Skip to content

github-actions: use ephemeral tokens (#4266) #5496

github-actions: use ephemeral tokens (#4266)

github-actions: use ephemeral tokens (#4266) #5496

Workflow file for this run

name: test
# https://github.community/t/how-to-trigger-an-action-on-push-or-pull-request-but-not-both/16662/2
on:
workflow_dispatch:
push:
branches:
- main
paths-ignore:
- '**/*.md'
- '**/*.asciidoc'
- 'docs/**'
- 'examples/**'
pull_request:
branches:
- main
paths-ignore:
- '**/*.md'
- '**/*.asciidoc'
- 'docs/**'
- 'examples/**'
## Concurrency only allowed in the main branch.
## So old builds running for old commits within the same Pull Request are cancelled
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
permissions:
contents: read
jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 18
- run: npm ci
- run: npm run lint
test-vers:
# These services and their configuration should match test/docker-compose.yml.
services:
redis:
image: redis
ports:
- 6379:6379
memcached:
image: memcached:alpine
ports:
- 11211:11211
cassandra:
image: cassandra
ports:
- 9042:9042
env:
MAX_HEAP_SIZE: '1G'
HEAP_NEWSIZE: '400m'
volumes:
- nodecassandradata:/var/lib/cassandra
postgres:
image: postgres:9.6
ports:
- 5432:5432
volumes:
- nodepgdata:/var/lib/postgresql/data
env:
POSTGRES_USER: 'postgres'
POSTGRES_DB: 'test_elastic_apm'
POSTGRES_HOST_AUTH_METHOD: 'trust'
mongodb:
image: mongo:5
ports:
- 27017:27017
volumes:
- nodemongodata:/data/db
mysql:
image: mysql:5.7
ports:
- 3306:3306
volumes:
- nodemysqldata:/var/lib/mysql
env:
MYSQL_ALLOW_EMPTY_PASSWORD: 1
mssql:
image: mcr.microsoft.com/mssql/server
env:
ACCEPT_EULA: 'Y'
MSSQL_SA_PASSWORD: 'Very(!)Secure'
MSSQL_PID: 'Developer'
ports:
- 1433:1433
volumes:
- nodemssqldata:/var/opt/mssql
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.7.1
env:
ES_JAVA_OPTS: '-Xms512m -Xmx512m'
network.host: '_site_'
transport.host: '127.0.0.1'
http.host: '0.0.0.0'
xpack.security.enabled: 'false'
ports:
- 9200:9200
volumes:
- nodeesdata:/usr/share/elasticsearch/data
localstack:
image: localstack/localstack:3.0.0
env:
DATA_DIR: '/var/lib/localstack'
ports:
- "4566:4566"
volumes:
- nodelocalstackdata:/var/lib/localstack
zookeeper:
image: bitnami/zookeeper:3.9.1
env:
ALLOW_ANONYMOUS_LOGIN: 'yes'
ports:
- "2181:2181"
volumes:
- nodezookeeperdata:/var/lib/zookeeper/data
kafka:
image: bitnami/kafka:3.3.2
ports:
- "9093:9093"
volumes:
- nodekafkadata:/var/lib/kafka/data
env:
KAFKA_BROKER_ID: '1'
KAFKA_CFG_ZOOKEEPER_CONNECT: 'zookeeper:2181'
ALLOW_PLAINTEXT_LISTENER: 'yes'
KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: 'CLIENT:PLAINTEXT,EXTERNAL:PLAINTEXT'
KAFKA_CFG_LISTENERS: 'CLIENT://:9092,EXTERNAL://:9093'
KAFKA_CFG_ADVERTISED_LISTENERS: 'CLIENT://kafka:9092,EXTERNAL://localhost:9093'
KAFKA_CFG_INTER_BROKER_LISTENER_NAME: 'CLIENT'
KAFKA_CFG_DELETE_TOPIC_ENABLE: 'true'
strategy:
fail-fast: false
matrix:
node:
- '22'
- '22.0'
- '20'
- '20.0'
- '18'
- '18.0'
- '16'
- '16.0'
- '14'
- '14.17'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
- run: docker ps # show the services against which we'll be testing
- run: npm ci
- run: npm ls --all || true
- name: npm test
run: npm test
test-windows:
runs-on: windows-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
# What Node.js version to test on Windows is a balance between which
# is the current LTS version (https://github.com/nodejs/release) and
# which version more of our users are using.
node-version: 16
cache: 'npm'
- run: npm ci
- run: npm ls --all || true
# Run a subset of tests that we can reasonably get running on Windows CI.
- run: node test/test.js
# single status check that can be set as required in branch protection rules.
# success if all jobs listed in "needs" are successful.
# failure if at least one job listed "needs" is not successful.
test:
if: always()
runs-on: ubuntu-latest
needs:
- lint
- test-vers
- test-windows
steps:
- id: check
uses: elastic/apm-pipeline-library/.github/actions/check-dependent-jobs@current
with:
needs: ${{ toJSON(needs) }}
- run: ${{ steps.check.outputs.isSuccess }}