docs: note for current status of maintainers #827

Workflow file for this run

	name: CI

	on:
	pull_request:
	branches: [ main ]
	paths-ignore:
	- 'docs/**'

	concurrency:
	group: ${{ github.head_ref }}
	cancel-in-progress: true

	jobs:
	setup:
	timeout-minutes: 5
	runs-on: ubuntu-latest
	outputs:
	branch_name: ${{ steps.get_branch_name.outputs.HEAD_REF }}

	steps:
	- name: Build branch name
	id: get_branch_name
	run: \|
	HEAD_REF=$(echo "${GITHUB_HEAD_REF}" \| sed 's_/_\-_g' )
	echo ::set-output name=HEAD_REF::"${HEAD_REF}"

	style:
	needs: [setup]
	timeout-minutes: 5
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false

	steps:
	- uses: actions/checkout@v3
	- name: Set up JDK ${{ matrix.java }}
	uses: actions/setup-java@v3
	with:
	distribution: 'temurin'
	java-version: '17'
	- name: Cache maven packages
	uses: actions/[email protected]
	with:
	path: ~/.m2
	key: ${{ runner.os }}-${{ needs.setup.outputs.branch_name }}-style-${{ hashFiles('**/pom.xml') }}
	restore-keys: ${{ runner.os }}-${{ needs.setup.outputs.branch_name }}-style-
	- name: Run style checks
	run: mvn -B checkstyle:check --file pom.xml

	static-code-analysis:
	needs: [setup, style]
	timeout-minutes: 5
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false

	steps:
	- uses: actions/checkout@v3
	- name: Set up JDK ${{ matrix.java }}
	uses: actions/setup-java@v3
	with:
	distribution: 'temurin'
	java-version: '17'
	- name: Cache maven packages
	uses: actions/[email protected]
	with:
	path: ~/.m2
	key: ${{ runner.os }}-${{ needs.setup.outputs.branch_name }}-analysis-${{ hashFiles('**/pom.xml') }}
	restore-keys: ${{ runner.os }}-${{ needs.setup.outputs.branch_name }}-analysis-
	- name: Run static code analysis
	run: mvn -B compile spotbugs:check --file pom.xml

	unit-and-integration-tests:
	needs: [setup, style]
	timeout-minutes: 30
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	os: [ubuntu-latest, windows-latest, macos-latest]
	java: [17]

	steps:
	- uses: actions/checkout@v3
	- name: Set up JDK ${{ matrix.java }}
	uses: actions/setup-java@v3
	with:
	distribution: 'temurin'
	java-version: ${{ matrix.java }}
	- name: Cache maven packages
	uses: actions/[email protected]
	with:
	path: ~/.m2
	key: ${{ runner.os }}-${{ needs.setup.outputs.branch_name }}-m2-${{ hashFiles('**/pom.xml') }}
	restore-keys: ${{ runner.os }}-${{ needs.setup.outputs.branch_name }}-m2-
	- name: Unit- and Integrationtests
	run: mvn -B -U verify --file pom.xml -Prelease

	mutation-tests:
	needs: [setup, unit-and-integration-tests]
	timeout-minutes: 30
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false

	steps:
	- uses: actions/checkout@v3
	- name: Set up JDK ${{ matrix.java }}
	uses: actions/setup-java@v3
	with:
	distribution: 'temurin'
	java-version: '17'
	- name: Cache maven packages
	uses: actions/[email protected]
	with:
	path: ~/.m2
	key: ${{ runner.os }}-${{ needs.setup.outputs.branch_name }}-m2-${{ hashFiles('**/pom.xml') }}
	restore-keys: ${{ runner.os }}-${{ needs.setup.outputs.branch_name }}-m2-
	- name: Run Mutation Tests
	run: mvn -B -Dmaven.javadoc.skip=true test org.pitest:pitest-maven:mutationCoverage --file pom.xml

	linting:
	timeout-minutes: 5
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false

	steps:
	- uses: actions/checkout@v3
	- name: Lint Docker
	uses: hadolint/[email protected]
	with:
	dockerfile: Dockerfile
	config: .hadolint.yaml

	build_test_image:
	needs: [linting, unit-and-integration-tests]
	timeout-minutes: 15
	runs-on: ubuntu-latest
	outputs:
	image_artifact_name: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}
	image_name: ${{ steps.get_image_name.outputs.image_name }}

	steps:
	- name: Install SBoM generator
	run: \|
	SYFT_EXPECTED_DIGEST='74a9becd5ccb4c02de99050a632e7bfc72176d5e4e844093b1e2c5bedfb45888'
	curl -sSfL https://github.com/anchore/syft/releases/download/v0.29.0/syft_0.29.0_linux_amd64.tar.gz -o syft.tar.gz
	SYFT_RESULT_DIGEST=$(sha256sum syft.tar.gz \| cut -d' ' -f1);
	if [[ $SYFT_RESULT_DIGEST != "${SYFT_EXPECTED_DIGEST}" ]]; then exit 1; fi

	mkdir -p syft-install/
	tar -zxf syft.tar.gz -C syft-install/
	mv syft-install/syft /usr/local/bin/
	rm -rf syft.tar.gz syft-install/
	- name: Install SBom pusher
	run: \|
	ORAS_EXPECTED_DIGEST='660a4ecd87414d1f29610b2ed4630482f1f0d104431576d37e59752c27de37ed'
	curl -sSfL https://github.com/oras-project/oras/releases/download/v0.12.0/oras_0.12.0_linux_amd64.tar.gz -o oras.tar.gz
	ORAS_RESULT_DIGEST=$(sha256sum oras.tar.gz \| cut -d' ' -f1);
	if [[ $ORAS_RESULT_DIGEST != "${ORAS_EXPECTED_DIGEST}" ]]; then exit 1; fi

	mkdir -p oras-install/
	tar -zxf oras.tar.gz -C oras-install/
	mv oras-install/oras /usr/local/bin/
	rm -rf oras.tar.gz oras-install/
	- name: Checkout Repo
	uses: actions/checkout@v3
	- name: Build image artifact name
	id: get_image_artifact_name
	run: \|
	IMAGE_ARTIFACT_NAME=$(echo "${GITHUB_HEAD_REF}" \| sed 's_/_\-_g' )
	echo ::set-output name=image_artifact_name::"${IMAGE_ARTIFACT_NAME}"
	- name: Build image name
	id: get_image_name
	run: echo ::set-output name=image_name::"ghcr.io/international-data-spaces-association/dataspace-connector"
	- name: Build image
	run: \|
	docker build . -t "${IMAGE}:ci"
	env:
	IMAGE: ${{ steps.get_image_name.outputs.image_name }}
	DOCKER_BUILDKIT: 1
	- name: Generate SBoM
	run: \|
	BOM="${ARTIFACT}-sbom.json"
	syft "${IMAGE}:ci" -o spdx-json > "${BOM}"
	env:
	IMAGE: ${{ steps.get_image_name.outputs.image_name }}
	ARTIFACT: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}
	- name: Build tar ball
	id: build_tar_ball
	run: \|
	docker save --output "${ARTIFACT}.tar" "${IMAGE}:ci"
	env:
	IMAGE: ${{ steps.get_image_name.outputs.image_name }}
	ARTIFACT: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}
	- name: Push image
	uses: actions/upload-artifact@v3
	with:
	name: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}-image
	path: ${{ github.workspace }}/${{ steps.get_image_artifact_name.outputs.image_artifact_name }}.tar
	retention-days: 1
	- name: Push SBoM
	uses: actions/upload-artifact@v3
	with:
	name: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}-image-sbom.json
	path: ${{ github.workspace }}/${{ steps.get_image_artifact_name.outputs.image_artifact_name }}-sbom.json
	retention-days: 1

	image-security-scan:
	needs: [build_test_image]
	timeout-minutes: 10
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false

	steps:
	- name: Download image
	uses: actions/download-artifact@v3
	with:
	name: ${{ needs.build_test_image.outputs.image_artifact_name }}-image
	- name: Load image into docker
	run: docker load --input "${GITHUB_WORKSPACE}/${ARTIFACT}.tar"
	env:
	ARTIFACT: ${{ needs.build_test_image.outputs.image_artifact_name }}
	- name: Checkout Repo
	uses: actions/checkout@v3
	- name: Run vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: '${{ needs.build_test_image.outputs.image_name }}:ci'
	format: 'table'
	exit-code: '1'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
	timeout: "9m0s"

	build_test_backend_image:
	needs: [linting, unit-and-integration-tests]
	timeout-minutes: 10
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	outputs:
	image_artifact_name: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}
	image_name: ${{ steps.get_image_name.outputs.image_name }}

	steps:
	- name: Checkout Repo
	uses: actions/checkout@v3
	- name: Build image artifact name
	id: get_image_artifact_name
	run: \|
	IMAGE_ARTIFACT_NAME=$(echo "${GITHUB_HEAD_REF}" \| sed 's_/_\-_g' )-backend
	echo ::set-output name=image_artifact_name::"${IMAGE_ARTIFACT_NAME}"
	- name: Build image name
	id: get_image_name
	run: echo ::set-output name=image_name::"ghcr.io/international-data-spaces-association/dataspace-connector/tests/route-backend"
	- name: Build image
	run: \|
	cd ./scripts/tests/route-backend/
	docker build . -t "${IMAGE}" -f route-backend.dockerfile
	env:
	IMAGE: ${{ steps.get_image_name.outputs.image_name }}
	DOCKER_BUILDKIT: 1
	- name: Build tar ball
	id: build_tar_ball
	run: \|
	docker save --output "${BACKEND_ARTIFACT}.tar" "${BACKEND_IMAGE}"
	env:
	BACKEND_IMAGE: ${{ steps.get_image_name.outputs.image_name }}
	BACKEND_ARTIFACT: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}
	- name: Push image
	uses: actions/upload-artifact@v3
	with:
	name: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}-image
	path: ${{ github.workspace }}/${{ steps.get_image_artifact_name.outputs.image_artifact_name }}.tar
	retention-days: 1

	build_test_runner_image:
	needs: [linting, unit-and-integration-tests]
	timeout-minutes: 10
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	outputs:
	image_artifact_name: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}
	image_name: ${{ steps.get_image_name.outputs.image_name }}

	steps:
	- name: Checkout Repo
	uses: actions/checkout@v3
	- name: Build image artifact name
	id: get_image_artifact_name
	run: \|
	IMAGE_ARTIFACT_NAME=$(echo "${GITHUB_HEAD_REF}" \| sed 's_/_\-_g' )-runner
	echo ::set-output name=image_artifact_name::"${IMAGE_ARTIFACT_NAME}"
	- name: Build image name
	id: get_image_name
	run: echo ::set-output name=image_name::"ghcr.io/international-data-spaces-association/dataspace-connector/tests/runner"
	- name: Build image
	run: \|
	cd ./scripts/tests/runner/
	docker build . -t "${IMAGE}" -f runner.dockerfile
	env:
	IMAGE: ${{ steps.get_image_name.outputs.image_name }}
	DOCKER_BUILDKIT: 1
	- name: Build tar ball
	id: build_tar_ball
	run: \|
	docker save --output "${BACKEND_ARTIFACT}.tar" "${BACKEND_IMAGE}"
	env:
	BACKEND_IMAGE: ${{ steps.get_image_name.outputs.image_name }}
	BACKEND_ARTIFACT: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}
	- name: Push image
	uses: actions/upload-artifact@v3
	with:
	name: ${{ steps.get_image_artifact_name.outputs.image_artifact_name }}-image
	path: ${{ github.workspace }}/${{ steps.get_image_artifact_name.outputs.image_artifact_name }}.tar
	retention-days: 1

	e2e-test:
	needs: [build_test_image, build_test_backend_image, build_test_runner_image]
	timeout-minutes: 30
	runs-on: ubuntu-latest

	steps:
	- name: Checkout Repo
	uses: actions/checkout@v3
	with:
	fetch-depth: 0
	- name: Setup environment
	run: \|
	curl -sfL https://get.k3s.io \| K3S_KUBECONFIG_MODE=666 sh -
	cat /etc/rancher/k3s/k3s.yaml
	mkdir -p ~/.kube
	cp /etc/rancher/k3s/k3s.yaml ~/.kube/config
	chmod 600 ~/.kube/config
	- name: Download image
	uses: actions/download-artifact@v3
	with:
	name: ${{ needs.build_test_image.outputs.image_artifact_name }}-image
	- name: Download backend image
	uses: actions/download-artifact@v3
	with:
	name: ${{ needs.build_test_backend_image.outputs.image_artifact_name }}-image
	- name: Download test runner image
	uses: actions/download-artifact@v3
	with:
	name: ${{ needs.build_test_runner_image.outputs.image_artifact_name }}-image
	- name: Load image into cluster
	run: sudo k3s ctr images import "${GITHUB_WORKSPACE}/${ARTIFACT}.tar"
	env:
	ARTIFACT: ${{ needs.build_test_image.outputs.image_artifact_name }}
	- name: Load backend image into cluster
	run: sudo k3s ctr images import "${GITHUB_WORKSPACE}/${BACKEND_ARTIFACT}.tar"
	env:
	BACKEND_ARTIFACT: ${{ needs.build_test_backend_image.outputs.image_artifact_name }}
	- name: Load backend image into cluster
	run: sudo k3s ctr images import "${GITHUB_WORKSPACE}/${RUNNER_ARTIFACT}.tar"
	env:
	RUNNER_ARTIFACT: ${{ needs.build_test_runner_image.outputs.image_artifact_name }}
	- name: Test environment
	run: \|
	kubectl cluster-info
	- name: Run scripts
	run: \|
	./scripts/ci/e2e/test-provider-consumer.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

docs: note for current status of maintainers #827

Workflow file

docs: note for current status of maintainers #827

Jobs

Run details

Workflow file for this run