mirror of
https://github.com/MarijnDoeve/TijdVoorDeTest.git
synced 2026-07-04 22:50:15 +02:00
Improve GitHub Actions CI: parallelise jobs, continue-on-error, timeouts, cache optimisation (#165)
* Strip v-prefix from version tag before passing to Sentry GitHub tags follow the v1.2.3 convention, but Sentry requires bare semver (1.2.3) to recognise releases as valid semver. Extract a sentry_version output in the meta step that strips the leading v. * Parallelize CI: split quality and tests jobs, add continue-on-error - Split the single tests job into parallel quality and tests jobs, saving ~4 min wall-clock time per run - Quality checks (lint, CS, PHPStan, Rector) now all run with continue-on-error so every failure is visible in one pass; a final Assert step fails the job if any check failed - Add cache:warmup before PHPStan so the Symfony dev container XML exists and the Symfony extension has full type information - Use per-job GHA cache scopes to avoid parallel cache write races - Use cache mode=min on PRs, mode=max on main/tags - Add timeout-minutes (20/20/15) to all jobs - Remove dead if:false Mercure reachability step - Fix Portainer webhook URL quoting - build-deploy now needs: [quality, tests] * Simplify build-deploy job name and environment expressions * Use static name for build-deploy job (expressions not evaluated when skipped) * build-deploy only needs tests, not quality (quality is informational) * Revert: build-deploy needs both quality and tests
This commit is contained in:
+61
-16
@@ -17,12 +17,11 @@ permissions:
|
|||||||
contents: read
|
contents: read
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
tests:
|
quality:
|
||||||
name: Tests
|
name: Code Quality
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
timeout-minutes: 20
|
||||||
permissions:
|
permissions:
|
||||||
checks: write
|
|
||||||
pull-requests: write
|
|
||||||
contents: read
|
contents: read
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
@@ -40,26 +39,68 @@ jobs:
|
|||||||
compose.yaml
|
compose.yaml
|
||||||
compose.override.yaml
|
compose.override.yaml
|
||||||
set: |
|
set: |
|
||||||
*.cache-from=type=gha,scope=${{github.ref}}
|
*.cache-from=type=gha,scope=${{github.ref}}-quality
|
||||||
*.cache-from=type=gha,scope=refs/heads/main
|
*.cache-from=type=gha,scope=refs/heads/main
|
||||||
*.cache-to=type=gha,scope=${{github.ref}},mode=max
|
*.cache-to=type=gha,scope=${{github.ref}}-quality,mode=${{ github.event_name == 'pull_request' && 'min' || 'max' }}
|
||||||
- name: Start services
|
- name: Start services
|
||||||
run: docker compose up php database --wait --no-build
|
run: docker compose up php database --wait --no-build
|
||||||
|
- name: Warm up dev cache
|
||||||
|
run: docker compose exec -T php bin/console cache:warmup --env=dev
|
||||||
- name: Lint Twig templates
|
- name: Lint Twig templates
|
||||||
|
id: twig_lint
|
||||||
|
continue-on-error: true
|
||||||
run: docker compose exec -T php bin/console lint:twig --format=github templates
|
run: docker compose exec -T php bin/console lint:twig --format=github templates
|
||||||
- name: Coding Style
|
- name: Coding Style
|
||||||
|
id: cs
|
||||||
|
continue-on-error: true
|
||||||
run: docker compose exec -T php vendor/bin/php-cs-fixer check --diff --show-progress=none
|
run: docker compose exec -T php vendor/bin/php-cs-fixer check --diff --show-progress=none
|
||||||
- name: Twig Coding Style
|
- name: Twig Coding Style
|
||||||
|
id: twig_cs
|
||||||
|
continue-on-error: true
|
||||||
run: docker compose exec -T php vendor/bin/twig-cs-fixer check
|
run: docker compose exec -T php vendor/bin/twig-cs-fixer check
|
||||||
- name: Static Analysis (PHPStan)
|
- name: Static Analysis (PHPStan)
|
||||||
|
id: phpstan
|
||||||
|
continue-on-error: true
|
||||||
run: docker compose exec -T php vendor/bin/phpstan analyse --no-progress --no-ansi --error-format=github
|
run: docker compose exec -T php vendor/bin/phpstan analyse --no-progress --no-ansi --error-format=github
|
||||||
- name: Rector
|
- name: Rector
|
||||||
|
id: rector
|
||||||
|
continue-on-error: true
|
||||||
run: docker compose exec -T php vendor/bin/rector process --dry-run --no-progress-bar --output-format=github
|
run: docker compose exec -T php vendor/bin/rector process --dry-run --no-progress-bar --output-format=github
|
||||||
- name: Check HTTP reachability
|
- name: Check HTTP reachability
|
||||||
run: curl -v --fail-with-body http://localhost
|
run: curl -v --fail-with-body http://localhost
|
||||||
- name: Check Mercure reachability
|
- name: Assert all checks passed
|
||||||
if: false
|
if: always()
|
||||||
run: curl -vkI --fail-with-body https://localhost/.well-known/mercure?topic=test
|
run: |
|
||||||
|
outcomes="${{ steps.twig_lint.outcome }} ${{ steps.cs.outcome }} ${{ steps.twig_cs.outcome }} ${{ steps.phpstan.outcome }} ${{ steps.rector.outcome }}"
|
||||||
|
if echo "$outcomes" | grep -q "failure"; then exit 1; fi
|
||||||
|
|
||||||
|
tests:
|
||||||
|
name: Tests
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
timeout-minutes: 20
|
||||||
|
permissions:
|
||||||
|
checks: write
|
||||||
|
pull-requests: write
|
||||||
|
contents: read
|
||||||
|
steps:
|
||||||
|
- name: Checkout
|
||||||
|
uses: actions/checkout@v4
|
||||||
|
- name: Set up Docker Buildx
|
||||||
|
uses: docker/setup-buildx-action@v3
|
||||||
|
- name: Build Docker images
|
||||||
|
uses: docker/bake-action@v5
|
||||||
|
with:
|
||||||
|
pull: true
|
||||||
|
load: true
|
||||||
|
files: |
|
||||||
|
compose.yaml
|
||||||
|
compose.override.yaml
|
||||||
|
set: |
|
||||||
|
*.cache-from=type=gha,scope=${{github.ref}}-tests
|
||||||
|
*.cache-from=type=gha,scope=refs/heads/main
|
||||||
|
*.cache-to=type=gha,scope=${{github.ref}}-tests,mode=${{ github.event_name == 'pull_request' && 'min' || 'max' }}
|
||||||
|
- name: Start services
|
||||||
|
run: docker compose up php database --wait --no-build
|
||||||
- name: Create test database
|
- name: Create test database
|
||||||
run: docker compose exec -T php bin/console -e test doctrine:database:create
|
run: docker compose exec -T php bin/console -e test doctrine:database:create
|
||||||
- name: Run migrations
|
- name: Run migrations
|
||||||
@@ -76,17 +117,18 @@ jobs:
|
|||||||
check_name: PHPUnit
|
check_name: PHPUnit
|
||||||
- name: Doctrine Schema Validator
|
- name: Doctrine Schema Validator
|
||||||
run: docker compose exec -T php bin/console -e test doctrine:schema:validate
|
run: docker compose exec -T php bin/console -e test doctrine:schema:validate
|
||||||
|
|
||||||
build-deploy:
|
build-deploy:
|
||||||
name: Build and deploy to ${{ startsWith(github.ref, 'refs/tags/') && 'production' || (github.ref == 'refs/heads/main' && 'acceptance' || '') }}
|
name: Build and Deploy
|
||||||
permissions:
|
permissions:
|
||||||
contents: read
|
contents: read
|
||||||
packages: write
|
packages: write
|
||||||
environment:
|
environment:
|
||||||
name: ${{ startsWith(github.ref, 'refs/tags/') && 'production' || (github.ref == 'refs/heads/main' && 'acceptance' || '') }}
|
name: ${{ startsWith(github.ref, 'refs/tags/') && 'production' || 'acceptance' }}
|
||||||
url: ${{ vars.URL }}
|
url: ${{ vars.URL }}
|
||||||
needs: tests
|
needs: [quality, tests]
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
|
timeout-minutes: 15
|
||||||
if: (github.ref == 'refs/heads/main' && false) || startsWith(github.ref, 'refs/tags/')
|
if: (github.ref == 'refs/heads/main' && false) || startsWith(github.ref, 'refs/tags/')
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout
|
- name: Checkout
|
||||||
@@ -106,14 +148,17 @@ jobs:
|
|||||||
REPO_LOWER=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')
|
REPO_LOWER=$(echo "${{ github.repository }}" | tr '[:upper:]' '[:lower:]')
|
||||||
if [[ "${{ github.ref }}" == refs/tags/* ]]; then
|
if [[ "${{ github.ref }}" == refs/tags/* ]]; then
|
||||||
TAG="${GITHUB_REF#refs/tags/}"
|
TAG="${GITHUB_REF#refs/tags/}"
|
||||||
|
SENTRY_VERSION="${TAG#v}"
|
||||||
{
|
{
|
||||||
echo "tag=$TAG"
|
echo "tag=$TAG"
|
||||||
|
echo "sentry_version=$SENTRY_VERSION"
|
||||||
echo "full_name=ghcr.io/${REPO_LOWER}:$TAG"
|
echo "full_name=ghcr.io/${REPO_LOWER}:$TAG"
|
||||||
} >> "$GITHUB_OUTPUT"
|
} >> "$GITHUB_OUTPUT"
|
||||||
else
|
else
|
||||||
SHORT_SHA=$(git rev-parse --short HEAD)
|
SHORT_SHA=$(git rev-parse --short HEAD)
|
||||||
{
|
{
|
||||||
echo "tag=$SHORT_SHA"
|
echo "tag=$SHORT_SHA"
|
||||||
|
echo "sentry_version=$SHORT_SHA"
|
||||||
echo "full_name=ghcr.io/${REPO_LOWER}:$SHORT_SHA"
|
echo "full_name=ghcr.io/${REPO_LOWER}:$SHORT_SHA"
|
||||||
} >> "$GITHUB_OUTPUT"
|
} >> "$GITHUB_OUTPUT"
|
||||||
fi
|
fi
|
||||||
@@ -139,12 +184,12 @@ jobs:
|
|||||||
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
|
SENTRY_ORG: ${{ secrets.SENTRY_ORG }}
|
||||||
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
|
SENTRY_PROJECT: ${{ secrets.SENTRY_PROJECT }}
|
||||||
with:
|
with:
|
||||||
release: ${{steps.meta.outputs.tag}}
|
release: ${{steps.meta.outputs.sentry_version}}
|
||||||
environment: ${{ startsWith(github.ref, 'refs/tags/') && 'production' || (github.ref == 'refs/heads/main' && 'acceptance' || '') }}
|
environment: ${{ startsWith(github.ref, 'refs/tags/') && 'production' || 'acceptance' }}
|
||||||
|
|
||||||
- name: Trigger Portainer Deployment
|
- name: Trigger Portainer Deployment
|
||||||
shell: bash
|
shell: bash
|
||||||
env:
|
env:
|
||||||
PORTAINER_WEBHOOK: ${{secrets.PORTAINER_WEBHOOK}}
|
PORTAINER_WEBHOOK: ${{secrets.PORTAINER_WEBHOOK}}
|
||||||
run: |
|
run: |
|
||||||
curl -v -X POST "$PORTAINER_WEBHOOK"?IMAGE_TAG=${{steps.meta.outputs.tag}} --fail-with-body
|
curl -v -X POST "${PORTAINER_WEBHOOK}?IMAGE_TAG=${{steps.meta.outputs.tag}}" --fail-with-body
|
||||||
|
|||||||
Reference in New Issue
Block a user