Skip to content

Merge pull request #413 from bcgov/feature/1580-vulnerabilities #398

Merge pull request #413 from bcgov/feature/1580-vulnerabilities

Merge pull request #413 from bcgov/feature/1580-vulnerabilities #398

Workflow file for this run

name: CI/CD for API - Checkout, Build, Test, and generate Coverage Report for ai-reviewer-api
on:
push:
branches: [main]
pull_request:
types: [opened, reopened, synchronize]
paths:
- "src/backend/**"
- ".github/workflows/ci-api.yml"
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
jobs:
spring-boot:
name: CI/CD for API
runs-on: ubuntu-latest
env:
FILE_COUNTER: 0
CC_TEST_REPORTER_ID: 7a64e3e316d790b81411add57c07e4f8d5988ad69e1ef510b1bfb314e5459b6b
ACTION_DEBUG: true
steps:
- name: Checkout Spring SFTP Starter Repository
uses: actions/checkout@v2
with:
repository: bcgov/spring-boot-starters
path: spring-boot-starters
ref: v1.0.2
# Setup Java Environment
- name: Set up JDK 17
uses: actions/setup-java@v1
with:
java-version: 17
# TODO REMOVE AFTER SFTP IS IN MAVEN CENTRAL
- name: Build Spring SFTP Starter
run: mvn install -P all --file ./spring-boot-starters/src/pom.xml
- name: Checkout File Submission Repository
uses: actions/checkout@v2
# Get Code Climate binary
- name: Download Code Climate Binary
run: curl -L https://codeclimate.com/downloads/test-reporter/test-reporter-latest-linux-amd64 > ./cc-test-reporter
# Permissions applied to the Code Climate Executable
- name: Apply executable perms to Code Climate Binary
run: chmod +x ./cc-test-reporter
# Before build
- name: Before build
run: ./cc-test-reporter before-build
# Set required Git env vars for either pull request
- name: Set ENV for codeclimate (pull_request)
run: |
echo "GIT_BRANCH=${{ github.event.pull_request.head.ref }}" >> $GITHUB_ENV
echo "GIT_COMMIT_SHA=${{ github.event.pull_request.head.sha }}" >> $GITHUB_ENV
#echo "::set-env name=GIT_BRANCH::${{ github.event.pull_request.head.ref }}"
#echo "::set-env name=GIT_COMMIT_SHA::${{ github.event.pull_request.head.sha }}"
if: github.event_name == 'pull_request'
# Set required Git env vars for a push to main
- name: Set ENV for codeclimate (push)
run: |
echo "GIT_BRANCH=$GITHUB_REF" >> $GITHUB_ENV
echo "GIT_COMMIT_SHA=$GITHUB_SHA" >> $GITHUB_ENV
#echo "::set-env name=GIT_BRANCH::$GITHUB_REF"
#echo "::set-env name=GIT_COMMIT_SHA::$GITHUB_SHA"
if: github.event_name == 'push'
# Trimming the ref to main in order to publish correct report (paambaati)
- name: Set ref/head/main to main
run: |
echo "GIT_BRANCH=main" >> $GITHUB_ENV
#echo "::set-env name=GIT_BRANCH::main"
if: env.GIT_BRANCH == 'refs/heads/main'
# Run Maven Verify to generate all jacoco reports
- name: Build with Maven
run: mvn -B verify -P all --file src/backend/pom.xml
# Formatting the BACKEND coverage reports generated (dynamically)
- name: Format BACKEND coverage reports
run: |
projectRelRegex="^\.\/src\/backend\/(.*)\/target\/site\/jacoco\/jacoco\.xml$"
for file in $(find . -name "jacoco.xml")
do
echo $file
echo $projectRelRegex
if [[ $file =~ $projectRelRegex ]]
then
projectRel="${BASH_REMATCH[1]}"
echo "analyzing project: " $projectRel
projectName="${projectRel//\//-}"
JACOCO_SOURCE_PATH=${{ github.workspace }}/src/backend/$projectRel/src/main/java ./cc-test-reporter format-coverage ${{github.workspace}}/src/backend/$projectRel/target/site/jacoco/jacoco.xml --input-type jacoco --output coverage/$projectName-codeclimate.json;
echo "coverage generated: coverage/$projectName-codeclimate.json;"
else
echo $file does not match
fi
done
# List all formatted files in coverage directory
- name: WHERE AM I - FORMATTED?
run: |
ls ${{ github.workspace }}/coverage
if: ${{ env.ACTION_DEBUG }}
# Count of all total coverage files available
- name: Count files present
run: |
echo "FILE_COUNTER=$(ls -1q ./coverage | wc -l )" >> $GITHUB_ENV
#echo "::set-env name=FILE_COUNTER::$(ls -1q ./coverage | wc -l )"
# Sum the coverage reports
- name: Summing the coverage reports generated
run: ./cc-test-reporter sum-coverage coverage/*-codeclimate.json -p ${{ env.FILE_COUNTER }} -o coverage/codeclimate-api.json
# Upload JSON for debugging purposes
- name: Upload JSON for debugging purposes
uses: actions/upload-artifact@v4
with:
name: summed-java-coverage-report
path: coverage/codeclimate-api.json
# Upload total coverage report to Code Climate
- name: Upload coverage report to Code Climate
run: ./cc-test-reporter upload-coverage -d -i coverage/codeclimate-api.json