refactor: address and resolve TODOs (#18425) #398
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Spring Boot Starter Camunda SDK CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - stable/* | |
| - release-* | |
| - trying | |
| - staging | |
| paths: | |
| - '.github/actions/**' | |
| - '.github/workflows/spring-boot-starter-camunda-sdk-ci.yml' | |
| - 'spring-boot-starter-camunda-sdk/**' | |
| - 'zeebe/client/java/**' | |
| pull_request: | |
| paths: | |
| - '.github/actions/**' | |
| - '.github/workflows/spring-boot-starter-camunda-sdk-ci.yml' | |
| - 'spring-boot-starter-camunda-sdk/**' | |
| - 'zeebe/client/java/**' | |
| merge_group: { } | |
| workflow_dispatch: { } | |
| workflow_call: { } | |
| concurrency: | |
| cancel-in-progress: true | |
| group: "${{ github.workflow }}-${{ github.ref }}" | |
| defaults: | |
| run: | |
| # use bash shell by default to ensure pipefail behavior is the default | |
| # see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#exit-codes-and-error-action-preference | |
| shell: bash | |
| jobs: | |
| unit-tests: | |
| name: Unit tests | |
| runs-on: "gcp-core-4-default" | |
| timeout-minutes: 15 | |
| outputs: | |
| flakyTests: ${{ steps.analyze-test-run.outputs.flakyTests }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '21' | |
| distribution: 'adopt' | |
| - name: Create build output log file | |
| run: echo "BUILD_OUTPUT_FILE_PATH=$(mktemp)" >> $GITHUB_ENV | |
| - name: Build Java Client | |
| uses: ./.github/actions/build-zeebe | |
| with: | |
| maven-extra-args: -T1C -pl zeebe/clients/java -am | |
| - name: Maven Test Build | |
| # we use the verify goal here as flaky test extraction is bound to the post-integration-test | |
| # phase of Maven https://maven.apache.org/guides/introduction/introduction-to-the-lifecycle.html#default-lifecycle | |
| run: > | |
| ./mvnw -T2 -B --no-snapshot-updates | |
| -D skipITs -D skipChecks -D surefire.rerunFailingTestsCount=3 | |
| -D junitThreadCount=16 | |
| -P extract-flaky-tests | |
| -f spring-boot-starter-camunda-sdk | |
| verify | |
| | tee "${BUILD_OUTPUT_FILE_PATH}" | |
| - name: Analyze Test Runs | |
| id: analyze-test-run | |
| if: always() | |
| uses: ./.github/actions/analyze-test-runs | |
| with: | |
| buildOutputFilePath: ${{ env.BUILD_OUTPUT_FILE_PATH }} | |
| - name: Upload test artifacts | |
| uses: ./.github/actions/collect-test-artifacts | |
| if: ${{ failure() || cancelled() }} | |
| with: | |
| name: "unit tests" | |
| java-checks: | |
| name: Java checks | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: ./.github/actions/setup-zeebe | |
| with: | |
| go: false | |
| maven-cache-key-modifier: java-checks | |
| secret_vault_secretId: ${{ secrets.VAULT_SECRET_ID }} | |
| secret_vault_address: ${{ secrets.VAULT_ADDR }} | |
| secret_vault_roleId: ${{ secrets.VAULT_ROLE_ID }} | |
| - run: ./mvnw -T1C -B -D skipTests -P !autoFormat,checkFormat,spotbugs -f spring-boot-starter-camunda-sdk verify | |
| sdk-test-summary: | |
| # Used by the merge queue to check all tests, including the unit test matrix. | |
| # New test jobs must be added to the `needs` lists! | |
| # This name is hard-coded in the branch rules; remember to update that if this name changes | |
| name: SDK test summary | |
| if: always() | |
| runs-on: ubuntu-latest | |
| outputs: | |
| flakyUnitTests: ${{ needs.unit-tests.outputs.flakyTests }} | |
| needs: | |
| - unit-tests | |
| - java-checks | |
| steps: | |
| - run: exit ${{ ((contains(needs.*.result, 'skipped') || contains(needs.*.result, 'failure')) && 1) || 0 }} | |
| notify-if-failed: | |
| name: Send slack notification on build failure | |
| runs-on: ubuntu-latest | |
| needs: [ sdk-test-summary ] | |
| if: failure() && github.repository == 'camunda/zeebe' && github.ref == 'refs/heads/main' | |
| steps: | |
| - id: slack-notify | |
| name: Send slack notification | |
| uses: slackapi/slack-github-action@v1.26.0 | |
| with: | |
| # For posting a rich message using Block Kit | |
| payload: | | |
| { | |
| "text": ":alarm: :spring-boot: SDK: build on `main` failed! :alarm:\n${{ github.event.head_commit.url }}", | |
| "blocks": [ | |
| { | |
| "type": "section", | |
| "text": { | |
| "type": "mrkdwn", | |
| "text": ":alarm: :spring-boot: SDK: build on `main` failed! :alarm:" | |
| } | |
| }, | |
| { | |
| "type": "section", | |
| "text": { | |
| "type": "mrkdwn", | |
| "text": "Please check the related commit: ${{ github.event.head_commit.url }}\n \\cc @zeebe-medic" | |
| } | |
| }, | |
| { | |
| "type": "divider" | |
| }, | |
| { | |
| "type": "section", | |
| "text": { | |
| "type": "mrkdwn", | |
| "text": "*Detected flaky unit tests:* \n ${{ env.FLAKY_UNIT_TESTS }}" | |
| } | |
| }, | |
| { | |
| "type": "section", | |
| "text": { | |
| "type": "mrkdwn", | |
| "text": "*Detected flaky integration tests:* \n ${{ env.FLAKY_INTEGRATION_TESTS }}" | |
| } | |
| } | |
| ] | |
| } | |
| env: | |
| SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
| SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK | |
| FLAKY_UNIT_TESTS: ${{needs.test-summary.outputs.flakyUnitTests}} | |
| FLAKY_INTEGRATION_TESTS: ${{needs.test-summary.outputs.flakyIntegrationTests}} | |
| auto-merge: | |
| # This workflow will auto merge a PR authored by backport-action. | |
| # It runs only on open PRs ready for review. | |
| # | |
| # It will merge the PR only if it is authored by backport-action and all CI checks are successful | |
| # OR if it is authored by renovate[bot] and all CI checks are successful. | |
| # | |
| # The workflow is divided into multiple sequential jobs to allow giving only minimal permissions to | |
| # the GitHub token passed around. | |
| name: Auto-merge backport, release, and renovate PRs | |
| runs-on: ubuntu-latest | |
| needs: [ sdk-test-summary ] | |
| if: | | |
| github.repository == 'camunda/zeebe' && | |
| github.event_name == 'pull_request' && | |
| (github.actor == 'backport-action' || github.actor == 'camundait') | |
| permissions: | |
| checks: read | |
| pull-requests: write | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.AUTOMERGE_TOKEN }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: approve-and-merge-backport-renovate | |
| name: Approve and merge backport PR | |
| run: | | |
| gh pr review ${{ github.event.pull_request.number }} --approve | |
| # Call the API directly to work around https://github.com/cli/cli/issues/8352 | |
| gh api graphql -f query='mutation PullRequestAutoMerge {enablePullRequestAutoMerge(input: {pullRequestId: "${{ github.event.pull_request.node_id }}"}) {clientMutationId}}' | |
| # This job will trigger another workflow such that it will trigger a re-run of this failing workflow | |
| # We can't automatically do this here, since you can only re-run a workflow if it has finished, | |
| # and while this job is running, the workflow clearly hasn't finished | |
| # | |
| # It will only retry if the workflow failed, the run count is < 3 (to avoid infinite loops), and | |
| # the author is backport-action, renovate, or camundait (for release PRs) | |
| retry-workflow: | |
| name: Retry release, renovate, or backport PRs automatically | |
| needs: [ sdk-test-summary ] | |
| if: | | |
| failure() && | |
| fromJSON(github.run_attempt) < 3 && | |
| github.repository == 'camunda/zeebe' && | |
| (github.actor == 'backport-action' || github.actor == 'renovate[bot]' || github.actor == 'camundait') | |
| runs-on: ubuntu-latest | |
| env: | |
| GH_REPO: ${{ github.repository }} | |
| GH_TOKEN: ${{ github.token }} | |
| steps: | |
| - name: Retry workflow run ${{ github.run_id }} | |
| run: gh workflow run retry-workflow.yml -F run_id=${{ github.run_id }} |