Skip to content

avoid leaks during zip download and multi-object downloads (#3481) #7799

avoid leaks during zip download and multi-object downloads (#3481)

avoid leaks during zip download and multi-object downloads (#3481) #7799

Workflow file for this run

# @format
name: Workflow
on:
pull_request:
branches:
- master
push:
branches:
- master
# This ensures that previous jobs for the PR are canceled when the PR is
# updated.
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref }}
cancel-in-progress: true
jobs:
lint-job:
name: Checking Lint
runs-on: [ubuntu-latest]
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v4
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make verifiers
semgrep-static-code-analysis:
name: "semgrep checks"
runs-on: ubuntu-latest
strategy:
matrix:
os: [ubuntu-latest]
steps:
- name: Check out source code
uses: actions/checkout@v3
- name: Scanning code on ${{ matrix.os }}
continue-on-error: false
run: |
# Install semgrep rather than using a container due to:
# https://github.com/actions/checkout/issues/334
sudo apt install -y python3-pip || apt install -y python3-pip
pip3 install semgrep
semgrep --config semgrep.yaml $(pwd)/web-app --error
ui-assets:
name: "React Code Has No Warnings & Prettified"
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
cache: "yarn"
cache-dependency-path: web-app/yarn.lock
- uses: actions/cache@v4
id: assets-cache
name: Assets Cache
with:
path: |
./web-app/build/
key: ${{ runner.os }}-assets-${{ github.run_id }}
- name: Install Dependencies
working-directory: ./web-app
continue-on-error: false
run: |
yarn install --immutable
- name: Check for Warnings in build output
working-directory: ./web-app
continue-on-error: false
run: |
./check-warnings.sh
- name: Check if Files are Prettified
working-directory: ./web-app
continue-on-error: false
run: |
./check-prettier.sh
- name: Check for dead code
working-directory: ./web-app
continue-on-error: false
run: |
./check-deadcode.sh
latest-minio:
name: Build latest MinIO
runs-on: [ubuntu-latest]
strategy:
matrix:
go-version: [1.23.x]
steps:
# To build minio image, we need to clone the repository first
- name: Clone github.com/minio/minio
uses: actions/checkout@v3
with:
repository: minio/minio
- name: Check-out matching MinIO branch
env:
GH_BRANCH: ${{ github.head_ref || github.ref_name }}
GH_PR_REPO: ${{ github.event.pull_request.head.repo.full_name }}
run: |
GH_PR_ACCOUNT=`echo $GH_PR_REPO | sed "s/\\/.*//"`
if [ ! -z "$GH_PR_ACCOUNT" ] && [ ! "$GH_PR_ACCOUNT" = "minio" ]; then
ALTREPO="https://github.com/$GH_PR_ACCOUNT/minio.git"
echo "Attempting to fetch $ALTREPO..."
git remote add alt $ALTREPO
(git fetch alt && git checkout "alt/$GH_BRANCH") || echo "$ALTREPO ($GH_BRANCH) not available, so keeping default repository/branch"
fi
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go-minio
- name: Build on ${{ matrix.os }}
if: steps.minio-latest-cache.outputs.cache-hit != 'true'
run: |
echo "Create minio binary";
make build;
compile-binary:
name: Compiles on Go ${{ matrix.go-version }} and ${{ matrix.os }}
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- uses: actions/cache@v4
id: assets-cache
name: Assets Cache
with:
path: |
./web-app/build/
key: ${{ runner.os }}-assets-${{ github.run_id }}
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make console
test-nginx-subpath:
name: Test Subpath with Nginx
needs:
- compile-binary
runs-on: [ubuntu-latest]
timeout-minutes: 10
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, MinIO and Nginx
run: |
(CONSOLE_SUBPATH=/console/subpath ./console server ) & (make test-initialize-minio-nginx)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
run: npx testcafe "firefox:headless" web-app/tests/subpath-nginx/ -q --skip-js-errors -c 3
- name: Clean up docker
if: always()
run: |
make cleanup-minio-nginx
all-permissions-1:
name: Permissions Tests Part 1
needs:
- compile-binary
runs-on: [ubuntu-latest]
timeout-minutes: 10
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
run: npx testcafe "firefox:headless" web-app/tests/permissions-1/ -q --skip-js-errors -c 3
- name: Clean up users & policies
run: |
make cleanup-permissions
all-permissions-2:
name: Permissions Tests Part 2
needs:
- compile-binary
runs-on: [ubuntu-latest]
timeout-minutes: 10
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
run: npx testcafe "firefox:headless" web-app/tests/permissions-2/ -q --skip-js-errors -c 3
- name: Clean up users & policies
run: |
make cleanup-permissions
all-permissions-3:
name: Permissions Tests Part 3
needs:
- compile-binary
runs-on: [ubuntu-latest]
timeout-minutes: 10
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
run: npx testcafe "firefox:headless" web-app/tests/permissions-3/ -q --skip-js-errors -c 3
- name: Clean up users & policies
run: |
make cleanup-permissions
all-permissions-4:
name: Permissions Tests Part 4
needs:
- compile-binary
runs-on: [ubuntu-latest]
timeout-minutes: 15
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
timeout-minutes: 10
run: npx testcafe "firefox:headless" web-app/tests/permissions-4/ --skip-js-errors
all-permissions-5:
name: Permissions Tests Part 5
needs:
- compile-binary
runs-on: [ubuntu-latest]
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
timeout-minutes: 5
run: npx testcafe "firefox:headless" web-app/tests/permissions-5/ --skip-js-errors
all-permissions-6:
name: Permissions Tests Part 6
needs:
- compile-binary
runs-on: [ubuntu-latest]
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
timeout-minutes: 5
run: npx testcafe "firefox:headless" web-app/tests/permissions-6/ --skip-js-errors
all-permissions-A:
name: Permissions Tests Part A
needs:
- compile-binary
runs-on: [ubuntu-latest]
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
run: npx testcafe "firefox:headless" web-app/tests/permissions-A/ --skip-js-errors -c 3
- name: Clean up users & policies
run: |
make cleanup-permissions
all-permissions-B:
name: Permissions Tests Part B
needs:
- compile-binary
runs-on: [ubuntu-latest]
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
- name: Install MinIO JS
working-directory: ./
continue-on-error: false
run: |
yarn add minio
- uses: actions/cache@v4
name: Console Binary Cache
with:
path: |
./console
key: ${{ runner.os }}-binary-${{ github.run_id }}
- name: clean-previous-containers-if-any
run: |
docker stop minio || true;
docker container prune -f || true;
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Install TestCafe
run: npm install [email protected]
- name: Run TestCafe Tests
run: npx testcafe "firefox:headless" web-app/tests/permissions-B/ --skip-js-errors -c 3
- name: Clean up users & policies
run: |
make cleanup-permissions
test-pkg-on-go:
name: Test Pkg on Go ${{ matrix.go-version }} and ${{ matrix.os }}
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make test-pkg
- uses: actions/cache@v4
id: coverage-cache-pkg
name: Coverage Cache Pkg
with:
path: |
./pkg/coverage/
key: ${{ runner.os }}-coverage-pkg-2-${{ github.run_id }}
test-api-on-go:
name: Test API on Go ${{ matrix.go-version }} and ${{ matrix.os }}
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make test
- uses: actions/cache@v4
id: coverage-cache-api
name: Coverage Cache API
with:
path: |
./api/coverage/
key: ${{ runner.os }}-coverage-api-2-${{ github.run_id }}
b-integration-tests:
name: Integration Tests with Latest Distributed MinIO
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
- latest-minio
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [1.23.x]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Clone github.com/minio/minio
uses: actions/checkout@master
with:
repository: minio/minio
path: "minio_repository"
- name: Check-out matching MinIO branch
env:
GH_BRANCH: ${{ github.head_ref || github.ref_name }}
GH_PR_REPO: ${{ github.event.pull_request.head.repo.full_name }}
run: |
GH_PR_ACCOUNT=`echo $GH_PR_REPO | sed "s/\\/.*//"`
if [ ! -z "$GH_PR_ACCOUNT" ] && [ ! "$GH_PR_ACCOUNT" = "minio" ]; then
ALTREPO="https://github.com/$GH_PR_ACCOUNT/minio.git"
echo "Attempting to fetch $ALTREPO..."
git remote add alt $ALTREPO
(git fetch alt && git checkout "alt/$GH_BRANCH") || echo "$ALTREPO ($GH_BRANCH) not available, so keeping default repository/branch"
fi
- uses: actions/cache@v4
id: minio-latest-cache
name: MinIO Latest Cache
with:
path: |
./minio
key: ${{ runner.os }}-minio-latest-${{ hashFiles('./minio_repository/go.sum') }}
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
run: |
echo "The idea is to build minio image from downloaded repository";
cd $GITHUB_WORKSPACE/minio_repository;
echo "Get git version to build MinIO Image";
VERSION=`git rev-parse HEAD`;
echo $VERSION;
echo "Create MinIO image";
make docker VERSION=$VERSION;
docker build -q --no-cache -t minio/minio:$VERSION . -f Dockerfile
echo "Jumping back to console repository to run the integration test"
cd $GITHUB_WORKSPACE;
echo "We are going to use the built image on test-integration";
MINIO_VERSION="minio/minio:$VERSION";
echo $MINIO_VERSION;
echo "Create bucket for replication with versioning"
echo "Download mc for Ubuntu"
wget -q https://dl.min.io/client/mc/release/linux-amd64/mc
echo "Change the permissions to execute mc command"
chmod +x mc
echo "Create the folder to put the all.out file"
make test-integration MINIO_VERSION=$MINIO_VERSION;
- uses: actions/cache@v4
id: coverage-cache
name: Coverage Cache
with:
path: |
./integration/coverage/
key: ${{ runner.os }}-coverage-2-${{ github.run_id }}
react-tests:
name: React Tests
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Enable Corepack
run: corepack enable
- name: Install modules
working-directory: ./web-app
run: yarn install --immutable
- name: Run tests
working-directory: ./web-app
run: yarn test
sso-integration:
name: SSO Integration Test
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
- latest-minio
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [1.23.x]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Clone github.com/minio/minio
uses: actions/checkout@master
with:
repository: minio/minio
path: "minio_repository"
- name: Check-out matching MinIO branch
env:
GH_BRANCH: ${{ github.head_ref || github.ref_name }}
GH_PR_REPO: ${{ github.event.pull_request.head.repo.full_name }}
run: |
GH_PR_ACCOUNT=`echo $GH_PR_REPO | sed "s/\\/.*//"`
if [ ! -z "$GH_PR_ACCOUNT" ] && [ ! "$GH_PR_ACCOUNT" = "minio" ]; then
ALTREPO="https://github.com/$GH_PR_ACCOUNT/minio.git"
echo "Attempting to fetch $ALTREPO..."
git remote add alt $ALTREPO
(git fetch alt && git checkout "alt/$GH_BRANCH") || echo "$ALTREPO ($GH_BRANCH) not available, so keeping default repository/branch"
fi
- name: Checkout proper minio/minio branch
run: |
git checkout "${{ github.head_ref || github.ref_name }}" || echo "Okay, we'll stay on the master branch"
- uses: actions/cache@v4
id: minio-latest-cache
name: MinIO Latest Cache
with:
path: |
./minio
key: ${{ runner.os }}-minio-latest-${{ hashFiles('./minio_repository/go.sum') }}
- name: Build on ${{ matrix.os }}
run: |
echo "The idea is to build minio image from downloaded repository";
cd $GITHUB_WORKSPACE/minio_repository;
echo "replace github.com/minio/console => ../" >> go.mod
echo "updates to go.mod needed; to update it: go mod tidy"
go mod tidy -compat=1.23
echo "Get git version to build MinIO Image";
VERSION=`git rev-parse HEAD`;
echo $VERSION;
echo "Create MinIO image";
make docker VERSION=$VERSION;
docker build -q --no-cache -t minio/minio:$VERSION . -f Dockerfile
echo "Jumping back to console repository to run the integration test"
cd $GITHUB_WORKSPACE;
echo "We are going to use the built image on test-integration";
MINIO_VERSION="minio/minio:$VERSION";
echo $MINIO_VERSION;
make test-sso-integration MINIO_VERSION=$MINIO_VERSION;
- uses: actions/cache@v4
id: coverage-cache-sso
name: Coverage Cache SSO
with:
path: |
./sso-integration/coverage/
key: ${{ runner.os }}-sso-coverage-2-${{ github.run_id }}
coverage:
name: "Coverage Limit Check"
needs:
- b-integration-tests
- test-api-on-go
- test-pkg-on-go
- sso-integration
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Check out gocovmerge as a nested repository
uses: actions/checkout@v3
with:
repository: wadey/gocovmerge
path: gocovmerge
- uses: actions/cache@v4
id: coverage-cache
name: Coverage Cache
with:
path: |
./integration/coverage/
key: ${{ runner.os }}-coverage-2-${{ github.run_id }}
- uses: actions/cache@v4
id: coverage-cache-sso
name: Coverage Cache SSO
with:
path: |
./sso-integration/coverage/
key: ${{ runner.os }}-sso-coverage-2-${{ github.run_id }}
- uses: actions/cache@v4
id: coverage-cache-api
name: Coverage Cache API
with:
path: |
./api/coverage/
key: ${{ runner.os }}-coverage-api-2-${{ github.run_id }}
- uses: actions/cache@v4
id: coverage-cache-pkg
name: Coverage Cache Pkg
with:
path: |
./pkg/coverage/
key: ${{ runner.os }}-coverage-pkg-2-${{ github.run_id }}
- name: Get coverage
run: |
echo "change directory to gocovmerge"
cd gocovmerge
echo "download golang x tools"
go mod download golang.org/x/tools
echo "go mod tidy compat mode"
go mod tidy -compat=1.23
echo "go build gocoverage.go"
go build gocovmerge.go
echo "put together the outs for final coverage resolution"
./gocovmerge ../integration/coverage/system.out ../sso-integration/coverage/sso-system.out ../api/coverage/coverage.out ../pkg/coverage/coverage-pkg.out > all.out
echo "Download mc for Ubuntu"
wget -q https://dl.min.io/client/mc/release/linux-amd64/mc
echo "Change the permissions to execute mc command"
chmod +x mc
echo "Only run our test if play is up and running"
PLAY_IS_ON=`wget --spider --server-response https://play.min.io:9443/login 2>&1 | grep '200\ OK' | wc -l`
if [ $PLAY_IS_ON == 1 ]
then
echo "Play is up and running, we will proceed with the play part for coverage"
echo "Create the folder to put the all.out file"
./mc mb --ignore-existing play/builds/
echo "Copy the all.out file to play bucket"
echo ${{ github.repository }}
echo ${{ github.event.number }}
echo ${{ github.run_id }}
# mc cp can fail due to lack of space: mc: <ERROR> Failed to copy `all.out`.
# Storage backend has reached its minimum free disk threshold. Please delete a few objects to proceed.
./mc cp all.out play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp all.out play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
go tool cover -html=all.out -o coverage.html
./mc cp coverage.html play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp coverage.html play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
# save all other coverage
go tool cover -html=../integration/coverage/system.out -o system.html
./mc cp system.html play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp system.html play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
./mc cp ../integration/coverage/system.out play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp ../integration/coverage/system.out play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
go tool cover -html=../sso-integration/coverage/sso-system.out -o sso-system.html
./mc cp sso-system.html play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp sso-system.html play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
./mc cp ../sso-integration/coverage/sso-system.out play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp ../sso-integration/coverage/sso-system.out play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
go tool cover -html=../api/coverage/coverage.out -o coverage.html
./mc cp coverage.html play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp coverage.html play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
./mc cp ../api/coverage/coverage.out play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp ../api/coverage/coverage.out play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
go tool cover -html=../pkg/coverage/coverage-pkg.out -o coverage-pkg.html
./mc cp coverage-pkg.html play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp coverage-pkg.html play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
./mc cp ../pkg/coverage/coverage-pkg.out play/builds/${{ github.repository }}/${{ github.event.number }}/${{ github.run_id }}/ || true
./mc cp ../pkg/coverage/coverage-pkg.out play/builds/${{ github.repository }}/${{ github.event.number }}/latest/ || true
./mc anonymous set public play/builds
else
echo "Play is down, please report it on hack channel, no coverage is going to be uploaded!!!"
fi
echo "grep to obtain the result"
go tool cover -func=all.out | grep total > tmp2
result=`cat tmp2 | awk 'END {print $3}'`
result=${result%\%}
threshold=1.0
echo "Result:"
echo "$result%"
if (( $(echo "$result >= $threshold" |bc -l) )); then
echo "It is equal or greater than threshold ($threshold%), passed!"
else
echo "It is smaller than threshold ($threshold%) value, failed!"
exit 1
fi
ui-assets-istanbul-coverage:
name: "Assets with Istanbul Plugin for coverage"
runs-on: ubuntu-latest
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Read .nvmrc
id: node_version
run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: ${{ env.NVMRC }}
cache: "yarn"
cache-dependency-path: web-app/yarn.lock
- uses: actions/cache@v4
id: assets-cache-istanbul-coverage
name: Assets Cache Istanbul Coverage
with:
path: |
./web-app/build/
key: ${{ runner.os }}-assets-istanbul-coverage-${{ github.run_id }}
- name: Install Dependencies
working-directory: ./web-app
continue-on-error: false
run: |
yarn install --immutable
- name: Check for Warnings in build output
working-directory: ./web-app
continue-on-error: false
run: |
./check-warnings-istanbul-coverage.sh
compile-binary-istanbul-coverage:
name: "Compile Console Binary with Istanbul Plugin for Coverage"
needs:
- lint-job
- ui-assets-istanbul-coverage
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- uses: actions/cache@v4
name: Console Binary Cache Istanbul Coverage
with:
path: |
./console
key: ${{ runner.os }}-binary-istanbul-coverage-${{ github.run_id }}
- uses: actions/cache@v4
id: assets-cache-istanbul-coverage
name: Assets Cache Istanbul Coverage
with:
path: |
./web-app/build/
key: ${{ runner.os }}-assets-istanbul-coverage-${{ github.run_id }}
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make console
cross-compile-1:
name: Cross compile
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make crosscompile arg1="'linux/ppc64le linux/mips64'"
cross-compile-2:
name: Cross compile 2
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make crosscompile arg1="'linux/arm64 linux/s390x'"
cross-compile-3:
name: Cross compile 3
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make crosscompile arg1="'darwin/amd64 freebsd/amd64'"
cross-compile-4:
name: Cross compile 4
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make crosscompile arg1="'windows/amd64 linux/arm'"
cross-compile-5:
name: Cross compile 5
needs:
- lint-job
- ui-assets
- semgrep-static-code-analysis
runs-on: ${{ matrix.os }}
strategy:
matrix:
go-version: [1.23.x]
os: [ubuntu-latest]
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
uses: actions/setup-go@v5
with:
go-version: ${{ matrix.go-version }}
id: go
- name: Build on ${{ matrix.os }}
env:
GO111MODULE: on
GOOS: linux
run: |
make crosscompile arg1="'linux/386 netbsd/amd64'"
playwright:
needs:
- compile-binary-istanbul-coverage
timeout-minutes: 60
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Enable Corepack
run: corepack enable
- uses: actions/setup-node@v4
with:
node-version: 18
- name: Install dependencies
run: |
echo "Install dependencies"
cd $GITHUB_WORKSPACE/web-app
yarn init -y
yarn add -D playwright babel-plugin-istanbul nyc react-app-rewired create-react-app @playwright/test
echo "yarn install"
yarn install --no-immutable
- name: Install Playwright Browsers
run: npx playwright install --with-deps
- uses: actions/cache@v4
name: Console Binary Cache Istanbul Coverage
with:
path: |
./console
key: ${{ runner.os }}-binary-istanbul-coverage-${{ github.run_id }}
- name: Start Console, front-end app and initialize users/policies
run: |
(./console server) & (make initialize-permissions)
- name: Run Playwright tests
run: |
echo "Run tests under playwright folder only"
cd $GITHUB_WORKSPACE/web-app
yarn remove playwright
yarn add --dev @playwright/test
echo "npx playwright test"
npx playwright test # To run the tests
echo "npx nyc report"
npx nyc report # To see report printed in logs as text
echo "npx nyc report --reporter=html"
npx nyc report --reporter=html # to see report in ./coverage/index.html
- uses: actions/upload-artifact@v4
if: always()
with:
name: playwright-report
path: playwright-report/
retention-days: 30
- uses: actions/upload-artifact@v4
if: always()
with:
name: coverage
path: coverage/
retention-days: 30