removing unused events #15
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Worker CI | |
| on: | |
| push: | |
| tags: | |
| - production-* | |
| - self-hosted-* | |
| branches: | |
| - main | |
| - staging | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| env: | |
| AR_REPO: ${{ secrets.CODECOV_WORKER_IMAGE_V2 || 'codecov/self-hosted-worker' }} | |
| jobs: | |
| lint: | |
| name: Run Lint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| make lint.install | |
| - name: Check | |
| run: | | |
| make lint.check | |
| build: | |
| name: Build Worker | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - id: "auth" | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| name: "Authenticate to Google Cloud" | |
| uses: "google-github-actions/[email protected]" | |
| with: | |
| token_format: "access_token" | |
| workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} | |
| service_account: ${{ secrets.CODECOV_GCP_WIDSA }} | |
| - name: Docker configuration | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: |- | |
| echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev | |
| - name: Cache Requirements | |
| id: cache-requirements | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-requirements | |
| with: | |
| path: | | |
| requirements.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ hashFiles('**/requirements.txt') }}-${{ hashFiles('**/docker/Dockerfile.requirements') }} | |
| restore-keys: | | |
| ${{ runner.os }}-worker-${{ env.cache-name }}- | |
| - name: Cache App | |
| id: cache-app | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-app | |
| with: | |
| path: | | |
| app.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load requirements from cache | |
| if: ${{ steps.cache-requirements.outputs.cache-hit == 'true' }} | |
| run: | | |
| make load.requirements | |
| - name: Build/pull requirements | |
| if: ${{ steps.cache-requirements.outputs.cache-hit != 'true' }} | |
| run: | | |
| make build.requirements | |
| make save.requirements | |
| - name: Push Requirements | |
| if: ${{ steps.cache-requirements.outputs.cache-hit != 'true' && github.repository_owner == 'codecov' }} | |
| run: | | |
| make push.requirements | |
| - name: Build app | |
| run: | | |
| make build.app | |
| make save.app | |
| codecovstartup: | |
| name: Codecov Startup | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 2 | |
| - name: Install CLI | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: | | |
| make test_env.install_cli | |
| - name: Run Startup | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| env: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_ORG_TOKEN }} | |
| run: | | |
| codecovcli create-commit --fail-on-error | |
| codecovcli create-report --fail-on-error | |
| - name: Run Startup Staging | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: | | |
| codecovcli -u ${{ secrets.CODECOV_STAGING_URL }} create-commit -t ${{ secrets.CODECOV_ORG_TOKEN_STAGING }} --fail-on-error | |
| codecovcli -u ${{ secrets.CODECOV_STAGING_URL }} create-report -t ${{ secrets.CODECOV_ORG_TOKEN_STAGING }} --fail-on-error | |
| - name: Run Startup QA | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: | | |
| codecovcli -u ${{ secrets.CODECOV_QA_URL }} create-commit -t ${{ secrets.CODECOV_QA_TOKEN }} --fail-on-error | |
| codecovcli -u ${{ secrets.CODECOV_QA_URL }} create-report -t ${{ secrets.CODECOV_QA_TOKEN }} --fail-on-error | |
| - name: Run Startup Public QA | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: | | |
| codecovcli -u ${{ secrets.CODECOV_PUBLIC_QA_URL }} create-commit -t ${{ secrets.CODECOV_PUBLIC_QA_TOKEN }} --fail-on-error | |
| codecovcli -u ${{ secrets.CODECOV_PUBLIC_QA_URL }} create-report -t ${{ secrets.CODECOV_PUBLIC_QA_TOKEN }} --fail-on-error | |
| ats: | |
| name: ATS | |
| needs: [build, codecovstartup] | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache App | |
| id: cache-app | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-app | |
| with: | |
| path: | | |
| app.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load built image | |
| run: | | |
| docker load --input app.tar | |
| make tag.latest | |
| - name: Install docker compose | |
| run: | | |
| sudo curl -SL https://github.com/docker/compose/releases/download/v2.20.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose | |
| sudo chmod +x /usr/local/bin/docker-compose | |
| - name: Bring test env up | |
| run: | | |
| make test_env.up | |
| - name: Prepare for tests | |
| run: | | |
| make test_env.prepare | |
| make test_env.check_db | |
| - name: Run Static Analysis | |
| run: | | |
| make test_env.static_analysis CODECOV_STATIC_TOKEN=${{ secrets.STATIC_TOKEN }} | |
| - name: Run Label Analysis | |
| run: | | |
| make test_env.label_analysis CODECOV_STATIC_TOKEN=${{ secrets.STATIC_TOKEN }} TIMESERIES_ENABLED=false | |
| - name: Run ATS | |
| run: | | |
| make test_env.ats CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_ORG_TOKEN }} | |
| test: | |
| name: Test | |
| needs: [build, codecovstartup] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache App | |
| id: cache-app | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-app | |
| with: | |
| path: | | |
| app.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load built image | |
| run: | | |
| docker load --input app.tar | |
| - name: Install docker compose | |
| run: | | |
| sudo curl -SL https://github.com/docker/compose/releases/download/v2.20.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose | |
| sudo chmod +x /usr/local/bin/docker-compose | |
| - name: Bring test env up | |
| run: | | |
| make test_env.up | |
| - name: Prepare for tests | |
| run: | | |
| make test_env.prepare | |
| make test_env.check_db | |
| - name: Run unit tests | |
| run: | | |
| make test_env.run_unit | |
| - name: Run integration tests | |
| run: | | |
| make test_env.run_integration | |
| ## Don't upload on forks for now. | |
| - name: upload using codecovcli | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: | | |
| make test_env.upload CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_ORG_TOKEN }} | |
| - name: upload using codecovcli staging | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: | | |
| make test_env.upload CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_ORG_TOKEN_STAGING }} CODECOV_URL=${{ secrets.CODECOV_STAGING_URL }} | |
| - name: upload using codecovcli qa | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: | | |
| make test_env.upload CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_QA_TOKEN }} CODECOV_URL=${{ secrets.CODECOV_QA_URL }} | |
| - name: upload using codecovcli public qa | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| run: | | |
| make test_env.upload CODECOV_UPLOAD_TOKEN=${{ secrets.CODECOV_PUBLIC_QA_TOKEN }} CODECOV_URL=${{ secrets.CODECOV_PUBLIC_QA_URL }} | |
| mutation: | |
| name: Run Mutations | |
| needs: [build] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache App | |
| id: cache-app | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-app | |
| with: | |
| path: | | |
| app.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load built image | |
| run: | | |
| docker load --input app.tar | |
| - name: Install docker compose | |
| run: | | |
| sudo curl -SL https://github.com/docker/compose/releases/download/v2.20.0/docker-compose-linux-x86_64 -o /usr/local/bin/docker-compose | |
| sudo chmod +x /usr/local/bin/docker-compose | |
| - name: Bring test env up | |
| run: | | |
| make test_env.up | |
| - name: Prepare for tests | |
| run: | | |
| make test_env.prepare | |
| - name: Run mutations | |
| run: | | |
| make test_env.run_mutation | |
| build-self-hosted: | |
| name: Build Self Hosted Worker | |
| runs-on: ubuntu-latest | |
| needs: [build, test] | |
| if: ${{ !github.event.pull_request.head.repo.fork && github.repository_owner == 'codecov' }} | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - id: "auth" | |
| name: "Authenticate to Google Cloud" | |
| uses: "google-github-actions/[email protected]" | |
| with: | |
| token_format: "access_token" | |
| workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} | |
| service_account: ${{ secrets.CODECOV_GCP_WIDSA }} | |
| - name: Docker configuration | |
| run: |- | |
| echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev | |
| - name: Cache Requirements | |
| id: cache-requirements | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-requirements | |
| with: | |
| path: | | |
| requirements.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ hashFiles('**/requirements.txt') }}-${{ hashFiles('**/docker/Dockerfile.requirements') }} | |
| restore-keys: | | |
| ${{ runner.os }}-worker-${{ env.cache-name }}- | |
| - name: Cache Self hosted | |
| id: cache-self-hosted | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-self-hosted | |
| with: | |
| path: | | |
| self-hosted-runtime.tar | |
| self-hosted.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load requirements from cache | |
| if: ${{ steps.cache-requirements.outputs.cache-hit == 'true' }} | |
| run: | | |
| make load.requirements | |
| - name: Build/pull requirements | |
| if: ${{ steps.cache-requirements.outputs.cache-hit != 'true' }} | |
| run: | | |
| make build.requirements | |
| - name: Build self hosted | |
| run: | | |
| make build.self-hosted | |
| make save.self-hosted | |
| - name: Build self hosted runtime | |
| run: | | |
| make build.self-hosted-runtime | |
| make save.self-hosted-runtime | |
| staging: | |
| name: Push Staging Image | |
| needs: [build, test] | |
| if: ${{ github.event.pull_request.merged == true && github.head_ref == 'main' && github.repository_owner == 'codecov' }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache App | |
| id: cache-app | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-app | |
| with: | |
| path: | | |
| app.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load built image | |
| run: | | |
| docker load --input app.tar | |
| - id: "auth" | |
| name: "Authenticate to Google Cloud" | |
| uses: "google-github-actions/[email protected]" | |
| with: | |
| token_format: "access_token" | |
| workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} | |
| service_account: ${{ secrets.CODECOV_GCP_WIDSA }} | |
| - name: Docker configuration | |
| run: |- | |
| echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev | |
| - name: Push staging | |
| run: | | |
| make tag.staging | |
| make push.staging | |
| - name: Create Sentry release | |
| uses: getsentry/action-release@v1 | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.CODECOV_SENTRY_RELEASE_TOKEN }} | |
| SENTRY_ORG: ${{ secrets.CODECOV_SENTRY_ORG }} | |
| SENTRY_PROJECT: ${{ secrets.CODECOV_WORKER_SENTRY_PROJECT }} | |
| with: | |
| environment: staging | |
| production: | |
| name: Push Production Image | |
| needs: [ build, test ] | |
| if: ${{ github.event.pull_request.merged == true && startsWith(github.ref, 'refs/tags/production') && github.repository_owner == 'codecov' }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache App | |
| id: cache-app | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-app | |
| with: | |
| path: | | |
| app.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load built image | |
| run: | | |
| docker load --input app.tar | |
| docker image ls -a | |
| - id: "auth" | |
| name: "Authenticate to Google Cloud" | |
| uses: "google-github-actions/[email protected]" | |
| with: | |
| token_format: "access_token" | |
| workload_identity_provider: ${{ secrets.CODECOV_GCP_WIDP }} | |
| service_account: ${{ secrets.CODECOV_GCP_WIDSA }} | |
| - name: Docker configuration | |
| run: |- | |
| echo ${{steps.auth.outputs.access_token}} | docker login -u oauth2accesstoken --password-stdin https://us-docker.pkg.dev | |
| - name: Push production | |
| run: | | |
| make tag.production | |
| make tag.latest | |
| make push.production | |
| make push.latest | |
| - name: Create Sentry release | |
| uses: getsentry/action-release@v1 | |
| env: | |
| SENTRY_AUTH_TOKEN: ${{ secrets.CODECOV_SENTRY_RELEASE_TOKEN }} | |
| SENTRY_ORG: ${{ secrets.CODECOV_SENTRY_ORG }} | |
| SENTRY_PROJECT: ${{ secrets.CODECOV_WORKER_SENTRY_PROJECT }} | |
| with: | |
| environment: production | |
| self-hosted: | |
| name: Push Self Hosted Image | |
| needs: [ build-self-hosted, test ] | |
| if: ${{ github.event.pull_request.merged == true && github.head_ref == 'main' && github.repository_owner == 'codecov' }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache Self hosted | |
| id: cache-self-hosted | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-self-hosted | |
| with: | |
| path: | | |
| self-hosted-runtime.tar | |
| self-hosted.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load built image | |
| run: | | |
| docker load --input self-hosted-runtime.tar | |
| docker load --input self-hosted.tar | |
| - name: Log in to Docker Hub | |
| uses: docker/[email protected] | |
| with: | |
| username: ${{ secrets.CODECOV_DEVOPS_DOCKER_USERNAME }} | |
| password: ${{ secrets.CODECOV_DEVOPS_DOCKER_PASSWORD }} | |
| - name: Push self hosted rolling | |
| run: | | |
| make tag.self-hosted-rolling | |
| make push.self-hosted-rolling | |
| self-hosted-release: | |
| name: Push Self Hosted Release Image | |
| needs: [ build-self-hosted, test ] | |
| if: ${{ github.event.pull_request.merged == true && startsWith(github.ref, 'refs/tags/self-hosted') && github.repository_owner == 'codecov' }} | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: 'read' | |
| id-token: 'write' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Cache Self hosted | |
| id: cache-self-hosted | |
| uses: actions/cache@v3 | |
| env: | |
| cache-name: cache-worker-self-hosted | |
| with: | |
| path: | | |
| self-hosted-runtime.tar | |
| self-hosted.tar | |
| key: ${{ runner.os }}-worker-${{ env.cache-name }}-${{ github.run_id }} | |
| - name: Load built image | |
| run: | | |
| docker load --input self-hosted-runtime.tar | |
| docker load --input self-hosted.tar | |
| - name: Log in to Docker Hub | |
| uses: docker/[email protected] | |
| with: | |
| username: ${{ secrets.CODECOV_DEVOPS_DOCKER_USERNAME }} | |
| password: ${{ secrets.CODECOV_DEVOPS_DOCKER_PASSWORD }} | |
| - name: Push self hosted release | |
| run: | | |
| make tag.self-hosted | |
| make push.self-hosted |