immunisation-fhir-api/.github/workflows/quality-checks.yml at 9d2ef835e61e883bd8dd0d265a14b8d1d6552ae9 · NHSDigital/immunisation-fhir-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
name: Quality Checks

on:
  push:
    branches:
      - master
  pull_request:
    types: [labeled, opened, synchronize, reopened, unlabeled]

env:
  SHARED_PATH: ${{ github.workspace }}/lambdas/shared
  LAMBDA_PATH: ${{ github.workspace }}/lambdas

jobs:
  lint-specification:
    name: Lint specification
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8

      - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444
        with:
          node-version: "23.11.0"
          cache: "npm"

      - name: Install linting dependencies
        run: make install

      - name: Lint
        run: make lint

      - name: Check formatting
        run: make format-check

  lint-python:
    name: Lint Python projects
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8

      - name: Install poetry
        run: pip install poetry==2.1.4

      - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c
        with:
          python-version: 3.11
          cache: "poetry"

      - name: Install linting dependencies
        run: poetry install --no-root
        working-directory: quality_checks

      - name: Lint
        run: poetry run make lint
        working-directory: quality_checks

      - name: Check formatting
        run: poetry run make format-check
        working-directory: quality_checks

  lint-terraform:
    name: Lint Terraform projects
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8

      - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd
        with:
          terraform_version: "1.12.2"

      - name: Check formatting
        run: terraform fmt -check -recursive

  testcoverage_and_sonarcloud:
    name: Test Coverage and SonarCloud
    runs-on: ubuntu-latest

    steps:
      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8

      - name: Install poetry
        run: pip install poetry==2.1.4

      - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c
        with:
          python-version: 3.11
          cache: "poetry"

      - name: Set up AWS credentials
        env:
          AWS_ACCESS_KEY_ID: "FOOBARKEY"
          AWS_SECRET_ACCESS_KEY: "FOOBARSECRET"
        run: |
          aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID
          aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY

      - name: Run unittest with filenameprocessor-coverage
        working-directory: filenameprocessor
        id: filenameprocessor
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run -m unittest discover || echo "filenameprocessor tests failed" >> ../failed_tests.txt
          poetry run coverage xml -o ../filenameprocessor-coverage.xml

      - name: Run unittest with batchprocessorfilter-coverage
        working-directory: batch_processor_filter
        id: batchprocessorfilter
        env:
          PYTHONPATH: ${{ github.workspace }}/batch_processor_filter/src:${{ github.workspace }}/batch_processor_filter/tests
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run -m unittest discover || echo "batchprocessorfilter tests failed" >> ../failed_tests.txt
          poetry run coverage xml -o ../batchprocessorfilter-coverage.xml

      - name: Run unittest with recordprocessor-coverage
        working-directory: recordprocessor
        id: recordprocessor
        env:
          PYTHONPATH: ${{ github.workspace }}/recordprocessor/src:${{ github.workspace }}/recordprocessor/tests
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run -m unittest discover || echo "recordprocessor tests failed" >> ../failed_tests.txt
          poetry run coverage xml -o ../recordprocessor-coverage.xml

        # This step is redundant - all of these tests will be run in the backend step below
      - name: Run unittest with recordforwarder-coverage
        working-directory: backend
        id: recordforwarder
        env:
          PYTHONPATH: ${{ github.workspace }}/backend/src:${{ github.workspace }}/backend/tests
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run -m unittest discover -p "*batch*.py" || echo "recordforwarder tests failed" >> ../failed_tests.txt
          poetry run coverage xml -o ../recordforwarder-coverage.xml

      - name: Run unittest with coverage-delta
        working-directory: delta_backend
        id: delta
        env:
          PYTHONPATH: delta_backend/src:delta_backend/tests
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run -m unittest discover || echo "delta tests failed" >> ../failed_tests.txt
          poetry run coverage xml -o ../delta-coverage.xml

      - name: Run unittest with coverage-fhir-api
        working-directory: backend
        env:
          PYTHONPATH: ${{ github.workspace }}/backend/src:${{ github.workspace }}/backend/tests
        id: fhirapi
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run -m unittest discover || echo "fhir-api tests failed" >> ../failed_tests.txt
          poetry run coverage xml -o ../backend-coverage.xml

      - name: Run unittest with coverage-mesh-processor
        working-directory: mesh_processor
        id: meshprocessor
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run -m unittest discover || echo "mesh_processor tests failed" >> ../failed_tests.txt
          poetry run coverage xml -o ../mesh_processor-coverage.xml

      - name: Run unittest with coverage-ack-lambda
        working-directory: lambdas/ack_backend
        id: acklambda
        env:
          PYTHONPATH: ${{ env.LAMBDA_PATH }}/ack_backend/src:tests:${{ env.SHARED_PATH }}/src
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run --source=src -m unittest discover || echo "ack-lambda tests failed" >> ../../failed_tests.txt
          poetry run coverage xml -o ../../ack-lambda-coverage.xml

      - name: Run unittest with coverage-mns-subscription
        working-directory: lambdas/mns_subscription
        id: mns_subscription
        env:
          PYTHONPATH: ${{ env.LAMBDA_PATH }}/mns_subscription/src:${{ env.SHARED_PATH }}/src
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run -m unittest discover || echo "mns_subscription tests failed" >> ../../failed_tests.txt
          poetry run coverage report -m
          poetry run coverage xml -o ../../mns_subscription-coverage.xml

      - name: Run unittest with redis_sync
        working-directory: lambdas/redis_sync
        id: redis_sync
        env:
          PYTHONPATH: ${{ env.LAMBDA_PATH }}/redis_sync/src:${{ env.SHARED_PATH }}/src
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run --source=src -m unittest discover || echo "redis_sync tests failed" >> ../../failed_tests.txt
          poetry run coverage xml -o ../../redis_sync-coverage.xml

      - name: Run unittest with shared
        working-directory: lambdas/shared
        id: shared
        env:
          PYTHONPATH: ${{ env.SHARED_PATH }}/src
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run --rcfile=.coveragerc --source=src -m unittest discover -s tests -p "test_*.py" -v || echo "shared tests failed" >> ../../failed_tests.txt
          poetry run coverage xml -o ../../shared-coverage.xml

      - name: Run unittest with id_sync
        working-directory: lambdas/id_sync
        id: id_sync
        env:
          PYTHONPATH: ${{ env.LAMBDA_PATH }}/id_sync/src:${{ env.SHARED_PATH }}/src
        continue-on-error: true
        run: |
          poetry install
          poetry run coverage run --rcfile=.coveragerc --source=src -m unittest discover || echo "id_sync tests failed" >> ../../failed_tests.txt
          poetry run coverage xml -o ../../id_sync-coverage.xml

      - name: Run Test Failure Summary
        id: check_failure
        run: |
          if [ -s failed_tests.txt ]; then
            echo "The following tests failed:"
            cat failed_tests.txt

            while IFS= read -r line; do
              echo "##[error]Test Failures: $line"
            done < failed_tests.txt

            exit 1
          else
            echo "All tests passed."
          fi

      - name: SonarCloud Scan
        uses: SonarSource/sonarqube-scan-action@fd88b7d7ccbaefd23d8f36f73b59db7a3d246602
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}