Chore(deps): Bump github/codeql-action from 1 to 3 #94
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and Test | |
| on: | |
| release: | |
| types: [published] | |
| pull_request: | |
| branches: '**' | |
| push: | |
| branches: | |
| - develop | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| env: | |
| CI: true | |
| MONGO_URL: mongodb://localhost:27017/rocketchat | |
| MONGO_OPLOG_URL: mongodb://mongo:27017/local | |
| TOOL_NODE_FLAGS: --max_old_space_size=4096 | |
| TURBO_TEAM: ${{ secrets.TURBO_TEAM }} | |
| jobs: | |
| release-versions: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| release: ${{ steps.by-tag.outputs.release }} | |
| latest-release: ${{ steps.latest.outputs.latest-release }} | |
| docker-tag: ${{ steps.docker.outputs.docker-tag }} | |
| gh-docker-tag: ${{ steps.docker.outputs.gh-docker-tag }} | |
| steps: | |
| - id: by-tag | |
| run: | | |
| if echo "$GITHUB_REF_NAME" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+$' ; then | |
| RELEASE="latest" | |
| elif echo "$GITHUB_REF_NAME" | grep -Eq '^[0-9]+\.[0-9]+\.[0-9]+-rc\.[0-9]+$' ; then | |
| RELEASE="release-candidate" | |
| fi | |
| echo "RELEASE: ${RELEASE}" | |
| echo "::set-output name=release::${RELEASE}" | |
| - id: latest | |
| run: | | |
| LATEST_RELEASE="$( | |
| git -c 'versionsort.suffix=-' ls-remote -t --exit-code --refs --sort=-v:refname "https://github.com/$GITHUB_REPOSITORY" '*' | | |
| sed -En '1!q;s/^[[:xdigit:]]+[[:space:]]+refs\/tags\/(.+)/\1/gp' | |
| )" | |
| echo "LATEST_RELEASE: ${LATEST_RELEASE}" | |
| echo "::set-output name=latest-release::${LATEST_RELEASE}" | |
| - id: docker | |
| run: | | |
| if [[ '${{ github.event_name }}' == 'pull_request' ]]; then | |
| DOCKER_TAG="pr-${{ github.event.number }}" | |
| else | |
| DOCKER_TAG="gh-${{ github.run_id }}" | |
| fi | |
| echo "DOCKER_TAG: ${DOCKER_TAG}" | |
| echo "::set-output name=gh-docker-tag::${DOCKER_TAG}" | |
| build: | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Github Info | |
| run: | | |
| echo "GITHUB_ACTION: $GITHUB_ACTION" | |
| echo "GITHUB_ACTOR: $GITHUB_ACTOR" | |
| echo "GITHUB_REF: $GITHUB_REF" | |
| echo "GITHUB_HEAD_REF: $GITHUB_HEAD_REF" | |
| echo "GITHUB_BASE_REF: $GITHUB_BASE_REF" | |
| echo "github.event_name: ${{ github.event_name }}" | |
| cat $GITHUB_EVENT_PATH | |
| - name: Set Swap Space | |
| uses: pierotofy/set-swap-space@master | |
| with: | |
| swap-size-gb: 4 | |
| - uses: actions/checkout@v3 | |
| - name: Use Node.js 14.18.3 | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: '14.18.3' | |
| cache: 'yarn' | |
| - name: Free disk space | |
| run: | | |
| sudo swapoff -a | |
| sudo rm -f /swapfile | |
| sudo apt clean | |
| docker rmi $(docker image ls -aq) | |
| df -h | |
| - name: Cache meteor local | |
| uses: actions/cache@v2 | |
| with: | |
| path: ./apps/meteor/.meteor/local | |
| key: meteor-local-cache-${{ runner.OS }}-${{ hashFiles('apps/meteor/.meteor/versions') }} | |
| restore-keys: | | |
| meteor-local-cache-${{ runner.os }}- | |
| - name: Cache meteor | |
| uses: actions/cache@v2 | |
| with: | |
| path: ~/.meteor | |
| key: meteor-cache-${{ runner.OS }}-${{ hashFiles('apps/meteor/.meteor/release') }} | |
| restore-keys: | | |
| meteor-cache-${{ runner.os }}- | |
| - name: Install Meteor | |
| run: | | |
| # Restore bin from cache | |
| set +e | |
| METEOR_SYMLINK_TARGET=$(readlink ~/.meteor/meteor) | |
| METEOR_TOOL_DIRECTORY=$(dirname "$METEOR_SYMLINK_TARGET") | |
| set -e | |
| LAUNCHER=$HOME/.meteor/$METEOR_TOOL_DIRECTORY/scripts/admin/launch-meteor | |
| if [ -e $LAUNCHER ] | |
| then | |
| echo "Cached Meteor bin found, restoring it" | |
| sudo cp "$LAUNCHER" "/usr/local/bin/meteor" | |
| else | |
| echo "No cached Meteor bin found." | |
| fi | |
| # only install meteor if bin isn't found | |
| command -v meteor >/dev/null 2>&1 || curl https://install.meteor.com | sed s/--progress-bar/-sL/g | /bin/sh | |
| - name: Versions | |
| run: | | |
| npm --versions | |
| yarn -v | |
| node -v | |
| meteor --version | |
| meteor npm --versions | |
| meteor node -v | |
| git version | |
| - name: yarn install | |
| run: yarn | |
| - name: TurboRepo local server | |
| uses: felixmosh/turborepo-gh-artifacts@v1 | |
| with: | |
| repo-token: ${{ secrets.RC_TURBO_GH_TOKEN }} | |
| server-token: ${{ secrets.TURBO_SERVER_TOKEN }} | |
| - name: Lint | |
| run: yarn lint --api="http://127.0.0.1:9080" --token="${{ secrets.TURBO_SERVER_TOKEN }}" --team='rc' | |
| - name: Translation check | |
| run: yarn turbo run translation-check --api="http://127.0.0.1:9080" --token="${{ secrets.TURBO_SERVER_TOKEN }}" --team='rc' | |
| - name: TS typecheck | |
| run: yarn turbo run typecheck --api="http://127.0.0.1:9080" --token="${{ secrets.TURBO_SERVER_TOKEN }}" --team='rc' | |
| - name: Reset Meteor | |
| if: startsWith(github.ref, 'refs/tags/') == 'true' || github.ref == 'refs/heads/develop' | |
| run: | | |
| cd ./apps/meteor | |
| meteor reset | |
| - name: Build Rocket.Chat From Pull Request | |
| if: startsWith(github.ref, 'refs/pull/') == true | |
| env: | |
| METEOR_PROFILE: 1000 | |
| run: yarn build:ci --api="http://127.0.0.1:9080" -- --debug --directory dist | |
| - name: Build Rocket.Chat | |
| if: startsWith(github.ref, 'refs/pull/') != true | |
| run: yarn build:ci --api="http://127.0.0.1:9080" -- --directory dist | |
| - name: Prepare build | |
| run: | | |
| cd apps/meteor/dist | |
| tar czf /tmp/Rocket.Chat.tar.gz bundle | |
| - name: Store build | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: build | |
| path: /tmp/Rocket.Chat.tar.gz | |
| build-docker-preview: | |
| runs-on: ubuntu-20.04 | |
| needs: [build, release-versions] | |
| if: github.event_name == 'release' || github.ref == 'refs/heads/develop' | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'yarn' | |
| - name: Restore build | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: build | |
| path: /tmp/build | |
| - name: Unpack build | |
| run: | | |
| cd /tmp/build | |
| tar xzf Rocket.Chat.tar.gz | |
| rm Rocket.Chat.tar.gz | |
| - name: Build Docker image | |
| id: build-docker-image-preview | |
| uses: ./.github/actions/build-docker-image | |
| with: | |
| root-dir: /tmp/build | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| release: preview | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| test: | |
| runs-on: ubuntu-20.04 | |
| needs: [build, release-versions] | |
| strategy: | |
| matrix: | |
| node-version: ['14.18.3'] | |
| mongodb-version: ['4.2', '4.4', '5.0'] | |
| steps: | |
| - name: Launch MongoDB | |
| uses: wbari/[email protected] | |
| with: | |
| mongoDBVersion: ${{ matrix.mongodb-version }} --replSet=rs0 | |
| - uses: actions/checkout@v3 | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'yarn' | |
| - name: Setup Chrome | |
| run: npm i chromedriver | |
| - name: Configure Replica Set | |
| run: | | |
| docker exec mongo mongo --eval 'rs.initiate({_id:"rs0", members: [{"_id":1, "host":"localhost:27017"}]})' | |
| docker exec mongo mongo --eval 'rs.status()' | |
| - name: yarn install | |
| run: yarn | |
| - name: TurboRepo local server | |
| uses: felixmosh/turborepo-gh-artifacts@v1 | |
| with: | |
| repo-token: ${{ secrets.RC_TURBO_GH_TOKEN }} | |
| server-token: ${{ secrets.TURBO_SERVER_TOKEN }} | |
| - name: Unit Test | |
| run: yarn testunit --api="http://127.0.0.1:9080" --token="${{ secrets.TURBO_SERVER_TOKEN }}" --team='rc' | |
| - name: Restore build | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: build | |
| path: /tmp/build | |
| - name: Unpack build | |
| run: | | |
| cd /tmp/build | |
| tar xzf Rocket.Chat.tar.gz | |
| rm Rocket.Chat.tar.gz | |
| - name: Build Docker image | |
| id: build-docker-image | |
| if: matrix.mongodb-version != '5.0' | |
| uses: ./.github/actions/build-docker-image | |
| with: | |
| root-dir: /tmp/build | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| release: official | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: Build Alpine Docker image | |
| id: build-docker-image-alpine | |
| if: matrix.mongodb-version == '5.0' | |
| uses: ./.github/actions/build-docker-image | |
| with: | |
| root-dir: /tmp/build | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| release: alpine | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| # TODO move startup/restart to its own github action | |
| - name: Start up Rocket.Chat | |
| run: | | |
| LOWERCASE_REPOSITORY=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| # test alpine image on mongo 5.0 (no special reason to be mongo 5.0 but we need to test alpine at least once) | |
| if [[ '${{ matrix.mongodb-version }}' = '5.0' ]]; then | |
| IMAGE_TAG="${{ needs.release-versions.outputs.gh-docker-tag }}.alpine" | |
| else | |
| IMAGE_TAG="${{ needs.release-versions.outputs.gh-docker-tag }}.official" | |
| fi; | |
| IMAGE_NAME="ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${IMAGE_TAG}" | |
| docker run --name rocketchat -d \ | |
| --link mongo \ | |
| -p 3000:3000 \ | |
| -e TEST_MODE=true \ | |
| -e MONGO_URL=mongodb://mongo:27017/rocketchat \ | |
| -e MONGO_OPLOG_URL=mongodb://mongo:27017/local \ | |
| ${IMAGE_NAME} | |
| - name: E2E Test API | |
| run: | | |
| docker logs rocketchat --tail=50 | |
| cd ./apps/meteor | |
| for i in $(seq 1 5); do | |
| docker stop rocketchat | |
| docker exec mongo mongo rocketchat --eval 'db.dropDatabase()' | |
| NOW=$(date "+%Y-%m-%dT%H:%M:%SZ") | |
| echo $NOW | |
| docker start rocketchat | |
| until echo "$(docker logs rocketchat --since $NOW)" | grep -q "SERVER RUNNING"; do | |
| echo "Waiting Rocket.Chat to start up" | |
| ((c++)) && ((c==10)) && exit 1 | |
| sleep 10 | |
| done | |
| npm run testapi && s=0 && break || s=$? && docker logs rocketchat --tail=100; | |
| done; | |
| exit $s | |
| - name: Install Playwright | |
| run: | | |
| cd ./apps/meteor | |
| npx playwright install --with-deps | |
| - name: E2E Test UI | |
| run: | | |
| echo -e 'pcm.!default {\n type hw\n card 0\n}\n\nctl.!default {\n type hw\n card 0\n}' > ~/.asoundrc | |
| Xvfb -screen 0 1024x768x24 :99 & | |
| docker logs rocketchat --tail=50 | |
| docker stop rocketchat | |
| docker exec mongo mongo rocketchat --eval 'db.dropDatabase()' | |
| NOW=$(date "+%Y-%m-%dT%H:%M:%SZ") | |
| echo $NOW | |
| docker start rocketchat | |
| until echo "$(docker logs rocketchat --since $NOW)" | grep -q "SERVER RUNNING"; do | |
| echo "Waiting Rocket.Chat to start up" | |
| ((c++)) && ((c==10)) && exit 1 | |
| sleep 10 | |
| done | |
| cd ./apps/meteor | |
| npm run test:playwright | |
| - name: Store playwright test trace | |
| uses: actions/upload-artifact@v2 | |
| if: failure() | |
| with: | |
| name: playwright-test-trace | |
| path: ./apps/meteor/tests/e2e/test-failures* | |
| test-ee: | |
| runs-on: ubuntu-20.04 | |
| needs: [build, release-versions] | |
| strategy: | |
| matrix: | |
| node-version: ['14.18.3'] | |
| mongodb-version-ee: ['4.4'] | |
| steps: | |
| - name: Launch MongoDB | |
| uses: wbari/[email protected] | |
| with: | |
| mongoDBVersion: ${{ matrix.mongodb-version-ee }} --replSet=rs0 | |
| - name: Launch NATS | |
| run: sudo docker run --name nats -d -p 4222:4222 nats:2.4 | |
| - uses: actions/checkout@v3 | |
| - name: Use Node.js ${{ matrix.node-version }} | |
| uses: actions/setup-node@v3 | |
| with: | |
| node-version: ${{ matrix.node-version }} | |
| cache: 'yarn' | |
| - name: Setup Chrome | |
| run: npm i chromedriver | |
| - name: Configure Replica Set | |
| run: | | |
| docker exec mongo mongo --eval 'rs.initiate({_id:"rs0", members: [{"_id":1, "host":"localhost:27017"}]})' | |
| docker exec mongo mongo --eval 'rs.status()' | |
| - name: TurboRepo local server | |
| uses: felixmosh/turborepo-gh-artifacts@v1 | |
| with: | |
| repo-token: ${{ secrets.RC_TURBO_GH_TOKEN }} | |
| server-token: ${{ secrets.TURBO_SERVER_TOKEN }} | |
| - name: yarn install | |
| run: yarn | |
| - name: Unit Test | |
| run: yarn testunit --api="http://127.0.0.1:9080" --token="${{ secrets.TURBO_SERVER_TOKEN }}" --team='rc' | |
| - name: Restore build | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: build | |
| path: /tmp/build | |
| - name: Unpack build | |
| run: | | |
| cd /tmp/build | |
| tar xzf Rocket.Chat.tar.gz | |
| rm Rocket.Chat.tar.gz | |
| - name: Build Docker image | |
| id: build-docker-image | |
| uses: ./.github/actions/build-docker-image | |
| with: | |
| root-dir: /tmp/build | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| release: official | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: 'Build Docker image: account' | |
| uses: ./.github/actions/build-docker-image-service | |
| with: | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| service: account | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: 'Build Docker image: authorization' | |
| uses: ./.github/actions/build-docker-image-service | |
| with: | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| service: authorization | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: 'Build Docker image: ddp-streamer' | |
| uses: ./.github/actions/build-docker-image-service | |
| with: | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| service: ddp-streamer | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: 'Build Docker image: presence' | |
| uses: ./.github/actions/build-docker-image-service | |
| with: | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| service: presence | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: 'Build Docker image: stream-hub' | |
| uses: ./.github/actions/build-docker-image-service | |
| with: | |
| docker-tag: ${{ needs.release-versions.outputs.gh-docker-tag }} | |
| service: stream-hub | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: Launch Traefik | |
| run: | | |
| docker run --name traefik -d \ | |
| -p 3000:80 \ | |
| -v /var/run/docker.sock:/var/run/docker.sock \ | |
| traefik:2.7 \ | |
| --providers.docker=true | |
| # TODO move startup/restart to its own github action | |
| - name: Start up Rocket.Chat | |
| run: | | |
| LOWERCASE_REPOSITORY=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| docker run --name rocketchat -d \ | |
| --link mongo \ | |
| --link nats \ | |
| -e TEST_MODE=true \ | |
| -e MONGO_URL=mongodb://mongo:27017/rocketchat \ | |
| -e MONGO_OPLOG_URL=mongodb://mongo:27017/local \ | |
| -e TRANSPORTER=nats://nats:4222 \ | |
| -e MOLECULER_LOG_LEVEL=info \ | |
| -e ENTERPRISE_LICENSE="${{ secrets.ENTERPRISE_LICENSE }}" \ | |
| -e SKIP_PROCESS_EVENT_REGISTRATION=true \ | |
| --label 'traefik.http.routers.rocketchat.rule=PathPrefix(`/`)' \ | |
| ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${{ needs.release-versions.outputs.gh-docker-tag }}.official | |
| # spin up all micro services | |
| docker run --name ddp-streamer -d \ | |
| --link mongo \ | |
| --link nats \ | |
| -e PORT=4000 \ | |
| -e MONGO_URL=mongodb://mongo:27017/rocketchat \ | |
| -e MONGO_OPLOG_URL=mongodb://mongo:27017/local \ | |
| -e TRANSPORTER=nats://nats:4222 \ | |
| -e MOLECULER_LOG_LEVEL=info \ | |
| --label 'traefik.http.services.ddp-streamer.loadbalancer.server.port=4000' \ | |
| --label 'traefik.http.routers.ddp-streamer.rule=PathPrefix(`/websocket`) || PathPrefix(`/sockjs`)' \ | |
| ghcr.io/${LOWERCASE_REPOSITORY}/ddp-streamer-service:${{ needs.release-versions.outputs.gh-docker-tag }} | |
| - name: 'Start service: stream-hub' | |
| run: | | |
| LOWERCASE_REPOSITORY=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| docker run --name stream-hub -d \ | |
| --link mongo \ | |
| --link nats \ | |
| -e MONGO_URL=mongodb://mongo:27017/rocketchat \ | |
| -e MONGO_OPLOG_URL=mongodb://mongo:27017/local \ | |
| -e TRANSPORTER=nats://nats:4222 \ | |
| -e MOLECULER_LOG_LEVEL=info \ | |
| ghcr.io/${LOWERCASE_REPOSITORY}/stream-hub-service:${{ needs.release-versions.outputs.gh-docker-tag }} | |
| until echo "$(docker logs stream-hub)" | grep -q "NetworkBroker started successfully"; do | |
| echo "Waiting 'stream-hub' to start up" | |
| ((c++)) && ((c==10)) && exit 1 | |
| sleep 10 | |
| done | |
| - name: 'Start service: account' | |
| run: | | |
| LOWERCASE_REPOSITORY=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| docker run --name account -d \ | |
| --link mongo \ | |
| --link nats \ | |
| -e MONGO_URL=mongodb://mongo:27017/rocketchat \ | |
| -e MONGO_OPLOG_URL=mongodb://mongo:27017/local \ | |
| -e TRANSPORTER=nats://nats:4222 \ | |
| -e MOLECULER_LOG_LEVEL=info \ | |
| ghcr.io/${LOWERCASE_REPOSITORY}/account-service:${{ needs.release-versions.outputs.gh-docker-tag }} | |
| until echo "$(docker logs account)" | grep -q "NetworkBroker started successfully"; do | |
| echo "Waiting 'account' to start up" | |
| ((c++)) && ((c==10)) && exit 1 | |
| sleep 10 | |
| done | |
| - name: 'Start service: authorization' | |
| run: | | |
| LOWERCASE_REPOSITORY=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| docker run --name authorization -d \ | |
| --link mongo \ | |
| --link nats \ | |
| -e MONGO_URL=mongodb://mongo:27017/rocketchat \ | |
| -e MONGO_OPLOG_URL=mongodb://mongo:27017/local \ | |
| -e TRANSPORTER=nats://nats:4222 \ | |
| -e MOLECULER_LOG_LEVEL=info \ | |
| ghcr.io/${LOWERCASE_REPOSITORY}/authorization-service:${{ needs.release-versions.outputs.gh-docker-tag }} | |
| until echo "$(docker logs authorization)" | grep -q "NetworkBroker started successfully"; do | |
| echo "Waiting 'authorization' to start up" | |
| ((c++)) && ((c==10)) && exit 1 | |
| sleep 10 | |
| done | |
| - name: 'Start service: presence' | |
| run: | | |
| LOWERCASE_REPOSITORY=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| docker run --name presence -d \ | |
| --link mongo \ | |
| --link nats \ | |
| -e MONGO_URL=mongodb://mongo:27017/rocketchat \ | |
| -e MONGO_OPLOG_URL=mongodb://mongo:27017/local \ | |
| -e TRANSPORTER=nats://nats:4222 \ | |
| -e MOLECULER_LOG_LEVEL=info \ | |
| ghcr.io/${LOWERCASE_REPOSITORY}/presence-service:${{ needs.release-versions.outputs.gh-docker-tag }} | |
| until echo "$(docker logs presence)" | grep -q "NetworkBroker started successfully"; do | |
| echo "Waiting 'presence' to start up" | |
| ((c++)) && ((c==10)) && exit 1 | |
| sleep 10 | |
| done | |
| - name: E2E Test API | |
| run: | | |
| cd ./apps/meteor | |
| for i in $(seq 1 5); do | |
| docker stop rocketchat | |
| docker stop stream-hub | |
| docker stop account | |
| docker stop authorization | |
| docker stop ddp-streamer | |
| docker stop presence | |
| docker exec mongo mongo rocketchat --eval 'db.dropDatabase()' | |
| NOW=$(date "+%Y-%m-%dT%H:%M:%SZ") | |
| echo $NOW | |
| docker start rocketchat | |
| docker start stream-hub | |
| docker start account | |
| docker start authorization | |
| docker start ddp-streamer | |
| docker start presence | |
| until echo "$(docker logs rocketchat --since $NOW)" | grep -q "SERVER RUNNING"; do | |
| echo "Waiting Rocket.Chat to start up" | |
| ((c++)) && ((c==10)) && exit 1 | |
| sleep 10 | |
| done | |
| docker logs rocketchat --tail=50 | |
| docker logs stream-hub --tail=50 | |
| docker logs account --tail=50 | |
| docker logs authorization --tail=50 | |
| docker logs ddp-streamer --tail=50 | |
| docker logs presence --tail=50 | |
| npm run testapi && s=0 && break || s=$? && docker logs rocketchat --tail=100 && docker logs authorization --tail=50; | |
| done; | |
| exit $s | |
| - name: Install Playwright | |
| run: | | |
| cd ./apps/meteor | |
| npx playwright install --with-deps | |
| - name: E2E Test UI | |
| run: | | |
| echo -e 'pcm.!default {\n type hw\n card 0\n}\n\nctl.!default {\n type hw\n card 0\n}' > ~/.asoundrc | |
| Xvfb -screen 0 1024x768x24 :99 & | |
| docker logs rocketchat --tail=50 | |
| docker stop rocketchat | |
| docker stop stream-hub | |
| docker stop account | |
| docker stop authorization | |
| docker stop ddp-streamer | |
| docker stop presence | |
| docker exec mongo mongo rocketchat --eval 'db.dropDatabase()' | |
| NOW=$(date "+%Y-%m-%dT%H:%M:%SZ") | |
| echo $NOW | |
| docker start rocketchat | |
| docker start stream-hub | |
| docker start account | |
| docker start authorization | |
| docker start ddp-streamer | |
| docker start presence | |
| until echo "$(docker logs rocketchat --since $NOW)" | grep -q "SERVER RUNNING"; do | |
| echo "Waiting Rocket.Chat to start up" | |
| ((c++)) && ((c==10)) && exit 1 | |
| sleep 10 | |
| done | |
| docker logs rocketchat --tail=50 | |
| docker logs stream-hub --tail=50 | |
| docker logs account --tail=50 | |
| docker logs authorization --tail=50 | |
| docker logs ddp-streamer --tail=50 | |
| docker logs presence --tail=50 | |
| cd ./apps/meteor | |
| IS_EE=true npm run test:playwright | |
| - name: Store playwright test trace | |
| uses: actions/upload-artifact@v2 | |
| if: failure() | |
| with: | |
| name: playwright-test-trace | |
| path: ./apps/meteor/tests/e2e/test-failures* | |
| deploy: | |
| runs-on: ubuntu-20.04 | |
| if: github.event_name == 'release' || github.ref == 'refs/heads/develop' | |
| needs: [test, release-versions] | |
| steps: | |
| - uses: actions/checkout@v3 | |
| - name: Restore build | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: build | |
| path: /tmp/build | |
| - name: Publish assets | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| AWS_DEFAULT_REGION: 'us-east-1' | |
| GPG_PASSWORD: ${{ secrets.GPG_PASSWORD }} | |
| REDHAT_REGISTRY_PID: ${{ secrets.REDHAT_REGISTRY_PID }} | |
| REDHAT_REGISTRY_KEY: ${{ secrets.REDHAT_REGISTRY_KEY }} | |
| UPDATE_TOKEN: ${{ secrets.UPDATE_TOKEN }} | |
| run: | | |
| REPO_VERSION=$(node -p "require('./package.json').version") | |
| if [[ '${{ github.event_name }}' = 'release' ]]; then | |
| GIT_TAG="${GITHUB_REF#*tags/}" | |
| GIT_BRANCH="" | |
| ARTIFACT_NAME="${REPO_VERSION}" | |
| RC_VERSION=$GIT_TAG | |
| if [[ '${{ needs.release-versions.outputs.release }}' = 'release-candidate' ]]; then | |
| SNAP_CHANNEL=candidate | |
| RC_RELEASE=candidate | |
| elif [[ '${{ needs.release-versions.outputs.release }}' = 'latest' ]]; then | |
| SNAP_CHANNEL=stable | |
| RC_RELEASE=stable | |
| fi | |
| else | |
| GIT_TAG="" | |
| GIT_BRANCH="${GITHUB_REF#*heads/}" | |
| ARTIFACT_NAME="${REPO_VERSION}.$GITHUB_SHA" | |
| RC_VERSION="${REPO_VERSION}" | |
| SNAP_CHANNEL=edge | |
| RC_RELEASE=develop | |
| fi; | |
| ROCKET_DEPLOY_DIR="/tmp/deploy" | |
| FILENAME="$ROCKET_DEPLOY_DIR/rocket.chat-$ARTIFACT_NAME.tgz"; | |
| aws s3 cp s3://rocketchat/sign.key.gpg .github/sign.key.gpg | |
| mkdir -p $ROCKET_DEPLOY_DIR | |
| cp .github/sign.key.gpg /tmp | |
| gpg --yes --batch --passphrase=$GPG_PASSWORD /tmp/sign.key.gpg | |
| gpg --allow-secret-key-import --import /tmp/sign.key | |
| rm /tmp/sign.key | |
| ln -s /tmp/build/Rocket.Chat.tar.gz "$FILENAME" | |
| gpg --armor --detach-sign "$FILENAME" | |
| aws s3 cp $ROCKET_DEPLOY_DIR/ s3://download.rocket.chat/build/ --recursive | |
| curl -H "Content-Type: application/json" -H "X-Update-Token: $UPDATE_TOKEN" -d \ | |
| "{\"nodeVersion\": \"14.18.3\", \"compatibleMongoVersions\": [\"4.2\", \"4.4\", \"5.0\"], \"commit\": \"$GITHUB_SHA\", \"tag\": \"$RC_VERSION\", \"branch\": \"$GIT_BRANCH\", \"artifactName\": \"$ARTIFACT_NAME\", \"releaseType\": \"$RC_RELEASE\"}" \ | |
| https://releases.rocket.chat/update | |
| # Makes build fail if the release isn't there | |
| curl --fail https://releases.rocket.chat/$RC_VERSION/info | |
| if [[ $GIT_TAG ]]; then | |
| curl -X POST \ | |
| https://connect.redhat.com/api/v2/projects/$REDHAT_REGISTRY_PID/build \ | |
| -H "Authorization: Bearer $REDHAT_REGISTRY_KEY" \ | |
| -H 'Cache-Control: no-cache' \ | |
| -H 'Content-Type: application/json' \ | |
| -d '{"tag":"'$GIT_TAG'"}' | |
| fi | |
| docker-image-publish: | |
| runs-on: ubuntu-20.04 | |
| needs: [deploy, build-docker-preview, release-versions] | |
| strategy: | |
| matrix: | |
| # this is currently a mix of variants and different images | |
| release: ['official', 'preview', 'alpine'] | |
| env: | |
| IMAGE_NAME: 'rocketchat/rocket.chat' | |
| steps: | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USER }} | |
| password: ${{ secrets.DOCKER_PASS }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: Get Docker image name | |
| id: gh-docker | |
| run: | | |
| LOWERCASE_REPOSITORY=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| GH_IMAGE_NAME="ghcr.io/${LOWERCASE_REPOSITORY}/rocket.chat:${{ needs.release-versions.outputs.gh-docker-tag }}.${{ matrix.release }}" | |
| echo "GH_IMAGE_NAME: $GH_IMAGE_NAME" | |
| echo "::set-output name=gh-image-name::${GH_IMAGE_NAME}" | |
| - name: Pull Docker image | |
| run: docker pull ${{ steps.gh-docker.outputs.gh-image-name }} | |
| - name: Publish Docker image | |
| run: | | |
| if [[ '${{ matrix.release }}' = 'preview' ]]; then | |
| IMAGE_NAME="${IMAGE_NAME}.preview" | |
| fi; | |
| # 'develop' or 'tag' | |
| DOCKER_TAG=$GITHUB_REF_NAME | |
| # append the variant name to docker tag | |
| if [[ '${{ matrix.release }}' = 'alpine' ]]; then | |
| DOCKER_TAG="${DOCKER_TAG}-${{ matrix.release }}" | |
| fi; | |
| echo "IMAGE_NAME: $IMAGE_NAME" | |
| echo "DOCKER_TAG: $DOCKER_TAG" | |
| # tag and push the specific tag version | |
| docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $IMAGE_NAME:$DOCKER_TAG | |
| docker push $IMAGE_NAME:$DOCKER_TAG | |
| if [[ $GITHUB_REF == refs/tags/* ]]; then | |
| RELEASE="${{ needs.release-versions.outputs.release }}" | |
| if [[ '${{ matrix.release }}' = 'alpine' ]]; then | |
| RELEASE="${RELEASE}-${{ matrix.release }}" | |
| fi; | |
| echo "RELEASE: $RELEASE" | |
| if [[ $RELEASE == 'latest' ]]; then | |
| if [[ '${{ needs.release-versions.outputs.latest-release }}' == $GITHUB_REF_NAME ]]; then | |
| docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $IMAGE_NAME:$RELEASE | |
| docker push $IMAGE_NAME:$RELEASE | |
| fi | |
| else | |
| docker tag ${{ steps.gh-docker.outputs.gh-image-name }} $IMAGE_NAME:$RELEASE | |
| docker push $IMAGE_NAME:$RELEASE | |
| fi | |
| fi | |
| services-docker-image-publish: | |
| runs-on: ubuntu-20.04 | |
| needs: [deploy, release-versions] | |
| strategy: | |
| matrix: | |
| service: ['account', 'authorization', 'ddp-streamer', 'presence', 'stream-hub'] | |
| steps: | |
| - name: Login to DockerHub | |
| uses: docker/login-action@v2 | |
| with: | |
| username: ${{ secrets.DOCKER_USER }} | |
| password: ${{ secrets.DOCKER_PASS }} | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ secrets.CR_USER }} | |
| password: ${{ secrets.CR_PAT }} | |
| - name: Publish Docker images | |
| run: | | |
| LOWERCASE_REPOSITORY=$(echo "${{ github.repository_owner }}" | tr "[:upper:]" "[:lower:]") | |
| IMAGE_TAG="${{ needs.release-versions.outputs.gh-docker-tag }}" | |
| GH_IMAGE_NAME="ghcr.io/${LOWERCASE_REPOSITORY}/${{ matrix.service }}-service:${IMAGE_TAG}" | |
| echo "GH_IMAGE_NAME: $GH_IMAGE_NAME" | |
| docker pull $GH_IMAGE_NAME | |
| # 'develop' or 'tag' | |
| DOCKER_TAG=$GITHUB_REF_NAME | |
| docker tag $GH_IMAGE_NAME rocketchat/${{ matrix.service }}-service:${IMAGE_TAG} | |
| docker push rocketchat/${{ matrix.service }}-service:${IMAGE_TAG} | |
| if [[ $GITHUB_REF == refs/tags/* ]]; then | |
| RELEASE="${{ needs.release-versions.outputs.release }}" | |
| if [[ $RELEASE == 'latest' ]]; then | |
| if [[ '${{ needs.release-versions.outputs.latest-release }}' == $GITHUB_REF_NAME ]]; then | |
| docker tag rocketchat/${{ matrix.service }}-service:${IMAGE_TAG} rocketchat/${{ matrix.service }}-service:${RELEASE} | |
| docker push rocketchat/${{ matrix.service }}-service:${RELEASE} | |
| fi | |
| else | |
| docker tag rocketchat/${{ matrix.service }}-service:${IMAGE_TAG} rocketchat/${{ matrix.service }}-service:${RELEASE} | |
| docker push rocketchat/${{ matrix.service }}-service:${RELEASE} | |
| fi | |
| fi |