chore(deps): bump cryptography from 44.0.2 to 46.0.5 #123
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Postgres Build and Test | |
| on: | |
| pull_request: | |
| types: [opened, synchronize] | |
| push: | |
| branches: | |
| - master | |
| tags: | |
| - "**" | |
| workflow_dispatch: {} | |
| env: | |
| RUST_VERSION: "1.89" | |
| PYTHON_VERSION: "3.12" | |
| jobs: | |
| build-and-test-postgres: | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: postgres:18.0 | |
| env: | |
| POSTGRES_USER: test | |
| POSTGRES_PASSWORD: test | |
| POSTGRES_DB: syncstorage | |
| ports: | |
| - 5432:5432 | |
| options: >- | |
| --health-cmd="pg_isready -U test" | |
| --health-interval=10s | |
| --health-timeout=5s | |
| --health-retries=5 | |
| env: | |
| SYNC_SYNCSTORAGE__DATABASE_URL: postgres://test:test@127.0.0.1/syncstorage | |
| SYNC_TOKENSERVER__DATABASE_URL: postgres://test:test@127.0.0.1/tokenserver | |
| RUST_BACKTRACE: 1 | |
| RUST_TEST_THREADS: 1 | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: ./.github/actions/setup-rust | |
| with: | |
| workspace-path: workflow/test-results | |
| - uses: ./.github/actions/setup-python | |
| with: | |
| workspace-path: workflow/test-results | |
| - name: Install PostgreSQL client | |
| run: sudo apt-get update && sudo apt-get install -y postgresql-client | |
| - name: Create Tokenserver database | |
| run: | | |
| PGPASSWORD=test psql -U test -h 127.0.0.1 -d syncstorage -c 'CREATE DATABASE tokenserver;' | |
| - name: Create version.json | |
| run: | | |
| printf '{"commit":"%s","version":"%s","source":"https://github.com/%s/%s","build":"%s"}\n' \ | |
| "${{ github.sha }}" \ | |
| "${{ github.ref_name }}" \ | |
| "${{ github.repository_owner }}" \ | |
| "${{ github.event.repository.name }}" \ | |
| "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | |
| > version.json | |
| - name: Install test dependencies | |
| run: cargo install --locked cargo-nextest cargo-llvm-cov | |
| - name: Run unit tests with coverage | |
| run: make postgres_test_with_coverage | |
| - name: Run unit tests with coverage (quota enforced) | |
| run: make postgres_test_with_coverage | |
| env: | |
| SYNC_SYNCSTORAGE__ENFORCE_QUOTA: 1 | |
| - name: Run Postgres utils tests | |
| working-directory: tools/postgres | |
| run: | | |
| poetry install --no-interaction --no-ansi | |
| poetry run pytest test_purge_ttl.py -v --junit-xml="../../workflow/test-results/${{ github.run_number }}-${{ github.job }}-utils_tests.xml" | |
| env: | |
| SYNC_SYNCSTORAGE__DATABASE_URL: postgresql://test:test@127.0.0.1/syncstorage | |
| - name: Publish Test Report | |
| uses: dorny/test-reporter@a810f9bf83f2344124a920a7a0a85a6716e791f0 | |
| if: always() | |
| with: | |
| name: Postgres Unit Tests | |
| path: workflow/test-results/*.xml | |
| reporter: java-junit | |
| fail-on-error: false | |
| - name: Upload test results | |
| if: always() | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: postgres-test-results | |
| path: workflow/test-results/ | |
| # Upload to GCS on master | |
| - name: Authenticate to Google Cloud | |
| if: github.ref == 'refs/heads/master' && env.GCP_AUTH_KEY != '' | |
| env: | |
| GCP_AUTH_KEY: ${{ secrets.ETE_GCLOUD_SERVICE_KEY }} | |
| uses: google-github-actions/auth@v3 | |
| with: | |
| credentials_json: ${{ secrets.ETE_GCLOUD_SERVICE_KEY }} | |
| - name: Upload JUnit results to GCS | |
| if: github.ref == 'refs/heads/master' && env.GCP_AUTH_KEY != '' | |
| env: | |
| GCP_AUTH_KEY: ${{ secrets.ETE_GCLOUD_SERVICE_KEY }} | |
| uses: google-github-actions/upload-cloud-storage@v2 | |
| with: | |
| path: workflow/test-results | |
| destination: ecosystem-test-eng-metrics/syncstorage-rs/junit | |
| glob: "*.xml" | |
| parent: false | |
| process_gcloudignore: false | |
| - name: Upload coverage results to GCS | |
| if: github.ref == 'refs/heads/master' && env.GCP_AUTH_KEY != '' | |
| env: | |
| GCP_AUTH_KEY: ${{ secrets.ETE_GCLOUD_SERVICE_KEY }} | |
| uses: google-github-actions/upload-cloud-storage@v2 | |
| with: | |
| path: workflow/test-results | |
| destination: ecosystem-test-eng-metrics/syncstorage-rs/coverage | |
| glob: "*.json" | |
| parent: false | |
| process_gcloudignore: false | |
| build-postgres-image: | |
| runs-on: ubuntu-latest | |
| needs: build-and-test-postgres | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Create version.json | |
| run: | | |
| printf '{"commit":"%s","version":"%s","source":"https://github.com/%s/%s","build":"%s"}\n' \ | |
| "${{ github.sha }}" \ | |
| "${{ github.ref_name }}" \ | |
| "${{ github.repository_owner }}" \ | |
| "${{ github.event.repository.name }}" \ | |
| "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ | |
| > version.json | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Build Postgres Docker image | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| push: false | |
| tags: app:build | |
| build-args: | | |
| SYNCSTORAGE_DATABASE_BACKEND=postgres | |
| TOKENSERVER_DATABASE_BACKEND=postgres | |
| outputs: type=docker,dest=/tmp/postgres-image.tar | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| - name: Upload Docker image artifact | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: postgres-docker-image | |
| path: /tmp/postgres-image.tar | |
| retention-days: 1 | |
| postgres-e2e-tests: | |
| runs-on: ubuntu-latest | |
| needs: build-postgres-image | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Download Docker image | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: postgres-docker-image | |
| path: /tmp | |
| - name: Load Docker image | |
| run: docker load --input /tmp/postgres-image.tar | |
| - name: Create test results directory | |
| run: mkdir -p workflow/test-results | |
| - name: Run Postgres e2e tests | |
| run: make docker_run_postgres_e2e_tests | |
| env: | |
| SYNCSTORAGE_RS_IMAGE: app:build | |
| - name: Publish E2E Test Report | |
| uses: dorny/test-reporter@a810f9bf83f2344124a920a7a0a85a6716e791f0 | |
| if: always() | |
| with: | |
| name: Postgres E2E Tests | |
| path: workflow/test-results/*.xml | |
| reporter: java-junit | |
| fail-on-error: false | |
| - name: Upload e2e test results | |
| if: always() | |
| uses: actions/upload-artifact@v6 | |
| with: | |
| name: postgres-e2e-test-results | |
| path: workflow/test-results/ | |
| # Upload to GCS on master | |
| - name: Authenticate to Google Cloud | |
| if: github.ref == 'refs/heads/master' && env.GCP_AUTH_KEY != '' | |
| env: | |
| GCP_AUTH_KEY: ${{ secrets.ETE_GCLOUD_SERVICE_KEY }} | |
| uses: google-github-actions/auth@v3 | |
| with: | |
| credentials_json: ${{ secrets.ETE_GCLOUD_SERVICE_KEY }} | |
| - name: Upload e2e test results to GCS | |
| if: github.ref == 'refs/heads/master' && env.GCP_AUTH_KEY != '' | |
| env: | |
| GCP_AUTH_KEY: ${{ secrets.ETE_GCLOUD_SERVICE_KEY }} | |
| uses: google-github-actions/upload-cloud-storage@v2 | |
| with: | |
| path: workflow/test-results | |
| destination: ecosystem-test-eng-metrics/syncstorage-rs/junit | |
| glob: "*.xml" | |
| parent: false | |
| process_gcloudignore: false | |
| deploy-postgres-dockerhub: | |
| runs-on: ubuntu-latest | |
| needs: postgres-e2e-tests | |
| if: | | |
| github.ref == 'refs/heads/master' || | |
| startsWith(github.ref, 'refs/tags/') || | |
| startsWith(github.ref, 'refs/heads/feature.') | |
| steps: | |
| - name: Download Docker image | |
| uses: actions/download-artifact@v6 | |
| with: | |
| name: postgres-docker-image | |
| path: /tmp | |
| - name: Load Docker image | |
| run: docker load --input /tmp/postgres-image.tar | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USER }} | |
| password: ${{ secrets.DOCKER_PASS }} | |
| - name: Determine Docker tag | |
| id: docker-tag | |
| run: | | |
| if [ "${{ github.ref }}" == "refs/heads/master" ]; then | |
| DOCKER_TAG="${{ github.sha }}" | |
| elif [[ "${{ github.ref }}" == refs/tags/* ]]; then | |
| DOCKER_TAG="${{ github.ref_name }}" | |
| elif [[ "${{ github.ref }}" == refs/heads/feature.* ]]; then | |
| DOCKER_TAG="${{ github.ref_name }}" | |
| else | |
| echo "Not pushing to DockerHub for ref=${{ github.ref }}" | |
| exit 0 | |
| fi | |
| echo "tag=${DOCKER_TAG}" >> $GITHUB_OUTPUT | |
| echo "full_tag=${{ secrets.DOCKERHUB_REPO }}:${DOCKER_TAG}-postgres" >> $GITHUB_OUTPUT | |
| - name: Tag and push Docker image | |
| if: steps.docker-tag.outputs.tag != '' | |
| run: | | |
| docker tag app:build ${{ steps.docker-tag.outputs.full_tag }} | |
| docker images | |
| docker push ${{ steps.docker-tag.outputs.full_tag }} |