Skip to content

Run workflows with secrets #1467

Run workflows with secrets

Run workflows with secrets #1467

Workflow file for this run

name: Run tests
on:
pull_request_target:
types: [opened, synchronize, labeled]
schedule:
- cron: '0 0 * * *'
jobs:
access_check:
runs-on: ubuntu-latest
name: Access check
steps:
- name: Ensure pull-request is safe to run
uses: actions/github-script@v7
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const issue_number = context.issue.number;
const repository = context.repo.repo;
const owner = context.repo.owner;
const response = await github.rest.issues.listLabelsOnIssue({
owner,
repo: repository,
issue_number
});
const labels = response.data.map(label => label.name);
let hasLabel = labels.includes('safe-to-test')
console.log(context.payload)
if (context.payload.action === 'synchronize' && hasLabel) {
hasLabel = false
await github.rest.issues.removeLabel({
owner,
repo: repository,
issue_number,
name: 'safe-to-test'
});
}
if (!hasLabel) {
throw "Action was not authorized. Exiting now."
}
php-tests:
runs-on: ubuntu-latest
needs: access_check
strategy:
matrix:
db: ['mysql', 'pgsql']
payload:
- { queue: 'github-actions-laravel10-php83', laravel: '10.*', php: '8.3', 'testbench': '8.*'}
- { queue: 'github-actions-laravel10-php82', laravel: '10.*', php: '8.2', 'testbench': '8.*'}
- { queue: 'github-actions-laravel10-php81', laravel: '10.*', php: '8.1', 'testbench': '8.*'}
- { queue: 'github-actions-laravel9-php83', laravel: '9.*', php: '8.3', 'testbench': '7.*'}
- { queue: 'github-actions-laravel9-php82', laravel: '9.*', php: '8.2', 'testbench': '7.*'}
- { queue: 'github-actions-laravel9-php81', laravel: '9.*', php: '8.1', 'testbench': '7.*'}
- { queue: 'github-actions-laravel9-php80', laravel: '9.*', php: '8.0', 'testbench': '7.*'}
- { queue: 'github-actions-laravel8-php81', laravel: '8.*', php: '8.1', 'testbench': '6.*'}
- { queue: 'github-actions-laravel8-php80', laravel: '8.*', php: '8.0', 'testbench': '6.*'}
- { queue: 'github-actions-laravel8-php74', laravel: '8.*', php: '7.4', 'testbench': '6.*'}
- { queue: 'github-actions-laravel7-php80', laravel: '7.*', php: '8.0', 'testbench': '5.*' }
- { queue: 'github-actions-laravel7-php74', laravel: '7.*', php: '7.4', 'testbench': '5.*' }
- { queue: 'github-actions-laravel6-php80', laravel: '6.*', php: '8.0', 'testbench': '4.*' }
- { queue: 'github-actions-laravel6-php74', laravel: '6.*', php: '7.4', 'testbench': '4.*' }
name: PHP ${{ matrix.payload.php }} - Laravel ${{ matrix.payload.laravel }} - DB ${{ matrix.db }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.payload.php }}
extensions: mbstring, dom, fileinfo
coverage: none
- name: Set up MySQL and PostgreSQL
run: |
MYSQL_PORT=3307 POSTGRES_PORT=5432 docker compose up ${{ matrix.db }} -d
- name: Install dependencies
run: |
composer require "laravel/framework:${{ matrix.payload.laravel }}" "orchestra/testbench:${{ matrix.payload.testbench }}" --no-interaction --no-update
composer update --prefer-stable --prefer-dist --no-interaction
if [ "${{ matrix.db }}" = "mysql" ]; then
while ! mysqladmin ping --host=127.0.0.1 --user=cloudtasks --port=3307 --password=cloudtasks --silent; do
echo "Waiting for MySQL..."
sleep 1
done
else
echo "Not waiting for MySQL."
fi
- name: Execute tests
env:
DB_DRIVER: ${{ matrix.db }}
CI_CLOUD_TASKS_PROJECT_ID: ${{ secrets.CI_CLOUD_TASKS_PROJECT_ID }}
CI_CLOUD_TASKS_QUEUE: ${{ secrets.CI_CLOUD_TASKS_QUEUE }}
CI_CLOUD_TASKS_LOCATION: ${{ secrets.CI_CLOUD_TASKS_LOCATION }}
CI_CLOUD_TASKS_SERVICE_ACCOUNT_EMAIL: ${{ secrets.CI_CLOUD_TASKS_SERVICE_ACCOUNT_EMAIL }}
CI_SERVICE_ACCOUNT_JSON_KEY: ${{ secrets.CI_SERVICE_ACCOUNT_JSON_KEY }}
CI_CLOUD_TASKS_CUSTOM_QUEUE: ${{ matrix.payload.queue }}
run: |
echo $CI_SERVICE_ACCOUNT_JSON_KEY > tests/Support/gcloud-key-valid.json
vendor/bin/phpunit