | |
| $VERSIONS | |
| tyk_pump_image=${{matrix.pump}} | |
| tyk_sink_image=${{matrix.sink}} | |
| confs_dir=./pro-ha | |
| env_file=local-${{ matrix.db }}.env" > versions.env | |
| echo "::group::versions" | |
| cat versions.env | |
| echo "::endgroup::" | |
| # Add Tyk component config variations to $env_file | |
| cat confs/${{ matrix.conf }}.env >> local-${{ matrix.db }}.env | |
| # bring up env, the project name is important | |
| docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml -f ${{ matrix.cache_db }}.yml --env-file versions.env --profile master-datacenter up --quiet-pull -d | |
| ./dash-bootstrap.sh http://localhost:3000 | |
| docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml -f ${{ matrix.cache_db }}.yml --env-file versions.env --profile slave-datacenter up --quiet-pull -d | |
| - name: Run tests | |
| working-directory: auto | |
| id: test_execution | |
| run: | | |
| # Generate report id | |
| echo "id=$(date +%s%N)" >> $GITHUB_OUTPUT | |
| # Run tests | |
| set -o pipefail | |
| echo "### API tests ${{ matrix.db }} ${{ matrix.conf }}" >> $GITHUB_STEP_SUMMARY | |
| if docker run --rm --network auto_default --env-file pytest.env -v ${{ github.workspace }}/reports:/app/reports \ | |
| ${{ steps.ecr.outputs.registry }}/tyk-automated-tests:${{ needs.test-controller-api.outputs.gd_tag }} \ | |
| pytest -c pytest_ci.ini --junitxml=./${XUNIT_REPORT_PATH#"${{ github.workspace }}"} --ci -m "not local and not dind ${{ matrix.markers }}" | tee tests.out; then | |
| echo "All tests passed!" >> $GITHUB_STEP_SUMMARY | |
| else | |
| echo "::error title=API tests ${{ matrix.db }} ${{ matrix.conf }}::Test execution failed" | |
| cat tests.out >> $GITHUB_STEP_SUMMARY | |
| exit 1 | |
| fi | |
| - name: Docker logs for all components | |
| if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success') | |
| working-directory: auto | |
| env: | |
| pull_policy: 'if_not_present' | |
| GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }} | |
| TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }} | |
| TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }} | |
| ECR: ${{ steps.ecr.outputs.registry }} | |
| VERSIONS: ${{ needs.test-controller-api.outputs.versions }} | |
| run: | | |
| docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml -f ${{ matrix.cache_db }}.yml --env-file versions.env --profile all logs | sort > ${{ github.workspace }}/docker-compose.log | |
| echo "::group::DockerLogs" | |
| cat ${{ github.workspace }}/docker-compose.log | |
| echo "::endgroup::" | |
| - name: Upload Artifact | |
| uses: actions/upload-artifact@v4 | |
| if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success') | |
| with: | |
| name: docker-compose-logs-${{ github.job }}-${{ matrix.db }}-${{ matrix.conf }}-${{ github.run_id }} | |
| path: ${{ github.workspace }}/docker-compose.log | |
| retention-days: 3 | |
| overwrite: true | |
| test-controller-ui: | |
| runs-on: ubuntu-latest | |
| container: tykio/gromit:v1.8-alpha | |
| outputs: | |
| conf: ${{ steps.params.outputs.ui_conf }} | |
| db: ${{ steps.params.outputs.ui_db }} | |
| cache_db: ${{ steps.params.outputs.ui_cache_db }} | |
| pump: ${{ steps.params.outputs.pump }} | |
| sink: ${{ steps.params.outputs.sink }} | |
| gd_tag: ${{ steps.params.outputs.gd_tag }} | |
| versions: ${{ steps.params.outputs.versions }} | |
| exclude: ${{ steps.params.outputs.exclude }} | |
| steps: | |
| - name: set params | |
| id: params | |
| env: | |
| REPO: ${{ github.repository }} | |
| # Cover pull_request_target too | |
| BASE_REF: ${{startsWith(github.event_name, 'pull_request') && github.base_ref || github.ref}} | |
| TAGS: "master" | |
| IS_PR: ${{startsWith(github.event_name, 'pull_request') && 'yes' }} | |
| IS_TAG: ${{startsWith(github.ref, 'refs/tags') && 'yes' }} | |
| JOB: ui | |
| run: gromit policy controller --loglevel debug | tee -a "$GITHUB_OUTPUT" | |
| ui-tests: | |
| needs: [test-controller-ui] | |
| runs-on: ubuntu-latest | |
| env: | |
| METADATA_REPORT_PATH: /tmp/metadata.toml | |
| XUNIT_REPORT_PATH: ${{ github.workspace }}/tests/ui/playwright-report/results.xml | |
| permissions: | |
| id-token: write # This is required for requesting the Github JWT | |
| contents: read # This is required for actions/checkout | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| conf: ${{ fromJson(needs.test-controller-ui.outputs.conf) }} | |
| db: ${{ fromJson(needs.test-controller-ui.outputs.db) }} | |
| cache_db: ${{ fromJson(needs.test-controller-ui.outputs.cache_db) }} | |
| pump: ${{ fromJson(needs.test-controller-ui.outputs.pump) }} | |
| sink: ${{ fromJson(needs.test-controller-ui.outputs.sink) }} | |
| node-version: [18.16] | |
| include: | |
| - db: postgres15 | |
| markers: "and not sql" | |
| exclude: ${{ fromJson(needs.test-controller-ui.outputs.exclude) }} | |
| steps: | |
| - uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::754489498669:role/ecr_rw_tyk | |
| role-session-name: cipush | |
| aws-region: eu-central-1 | |
| - id: ecr | |
| uses: aws-actions/amazon-ecr-login@v2 | |
| with: | |
| mask-password: 'true' | |
| # Only ${{ github.actor }} has access | |
| # See https://github.com/mxschmitt/action-tmate#use-registered-public-ssh-keys | |
| - name: Setup tmate session only in debug mode | |
| uses: mxschmitt/action-tmate@v3 | |
| if: runner.debug == '1' | |
| with: | |
| detached: true | |
| limit-access-to-actor: true | |
| - name: fetch env from tyk-ci | |
| uses: actions/checkout@v3 | |
| - name: env up | |
| shell: bash | |
| working-directory: auto | |
| id: env_up | |
| env: | |
| pull_policy: 'if_not_present' | |
| GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }} | |
| TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }} | |
| TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }} | |
| ECR: ${{ steps.ecr.outputs.registry }} | |
| VERSIONS: ${{ needs.test-controller-ui.outputs.versions }} | |
| run: | | |
| echo "ECR=${ECR} | |
| $VERSIONS | |
| tyk_pump_image=${{matrix.pump}} | |
| tyk_sink_image=${{matrix.sink}} | |
| confs_dir=./pro-ha | |
| env_file=local-${{ matrix.db }}.env" > versions.env | |
| echo "::group::versions" | |
| cat versions.env | |
| echo "::endgroup::" | |
| # Add Tyk component config variations to $env_file | |
| cat confs/${{ matrix.conf }}.env >> local-${{ matrix.db }}.env | |
| # bring up env, the project name is important | |
| docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml -f ${{ matrix.cache_db }}.yml --env-file versions.env --profile master-datacenter up --quiet-pull -d | |
| ./dash-bootstrap.sh http://localhost:3000 | |
| docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml -f ${{ matrix.cache_db }}.yml --env-file versions.env --profile slave-datacenter up --quiet-pull -d | |
| - name: Install Node.js ${{ matrix.node-version }} | |
| uses: actions/[email protected] | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| - name: Fix private module deps | |
| env: | |
| TOKEN: '${{ secrets.ORG_GH_TOKEN }}' | |
| run: "git config --global url.\"https://${TOKEN}@github.com\".insteadOf \"https://github.com\" \n" | |
| - name: Checkout of Dashboard | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: TykTechnologies/tyk-analytics | |
| fetch-depth: 1 | |
| token: ${{ secrets.ORG_GH_TOKEN }} | |
| sparse-checkout: | | |
| tests/ui | |
| bin | |
| submodules: false | |
| - name: Install test dependecies | |
| run: | | |
| npm ci | |
| working-directory: tests/ui | |
| - name: Install Playwright Browsers | |
| run: npx playwright install --with-deps | |
| working-directory: tests/ui | |
| - name: Execute UI tests | |
| id: test_execution | |
| run: | | |
| # Generate report id | |
| echo "id=$(date +%s%N)" >> $GITHUB_OUTPUT | |
| npm run test -- --workers=3 | |
| working-directory: tests/ui | |
| env: | |
| GW_URL: 'https://localhost:8080/' | |
| NODE_TLS_REJECT_UNAUTHORIZED: 0 | |
| SLACK_AUTH_TOKEN: ${{ secrets.UI_SLACK_AUTH_TOKEN }} | |
| EVENT_TRIGGER: ${{ github.event_name }} (${{ github.actor }}) | |
| JOB_RUN_ID: ${{ github.run_id }} | |
| JOB_NAME: tyk-analytics - ${{ github.ref }} ${{ github.event.head_commit.message }} | |
| RUN_ID: 'tyk-analytics/${{ github.run_id }}' | |
| - name: Docker logs for all components | |
| if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success') | |
| working-directory: auto | |
| env: | |
| pull_policy: 'if_not_present' | |
| GH_TOKEN: ${{ secrets.ORG_GH_TOKEN }} | |
| TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }} | |
| TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }} | |
| ECR: ${{ steps.ecr.outputs.registry }} | |
| VERSIONS: ${{ needs.test-controller-ui.outputs.versions }} | |
| run: | | |
| docker compose -p auto -f pro-ha.yml -f deps_pro-ha.yml -f ${{ matrix.db }}.yml -f ${{ matrix.cache_db }}.yml --env-file versions.env --profile all logs | sort > ${{ github.workspace }}/docker-compose.log | |
| echo "::group::DockerLogs" | |
| cat ${{ github.workspace }}/docker-compose.log | |
| echo "::endgroup::" | |
| - name: Upload Artifact | |
| uses: actions/upload-artifact@v4 | |
| if: failure() && (steps.test_execution.outcome != 'success' || steps.env_up.outcome != 'success') | |
| with: | |
| name: docker-compose-logs-${{ github.job }}-${{ matrix.db }}-${{ matrix.conf }}-${{ github.run_id }} | |
| path: ${{ github.workspace }}/docker-compose.log | |
| retention-days: 3 | |
| overwrite: true | |
| release: | |
| if: github.event_name != 'pull_request' | |
| runs-on: ubuntu-latest | |
| needs: [api-tests,ui-tests] | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: CI env | |
| run: | |
| tar czf ci-env.tgz auto/ | |
| - uses: softprops/action-gh-release@v1 | |
| with: | |
| token: ${{ secrets.ORG_GH_TOKEN }} | |
| name: ${{ github.ref_name }} | |
| tag_name: ${{ github.ref_name }} | |
| draft: ${{ endsWith(github.ref_name, '-rc') || endsWith(github.ref_name, '-alpha') || endsWith(github.ref_name, '-beta') }} | |
| body_path: auto/release.md | |
| files: ci-env.tgz |