Merge pull request #82 from block/myron/dependabot-fixes/step8 #271
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# This file is generated by `script/update_ci_yaml` based on input from `config/tested_datastore_versions.yaml`. | |
# To edit it, make changes to the template at the bottom of `script/update_ci_yaml` and run it. | |
name: ElasticGraph CI | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
env: | |
# It's recommended to run ElasticGraph with this option to get better performance. We want to run | |
# our CI builds with it to ensure that the option always works. | |
RUBYOPT: "--enable-frozen-string-literal" | |
# We use the VCR gem as a local "test accelerator" which caches datastore requests/responses for us. | |
# But in our CI build we don't want to use it at all, so we disable it here. | |
NO_VCR: "1" | |
jobs: | |
ci-check: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
build_part: | |
- run_each_gem_spec | |
ruby: | |
- "3.2" | |
- "3.3" | |
datastore: | |
- "elasticsearch:8.16.1" | |
- "opensearch:2.18.0" | |
- "opensearch:2.7.0" | |
include: | |
# We have 4 build parts. The "primary" one is `run_each_gem_spec`, and we need that to be run on | |
# every supported Ruby version and against every supported datastore. It's not necessary to run | |
# these others against every combination of `ruby` and `datastore` so we just run each with one | |
# configuration here. | |
- build_part: "run_misc_checks" | |
ruby: "3.3" | |
datastore: "elasticsearch:8.16.1" | |
- build_part: "run_specs_with_vcr" | |
ruby: "3.3" | |
datastore: "elasticsearch:8.16.1" | |
- build_part: "run_specs_file_by_file" | |
ruby: "3.3" | |
datastore: "elasticsearch:8.16.1" | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: ruby/setup-ruby@bfefad842bb982ff05b233bcbc1571d97a87e69f # v1.206.0 | |
with: | |
ruby-version: ${{ matrix.ruby }} | |
bundler-cache: true # runs 'bundle install' and caches installed gems automatically | |
- uses: KengoTODA/actions-setup-docker-compose@a25fb82c577d314635e25bac72995718b9296dd2 # main | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
# Note: the `10` argument on the end is a number of seconds to sleep after booting the datastore. | |
# We've found that there is a minor race condition where the shards aren't fully ready for the tests | |
# to hit them if we don't wait a bit after booting. | |
- run: script/ci_parts/${{ matrix.build_part }} ${{ matrix.datastore }} 10 | |
# An extra job that runs after all the others and provides a single summary status. | |
# This is used by our branch protection rule to block merge until all CI checks passed, | |
# without requiring us to individually list each CI check in the branch protection rule. | |
# | |
# https://github.com/orgs/community/discussions/26822#discussioncomment-3305794 | |
all-ci-checks-passed: | |
if: ${{ always() }} # so it runs even if the workflow was cancelled | |
runs-on: ubuntu-latest | |
name: All CI Checks Passed | |
needs: [ci-check] | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | |
with: | |
egress-policy: audit | |
- run: | | |
result="${{ needs.ci-check.result }}" | |
if [[ $result == "success" || $result == "skipped" ]]; then | |
exit 0 | |
else | |
exit 1 | |
fi |