-
Notifications
You must be signed in to change notification settings - Fork 1
160 lines (149 loc) · 6.16 KB
/
unit-tests.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
name: Unit Tests and Analysis
on:
pull_request:
types:
- opened
- reopened
- synchronize
- ready_for_review
push:
branches:
- main
paths-ignore:
- "**.md"
workflow_dispatch:
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
tests-java:
name: Integrated Tests
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-22.04
steps:
- uses: bcgov-nr/action-test-and-analyse-java@v0.1.0
name: Backend Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: backend
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-backend
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/exception/**,**/dto/**,**/entity/**,**/models/**,**/repository/**,**/*$*Builder*,**/BootApplication*
sonar_project_token: ${{ secrets.SONAR_TOKEN_BACKEND }}
- uses: bcgov-nr/action-test-and-analyse-java@v0.1.0
name: Legacy Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: legacy
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-legacy
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/exception/**,**/dto/**,**/entity/**,**/repository/**,**/*$*Builder*,**/LegacyApplication***/ApplicationConstants*
sonar_project_token: ${{ secrets.SONAR_TOKEN_LEGACY }}
- uses: bcgov-nr/action-test-and-analyse-java@v0.1.0
name: Processor Coverage
with:
commands: |
mvn -B verify -P all-tests checkstyle:checkstyle -Dcheckstyle.skip=false --file pom.xml
dir: processor
java-cache: maven
java-distribution: temurin
java-version: "17"
sonar_args: >
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=nr-forest-client_processor
-Dsonar.coverage.jacoco.xmlReportPaths=target/coverage-reports/merged-test-report/jacoco.xml
-Dsonar.java.checkstyle.reportPaths=target/checkstyle-result.xml
-Dsonar.coverage.exclusions=**/configuration/**,**/dto/**,**/entity/**,**/repository/**,**/*$*Builder*,**/ProcessApplication***/ApplicationConstant*
sonar_project_token: ${{ secrets.SONAR_TOKEN_PROCESSOR }}
- name: Archive CycloneDX
continue-on-error: true
uses: actions/upload-artifact@v3
with:
name: cyclone-backend
path: |
backend/target/bom.json
legacy/target/bom.json
processor/target/bom.json
retention-days: 5
- name: Checkstyle report
continue-on-error: true
uses: jwgmeligmeyling/checkstyle-github-action@master
with:
path: (backend|legacy|processor)/**/checkstyle-result.xml
- name: Publish Test Report
uses: mikepenz/action-junit-report@v3
continue-on-error: true
if: success() || failure() # always run even if the previous step fails
with:
report_paths: (backend|legacy|processor)/target/**/TEST-*.xml
commit: ${{ github.event.pull_request.head.sha }}
summary: Pull Request Tests for Backend
detailed_summary: true
job_name: Backend Tests
- name: Add coverage to PR
id: jacoco
continue-on-error: true
uses: madrapps/jacoco-report@v1.3
with:
paths: (backend|legacy|processor)/target/coverage-reports/merged-test-report/jacoco.xml
token: ${{ secrets.GITHUB_TOKEN }}
min-coverage-overall: 75
min-coverage-changed-files: 75
tests-frontend:
name: Frontend Unit Tests
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-22.04
steps:
- uses: bcgov-nr/action-test-and-analyse@v0.0.1
env:
VITE_BACKEND_URL: http://localhost:8080
VITE_FRONTEND_URL: http://localhost:3000
VITE_KEYCLOAK_URL:
VITE_KEYCLOAK_CLIENT_ID: 1234
VITE_NODE_ENV: openshift-dev
with:
node_version: 18
commands: |
npm ci
npm run coverage
dir: frontend
sonar_args: >
-Dsonar.exclusions=**/coverage/**,**/tests/**,**/stubs/**,**/reports/**,**/cypress/**,,**/assets/**,,**/dto/**,**/CoreConstants.ts,**/main.ts,**/routes.ts,**/sims-vue.d.ts,**/styles.ts,**/components.d.ts
-Dsonar.javascript.lcov.reportPaths=coverage/lcov.info
-Dsonar.organization=bcgov-sonarcloud
-Dsonar.projectKey=forest-client-frontend
sonar_project_token: ${{ secrets.SONAR_TOKEN_FRONTEND }}
trivy:
name: Repository Report
if: github.event_name != 'pull_request' || !github.event.pull_request.draft
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@0.10.0
with:
scan-type: "fs"
format: "sarif"
output: "trivy-results.sarif"
ignore-unfixed: true
severity: "CRITICAL,HIGH"
scanners: "vuln,secret,config"
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: "trivy-results.sarif"