odin-333: update Makefiles for MAC #45
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: pull-request | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| branches: | |
| - develop | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout the calling repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: build-common | |
| uses: ./.github/actions/build-common | |
| - name: tflint --init | |
| if: ${{ hashFiles('.tflint.hcl') }} | |
| run: | | |
| tflint --init | |
| shell: bash | |
| - name: lint | |
| shell: bash | |
| run: | | |
| make lint-ci | |
| test: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: checkout the calling repo | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: build-common | |
| uses: ./.github/actions/build-common | |
| - name: run tests | |
| shell: bash | |
| run: | | |
| make coverage-ci | |
| - name: coverage comment | |
| if: ${{ github.event.pull_request.user.login != 'dependabot[bot]' && hashFiles('./reports/coverage.xml') && hashFiles('./reports/pytest-coverage.txt') }} | |
| uses: MishaKav/pytest-coverage-comment@9638e4b1448019aba40c4aaaa1ade87a9f211aa1 | |
| with: | |
| pytest-coverage-path: ./reports/pytest-coverage.txt | |
| pytest-xml-coverage-path: ./reports/coverage.xml | |
| junitxml-path: ./reports/junit/results.xml | |
| - name: convert sonar reports | |
| if: ${{ hashFiles('./reports/junit/*.xml') || hashFiles('./reports/coverage.xml') }} | |
| uses: ./.github/actions/sonar-reports | |
| - name: prepare sonar properties | |
| if: ${{ hashFiles('./sonar-project.properties') }} | |
| uses: ./.github/actions/sonar-properties | |
| - name: sonarqube scan | |
| uses: SonarSource/sonarqube-scan-action@1a6d90ebcb0e6a6b1d87e37ba693fe453195ae25 | |
| env: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| - name: publish test report | |
| uses: mikepenz/action-junit-report@3585e9575db828022551b4231f165eb59a0e74e3 | |
| if: ${{ !cancelled() }} | |
| with: | |
| report_paths: 'reports/junit/*.xml' | |
| require_tests: true | |
| fail_on_failure: true | |
| dependabot: | |
| if: github.actor == 'dependabot[bot]' && github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == 'NHSDigital/terraform-aws-metrics-lambda' | |
| needs: | |
| - lint | |
| - test | |
| permissions: | |
| pull-requests: write | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: verify dependabot commits | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const commits = await github.rest.pulls.listCommits({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| pull_number: context.issue.number | |
| }) | |
| for (const commit of commits.data) { | |
| let author = commit.author; | |
| if (author.login != 'dependabot[bot]' || author.type != 'Bot') { | |
| throw new Error(`auto-merge-dependabot not permitted for author login: ${author.login} type: ${author.type}`); | |
| } | |
| } | |
| if (commits.data.length>249) { | |
| // api returns max 250 commits | |
| throw new Error("too many commits to verify commiter"); | |
| } | |
| - name: Approve pull request | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| github.rest.pulls.createReview({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| pull_number: context.issue.number, | |
| event: 'APPROVE' | |
| }) | |
| - name: Merge pull request | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| github.rest.pulls.merge({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| pull_number: context.issue.number, | |
| merge_method: 'merge' | |
| }) |