-
Notifications
You must be signed in to change notification settings - Fork 144
194 lines (179 loc) · 9.81 KB
/
reusable-build-test-push.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
name: Reusable Build Workflow
on:
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputsinput_idtype
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_callinputs
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#onworkflow_call
# https://docs.github.com/en/actions/using-workflows/reusing-workflows
workflow_call:
inputs:
tests-path:
description: Tests path
required: false
default: ''
type: string
coverage-exclude:
description: Coverage exclude filter
default: "[BuildingBlocks.*]*%2c[FoodDelivery.Services.Shared]*"
type: string
unit-test-filter:
description: Unit tests filter
default: "(Category=Unit&FullyQualifiedName~UnitTests&FullyQualifiedName~FoodDelivery.Services)"
type: string
integration-test-filter:
description: Integration tests filter
default: "(Category=Integration&FullyQualifiedName~IntegrationTests&FullyQualifiedName~FoodDelivery.Services)|(Category=EndToEnd&FullyQualifiedName~EndToEndTests)"
type: string
project-path:
description: Project path
required: true
type: string
service-name:
description: Service name
type: string
required: true
docker-file-path:
description: Docker file path
type: string
required: true
registry:
description: Docker registry
type: string
default: "ghcr.io"
registry-endpoint:
description: Docker registry endpoint
type: string
default: ${{ github.repository }}
branches:
description: Branches to generate application version
type: string
default: '["main", "develop", "beta", "preview", "devops/ci"]'
jobs:
build-test-push:
# https://github.com/actions/runner-images/blob/main/images/linux/Ubuntu2204-Readme.md
# https://docs.github.com/en/actions/using-github-hosted-runners/about-github-hosted-runners
runs-on: ubuntu-latest
# https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
# https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idpermissions
# https://docs.github.com/en/packages/managing-github-packages-using-github-actions-workflows/publishing-and-installing-a-package-with-github-actions#upgrading-a-workflow-that-accesses-ghcrio
## https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository
## https://docs.github.com/en/actions/using-workflows/reusing-workflows
# The GITHUB_TOKEN permissions passed from the caller workflow can be only downgraded in called workflow
permissions:
packages: write # for publishing packages
pull-requests: write # app-version pull request
contents: write # for pushing in dry-run mode
checks: write # for test-reporter
#https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategyfail-fast
continue-on-error: false
steps:
# https://docs.github.com/en/actions/learn-github-actions/contexts#github-context
# The `default working directory` on the runner for `steps`, and the default location of your repository when using the checkout action
# it is `defualt root path` if we don't specify a working directory
- name: Ls default workspace for steps
run: ls -R ${{ github.workspace }}
# https://docs.github.com/en/actions/learn-github-actions/variables#using-contexts-to-access-variable-values
- name: Job Info
run: |
echo "job name is: ${{ github.job }}"
echo "actor is: ${{ github.actor }}"
echo workspace is: ${{ github.workspace }}
echo "is workflow_dispatch event? ${{ github.event_name == 'workflow_dispatch' }}"
echo "is push event? ${{ github.event_name == 'push' }}"
echo "is pull request event? ${{ github.event_name == 'pull_request' }}"
echo "pull_request.head.ref is: ${{ github.event.pull_request.head.ref }}"
echo "github.ref_name is: ${{ github.ref_name }}"
echo "github.ref is: ${{ github.ref }}"
echo "github.head_ref is: ${{ github.head_ref }}"
echo "project-path is: ${{ inputs.project-path }}"
echo "tests-path is: ${{ inputs.tests-path }}"
# https://github.com/cycjimmy/semantic-release-action/issues/6
# https://github.com/actions/checkout#push-a-commit-using-the-built-in-token
# https://stackoverflow.com/questions/750172/how-do-i-change-the-author-and-committer-name-email-for-multiple-commits
# https://github.com/semantic-release/semantic-release/issues/1208
# https://github.com/orgs/community/discussions/26560
# https://blog.pother.ca/github-actions-workflow_run-event/
# https://stackoverflow.com/questions/63343937/how-to-use-the-github-actions-workflow-run-event
# https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#workflow_run
# https://github.com/semantic-release/semantic-release/blob/b9b5c7689f0acdfdc079c839db0fcf78339745e2/index.js#L92
## https://github.com/actions/checkout/issues/439#issuecomment-965968956
# get latest remote change because sematic-release in `verifyConditions` event checks local branch has latest remote branch changes, for preventing: The local branch `something` is behind the remote one, therefore a new version won't be published.
# By default checkout@v3, will check branch on ref/SHA that triggered in starting workflow, so if inner a job in the workflow we change HEAD of repository by changing code, subsequent jobs don't get these commits and they get ref/SHA that triggered in starting workflow
# we can't create a `composite-action` for `checkout` because for finding composite-action locally with relative path, repository should be `checkout` first
- name: Check out code
uses: actions/checkout@v3
with:
# https://github.com/actions/checkout#fetch-all-history-for-all-tags-and-branches
# Only a single commit is fetched by default, for the ref/SHA that triggered the workflow. Set fetch-depth: 0 to fetch all history for all branches and tags
fetch-depth: 0
repository: ${{ github.repository }}
token: ${{ secrets.GITHUB_TOKEN }}
# set ref to 'github.ref' works correctly with both pull_requests event and push event and this is default behavior checkout action when we don't use ref attribute
ref: ${{ github.ref }}
- run: |
git config user.name 'github-actions[bot]'
git config user.email 'github-actions[bot]@users.noreply.github.com'
shell: bash
- name: Call Composite Action formatting
if: success()
uses: ./.github/actions/formatting
with:
formatting-tool: csharpier
- name: Call Composite Action app-version
uses: ./.github/actions/app-version
if: success()
id: app-version-step
with:
supported-branches: ${{ inputs.branches }}
service-name: ${{ inputs.service-name }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Call Composite Action build-test
uses: ./.github/actions/build-test
if: success()
id: build-test-step
with:
application-version: ${{ steps.app-version-step.outputs.application-version }}
project-path: ${{ inputs.project-path }}
tests-path: ${{ inputs.tests-path }}
unit-test-filter: ${{ inputs.unit-test-filter }}
integration-test-filter: ${{ inputs.integration-test-filter }}
coverage-exclude: ${{ inputs.coverage-exclude }}
# wildcard search for files with the ".cobertura.xml" extension in all subdirectories of the current directory
# https://www.jamescroft.co.uk/combining-multiple-code-coverage-results-in-azure-devops/
# https://stackoverflow.com/questions/53255065/dotnet-unit-test-with-coverlet-how-to-get-coverage-for-entire-solution-and-not
reports-path: ${{ github.workspace }}/**/*.cobertura.xml
reports-output-path: ${{ github.workspace }}/output/test-results
service-name: ${{ inputs.service-name }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Call Composite Action publish
uses: ./.github/actions/publish-app
if: success()
id: publish-step
with:
application-version: ${{ steps.app-version-step.outputs.application-version }}
service-name: ${{ inputs.service-name }}
project-path: ${{ inputs.project-path }}
token: ${{ secrets.GITHUB_TOKEN }}
no-restore: true
- name: Call Composite Action docker-build-push
uses: ./.github/actions/docker-build-push
if: success()
id: docker-build-push-step
with:
application-version: ${{ steps.app-version-step.outputs.application-version }}
registry-endpoint: ${{ inputs.registry-endpoint }}
docker-file-path: ${{ inputs.docker-file-path }}
registry: ${{ inputs.registry}}
registry-username: ${{ github.actor }}
registry-password: ${{ secrets.GITHUB_TOKEN }}
service-name: ${{ inputs.service-name }}
- name: Save CD Status
if: success()
shell: bash
run: echo "true" > cd_status.txt
- name: Upload CD Status artifact
if: success()
uses: actions/upload-artifact@v2
with:
name: ${{ inputs.service-name}}_cd_status_artifacts
path: cd_status.txt