# Boulder CI test suite workflow name: Boulder CI # Controls when the action will run. on: # Triggers the workflow on push or pull request events but only for the main branch push: branches: - main - release-branch-* pull_request: branches: - '**' # Allows you to run this workflow manually from the Actions tab workflow_dispatch: # A workflow run is made up of one or more jobs that can run sequentially or in parallel permissions: contents: read jobs: # Main test jobs. This looks like a single job, but the matrix # items will multiply it. For example every entry in the # BOULDER_TOOLS_TAG list will run with every test. If there were two # tags and 5 tests there would be 10 jobs run. b: # The type of runner that the job will run on runs-on: ubuntu-20.04 strategy: # When set to true, GitHub cancels all in-progress jobs if any matrix job fails. Default: true fail-fast: false # Test matrix. matrix: # Add additional docker image tags here and all tests will be run with the additional image. BOULDER_TOOLS_TAG: - go1.18.1_2022-05-19 # Tests command definitions. Use the entire docker-compose command you want to run. tests: # Run ./test.sh --help for a description of each of the flags. - "./t.sh --generate --make-artifacts" - "./t.sh --integration" # Testing Config Changes: # Config changes that have landed in main but not yet been applied to # production can be made in `test/config-next/.json`. # # Testing DB Schema Changes: # Database migrations in `sa/_db-next/migrations` are only performed # when `docker-compose` is called using `-f docker-compose.yml -f # docker-compose.next.yml`. - "./tn.sh --integration" - "./t.sh --unit --enable-race-detection" - "./tn.sh --unit --enable-race-detection" - "./t.sh --start-py" # gomod-vendor runs with a separate network access definition # because it needs to fetch packages from GitHub et. al., which # is incompatible with the DNS server override in the boulder # container (used for service discovery). - "docker-compose run --use-aliases netaccess ./test.sh --gomod-vendor" # This sets the docker image tag for the boulder-tools repository to # use in tests. It will be set appropriately for each tag in the list # defined in the matrix. env: BOULDER_TOOLS_TAG: ${{ matrix.BOULDER_TOOLS_TAG }} # Sequence of tasks that will be executed as part of the job. steps: # Checks out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v3 with: persist-credentials: false - name: Docker Login # You may pin to the exact commit or the version. # uses: docker/login-action@f3364599c6aa293cdc2b8391b1b56d0c30e45c8a uses: docker/login-action@v1.8.0 with: # Username used to log against the Docker registry username: ${{ secrets.DOCKER_USERNAME}} # Password or personal access token used to log against the Docker registry password: ${{ secrets.DOCKER_PASSWORD}} # Log out from the Docker registry at the end of a job logout: true continue-on-error: true # Print the env variable being used to pull the docker image. For # informational use. - name: Print BOULDER_TOOLS_TAG run: echo "Using BOULDER_TOOLS_TAG ${BOULDER_TOOLS_TAG}" # Pre-pull the docker containers before running the tests. - name: docker-compose pull run: docker-compose pull # Run the test matrix. This will run - name: "Run Test: ${{ matrix.tests }}" run: ${{ matrix.tests }} # This is a utility build job to detect if the status of any of the # above jobs have failed and fail if so. It is needed so there can be # one static job name that can be used to determine success of the job # in GitHub branch protection. boulder_ci_test_matrix_status: permissions: contents: none if: ${{ always() }} runs-on: ubuntu-latest name: Boulder CI Test Matrix needs: b steps: - name: Check boulder ci test matrix status if: ${{ needs.b.result != 'success' }} run: exit 1