refactor(permissions): define default permission set #10935
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: I2::Dev::Tests | |
on: | |
pull_request: | |
branches: [main] | |
paths: | |
- '**.rs' | |
- '**.json' | |
- '**.toml' | |
- '**.lock' | |
- '**.py' | |
- '.github/workflows/iroha2-dev-pr.yml' | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
env: | |
CARGO_TERM_COLOR: always | |
IROHA_CLI_DIR: "/__w/${{ github.event.repository.name }}/${{ github.event.repository.name }}/test" | |
DOCKER_COMPOSE_PATH: defaults | |
TEST_DIR: "tmp/test" | |
IROHA_BIN: "iroha" | |
IROHA_CONTAINER: "defaults-irohad0-1" | |
PYTHON_VERSION: "3.11" | |
POETRY_PATH: "/root/.local/bin/poetry" | |
jobs: | |
consistency: | |
runs-on: [self-hosted, Linux, iroha2] | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-09-09 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Check genesis.json | |
if: always() | |
run: ./scripts/tests/consistency.sh genesis | |
- name: Check schema.json | |
if: always() | |
run: ./scripts/tests/consistency.sh schema | |
- name: Check Docker Compose configurations | |
if: always() | |
run: ./scripts/tests/consistency.sh docker-compose | |
build_executor: | |
runs-on: ubuntu-latest | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-09-09 | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Build iroha executor | |
run: cargo run --bin iroha_wasm_builder -- build ./wasm_samples/default_executor --optimize --out-file ${{ env.DOCKER_COMPOSE_PATH }}/executor.wasm | |
- name: Upload executor to reuse in other jobs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: executor.wasm | |
path: ${{ env.DOCKER_COMPOSE_PATH }}/executor.wasm | |
retention-days: 1 | |
# exclude: iroha/tests/integration/ | |
with_coverage: | |
runs-on: [self-hosted, Linux, iroha2] | |
needs: build_executor | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-09-09 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Download executor.wasm file | |
uses: actions/download-artifact@v4 | |
with: | |
name: executor.wasm | |
path: ${{ env.DOCKER_COMPOSE_PATH }} | |
- name: Run tests, with coverage | |
run: | | |
mold --run cargo test --all-features --no-fail-fast --workspace --exclude iroha | |
mold --run cargo test --all-features --no-fail-fast -p iroha -- --skip integration | |
env: | |
RUSTFLAGS: "-C instrument-coverage" | |
LLVM_PROFILE_FILE: "iroha-%p-%m.profraw" | |
- name: Generate lcov report | |
if: always() | |
run: grcov . --binary-path ./target/debug/ -s . -t lcov --branch --ignore-not-existing --ignore "crates/iroha_cli" --ignore "**/main.rs" -o lcov.info | |
- name: Upload lcov report artifact | |
if: always() | |
uses: actions/upload-artifact@v4 | |
with: | |
name: lcov.info | |
path: lcov.info | |
# include: iroha/tests/integration/ | |
# exclude: iroha/tests/integration/extra_functional | |
integration: | |
runs-on: [self-hosted, Linux, iroha2] | |
needs: build_executor | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-09-09 | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Download executor.wasm file | |
uses: actions/download-artifact@v4 | |
with: | |
name: executor.wasm | |
path: ${{ env.DOCKER_COMPOSE_PATH }} | |
- name: Run tests, with no-default-features | |
run: mold --run cargo test --no-default-features --no-fail-fast -p iroha integration -- --skip extra_functional | |
# include: iroha/tests/integration/extra_functional | |
extra_functional: | |
runs-on: [self-hosted, Linux, iroha2] | |
needs: build_executor | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-09-09 | |
timeout-minutes: 60 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Download executor.wasm file | |
uses: actions/download-artifact@v4 | |
with: | |
name: executor.wasm | |
path: ${{ env.DOCKER_COMPOSE_PATH }} | |
- name: Run tests | |
run: mold --run cargo test --no-default-features --no-fail-fast -p iroha extra_functional -- --test-threads=1 | |
# Run the job to check that the docker containers are properly buildable | |
pr-generator-build: | |
# Job will only execute if the head of the pull request is a branch for PR-generator case | |
if: startsWith(github.head_ref, 'iroha2-pr-deploy/') | |
runs-on: [self-hosted, Linux, iroha2] | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-09-09 | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Login to Soramitsu Harbor | |
uses: docker/login-action@v3 | |
with: | |
registry: docker.soramitsu.co.jp | |
username: ${{ secrets.HARBOR_USERNAME }} | |
password: ${{ secrets.HARBOR_TOKEN }} | |
- name: Set up Docker Buildx | |
id: buildx | |
if: always() | |
uses: docker/setup-buildx-action@v2 | |
with: | |
install: true | |
- name: Build and push iroha2:dev image | |
uses: docker/build-push-action@v6 | |
if: always() | |
with: | |
push: true | |
tags: docker.soramitsu.co.jp/iroha2/iroha2:dev-${{ github.event.pull_request.head.sha }} | |
labels: commit=${{ github.sha }} | |
build-args: TAG=dev | |
file: Dockerfile | |
# This context specification is required | |
context: . | |
workspace_analysis_clippy: | |
runs-on: ubuntu-latest | |
needs: build_executor | |
container: | |
image: hyperledger/iroha2-ci:nightly-2024-09-09 | |
steps: | |
- uses: actions/checkout@v4 | |
- uses: Swatinem/rust-cache@v2 | |
- name: Download executor.wasm file | |
uses: actions/download-artifact@v4 | |
with: | |
name: executor.wasm | |
path: ${{ env.DOCKER_COMPOSE_PATH }} | |
- name: Format | |
run: cargo fmt --all -- --check | |
- name: Lints without features | |
if: always() | |
run: cargo clippy --workspace --benches --tests --examples --no-default-features --quiet | |
- name: Lints with all features enabled | |
if: always() | |
run: cargo clippy --workspace --benches --tests --examples --all-features --quiet --message-format=json | tee clippy.json | |
- name: Documentation | |
if: always() | |
run: cargo doc --no-deps --quiet | |
- name: Upload clippy report artifact | |
uses: actions/upload-artifact@v4 | |
with: | |
name: clippy.json | |
path: clippy.json | |
torii-api-client-cli-tests: | |
runs-on: [self-hosted, Linux, iroha2] | |
needs: build_executor | |
timeout-minutes: 60 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Download executor.wasm file | |
uses: actions/download-artifact@v4 | |
with: | |
name: executor.wasm | |
path: ${{ env.DOCKER_COMPOSE_PATH }} | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
install: true | |
- name: Build and Tag Docker Images | |
uses: docker/build-push-action@v6 | |
if: always() | |
with: | |
context: . | |
load: true | |
file: Dockerfile | |
tags: | | |
hyperledger/iroha:local | |
hyperledger/iroha:dev | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Test docker-compose.single.yml | |
run: | | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.single.yml up --wait || exit 1 | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.single.yml down | |
- name: Test docker-compose.local.yml | |
run: | | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.local.yml up --wait || exit 1 | |
docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.local.yml down | |
- name: Run docker-compose.yml containers | |
run: docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.yml up --wait || exit 1 | |
- name: Install Python and Poetry | |
run: | | |
yum install -y python${{ env.PYTHON_VERSION }} python${{ env.PYTHON_VERSION }}-devel | |
curl -sSL https://install.python-poetry.org | python3 - | |
echo 'export PATH="${{ env.POETRY_PATH }}:$PATH"' >> /etc/profile | |
source /etc/profile | |
- name: Install Torii API Dependencies | |
working-directory: pytests/iroha_torii_tests | |
run: ${{ env.POETRY_PATH }} install | |
- name: Run Torii API Tests | |
working-directory: pytests/iroha_torii_tests | |
run: ${{ env.POETRY_PATH }} run pytest | |
- name: Copy Client CLI Binary from Iroha Container | |
if: always() | |
run: | | |
mkdir -p ${{ env.TEST_DIR }} | |
docker cp ${{ env.IROHA_CONTAINER }}:/usr/local/bin/${{ env.IROHA_BIN }} ${{ env.TEST_DIR }} | |
cp ./defaults/client.toml ${{ env.TEST_DIR }} | |
- name: Make Binaries Executable | |
run: chmod +x ${{ env.TEST_DIR }}/${{ env.IROHA_BIN }} | |
- name: Install Client CLI Dependencies | |
working-directory: pytests/iroha_cli_tests | |
run: ${{ env.POETRY_PATH }} install | |
- name: Run Client CLI Tests | |
working-directory: pytests/iroha_cli_tests | |
env: | |
IROHA_CLI_BINARY: ../../${{ env.TEST_DIR }}/${{ env.IROHA_BIN }} | |
IROHA_CLI_CONFIG: ../../${{ env.TEST_DIR }}/client.toml | |
run: ${{ env.POETRY_PATH }} run pytest | |
- name: Wipe docker-compose.yml containers | |
if: always() | |
run: docker compose -f ${{ env.DOCKER_COMPOSE_PATH }}/docker-compose.yml down |