Full Connected Service Tests #714
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This workflow will build a Java project with Gradle | |
# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-gradle | |
name: Full Connected Service Tests | |
on: | |
schedule: | |
- cron: '0 8 * * *' # Run nightly at 3AM ET | |
workflow_dispatch: {} | |
jobs: | |
test-job: | |
runs-on: ubuntu-latest | |
# A note on our use of a matrix here: | |
# Github workflows don't really support reusing code very well. Every workflow runs on a clean | |
# instance, so we can't share a setup workflow. We could write a custom action, but you can't | |
# call an action from another action, and they also don't have access to secrets. | |
# Github also doesn't support yaml anchors (https://github.community/t/support-for-yaml-anchors/), | |
# so we're using a matrix. | |
strategy: | |
fail-fast: false | |
matrix: | |
gradleTask: [unitTest, connectedTest, connectedPlusTest, azureUnitTest, awsUnitTest] | |
steps: | |
- name: Checkout current code | |
uses: actions/checkout@v3 | |
with: | |
# fetch full history for sonar | |
fetch-depth: 0 | |
- name: Set up JDK | |
uses: actions/setup-java@v3 | |
with: | |
distribution: 'temurin' | |
java-version: 17 | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@v3 | |
- name: Write credentials | |
id: write-credentials | |
uses: ./.github/actions/write-credentials | |
with: | |
user-delegated-sa-b64: ${{ secrets.USER_DELEGATED_SA_DEV }} | |
buffer-client-sa-b64: ${{ secrets.BUFFER_CLIENT_SA_DEV }} | |
testrunner-sa-b64: ${{ secrets.TESTRUNNER_SA_DEV }} | |
testrunner-k8s-sa-b64: ${{ secrets.TESTRUNNER_K8S_SA_DEV }} | |
wsm-sa-b64: ${{ secrets.WSM_SA_DEV }} | |
janitor-sa-b64: ${{ secrets.JANITOR_SA_DEV }} | |
policy-client-sa-b64: ${{ secrets.POLICY_CLIENT_SA_DEV }} | |
- name: Store az creds | |
id: store-az-creds | |
run: | | |
WSM_AZURE_PUBLISHER_CLIENT_ID=${{ secrets.WSM_AZURE_PUBLISHER_CLIENT_ID }} | |
echo ::add-mask::$WSM_AZURE_PUBLISHER_CLIENT_ID | |
WSM_AZURE_PUBLISHER_CLIENT_SECRET_ID=${{ secrets.WSM_AZURE_PUBLISHER_CLIENT_SECRET_ID }} | |
echo ::add-mask::$WSM_AZURE_PUBLISHER_CLIENT_SECRET_ID | |
WSM_AZURE_PUBLISHER_TENANT_ID=${{ secrets.WSM_AZURE_PUBLISHER_TENANT_ID }} | |
echo ::add-mask::$WSM_AZURE_PUBLISHER_TENANT_ID | |
echo wsm-azure-publisher-client-id=$WSM_AZURE_PUBLISHER_CLIENT_ID >> ${GITHUB_OUTPUT} | |
echo wsm-azure-publisher-client-secret-id=$WSM_AZURE_PUBLISHER_CLIENT_SECRET_ID >> ${GITHUB_OUTPUT} | |
echo wsm-azure-publisher-tenant-id=$WSM_AZURE_PUBLISHER_TENANT_ID >> ${GITHUB_OUTPUT} | |
# Turn on TPS and store AZ credentials for connected tests | |
- name: Write config | |
id: write-config | |
run: | | |
cat << EOF > "config/local-properties.yml" | |
workspace: | |
policy: | |
base-path: https://tps.dsde-dev.broadinstitute.org/ | |
cli: | |
server-name: broad-dev | |
azure: | |
managed-app-client-id: "${{ steps.store-az-creds.outputs.wsm-azure-publisher-client-id }}" | |
managed-app-client-secret: "${{ steps.store-az-creds.outputs.wsm-azure-publisher-client-secret-id }}" | |
managed-app-tenant-id: "${{ steps.store-az-creds.outputs.wsm-azure-publisher-tenant-id }}" | |
feature: | |
tps-enabled: true | |
temporary-grant-enabled: true | |
EOF | |
# Run tests | |
- name: Run tests | |
env: | |
PRINT_STANDARD_STREAMS: please | |
TEST_ENV: local | |
run: ./gradlew :service:${{ matrix.gradleTask }} --scan | |
- name: SonarQube scan | |
run: ./gradlew --build-cache :service:sonarqube | |
env: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: "Notify QA Slack" | |
if: always() && (steps.set-env-step.outputs.test-env == 'alpha' || steps.set-env-step.outputs.test-env == 'staging') | |
uses: broadinstitute/[email protected] | |
# see https://github.com/broadinstitute/action-slack | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
MATRIX_CONTEXT: ${{ toJson(matrix) }} | |
with: | |
status: ${{ job.status }} | |
channel: "#dsde-qa" | |
username: "Workspace Manager ${{ steps.set-env-step.outputs.test-env }} tests" | |
author_name: "Workspace Manager ${{ steps.set-env-step.outputs.test-env }} ${{ matrix.gradleTask }}" | |
fields: repo,job,workflow,commit,eventName,author,took | |
- name: "Notify WSM Slack" | |
# post to WSM Slack when a run fails | |
if: failure() | |
uses: broadinstitute/[email protected] | |
# see https://github.com/broadinstitute/action-slack | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
MATRIX_CONTEXT: ${{ toJson(matrix) }} | |
with: | |
status: ${{ job.status }} | |
channel: "#dsp-workspaces-test-alerts" | |
username: "WSM full service test branch" | |
author_name: "${{ matrix.gradleTask }}" | |
icon_emoji: ":bangbang:" | |
fields: job, commit |