Skip to content

PoP CI

PoP CI #8906

Workflow file for this run

name: PoP CI
on:
push:
branches:
- master
pull_request:
types:
- opened
- synchronize
- reopened
merge_group:
jobs:
fe1-web:
name: Fe1-Web
runs-on: ${{ matrix.os }}
strategy:
matrix:
os: [ubuntu-latest, macOS-latest, windows-latest]
node-version: [18.x]
include:
# Additionally also run it on node v16
# but just on ubuntu to not have too many runs
- os: ubuntu-latest
node-version: 16.x
defaults:
run:
working-directory: ./fe1-web
steps:
- name: Setup repo
uses: actions/checkout@v2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of Sonar analysis
- name: Setup node ${{ matrix.node-version }}
uses: actions/setup-node@v1
with:
node-version: ${{ matrix.node-version }}
- name: Setup node npm cache
uses: actions/cache@v2
env:
cache-name: cache-node-npm
with:
# npm cache files are stored in `~/.npm` on Linux/macOS
path: ~/.npm
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Setup node modules cache
# MacOS is excluded since caching node modules made it slower than it was without caching
if: ${{ runner.os != 'macOS'}}
uses: actions/cache@v2
env:
cache-name: cache-node-modules
with:
path: ./fe1-web/node_modules
key: ${{ runner.os }}-nodemodules-${{ hashFiles('**/package-lock.json') }}
restore-keys: ${{ runner.os }}-nodemodules-
- name: Setup expo
run: npm install -g @expo/cli
- name: Setup npm dependencies
run: npm install
- name: Check npm security issues
run: npm audit fix
continue-on-error: true
- name: Run lint
if: ${{ matrix.os == 'ubuntu-latest' && matrix.node-version == '18.x' }} # execute even if previous steps failed
run: npm run eslint
- name: Validate dependencies
if: ${{ always() }} # execute even if previous steps failed
run: npm run depcruise
- name: Run tsdoc
if: ${{ always() }} # execute even if previous steps failed
run: npm run docs
- name: Run test
if: ${{ always() }} # execute even if previous steps failed
run: npm run test -- --runInBand --ci
- name: Run SonarCloud analysis
if: ${{ matrix.os == 'ubuntu-latest' && matrix.node-version == '18.x' && !startsWith(github.head_ref, 'dependabot/') }} # execute even if previous steps failed
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
run: |
npm install -g sonarqube-scanner
sonar-scanner -Dsonar.login=${{ secrets.SONAR_TOKEN_FE1 }}
- name: Verify expo project health
if: ${{ always() }} # execute even if previous steps failed
run: |
expo doctor
continue-on-error: true
- name: Build expo web project
if: ${{ matrix.node-version != '16.x' }}
run: |
npm run build-web
- name: Build expo web project (legacy, without NODE_OPTIONS=--openssl-legacy-provider)
if: ${{ matrix.node-version == '16.x' }}
run: |
npx expo export:web
be1-go:
name: Be1-Go
strategy:
matrix:
platform: [ubuntu-latest, windows-latest]
runs-on: ${{matrix.platform}}
defaults:
run:
working-directory: ./be1-go
steps:
- name: Use go >= 1.21
uses: actions/setup-go@v3
with:
go-version: ">=1.21"
- name: Setup repo
uses: actions/checkout@v3
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of Sonar analysis
- uses: actions/cache@v2
with:
# In order:
# * Module download cache
# * Build cache (Linux)
# * Build cache (Mac)
# * Build cache (Windows)
path: |
~/go/pkg/mod
~/.cache/go-build
~/Library/Caches/go-build
%LocalAppData%\go-build
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Format
if: ${{ matrix.platform == 'ubuntu-latest' }}
run: |
make check-fmt
if [ "$(gofmt -s -l ./ | wc -l)" -gt 0 ]; then exit 1; fi
- name: Run check target
if: ${{ matrix.platform == 'ubuntu-latest' }}
run: |
make check
- name: Run test target
if: ${{ matrix.platform == 'windows-latest' }}
run: |
make test
- name: Build
if: ${{ always() }} # execute even if previous steps failed
run: |
make build
- name: Run SonarCloud analysis
if: ${{ matrix.platform == 'ubuntu-latest' && !startsWith(github.head_ref, 'dependabot/') }} # execute even if previous steps failed
uses: SonarSource/sonarcloud-github-action@master
with:
projectBaseDir: be1-go
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_BE1 }}
fe2-android:
name: Fe2-Android
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./fe2-android
# This CI pipeline is greatly inspired by the sample given by https://github.com/ReactiveCircus/android-emulator-runner
steps:
- name: Checkout
uses: actions/checkout@v2
with:
submodules: recursive
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of Sonar analysis
- name: Setup JDK
uses: actions/setup-java@v3
with:
distribution: "temurin"
java-version: "17"
- name: Cache Gradle
uses: actions/cache@v2
with:
path: |
~/.gradle/caches
~/.gradle/wrapper
key: gradle-${{ runner.os }}-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
- name: Grant execute permission for gradlew
run: |
chmod +x ./gradlew
- name: Assemble
shell: bash
run: |
# To run the CI with debug informations, add --info
./gradlew assemble lint --parallel --build-cache
- name: Run tests
shell: bash
run: |
# To run the CI with debug informations, add --info
./gradlew check --parallel --build-cache
- name: Generate Coverage Report
shell: bash
run: |
# To run the CI with debug informations, add --info
./gradlew jacocoTestReport --parallel --build-cache
- name: Generate Sarif Lint Report
shell: bash
run: |
# To run the CI with debug informations, add --info
./gradlew lintDebug --parallel --build-cache
- name: Upload lint sarif
uses: github/codeql-action/upload-sarif@v2
if: always()
with:
sarif_file: fe2-android/app/build/reports/lint-results-debug.sarif
category: lint
- name: Cache SonarCloud packages
uses: actions/cache@v2
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Run SonarCloud analysis
if: ${{ !startsWith(github.head_ref, 'dependabot/') }} # execute even if previous steps failed
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_FE2 }}
run: |
# To run the CI with debug informations, add --info
./gradlew sonarqube --parallel --build-cache
be2-scala:
name: Be2-Scala
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./be2-scala
steps:
- name: Set up JDK 17
uses: actions/setup-java@v2
with:
distribution: "temurin"
java-version: "17"
- name: Setup repo
uses: actions/checkout@v2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of Sonar analysis
- name: Check formatting
run: sbt scalafmtCheckAll
- name: Run unit tests
run: |
cd ./src/security/ && ./generateKeys.sh -test && cd ../.. # Generate test keys
sbt -Dscala.config="src/main/scala/ch/epfl/pop/config" -Dscala.security="src/security" -Dtest clean coverage test
rm -rf ./src/security/test/ # Remove test keys
- name: Report coverage
run: sbt coverageReport
- name: Run SonarCloud analysis
if: ${{ !startsWith(github.head_ref, 'dependabot/') }} # execute even if previous steps failed
env:
SONAR_HOST_URL: https://sonarcloud.io
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_BE2 }}
run: sbt sonarScan
popcha-example-client:
name: popcha-example-web-client
runs-on: ubuntu-latest
defaults:
run:
working-directory: demo/popcha-client/web
steps:
- name: Setup repo
uses: actions/checkout@v2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of Sonar analysis
- name: Setup python
uses: actions/setup-python@v4
with:
python-version: '3.9'
- name: Setup pip dependencies
run: |
python -m pip install --upgrade pip
pip install ruff tox
pip install -r requirements.txt
- name: Lint with ruff
run: |
# stop the build if there are Python syntax errors or undefined names
ruff check --output-format=github --select=E9,F63,F7,F82 --target-version=py39 .
# default set of ruff rules with GitHub Annotations
ruff check --output-format=github --target-version=py39 .
- name: Run tests
run: |
tox -e py
- name: Run SonarCloud Analysis
if: ${{ !startsWith(github.head_ref, 'dependabot/') }} # execute even if previous steps failed
uses: SonarSource/sonarcloud-github-action@master
with:
projectBaseDir: demo/popcha-client/web
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN_POPCHA_WEB_CLIENT }}
protocol:
name: protocol examples test
runs-on: ubuntu-latest
defaults:
run:
working-directory: ./protocol/test
steps:
- name: Setup repo
uses: actions/checkout@v2
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of Sonar analysis
- name: Setup node 12.x
uses: actions/setup-node@v1
with:
node-version: 12.x
- name: Setup node cache
uses: actions/cache@v2
env:
cache-name: cache-node-modules
with:
# npm cache files are stored in `~/.npm` on Linux/macOS
path: ~/.npm
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/package-lock.json') }}
restore-keys: |
${{ runner.os }}-build-${{ env.cache-name }}-
${{ runner.os }}-build-
${{ runner.os }}-
- name: Setup npm dependencies
run: |
npm install
- name: Check npm security issues
run: |
npm audit fix
- name: Run test
run: |
npm run test