This repository has been archived by the owner on Jul 10, 2024. It is now read-only.
[hotfix] fix security risk of SQL injection #3323
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Licensed to the Apache Software Foundation (ASF) under one or more | |
# contributor license agreements. See the NOTICE file distributed with | |
# this work for additional information regarding copyright ownership. | |
# The ASF licenses this file to You under the Apache License, Version 2.0 | |
# (the "License"); you may not use this file except in compliance with | |
# the License. You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
name: Submarine | |
# Trigger the workflow on push or pull request | |
on: [push, pull_request] | |
env: | |
VERSION: "0.9.0-SNAPSHOT" | |
BUILD_FLAG: "clean install -ntp -DskipTests -am" | |
TEST_FLAG: "test -DskipRat -ntp" | |
jobs: | |
generate-k8s-versions-array: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.set-matrix.outputs.matrix }} | |
# Version updates for k8s can be found at https://kubernetes.io/releases/patch-releases/ or | |
# https://kubernetes.io/releases/ | |
# We mainly support the last 3-4 releases of kubernetes | |
steps: | |
- id: set-matrix | |
run: | | |
echo "::set-output name=matrix::[\"v1.22.17\", \"v1.23.17\", \"v1.24.12\", \"v1.25.3\"]" | |
submarine-operator-verify: | |
runs-on: ubuntu-latest | |
timeout-minutes: 10 | |
env: | |
working-directory: "github.com/apache/submarine" | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
path: ${{ env.working-directory }} | |
- name: Setup Golang 1.17.2 | |
uses: actions/setup-go@v2 | |
with: | |
go-version: "1.17.2" | |
- name: Check golang version | |
working-directory: ${{ env.working-directory }}/submarine-cloud-v3 | |
run: go version | |
- name: Install Dependencies | |
working-directory: ${{ env.working-directory }}/submarine-cloud-v3 | |
run: go mod vendor | |
- name: Verify Codegen | |
working-directory: ${{ env.working-directory }}/submarine-cloud-v3 | |
run: ./hack/verify-codegen.sh | |
- name: Verify fmt and vet | |
working-directory: ${{ env.working-directory }}/submarine-cloud-v3 | |
run: make fmt && make vet | |
submarine-operator-v3-e2e-test: | |
needs: generate-k8s-versions-array | |
runs-on: ubuntu-latest | |
timeout-minutes: 60 | |
strategy: | |
matrix: | |
k8s-version: ${{fromJSON(needs.generate-k8s-versions-array.outputs.matrix)}} | |
fail-fast: false | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Setup Golang 1.17.2 | |
uses: actions/setup-go@v2 | |
with: | |
go-version: "1.17.2" | |
- uses: actions/cache@v2 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
- name: Check version | |
run: | | |
mvn --version | |
java -version | |
go version | |
helm version | |
kind version | |
- name: Create kind cluster | |
run: kind create cluster --config ./.github/config/kind-config-kind.yaml --wait 3m --image kindest/node:${{ matrix.k8s-version }} | |
- name: Download Istio 1.17.1 | |
run: | | |
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.17.1 sh - | |
cd istio-1.17.1 | |
echo "$PWD/bin" >> $GITHUB_PATH | |
- name: Install Istio | |
run: istioctl install -y --set values.global.proxy.resources.requests.cpu=10m | |
- name: Show K8s cluster information | |
run: | | |
kubectl cluster-info | |
kubectl version | |
kubectl get pods -n kube-system | |
echo "current-context:" $(kubectl config current-context) | |
echo "environment-kubeconfig:" ${KUBECONFIG} | |
- name: Build Image locally | |
run: | | |
.github/scripts/build-image-locally-v3.sh | |
- name: Install Golang Dependencies | |
working-directory: submarine-cloud-v3 | |
run: go mod vendor | |
- name: Install Submarine operator | |
working-directory: submarine-cloud-v3 | |
# run: make deploy | |
# GA env variable VERSION overrides the variable in makefile, | |
# which results in the wrong image name. | |
# Running commands manually instead. | |
run: | | |
cd config/manager | |
kustomize edit set image controller=apache/submarine:operator-0.9.0-SNAPSHOT | |
kustomize build ../default | kubectl apply -f - | |
- name: Install Helm Dependencies | |
run: | | |
sudo ln -s /etc/apparmor.d/usr.sbin.mysqld /etc/apparmor.d/disable/ | |
sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.mysqld | |
helm dependency update ./helm-charts/submarine | |
helm install --wait --set dev=true --set storageClass.provisioner=rancher.io/local-path --set storageClass.volumeBindingMode=WaitForFirstConsumer --set seldon-core-operator.istio.gateway=submarine-cloud-v3-system/seldon-gateway submarine ./helm-charts/submarine -n submarine-cloud-v3-system | |
- name: Run end-to-end test | |
working-directory: submarine-cloud-v3 | |
run: go test ./controllers/ -v -ginkgo.v | |
- name: Failure status | |
run: | | |
kubectl describe nodes | |
kubectl get all -A | |
kubectl get events -A --sort-by='{.lastTimestamp}' | |
kubectl logs -l control-plane=controller-manager -n submarine-cloud-v3-system | |
kubectl logs -l app=notebook-controller -n submarine-cloud-v3-system | |
kubectl logs -l control-plane=kubeflow-training-operator -n submarine-cloud-v3-system | |
kubectl describe submarine -A | |
if: ${{ failure() }} | |
- name: Delete temporary build artifacts before caching | |
run: | | |
#Never cache local artifacts | |
rm -rf ~/.m2/repository/org/apache/submarine | |
if: always() | |
submarine-e2e: | |
runs-on: ubuntu-latest | |
timeout-minutes: 60 | |
services: | |
mysql: | |
image: mysql:5.7 | |
env: | |
MYSQL_ROOT_PASSWORD: "password" | |
ports: | |
- 3306:3306 | |
# wait until mysql is health | |
options: --health-cmd "mysqladmin ping" --health-interval 10s --health-timeout 10s --health-retries 10 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 50 | |
- name: Cache jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-test/test-e2e/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Check version | |
run: | | |
mvn --version | |
java -version | |
chromedriver --version | |
python3 -V | |
- name: Prepare default mysql-data | |
run: | | |
pip install mysql-connector-python | |
python3 ./dev-support/database/init-database.py | |
- name: Build with Maven | |
run: | | |
echo ">>> mvn ${BUILD_FLAG} -B" | |
mvn ${BUILD_FLAG} -B | |
- name: Test | |
env: | |
TEST_FLAG: "verify -DskipRat -ntp" | |
TEST_MODULES: "-pl :submarine-test-e2e" | |
run: | | |
echo ">>> mvn ${TEST_FLAG} ${TEST_MODULES} -B" | |
mvn ${TEST_FLAG} ${TEST_MODULES} -B | |
submarine-k8s: | |
needs: generate-k8s-versions-array | |
runs-on: ubuntu-latest | |
timeout-minutes: 60 | |
strategy: | |
matrix: | |
k8s-version: ${{fromJson(needs.generate-k8s-versions-array.outputs.matrix)}} | |
fail-fast: false | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
- name: Free Disk Space | |
run: bash ./.github/scripts/free-disk-space.sh | |
- name: Cache jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-test/test-k8s/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- uses: actions/cache@v2 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
- name: Check version | |
run: | | |
mvn --version | |
java -version | |
helm version | |
kind version | |
- name: Create kind cluster | |
run: kind create cluster --config ./.github/config/kind-config-kind.yaml --wait 3m --image kindest/node:${{ matrix.k8s-version }} | |
- name: Download Istio 1.17.1 | |
run: | | |
curl -L https://istio.io/downloadIstio | ISTIO_VERSION=1.17.1 sh - | |
cd istio-1.17.1 | |
echo "$PWD/bin" >> $GITHUB_PATH | |
- name: Install Istio | |
run: istioctl install -y --set values.global.proxy.resources.requests.cpu=10m | |
- name: Show K8s cluster information | |
run: | | |
kubectl cluster-info | |
kubectl version | |
kubectl get pods -n kube-system | |
echo "current-context:" $(kubectl config current-context) | |
echo "environment-kubeconfig:" ${KUBECONFIG} | |
- name: Build with Maven | |
run: | | |
echo ">>> mvn ${BUILD_FLAG} -B" | |
mvn ${BUILD_FLAG} -B | |
- name: Build Image locally | |
run: | | |
.github/scripts/build-image-locally-v3.sh | |
sh .github/scripts/build-image-experiment-prehandler.sh | |
- name: Start submarine | |
run: bash ./.github/scripts/start-submarine.sh | |
- name: Test | |
env: | |
TEST_FLAG: "verify -DskipRat -ntp" | |
TEST_MODULES: "-pl :submarine-test-k8s" | |
run: | | |
echo ">>> mvn ${TEST_FLAG} ${TEST_MODULES} -B" | |
mvn ${TEST_FLAG} ${TEST_MODULES} -B | |
- name: Failure status | |
run: | | |
kubectl describe nodes | |
kubectl get pods | |
kubectl -n default get events --sort-by='{.lastTimestamp}' | |
if: ${{ failure() }} | |
- name: Delete temporary build artifacts before caching | |
run: | | |
#Never cache local artifacts | |
rm -rf ~/.m2/repository/org/apache/submarine | |
if: always() | |
submarine-commons-runtime: | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 50 | |
- name: Cache jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-commons/commons-runtime/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Check version | |
run: | | |
mvn --version | |
java -version | |
- name: Build | |
env: | |
MODULES: "-pl :submarine-commons-runtime" | |
run: | | |
echo ">>> mvn $BUILD_FLAG $MODULES -B" | |
mvn $BUILD_FLAG $MODULES -B | |
- name: Test | |
env: | |
TEST_MODULES: "-pl :submarine-commons-runtime" | |
run: | | |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B" | |
mvn $TEST_FLAG $TEST_MODULES -B | |
submarine-client: | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 50 | |
- name: Cache jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-client/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Check version | |
run: | | |
mvn --version | |
java -version | |
- name: Build | |
env: | |
MODULES: "-pl :submarine-client" | |
run: | | |
echo ">>> mvn $BUILD_FLAG $MODULES -B" | |
mvn $BUILD_FLAG $MODULES -B | |
- name: Test | |
env: | |
TEST_MODULES: "-pl :submarine-client" | |
run: | | |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B" | |
mvn $TEST_FLAG $TEST_MODULES -B | |
submarine-server: | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
services: | |
mysql: | |
image: mysql:5.7 | |
env: | |
MYSQL_ROOT_PASSWORD: "password" | |
ports: | |
- 3306:3306 | |
# wait until mysql is health | |
options: --health-cmd "mysqladmin ping" --health-interval 10s --health-timeout 10s --health-retries 10 | |
minio: | |
image: bitnami/minio:2022.2.24 | |
env: | |
MINIO_ACCESS_KEY: "submarine_minio" | |
MINIO_SECRET_KEY: "submarine_minio" | |
MINIO_DEFAULT_BUCKETS: "submarine" | |
ports: | |
- 9000:9000 | |
# wait until minio is health | |
options: --health-cmd "curl http://localhost:9000/minio/health/live" --health-interval 10s --health-timeout 10s --health-retries 10 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 50 | |
- name: Cache server-database jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-database/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache server-core jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-core/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache serve jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-serve/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Check version | |
run: | | |
mvn --version | |
java -version | |
- name: Prepare default mysql-data | |
run: | | |
python3 -V | |
sudo apt-get install python3-mysql.connector | |
python3 ./dev-support/database/init-database.py | |
- name: Build submarine-server-database | |
env: | |
MODULES: "-pl :submarine-server-database" | |
run: | | |
echo ">>> mvn $BUILD_FLAG $MODULES -B" | |
mvn $BUILD_FLAG $MODULES -B | |
- name: Test submarine-server-database | |
env: | |
TEST_MODULES: "-pl :submarine-server-database" | |
run: | | |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B" | |
mvn $TEST_FLAG $TEST_MODULES -B | |
- name: Build submarine-server-core | |
env: | |
MODULES: "-pl :submarine-server-core" | |
run: | | |
echo ">>> mvn $BUILD_FLAG $MODULES -B" | |
mvn $BUILD_FLAG $MODULES -B | |
- name: Test submarine-server-core | |
env: | |
TEST_MODULES: "-pl :submarine-server-core" | |
# TODO(cdmikechen) There are some databases that are hardcoded to cause data judgement anomalies, | |
# here is a temporary fix for this issue. | |
# This variable should be removed when SUBMARINE-1297 is resolved. | |
run: | | |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B" | |
export SUBMARINE_S3_ENDPOINT=http://localhost:9000 && export JDBC_URL="jdbc:mysql://127.0.0.1:3306/submarine_test?useUnicode=true&characterEncoding=UTF-8&autoReconnect=true&allowMultiQueries=true&failOverReadOnly=false&zeroDateTimeBehavior=convertToNull&useSSL=false&serverTimezone=UTC&useTimezone=true&useLegacyDatetimeCode=true" | |
mvn $TEST_FLAG $TEST_MODULES -B | |
- name: Build submarine-serve | |
env: | |
MODULES: "-pl :submarine-serve" | |
run: | | |
echo ">>> mvn $BUILD_FLAG $MODULES -B" | |
mvn $BUILD_FLAG $MODULES -B | |
- name: Test submarine-serve | |
env: | |
TEST_MODULES: "-pl :submarine-serve" | |
run: | | |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B" | |
mvn $TEST_FLAG $TEST_MODULES -B | |
submarine-workbench: | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 50 | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Check version | |
run: | | |
mvn --version | |
- name: Maven Build | |
env: | |
MODULES: "-pl :submarine-workbench-web" | |
run: | | |
echo ">>> mvn $BUILD_FLAG $MODULES -B" | |
mvn $BUILD_FLAG $MODULES -B | |
- name: Test with chrome | |
working-directory: ./submarine-workbench/workbench-web | |
run: | | |
export NODE_OPTIONS=--openssl-legacy-provider | |
npm run test -- --no-watch --no-progress --browsers=ChromeHeadlessCI | |
- name: Test with firefox | |
working-directory: ./submarine-workbench/workbench-web | |
run: | | |
export NODE_OPTIONS=--openssl-legacy-provider | |
npm run test -- --no-watch --no-progress --browsers=FirefoxHeadless | |
submarine-workbench-v2: | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 50 | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: "14" | |
- name: Check version | |
run: node --version | |
- name: Install dependencies | |
working-directory: ./submarine-workbench-v2 | |
run: yarn | |
- name: Run test | |
working-directory: ./submarine-workbench-v2 | |
run: yarn test --run --coverage | |
submarine-submitter: | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 50 | |
- name: Cache submarine-server jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-submitter/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submitter-k8s jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-submitter/submitter-k8s/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submitter-k8s-agent jacoco.exec | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-submitter/submarine-k8s-agent/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Check version | |
run: | | |
mvn --version | |
java -version | |
- name: Build | |
env: | |
MODULES: "-pl :submarine-server-submitter,:submarine-submitter-k8s,:submarine-k8s-agent,:submarine-k8s-utils" | |
run: | | |
echo ">>> mvn $BUILD_FLAG $MODULES -B" | |
mvn $BUILD_FLAG $MODULES -B | |
- name: Test | |
env: | |
# There are some `submitter-k8s` packages under the `submarine-server-submitter` that also needs to be tested | |
TEST_MODULES: "-pl :submarine-server-submitter,:submarine-submitter-k8s,:submarine-k8s-agent,:submarine-k8s-utils" | |
run: | | |
echo ">>> mvn $TEST_FLAG $TEST_MODULES -B" | |
export SUBMARINE_UID="dfea05c4-dbf2-43cc-833c-62ff329566a5" | |
mvn $TEST_FLAG $TEST_MODULES -B | |
rat: | |
name: Check License | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- run: mvn org.apache.rat:apache-rat-plugin:check | |
linter: | |
name: Check Style | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: "11" | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Setup Golang 1.16.2 | |
uses: actions/setup-go@v2 | |
with: | |
go-version: "1.16.2" | |
- uses: actions/setup-node@v3 | |
with: | |
node-version: "14" | |
- name: Check version | |
run: | | |
mvn --version | |
java -version | |
go version | |
node --version | |
- uses: actions/cache@v2 | |
with: | |
path: ~/.m2/repository | |
key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
restore-keys: | | |
${{ runner.os }}-maven- | |
- name: Java Style | |
if: always() | |
run: ./dev-support/style-check/lint-java.sh | |
- name: Scala Style | |
if: always() | |
run: ./dev-support/style-check/lint-scala.sh | |
- name: Angular Style | |
if: always() | |
run: ./dev-support/style-check/lint-angular.sh | |
- name: Go Style | |
if: always() | |
run: ./dev-support/style-check/lint-go.sh | |
- name: React Style | |
if: always() | |
working-directory: ./submarine-workbench-v2 | |
run: | | |
yarn add prettier@^2.6.2 | |
yarn checkformat | |
sonarcloud-and-codecov: | |
name: SonarCloud and Codecov | |
runs-on: ubuntu-latest | |
needs: | |
- submarine-e2e | |
- submarine-k8s | |
- submarine-submitter | |
- submarine-server | |
- submarine-client | |
- submarine-commons-runtime | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
- name: Cache Maven packages | |
uses: actions/cache@v1 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2 | |
- name: Cache test-e2e data | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-test/test-e2e/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache test-k8s data | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-test/test-k8s/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache commons-cluster data | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-commons/commons-cluster/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache commons-runtime data | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-commons/commons-runtime/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submarine-client data | |
uses: actions/cache@v2 | |
with: | |
path: ./submarine-client/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submarine-server-database data | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-database/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submarine-server-core data | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-core/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submarine-serve data | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-serve/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submarine-submitter data | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-submitter/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submarine-submitter-k8s data | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-submitter/submitter-k8s/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache submarine-k8s-agent data | |
uses: actions/cache@v2 | |
with: | |
path: | | |
./submarine-server/server-submitter/submarine-k8s-agent/target/jacoco.exec | |
key: ${{ runner.os }}-docker-${{ github.sha }} | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v1 | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-sonar | |
restore-keys: ${{ runner.os }}-sonar | |
- name: Set up Maven 3.6.3 | |
uses: stCarolas/setup-maven@v4 | |
with: | |
maven-version: 3.6.3 | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 11 | |
- name: Build the project with JDK 11 | |
run: mvn install -DskipTests | |
- name: Download artifacts | |
uses: actions/download-artifact@v2 | |
with: | |
path: target/artifacts | |
- name: Calculate combined coverage | |
run: ./dev-support/cicd/coverage.sh | |
- name: Build and analyze with JDK 11 # sonar-maven-plugin only support JDK 11 | |
if: github.repository == 'apache/submarine' && github.event_name == 'push' && github.ref == 'refs/heads/master' | |
run: mvn -B verify -DskipTests org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=apache -Dsonar.projectKey=apache_submarine | |
env: | |
SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Upload coverage report to Codecov | |
uses: codecov/codecov-action@v3 | |
with: | |
files: ./target/coverage/all.xml | |
- name: Delete temporary build artifacts before caching | |
run: | | |
#Never cache local artifacts | |
rm -rf ~/.m2/repository/org/apache/submarine | |
if: always() |