Bump software.amazon.awssdk:bom from 2.25.31 to 2.25.35 #2974
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| # Language/Tool dependency versions used in this workflow: | |
| # Go: 1.20.2 | |
| # Helm: v3.10.1 | |
| # k6: v0.33.0 | |
| # Kind: v0.16.0 | |
| # Kubeconform: v0.4.10 | |
| # Kubernetes: 1.22.1 | |
| # Java: 21 | |
| on: | |
| push: | |
| branches: [ master ] | |
| tags: '*' | |
| pull_request: | |
| branches: [ master ] | |
| jobs: | |
| # Run linters on various non-Java files (node and shell) | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Install npm packages | |
| run: npm --prefix scripts/ install | |
| - name: Lint Node.js code | |
| run: npm --prefix scripts/ run lint | |
| - name: Shellcheck | |
| run: shellcheck scripts/**/*.sh | |
| # Run validations on the thunder Helm chart | |
| helm: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up helm | |
| uses: azure/setup-helm@v4 | |
| with: | |
| version: v3.5.3 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '^1.20.2' | |
| cache-dependency-path: scripts/deploy/helm/test/go.sum | |
| - name: Download kubeconform | |
| uses: engineerd/configurator@v0.0.10 | |
| with: | |
| name: "kubeconform" | |
| url: "https://github.com/yannh/kubeconform/releases/download/v0.4.10/kubeconform-linux-amd64.tar.gz" | |
| pathInArchive: "kubeconform" | |
| - name: Helm lint | |
| run: helm lint scripts/deploy/helm/thunder | |
| - name: Validate with kubeconform | |
| run: helm template scripts/deploy/helm/thunder | kubeconform -kubernetes-version 1.22.1 -summary | |
| - name: Run Terratests | |
| run: (cd scripts/deploy/helm/test; go mod tidy && go test -v) | |
| # Run the maven build | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'zulu' | |
| java-version: 21 | |
| cache: 'maven' | |
| - name: Install npm packages | |
| run: npm --prefix scripts/ install | |
| - name: Download k6 | |
| uses: engineerd/configurator@v0.0.10 | |
| with: | |
| name: "k6" | |
| url: "https://github.com/grafana/k6/releases/download/v0.33.0/k6-v0.33.0-linux-amd64.tar.gz" | |
| pathInArchive: "k6-v0.33.0-linux-amd64/k6" | |
| - name: Build with Maven | |
| run: mvn package jacoco:report | |
| - name: Upload Codecov report | |
| uses: codecov/codecov-action@v4 | |
| with: | |
| directory: . | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: thunder-artifacts | |
| path: application/target/application-*.jar | |
| # Run Docker integration tests | |
| integration-test: | |
| runs-on: ubuntu-latest | |
| needs: [build] | |
| strategy: | |
| matrix: | |
| testname: | |
| - bad-request # Load test to ensure bad requests return 400 and latency is adequate | |
| - dynamodb # Functional DynamoDB test | |
| - mongodb # Functional MongoDB test | |
| - inmemorydb # Functional In-Memory DB test | |
| - update-existing-email # Functional test to user data is not deleted on email update | |
| - argon # Functional test to ensure argon2 server-side hash works | |
| - bcrypt # Functional test to ensure bcrypt server-side hash works | |
| - sha256 # Functional test to ensure sha256 server-side hash works | |
| - disabled-email-and-swagger # Functional test to ensure disabling endpoints returns 404 | |
| - disabled-password-header # Functional test to ensure passwords are not required on disable | |
| - oauth # Functional test to ensure OAuth authentication works | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download Thunder artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: thunder-artifacts | |
| path: application/target | |
| - name: Download k6 | |
| uses: engineerd/configurator@v0.0.10 | |
| with: | |
| name: "k6" | |
| url: "https://github.com/grafana/k6/releases/download/v0.33.0/k6-v0.33.0-linux-amd64.tar.gz" | |
| pathInArchive: "k6-v0.33.0-linux-amd64/k6" | |
| - name: Run test | |
| run: ./scripts/ci/docker-integration-tests.sh ${{ matrix.testname }} | |
| # Release edge Docker image | |
| release-edge: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' | |
| needs: [integration-test] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download Thunder artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: thunder-artifacts | |
| path: application/target | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3.3.0 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3.1.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3.1.0 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Build and push edge image | |
| uses: docker/build-push-action@v5.3.0 | |
| with: | |
| context: . | |
| push: true | |
| tags: | | |
| rohannagar/thunder:edge | |
| ghcr.io/rohannagar/thunder:edge | |
| # Release tagged Docker image and create GH release | |
| release-tag: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/') | |
| needs: [ integration-test ] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Download Thunder artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: thunder-artifacts | |
| path: application/target | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3.3.0 | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3.1.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3.1.0 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_PASSWORD }} | |
| - name: Set tag number | |
| id: tag | |
| run: echo "tag_name=${GITHUB_REF#refs/tags/v}" >> $GITHUB_OUTPUT | |
| - name: Build and push release image | |
| uses: docker/build-push-action@v5.3.0 | |
| with: | |
| context: . | |
| push: true | |
| tags: | | |
| rohannagar/thunder:${{ steps.tag.outputs.tag_name }} | |
| ghcr.io/rohannagar/thunder:${{ steps.tag.outputs.tag_name }} | |
| - name: Create release notes file | |
| run: sed '/^# v${{ steps.tag.outputs.tag_name }}/,/^# v/!d;//d' CHANGELOG.md > release_body.md | |
| - name: Create GitHub Release | |
| id: create_release | |
| uses: actions/create-release@v1.1.4 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ github.ref }} | |
| release_name: ${{ github.ref }} | |
| body_path: release_body.md | |
| - name: Upload JAR to Release | |
| uses: actions/upload-release-asset@v1.0.2 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| asset_path: application/target/application-${{ steps.tag.outputs.tag_name }}.jar | |
| asset_name: application-${{ steps.tag.outputs.tag_name }}.jar | |
| asset_content_type: application/java-archive | |
| # Test that our Helm chart deploys as expected with the latest edge image | |
| test-deploy: | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'push' | |
| needs: [release-edge] | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up kubectl | |
| uses: azure/setup-kubectl@v4 | |
| - name: Set up helm | |
| uses: azure/setup-helm@v4 | |
| with: | |
| version: v3.10.1 | |
| - name: Create kind cluster | |
| uses: helm/kind-action@v1.9.0 | |
| with: | |
| version: v0.16.0 | |
| - name: Print cluster info | |
| run: kubectl cluster-info --context kind-chart-testing | |
| - name: Install chart | |
| run: helm install thunder scripts/deploy/helm/thunder --wait --timeout 2m | |
| - name: Show running pods | |
| run: kubectl get pods | |
| env: | |
| # Dummy keys to use the AWS SDK in tests | |
| AWS_ACCESS_KEY_ID: 1234567890 | |
| AWS_SECRET_ACCESS_KEY: 1234567890 |