mirror of
https://github.com/go-gitea/gitea.git
synced 2026-05-01 09:45:49 +00:00
99cd4f6b22
Replaces Dependabot with Renovate. The new setup: - One PR per ecosystem (GitHub Actions, Go modules + Makefile go-tool pins, npm, Python via uv, Nix flake), opened weekly on Mondays with a 5-day release-age cooldown. Vulnerability PRs ship next-day via daily cron + Renovate's `vulnerabilityAlerts` schedule bypass. - All `uses:` action refs SHA-pinned with patch-level version comments (same format as #36971, which this supersedes); `helpers:pinGitHubActionDigests` keeps future bumps in that format. - `renovatebot/github-action` runtime image pinned via the upstream-recommended `RENOVATE_VERSION` env + magic comment + `customManagers:githubActionsVersions` preset, so Renovate keeps the pin updated. - Custom regex manager tracks the `*_PACKAGE ?= <import-path>@<version>` lines in `Makefile` (golangci-lint, swagger, actionlint, etc.) and groups them into the same Go PR via `matchDatasources: ["go"]`. - Post-upgrade tasks regenerate `assets/go-licenses.json` (`make tidy`) and the SVG sprite (`make svg`), gated by an env-level command allowlist. - Replaces the standalone `cron-flake-updater` workflow — Renovate's nix manager tracks `flake.nix` inputs and produces the same `flake.lock` bump PRs on the regular weekly schedule. - npm and gomod-replace pins live in `renovate.json5` only; `updates@17.16.3` reads them from there too, so the standalone `updates.config.ts` is gone and one source of truth covers both tools. Fixes: https://github.com/go-gitea/gitea/issues/33386 Signed-off-by: silverwind <me@silverwind.io> Signed-off-by: TheFox0x7 <thefox0x7@gmail.com> Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com> Co-authored-by: TheFox0x7 <thefox0x7@gmail.com> Co-authored-by: Nicolas <bircni@icloud.com> Co-authored-by: Giteabot <teabot@gitea.io>
267 lines
8.4 KiB
YAML
267 lines
8.4 KiB
YAML
name: db-tests
|
|
|
|
on:
|
|
pull_request:
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
files-changed:
|
|
uses: ./.github/workflows/files-changed.yml
|
|
permissions:
|
|
contents: read
|
|
|
|
test-pgsql:
|
|
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
|
|
needs: files-changed
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
services:
|
|
pgsql:
|
|
image: postgres:14
|
|
env:
|
|
POSTGRES_DB: test
|
|
POSTGRES_PASSWORD: postgres
|
|
ports:
|
|
- "5432:5432"
|
|
ldap:
|
|
image: gitea/test-openldap:latest
|
|
ports:
|
|
- "389:389"
|
|
- "636:636"
|
|
minio:
|
|
# as github actions doesn't support "entrypoint", we need to use a non-official image
|
|
# that has a custom entrypoint set to "minio server /data"
|
|
image: bitnamilegacy/minio:2023.8.31
|
|
env:
|
|
MINIO_ROOT_USER: 123456
|
|
MINIO_ROOT_PASSWORD: 12345678
|
|
ports:
|
|
- "9000:9000"
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
|
with:
|
|
go-version-file: go.mod
|
|
check-latest: true
|
|
cache: false
|
|
- uses: ./.github/actions/go-cache
|
|
with:
|
|
cache-name: pgsql
|
|
- name: Add hosts to /etc/hosts
|
|
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 pgsql ldap minio" | sudo tee -a /etc/hosts'
|
|
- run: make deps-backend
|
|
- run: make backend
|
|
env:
|
|
TAGS: bindata
|
|
- name: run migration tests
|
|
run: make test-pgsql-migration
|
|
- name: run tests
|
|
run: make test-pgsql
|
|
timeout-minutes: 50
|
|
env:
|
|
TAGS: bindata gogit
|
|
TEST_TAGS: gogit
|
|
TEST_LDAP: 1
|
|
|
|
test-sqlite:
|
|
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
|
|
needs: files-changed
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
|
with:
|
|
go-version-file: go.mod
|
|
check-latest: true
|
|
cache: false
|
|
- uses: ./.github/actions/go-cache
|
|
with:
|
|
cache-name: sqlite
|
|
- run: make deps-backend
|
|
- run: GOEXPERIMENT='' make backend
|
|
env:
|
|
TAGS: bindata gogit sqlite sqlite_unlock_notify
|
|
- name: run migration tests
|
|
run: make test-sqlite-migration
|
|
- name: run tests
|
|
run: GOEXPERIMENT='' make test-sqlite
|
|
timeout-minutes: 50
|
|
env:
|
|
TAGS: bindata gogit sqlite sqlite_unlock_notify
|
|
RACE_ENABLED: true
|
|
TEST_TAGS: gogit sqlite sqlite_unlock_notify
|
|
|
|
test-unit:
|
|
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
|
|
needs: files-changed
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
services:
|
|
elasticsearch:
|
|
image: elasticsearch:7.5.0
|
|
env:
|
|
discovery.type: single-node
|
|
ports:
|
|
- "9200:9200"
|
|
meilisearch:
|
|
image: getmeili/meilisearch:v1
|
|
env:
|
|
MEILI_ENV: development # disable auth
|
|
ports:
|
|
- "7700:7700"
|
|
redis:
|
|
image: redis
|
|
options: >- # wait until redis has started
|
|
--health-cmd "redis-cli ping"
|
|
--health-interval 5s
|
|
--health-timeout 3s
|
|
--health-retries 10
|
|
ports:
|
|
- 6379:6379
|
|
minio:
|
|
image: bitnamilegacy/minio:2021.3.17
|
|
env:
|
|
MINIO_ACCESS_KEY: 123456
|
|
MINIO_SECRET_KEY: 12345678
|
|
ports:
|
|
- "9000:9000"
|
|
devstoreaccount1.azurite.local: # https://github.com/Azure/Azurite/issues/1583
|
|
image: mcr.microsoft.com/azure-storage/azurite:latest
|
|
ports:
|
|
- 10000:10000
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
|
with:
|
|
go-version-file: go.mod
|
|
check-latest: true
|
|
cache: false
|
|
- uses: ./.github/actions/go-cache
|
|
with:
|
|
cache-name: unit
|
|
build-cache-rotate: "true"
|
|
- name: Add hosts to /etc/hosts
|
|
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 minio devstoreaccount1.azurite.local mysql elasticsearch meilisearch smtpimap" | sudo tee -a /etc/hosts'
|
|
- run: make deps-backend
|
|
- run: make backend
|
|
env:
|
|
TAGS: bindata
|
|
- name: unit-tests
|
|
run: make test-backend test-check
|
|
env:
|
|
TAGS: bindata
|
|
RACE_ENABLED: true
|
|
GOTESTFLAGS: -timeout=20m
|
|
GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }}
|
|
- name: unit-tests-gogit
|
|
run: GOEXPERIMENT='' make test-backend test-check
|
|
env:
|
|
TAGS: bindata gogit
|
|
RACE_ENABLED: true
|
|
GOTESTFLAGS: -timeout=20m
|
|
GITHUB_READ_TOKEN: ${{ secrets.GITHUB_READ_TOKEN }}
|
|
|
|
test-mysql:
|
|
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
|
|
needs: files-changed
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
services:
|
|
mysql:
|
|
# the bitnami mysql image has more options than the official one, it's easier to customize
|
|
image: bitnamilegacy/mysql:8.0
|
|
env:
|
|
ALLOW_EMPTY_PASSWORD: true
|
|
MYSQL_DATABASE: testgitea
|
|
ports:
|
|
- "3306:3306"
|
|
options: >-
|
|
--mount type=tmpfs,destination=/bitnami/mysql/data
|
|
elasticsearch:
|
|
image: elasticsearch:7.5.0
|
|
env:
|
|
discovery.type: single-node
|
|
ports:
|
|
- "9200:9200"
|
|
smtpimap:
|
|
image: tabascoterrier/docker-imap-devel:latest
|
|
ports:
|
|
- "25:25"
|
|
- "143:143"
|
|
- "587:587"
|
|
- "993:993"
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
|
with:
|
|
go-version-file: go.mod
|
|
check-latest: true
|
|
cache: false
|
|
- uses: ./.github/actions/go-cache
|
|
with:
|
|
cache-name: mysql
|
|
- name: Add hosts to /etc/hosts
|
|
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mysql elasticsearch smtpimap" | sudo tee -a /etc/hosts'
|
|
- run: make deps-backend
|
|
- run: make backend
|
|
env:
|
|
TAGS: bindata
|
|
- name: run migration tests
|
|
run: make test-mysql-migration
|
|
- name: run tests
|
|
# run: make integration-test-coverage (at the moment, no coverage is really handled)
|
|
run: make test-mysql
|
|
env:
|
|
TAGS: bindata
|
|
TEST_INDEXER_CODE_ES_URL: "http://elastic:changeme@elasticsearch:9200"
|
|
|
|
test-mssql:
|
|
if: needs.files-changed.outputs.backend == 'true' || needs.files-changed.outputs.actions == 'true'
|
|
needs: files-changed
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: read
|
|
services:
|
|
mssql:
|
|
image: mcr.microsoft.com/mssql/server:2019-latest
|
|
env:
|
|
ACCEPT_EULA: Y
|
|
MSSQL_PID: Standard
|
|
SA_PASSWORD: MwantsaSecurePassword1
|
|
ports:
|
|
- "1433:1433"
|
|
devstoreaccount1.azurite.local: # https://github.com/Azure/Azurite/issues/1583
|
|
image: mcr.microsoft.com/azure-storage/azurite:latest
|
|
ports:
|
|
- 10000:10000
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
|
with:
|
|
go-version-file: go.mod
|
|
check-latest: true
|
|
cache: false
|
|
- uses: ./.github/actions/go-cache
|
|
with:
|
|
cache-name: mssql
|
|
- name: Add hosts to /etc/hosts
|
|
run: '[ -e "/.dockerenv" ] || [ -e "/run/.containerenv" ] || echo "127.0.0.1 mssql devstoreaccount1.azurite.local" | sudo tee -a /etc/hosts'
|
|
- run: make deps-backend
|
|
- run: make backend
|
|
env:
|
|
TAGS: bindata
|
|
- run: make test-mssql-migration
|
|
- name: run tests
|
|
run: make test-mssql
|
|
timeout-minutes: 50
|
|
env:
|
|
TAGS: bindata
|