Add specs-report on CI #1146
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Runs on every commit to main. This is the main CI job; it runs in MacOS and Ubuntu environments which: | |
# * Build | |
# * Run tests | |
# | |
# In the Ubuntu environment only, to avoid double uploads from MacOS, it also: | |
# * Uploads Test reports to BuildKite | |
# * Uploads Coverage reports to CodeCov | |
# * Uploads Test Vectors reports to the SDK Report Runner | |
# * Publishes (deploys) to TBD's Artifactory instance as version commit-$shortSHA-SNAPSHOT | |
# | |
# If triggered from workflow_dispatch, you may select a branch or tag to | |
# deploy as an internal "release" (or SNAPSHOT, depending upon the version in the POM) | |
# to TBD's Artifactory instance by not specifying a version. | |
name: SDK Kotlin CI | |
on: | |
workflow_dispatch: | |
inputs: | |
version: | |
description: 'Version to publish. For example "1.0.0-SNAPSHOT". If not supplied, will default to version specified in the POM. Must end in "-SNAPSHOT".' | |
required: false | |
default: "0.0.0-SNAPSHOT" | |
push: | |
branches: | |
- main | |
pull_request: | |
branches: | |
- main | |
jobs: | |
# On MacOS we only build, test, and verify | |
build-test-macos: | |
runs-on: macOS-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
# https://cashapp.github.io/hermit/usage/ci/ | |
- name: Init Hermit | |
uses: cashapp/activate-hermit@v1 | |
with: | |
cache: true | |
- name: hash test inputs | |
run: | | |
if ! which sha256sum; then brew install coreutils; fi | |
sha256sum $(find test-vectors -name '*.json') > test-vector-hashes.txt | |
- name: Build, Test, and Verify | |
run: | | |
# Maven "test" lifecycle will build and test only on MacOS | |
mvn test | |
# On Ubuntu we build, test, verify, and deploy: Code Coverage, Test Vectors, and SNAPSHOT artifacts to TBD Artifactory | |
build-test-deploy-snapshot-ubuntu: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
submodules: true | |
# https://cashapp.github.io/hermit/usage/ci/ | |
- name: Init Hermit | |
uses: cashapp/activate-hermit@v1 | |
with: | |
cache: true | |
- name: hash test inputs | |
run: | | |
if ! which sha256sum; then brew install coreutils; fi | |
sha256sum $(find test-vectors -name '*.json') > test-vector-hashes.txt | |
- name: Resolve Snapshot Version | |
id: resolve_version | |
run: | | |
# Version resolution: use provided | |
if [ -n "${{ github.event.inputs.version }}" ]; then | |
resolvedVersion=${{ github.event.inputs.version }} | |
# Otherwise, construct a version for deployment in form X.Y.Z-commit-$shortSHA-SNAPSHOT | |
else | |
longSHA=$(git rev-parse --verify HEAD) | |
shortSHA=$(echo "${longSHA:0:7}") | |
resolvedVersion="commit-$shortSHA-SNAPSHOT" | |
echo "Requesting deployment as version: $resolvedVersion" | |
fi | |
# Postcondition check; only allow this to proceed if we have a version ending in "-SNAPSHOT" | |
if [[ ! "$resolvedVersion" =~ -SNAPSHOT$ ]]; then | |
echo "Error: The version does not end with \"-SNAPSHOT\": $resolvedVersion" | |
exit 1 | |
fi | |
echo "Resolved SNAPSHOT Version: $resolvedVersion" | |
echo "resolved_version=$resolvedVersion" >> $GITHUB_OUTPUT | |
- name: Run Tests | |
id: tests | |
run: mvn test | |
- name: Execute Spec Test Vector Report | |
if: always() && steps.tests.conclusion != 'skipped' | |
uses: TBD54566975/sdk-report-runner/.github/actions/specs-report@leordev/specs-report-fix-web5 | |
with: | |
junit-report-paths: "**/target/surefire-reports/*TestVectors*.xml" | |
spec-path: web5-spec | |
suite-name-regex: Web5TestVectors | |
feature-regex: Web5TestVectors(\w+) | |
vector-regex: (\w+) | |
fail-on-missing-vectors: true | |
fail-on-failed-test-cases: true | |
comment-on-pr: true | |
git-token: ${{ secrets.GITHUB_TOKEN }} | |
- name: Build, Test, and Deploy to TBD Artifactory | |
run: | | |
# Set newly resolved version in POM config | |
mvn \ | |
versions:set \ | |
--batch-mode \ | |
-DnewVersion=${{ steps.resolve_version.outputs.resolved_version }} | |
# Only attempt to publish artifact if we have credentials | |
if [ -n "${{ secrets.ARTIFACTORY_PASSWORD }}" ]; then | |
# Maven deploy lifecycle will build, run tests, verify, sign, and deploy | |
mvn deploy --batch-mode --settings .maven_settings.xml -P sign-artifacts | |
else | |
# Otherwise, Maven verify lifecycle will build, run tests, and verify | |
mvn verify --batch-mode | |
fi | |
env: | |
ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} | |
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} | |
SIGN_KEY_PASS: ${{ secrets.GPG_SECRET_PASSPHRASE }} | |
SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }} | |
- name: Upload Vector test results | |
uses: actions/upload-artifact@v3 | |
with: | |
name: test-results | |
path: | | |
**/target/surefire-reports/*TestVectors*.xml | |
test-vector-hashes.txt | |
- name: Upload coverage reports to Codecov | |
uses: codecov/codecov-action@v4 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
verbose: true | |
flags: ${{ runner.os }} | |
- name: Upload JUnit tests report | |
uses: actions/upload-artifact@v3 | |
with: | |
name: tests-report-junit | |
path: | | |
**/target/surefire-reports/*.xml | |
- name: Generate an access token to trigger downstream repo | |
uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 | |
id: generate_token | |
if: github.ref == 'refs/heads/main' | |
with: | |
app-id: ${{ secrets.CICD_ROBOT_GITHUB_APP_ID }} | |
private-key: ${{ secrets.CICD_ROBOT_GITHUB_APP_PRIVATE_KEY }} | |
owner: TBD54566975 | |
repositories: sdk-report-runner | |
- name: Trigger sdk-report-runner report build | |
if: github.ref == 'refs/heads/main' | |
run: | | |
curl -L \ | |
-H "Authorization: Bearer ${APP_TOKEN}" \ | |
-H "X-GitHub-Api-Version: 2022-11-28" \ | |
-H "Content-Type: application/json" \ | |
--fail \ | |
--data '{"ref": "main"}' \ | |
https://api.github.com/repos/TBD54566975/sdk-report-runner/actions/workflows/build-report.yaml/dispatches | |
env: | |
APP_TOKEN: ${{ steps.generate_token.outputs.token }} | |
# Ensure both MacOS and Ubuntu build/test jobs succeeded | |
confirm-successful-build-and-tests: | |
# Wait on both jobs to succeed | |
needs: [build-test-macos, build-test-deploy-snapshot-ubuntu] | |
runs-on: ubuntu-latest | |
steps: | |
- name: Log Success | |
run: | | |
echo "Builds for MacOS and Ubuntu succeeded." |