-
Notifications
You must be signed in to change notification settings - Fork 7
141 lines (132 loc) · 5.21 KB
/
on-code-change.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
# This workflow is triggered every time a change is pushed to any branches
# Github actions command reference: https://docs.github.com/en/actions/learn-github-actions/workflow-syntax-for-github-actions
name: On Code Change (PR)
# The workflow could also be triggered on PRs
on:
pull_request:
types: [opened, reopened, synchronize]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
update-signature:
name: Update module signature
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/update-signature@v2
with:
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
nexus_internal_releases_url: ${{ secrets.NEXUS_ENTERPRISE_RELEASES_URL }}
static-analysis:
name: Static Analysis (linting, vulns)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: Jahia/jahia-modules-action/static-analysis@v2
with:
node_version: 14
auditci_level: critical
build:
name: Build Module
needs: update-signature
runs-on: ubuntu-latest
env:
NEXUS_INTERNAL_URL: https://devtools.jahia.com/nexus/content/groups/internal/
container:
image: jahia/cimg-mvn-cache:ga_cimg_openjdk_8.0.312-node
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
steps:
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/build@v2
with:
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
module_id: content-editor
mvn_settings_filepath: '.github/maven.settings.xml'
sonar-analysis:
name: Sonar Analysis
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/sonar-analysis@v2
with:
primary_release_branch: master
github_pr_id: ${{github.event.number}}
sonar_url: ${{ secrets.SONAR_URL }}
sonar_token: ${{ secrets.SONAR_TOKEN }}
mvn_settings_filepath: '.github/maven.settings.xml'
integration-tests-standalone:
name: Integration Tests (Standalone)
needs: build
runs-on: self-hosted
timeout-minutes: 75
steps:
- uses: jahia/jahia-modules-action/helper@v2
- uses: KengoTODA/actions-setup-docker-compose@main
with:
version: '1.29.2'
- uses: actions/setup-node@v3
with:
node-version: 'lts/*'
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/integration-tests@v2
with:
module_id: content-editor
testrail_project: Content Editor
timeout_minutes: 50
tests_manifest: provisioning-manifest-build.yml
should_use_build_artifacts: true
jahia_cluster_enabled: false
should_skip_testrail: true
jahia_image: jahia/jahia-ee-dev:8.1-SNAPSHOT
github_artifact_name: content-editor-standalone-artifacts-${{ github.run_number }}
bastion_ssh_private_key: ${{ secrets.BASTION_SSH_PRIVATE_KEY_JAHIACI }}
jahia_license: ${{ secrets.JAHIA_LICENSE_8X_FULL }}
docker_username: ${{ secrets.DOCKERHUB_USERNAME }}
docker_password: ${{ secrets.DOCKERHUB_PASSWORD }}
nexus_username: ${{ secrets.NEXUS_USERNAME }}
nexus_password: ${{ secrets.NEXUS_PASSWORD }}
tests_report_name: Test report (Standalone)
testrail_username: ${{ secrets.TESTRAIL_USERNAME }}
testrail_password: ${{ secrets.TESTRAIL_PASSWORD }}
incident_pagerduty_api_key: ${{ secrets.INCIDENT_PAGERDUTY_API_KEY }}
incident_pagerduty_reporter_email: ${{ secrets.INCIDENT_PAGERDUTY_REPORTER_EMAIL }}
incident_pagerduty_reporter_id: ${{ secrets.INCIDENT_PAGERDUTY_REPORTER_ID }}
incident_google_spreadsheet_id: ${{ secrets.INCIDENT_GOOGLE_SPREADSHEET_ID }}
incident_google_client_email: ${{ secrets.INCIDENT_GOOGLE_CLIENT_EMAIL }}
incident_google_api_key_base64: ${{ secrets.INCIDENT_GOOGLE_PRIVATE_KEY_BASE64 }}
zencrepes_secret: ${{ secrets.ZENCREPES_WEBHOOK_SECRET }}
cypress_configuration_file: cypress.pull-requests.config.ts
- name: Test Report
uses: dorny/test-reporter@v1
if: success() || failure()
with:
name: Tests Report (Standalone)
path: tests/artifacts/results/xml_reports/**/*.xml
reporter: java-junit
fail-on-error: 'false'
js-checks:
name: Check Javascript dependencies and licenses
if: always()
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/dependencies-check-javascript@v2
with:
github_token: ${{ secrets.GH_API_TOKEN }}
show_checklist: 'true'
java-checks:
name: Check Java dependencies and licenses
needs: [build]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: jahia/jahia-modules-action/dependencies-check-java@v2
with:
github_token: ${{ secrets.GH_API_TOKEN }}
show_checklist: 'true'