name: Test on: workflow_dispatch: push: branches-ignore: - main jobs: test: name: Test runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - name: Build container image run: docker build . --file Dockerfile --tag hesk:test-${{ github.sha }} - name: Configure 1Password Service Account uses: 1password/load-secrets-action/configure@v1 with: service-account-token: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} - name: Load secrets uses: 1password/load-secrets-action@v1 with: export-env: true env: SONAR_TOKEN: "op://Infra/SonarCloud/credential" - name: Install container-structure-test run: | curl -L https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-amd64 \ -o container-structure-test && chmod +x container-structure-test - name: Run structure tests run: | ./container-structure-test test --image "hesk:test-${{ github.sha }}" --config "structure_tests.yml" \ --output "junit" --test-report "test-report.xml" - name: Publish test report uses: mikepenz/action-junit-report@v4.0.0 if: always() with: report_paths: 'test-report.xml' commit: ${{ github.sha }} fail_on_failure: true check_name: Test Report - uses: hadolint/hadolint-action@v3.1.0 with: dockerfile: Dockerfile output-file: hadolint.out format: sonarqube no-fail: true - name: SonarCloud Scan uses: SonarSource/sonarcloud-github-action@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ env.SONAR_TOKEN }} - name: Spin up container run: docker run -d -p 127.0.0.1:8080:80 --name hesk_test hesk:test-${{ github.sha }} - name: Wait for container to be ready run: sleep 10s shell: bash - name: Check if install wizard is available run: curl http://127.0.0.1:8080/install/ continue-on-error: false - name: Tear down if: always() run: | docker rm -f hesk_test docker rmi -f hesk:test-${{ github.sha }}