docs: update permissions and provisioning #219
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- master | |
- main | |
pull_request: | |
branches: | |
- master | |
- main | |
permissions: read-all | |
jobs: | |
build: | |
name: Build, lint and unit tests | |
runs-on: ubuntu-latest | |
outputs: | |
plugin-id: ${{ steps.metadata.outputs.plugin-id }} | |
plugin-version: ${{ steps.metadata.outputs.plugin-version }} | |
has-e2e: ${{ steps.check-for-e2e.outputs.has-e2e }} | |
has-backend: ${{ steps.check-for-backend.outputs.has-backend }} | |
env: | |
GRAFANA_ACCESS_POLICY_TOKEN: ${{ secrets.GRAFANA_ACCESS_POLICY_TOKEN }} | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Setup Node.js environment | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dependencies | |
run: yarn install | |
- name: Check types | |
run: yarn run typecheck | |
- name: Lint | |
run: yarn run lint | |
- name: Unit tests | |
run: yarn run test:ci | |
- name: Build frontend | |
run: yarn run build | |
- name: Check for backend | |
id: check-for-backend | |
run: | | |
if [ -f "Magefile.go" ] | |
then | |
echo "has-backend=true" >> $GITHUB_OUTPUT | |
fi | |
- name: Setup Go environment | |
if: steps.check-for-backend.outputs.has-backend == 'true' | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Test backend | |
if: steps.check-for-backend.outputs.has-backend == 'true' | |
uses: magefile/mage-action@v3 | |
with: | |
version: latest | |
args: coverage | |
- name: Build backend | |
if: steps.check-for-backend.outputs.has-backend == 'true' | |
uses: magefile/mage-action@v3 | |
with: | |
version: latest | |
args: buildAll | |
- name: Check for E2E | |
id: check-for-e2e | |
run: | | |
if [ -f "playwright.config.ts" ] | |
then | |
echo "has-e2e=true" >> $GITHUB_OUTPUT | |
fi | |
- name: Sign plugin | |
run: yarn run sign | |
if: ${{ env.GRAFANA_ACCESS_POLICY_TOKEN != '' }} | |
- name: Get plugin metadata | |
id: metadata | |
run: | | |
sudo apt-get install jq | |
export GRAFANA_PLUGIN_ID=$(cat dist/plugin.json | jq -r .id) | |
export GRAFANA_PLUGIN_VERSION=$(cat dist/plugin.json | jq -r .info.version) | |
export GRAFANA_PLUGIN_ARTIFACT=${GRAFANA_PLUGIN_ID}-${GRAFANA_PLUGIN_VERSION}.zip | |
echo "plugin-id=${GRAFANA_PLUGIN_ID}" >> $GITHUB_OUTPUT | |
echo "plugin-version=${GRAFANA_PLUGIN_VERSION}" >> $GITHUB_OUTPUT | |
echo "archive=${GRAFANA_PLUGIN_ARTIFACT}" >> $GITHUB_OUTPUT | |
- name: Package plugin | |
id: package-plugin | |
run: | | |
mv dist ${{ steps.metadata.outputs.plugin-id }} | |
zip ${{ steps.metadata.outputs.archive }} ${{ steps.metadata.outputs.plugin-id }} -r | |
- name: Archive Build | |
uses: actions/upload-artifact@v4 | |
with: | |
name: ${{ steps.metadata.outputs.plugin-id }}-${{ steps.metadata.outputs.plugin-version }} | |
path: ${{ steps.metadata.outputs.plugin-id }} | |
retention-days: 5 | |
resolve-versions: | |
name: Resolve e2e images | |
runs-on: ubuntu-latest | |
timeout-minutes: 3 | |
needs: build | |
if: ${{ needs.build.outputs.has-e2e == 'true' }} | |
outputs: | |
matrix: ${{ steps.resolve-versions.outputs.matrix }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Resolve Grafana E2E versions | |
id: resolve-versions | |
uses: grafana/plugin-actions/e2e-version@main | |
playwright-tests: | |
needs: [resolve-versions, build] | |
timeout-minutes: 15 | |
strategy: | |
fail-fast: false | |
matrix: | |
GRAFANA_IMAGE: ${{fromJson(needs.resolve-versions.outputs.matrix)}} | |
name: e2e test ${{ matrix.GRAFANA_IMAGE.name }}@${{ matrix.GRAFANA_IMAGE.VERSION }} | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
sparse-checkout: | | |
provisioning | |
tests | |
src | |
.config | |
- name: Download plugin | |
if: needs.build.outputs.has-backend == 'true' | |
uses: actions/download-artifact@v4 | |
with: | |
path: dist | |
name: ${{ needs.build.outputs.plugin-id }}-${{ needs.build.outputs.plugin-version }} | |
- name: Execute permissions on binary | |
if: needs.build.outputs.has-backend == 'true' | |
run: | | |
chmod +x ./dist/gpx_github_linux_amd64 | |
- name: Setup Node.js environment | |
uses: actions/setup-node@v4 | |
with: | |
node-version-file: '.nvmrc' | |
cache: 'yarn' | |
- name: Install dev dependencies | |
run: yarn install | |
- name: Start Grafana | |
run: | | |
docker compose pull | |
DEVELOPMENT=false GRAFANA_VERSION=${{ matrix.GRAFANA_IMAGE.VERSION }} GRAFANA_IMAGE=${{ matrix.GRAFANA_IMAGE.NAME }} docker compose up -d | |
- name: Wait for Grafana to start | |
uses: nev7n/wait_for_response@v1 | |
with: | |
url: 'http://localhost:3000/' | |
responseCode: 200 | |
timeout: 60000 | |
interval: 500 | |
- name: Install Playwright Browsers | |
run: npx playwright install chromium --with-deps | |
- name: Run Playwright tests | |
id: run-tests | |
run: yarn run e2e | |
- name: Docker logs | |
if: ${{ always() && steps.run-tests.outcome == 'failure' }} | |
run: | | |
docker logs test-test-datasource >& grafana-server.log | |
- name: Stop grafana docker | |
run: docker compose down | |
- name: Upload server log | |
uses: actions/upload-artifact@v4 | |
if: ${{ always() && steps.run-tests.outcome == 'failure' }} | |
with: | |
name: ${{ matrix.GRAFANA_IMAGE.NAME }}-v${{ matrix.GRAFANA_IMAGE.VERSION }}-${{github.run_id}}-server-log | |
path: grafana-server.log | |
retention-days: 5 | |
# If your repository is public, uploading the Playwright report will make it public on the Internet. | |
# Beware not to expose sensitive information. | |
- name: Upload artifacts | |
uses: actions/upload-artifact@v4 | |
if: ${{ always() && steps.run-tests.outcome == 'failure' }} | |
with: | |
name: playwright-report-${{ matrix.GRAFANA_IMAGE.NAME }}-v${{ matrix.GRAFANA_IMAGE.VERSION }}-${{github.run_id}} | |
path: playwright-report/ | |
retention-days: 5 |