Skip to content

Commit

Permalink
ci: split into 4 jobs, no matrix
Browse files Browse the repository at this point in the history
  • Loading branch information
@terriko
terriko committed Dec 17, 2024
1 parent a081cf1 commit dc3d7cf
Showing 1 changed file with 264 additions and 18 deletions.
282 changes: 264 additions & 18 deletions .github/workflows/testing.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,13 +198,9 @@ jobs:
)
)
runs-on: 'ubuntu-latest'
strategy:
matrix:
testgroup: ["sync", "async", "scanner", "language"]
timeout-minutes: 120
env:
LONG_TESTS: 1
testgroup: $${{ matrix.testgroup }}

steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
Expand All @@ -225,20 +221,6 @@ jobs:
echo "sbom set to false"
fi
- name: "Hack for test groups"
env:
sync: $${{ matrix.testgroup == 'sync' }}
async: $${{ matrix.testgroup == 'async' }}
scanner: $${{ matrix.testgroup == 'scanner' }}
language: $${{ matrix.testgroup == 'language' }}
run: |
if ${sync} == true; then
echo "sync=1" >> $GITHUB_ENV
echo "async=0" >> $GITHUB_ENV
echo "scanner=0" >> $GITHUB_ENV
echo "language=0" >> $GITHUB_ENV
fi
- name: Get date
id: get-date
run: |
Expand All @@ -260,6 +242,7 @@ jobs:
with:
path: cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}

- name: Install cabextract
if: env.sbom != 'true'
run: sudo apt-get update && sudo apt-get install cabextract
Expand Down Expand Up @@ -318,6 +301,269 @@ jobs:
name: codecov-umbrella
fail_ci_if_error: false

long_tests_parsers:
name: Long tests on Python 3.10 (parsers)
permissions:
contents: read
if: |
! github.event.pull_request.user.login == 'github-actions[bot]' ||
! (
startsWith(github.head_ref, 'chore-sbom-py') ||
contains(
fromJSON('["chore-update-table","chore-precommit-config","chore-spdx-header"]'),
github.head_ref
)
)
runs-on: 'ubuntu-latest'
timeout-minutes: 120
env:
LONG_TESTS: 1

steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.10'
cache: 'pip'

- name: "Skip tests if this is an automated sbom job"
env:
COMMIT_VAR: ${{ startsWith(github.head_ref, 'chore-sbom-py') && github.event.pull_request.user.login == 'github-actions[bot]' }}
run: |
if ${COMMIT_VAR} == true; then
echo "sbom=true" >> $GITHUB_ENV
echo "sbom set to true"
else
echo "sbom=false" >> $GITHUB_ENV
echo "sbom set to false"
fi
- name: Get date
id: get-date
run: |
echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
echo "yesterday=$(/bin/date -d "-1 day" -u "+%Y%m%d")" >> $GITHUB_OUTPUT
- name: Print Cache Keys
run: |
echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
- name: Get today's cached database
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
id: todays-cache
with:
path: cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
- name: Get yesterday's cached database if today's is not available
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
if: steps.todays-cache.outputs.cache-hit != 'true'
with:
path: cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}

- name: Install cve-bin-tool
if: env.sbom != 'true'
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade setuptools
python -m pip install --upgrade wheel
python -m pip install --upgrade -r dev-requirements.txt
python -m pip install --editable .
- name: Try single CLI run of tool
if: env.sbom != 'true'
run: |
[[ -e cache ]] && mkdir -p .cache && mv cache ~/.cache/cve-bin-tool
NO_EXIT_CVE_NUM=1 python -m cve_bin_tool.cli test/assets/test-kerberos-5-1.15.1.out
cp -r ~/.cache/cve-bin-tool cache
- name: Run language parser tests
if: env.sbom != 'true'
run: >
pytest --cov --cov-append -n 32 --cov-report=xml -v --durations=50
test/test_language_parser.py
- name: Upload code coverage to codecov
if: env.sbom != 'true'
uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # v5.0.2
with:
files: ./coverage.xml
flags: longtests
name: codecov-umbrella
fail_ci_if_error: false

long_tests_scanners:
name: Long tests on Python 3.10 (scanners)
permissions:
contents: read
if: |
! github.event.pull_request.user.login == 'github-actions[bot]' ||
! (
startsWith(github.head_ref, 'chore-sbom-py') ||
contains(
fromJSON('["chore-update-table","chore-precommit-config","chore-spdx-header"]'),
github.head_ref
)
)
runs-on: 'ubuntu-latest'
timeout-minutes: 120
env:
LONG_TESTS: 1

steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.10'
cache: 'pip'

- name: "Skip tests if this is an automated sbom job"
env:
COMMIT_VAR: ${{ startsWith(github.head_ref, 'chore-sbom-py') && github.event.pull_request.user.login == 'github-actions[bot]' }}
run: |
if ${COMMIT_VAR} == true; then
echo "sbom=true" >> $GITHUB_ENV
echo "sbom set to true"
else
echo "sbom=false" >> $GITHUB_ENV
echo "sbom set to false"
fi
- name: Get date
id: get-date
run: |
echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
echo "yesterday=$(/bin/date -d "-1 day" -u "+%Y%m%d")" >> $GITHUB_OUTPUT
- name: Print Cache Keys
run: |
echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
- name: Get today's cached database
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
id: todays-cache
with:
path: cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
- name: Get yesterday's cached database if today's is not available
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
if: steps.todays-cache.outputs.cache-hit != 'true'
with:
path: cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}

- name: Install cve-bin-tool
if: env.sbom != 'true'
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade setuptools
python -m pip install --upgrade wheel
python -m pip install --upgrade -r dev-requirements.txt
python -m pip install --editable .
- name: Try single CLI run of tool
if: env.sbom != 'true'
run: |
[[ -e cache ]] && mkdir -p .cache && mv cache ~/.cache/cve-bin-tool
NO_EXIT_CVE_NUM=1 python -m cve_bin_tool.cli test/assets/test-kerberos-5-1.15.1.out
cp -r ~/.cache/cve-bin-tool cache
- name: Run binary scanner tests
if: env.sbom != 'true'
run: >
pytest --cov --cov-append -n 32 --cov-report=xml -v --durations=50
test/test_scanner.py
- name: Upload code coverage to codecov
if: env.sbom != 'true'
uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # v5.0.2
with:
files: ./coverage.xml
flags: longtests
name: codecov-umbrella
fail_ci_if_error: false

long_tests_sync:
name: Long tests on Python 3.10 (synchronous)
permissions:
contents: read
if: |
! github.event.pull_request.user.login == 'github-actions[bot]' ||
! (
startsWith(github.head_ref, 'chore-sbom-py') ||
contains(
fromJSON('["chore-update-table","chore-precommit-config","chore-spdx-header"]'),
github.head_ref
)
)
runs-on: 'ubuntu-latest'
timeout-minutes: 120
env:
LONG_TESTS: 1

steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: '3.10'
cache: 'pip'

- name: "Skip tests if this is an automated sbom job"
env:
COMMIT_VAR: ${{ startsWith(github.head_ref, 'chore-sbom-py') && github.event.pull_request.user.login == 'github-actions[bot]' }}
run: |
if ${COMMIT_VAR} == true; then
echo "sbom=true" >> $GITHUB_ENV
echo "sbom set to true"
else
echo "sbom=false" >> $GITHUB_ENV
echo "sbom set to false"
fi
- name: Get date
id: get-date
run: |
echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
echo "yesterday=$(/bin/date -d "-1 day" -u "+%Y%m%d")" >> $GITHUB_OUTPUT
- name: Print Cache Keys
run: |
echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
- name: Get today's cached database
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
id: todays-cache
with:
path: cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
- name: Get yesterday's cached database if today's is not available
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
if: steps.todays-cache.outputs.cache-hit != 'true'
with:
path: cache
key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}

- name: Install pdftotext, reportlab and cve-bin-tool
if: env.sbom != 'true'
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade setuptools
python -m pip install --upgrade wheel
python -m pip install --upgrade -r dev-requirements.txt
python -m pip install --editable .
- name: Try single CLI run of tool
if: env.sbom != 'true'
run: |
[[ -e cache ]] && mkdir -p .cache && mv cache ~/.cache/cve-bin-tool
NO_EXIT_CVE_NUM=1 python -m cve_bin_tool.cli test/assets/test-kerberos-5-1.15.1.out
cp -r ~/.cache/cve-bin-tool cache
- name: Run synchronous tests
if: env.sbom != 'true'
run: >
pytest -v --cov --cov-append --cov-report=xml --durations=50
test/test_cli.py
test/test_cvedb.py
- name: Upload code coverage to codecov
if: env.sbom != 'true'
uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # v5.0.2
with:
files: ./coverage.xml
flags: longtests
name: codecov-umbrella
fail_ci_if_error: false


linux-mayfail:
name: Tests that may fail due to network or HTML
permissions:
Expand Down

0 comments on commit dc3d7cf

Please sign in to comment.