Skip to content

Merge pull request #1456 from atsign-foundation/update_changelog #3292

Merge pull request #1456 from atsign-foundation/update_changelog

Merge pull request #1456 from atsign-foundation/update_changelog #3292

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: at_client_sdk
on:
push:
branches:
- trunk
pull_request:
branches:
- trunk
permissions: # added using https://github.com/step-security/secure-workflows
contents: read
jobs:
unit_tests_and_code_analysis:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
dart-channel: [stable,beta]
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: dart-lang/setup-dart@e630b99d28a3b71860378cafdc2a067c71107f94 # v1.7.0
with:
sdk: ${{ matrix.dart-channel}}
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version: 'stable'
cache-dependency-path: tools/osv-scanner/go.sum
# Install dependencies in at_client library
- name: Install dependencies in at_client
working-directory: packages/at_client
run: dart pub get
# Run analyzer in at_client library
- name: Analyze project source in at_client
working-directory: packages/at_client
run: dart analyze
# Run unit tests
- name: Run at_client unit tests, with code coverage measurement
working-directory: packages/at_client
run: dart test --concurrency=1 --coverage="coverage"
- name: Convert at_client coverage to LCOV format
working-directory: packages/at_client
run: dart run coverage:format_coverage --check-ignore --lcov --in=coverage --out=unit_test_coverage.lcov --report-on=lib
- name: Upload at_client coverage to Codecov
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1
with:
file: packages/at_client/unit_test_coverage.lcov
flags: at_client_unit_tests
# Adding flutter to path
- name: Installing Flutter
uses: britannio/action-install-flutter@a486b7e3148e54a76390d849100b9dee819ff810 # v1.1
with:
version: stable
# Install dependencies of at_client_mobile
- name: Installing dependencies
working-directory: packages/at_client_mobile
run: flutter pub get
# Analyze at_client_mobile package
- name: flutter analyze
working-directory: packages/at_client_mobile
run: flutter analyze --no-fatal-infos
# Run unit tests
- name: Run at_client_mobile unit tests, with code coverage measurement
working-directory: packages/at_client_mobile
run: flutter test --concurrency=1 --coverage
- name: Convert at_client_mobile coverage to LCOV format
working-directory: packages/at_client_mobile
run: dart run coverage:format_coverage --lcov --check-ignore --in=coverage --out=unit_test_coverage.lcov --report-on=lib
- name: Upload at_client_mobile coverage to Codecov
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1
with:
file: packages/at_client_mobile/unit_test_coverage.lcov
flags: at_client_mobile_unit_tests
# Check formatting
- name: Check that code in packages is correctly formatted
working-directory: packages
run: dart format . -o none --set-exit-if-changed
# Runs osv-scanner to find any vulnerable Dart dependencies
# It needs to look at pubspec.lock files, which is why it's
# placed here, as the `dart pub get` above will create them
- name: Run osv-scanner
working-directory: packages
run: |
go install github.com/google/osv-scanner/cmd/osv-scanner@6316373e47d7e3e4b4fd3630c4bbc10987738de6 # v1.4.3
osv-scanner --lockfile=./at_client/pubspec.lock
osv-scanner --lockfile=./at_client_mobile/pubspec.lock
functional_tests:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
dart-channel: [stable,beta]
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: dart-lang/setup-dart@e630b99d28a3b71860378cafdc2a067c71107f94 # v1.7.0
with:
sdk: ${{ matrix.dart-channel}}
# Install dependencies in at_functional_test
- name: Install dependencies in at_functional_test
working-directory: tests/at_functional_test
run: dart pub get
- name: Add entry to hosts file
run: echo "127.0.0.1 vip.ve.atsign.zone" | sudo tee -a /etc/hosts
# Start docker container to run functional tests
- name: Start docker instance
working-directory: tests/at_functional_test/test
run: docker compose pull && docker compose up -d
- name: Check for docker container readiness
working-directory: tests/at_functional_test
run: dart run test/check_docker_readiness.dart
- name: Run PKAM
run: docker exec test-virtualenv-1 supervisorctl start pkamLoad
- name: Check test environment readiness
working-directory: tests/at_functional_test
run: dart run test/check_test_env.dart
# Run functional tests
- name: Run functional tests
working-directory: tests/at_functional_test
run: dart test --concurrency=1 --coverage="coverage"
- name: Convert coverage to LCOV format
working-directory: tests/at_functional_test
run: dart run coverage:format_coverage --check-ignore --lcov --in=coverage --out=functional_test_coverage.lcov --report-on=../../packages/at_client/lib
- name: Upload coverage to Codecov
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1
with:
file: tests/at_functional_test/functional_test_coverage.lcov
flags: functional_tests
# stop docker containers
- name: stop docker containers
working-directory: tests/at_functional_test/test
run: docker compose down
end2end_tests_prep:
# Don't run on PRs from a fork as the secrets aren't available
if: ${{ github.event.pull_request.head.repo.fork == false }}
runs-on: ubuntu-latest
steps:
- name: update image on cicd VMs
# Needs a secret, so don't run for Dependabot PRs
if: ${{ github.actor != 'dependabot[bot]' }}
uses: appleboy/ssh-action@7eaf76671a0d7eec5d98ee897acda4f968735a17 # v1.2.0
with:
host: "cicd1.atsign.wtf,cicd2.atsign.wtf"
username: ubuntu
key: ${{ secrets.CICD_SSH_KEY }}
script: |
scriptURL="https://raw.githubusercontent.com/atsign-foundation/at_client_sdk/trunk/tools/${HOSTNAME}/update_ce2e_images.sh"
echo "$scriptURL"
wget -q -O update_ce2e_images.sh "$scriptURL"
./update_ce2e_images.sh
# The Job runs end-to-end tests between two atSign's running on server trunk branch
end2end_tests:
needs: [ end2end_tests_prep ]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: dart-lang/setup-dart@e630b99d28a3b71860378cafdc2a067c71107f94 # v1.7.0
with:
sdk: stable
- name: Install dependencies in at_client
working-directory: packages/at_client
run: dart pub get
# Install dependencies in at_end2end_test
- name: Install dependencies in at_end2end_test
working-directory: tests/at_end2end_test
run: dart pub get
# Populate at_credentials.dart from CICD_DATA_DART secret
- name: Get CICD keys into place
# Needs a secret, so don't run for Dependabot PRs
if: ${{ github.actor != 'dependabot[bot]' }}
run: echo "${{secrets.AT_CICD_CREDENTIALS}}" > tests/at_end2end_test/lib/src/at_credentials.dart
# Move the config file in-place
- name: Config for @cicd1/2
run: mv tests/at_end2end_test/config/config12.yaml tests/at_end2end_test/config/config.yaml
# Run end-to-end test
- name: End to end test
# Needs a secret, so don't run for Dependabot PRs
if: ${{ github.actor != 'dependabot[bot]' }}
working-directory: tests/at_end2end_test
run: dart test --concurrency=1 --coverage="coverage"
- name: Convert coverage to LCOV format
# Needs tests to have run, so don't run for Dependabot PRs
if: ${{ github.actor != 'dependabot[bot]' }}
working-directory: tests/at_end2end_test
run: dart run coverage:format_coverage --check-ignore --lcov --in=coverage --out=end2end_test_coverage.lcov --report-on=lib
- name: Upload coverage to Codecov
# Needs LCOV report to upload, so don't run for Dependabot PRs
if: ${{ github.actor != 'dependabot[bot]' }}
uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1
with:
file: tests/at_end2end_test/end2end_test_coverage.lcov
flags: end2end_tests
# The Job runs end-to-end tests between server code running on trunk branch and canary (production ready) server
end2end_test_14:
needs: [ end2end_tests ]
if: ${{ github.actor != 'dependabot[bot]' }}
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: dart-lang/setup-dart@e630b99d28a3b71860378cafdc2a067c71107f94 # v1.7.0
with:
sdk: stable
- name: Install dependencies in at_client
working-directory: packages/at_client
run: dart pub get
# Install dependencies in at_end2end_test
- name: Install dependencies in at_end2end_test
working-directory: tests/at_end2end_test
run: dart pub get
# Populate at_credentials.dart from CICD_DATA_DART secret
- name: Get CICD keys into place
# Needs a secret, so don't run for Dependabot PRs
if: ${{ github.actor != 'dependabot[bot]' }}
run: echo "${{secrets.AT_CICD_CREDENTIALS}}" > tests/at_end2end_test/lib/src/at_credentials.dart
# Move the config file in-place
- name: Config for @cicd1/4
run: mv tests/at_end2end_test/config/config14.yaml tests/at_end2end_test/config/config.yaml
- name: Submit and approve enrollment request
working-directory: tests/at_end2end_test
run: dart run test/enrollment_setup.dart
# Run end-to-end test
- name: End to end test
# Needs a secret, so don't run for Dependabot PRs
if: ${{ github.actor != 'dependabot[bot]' }}
working-directory: tests/at_end2end_test
run: dart test --concurrency=1
# Makes all the enrollment requests inactive. The pending enrollment request are set to denied state and
# the approved enrollment requests are set to revoked state.
- name: Enrollment setup teardown
# Even if the tests fail in the above step, we need to clean up the enrollments.
# Therefore, we set this to "!cancelled()" to ensure this step runs regardless of the outcome of the previous step.
if: ${{ !cancelled() }}
working-directory: tests/at_end2end_test
run: dart run test/enrollment_teardown.dart