git/metabuilder
1
0
Fork 0
mirror of https://github.com/johndoe6345789/metabuilder.git synced 2026-04-24 22:04:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
metabuilder/.github/workflows/dbal-tests.yml
rw 9d4244891e fix(ci,deps): correct action versions and patch security vulnerabilities 
GitHub Actions:
- checkout@v4 → @v6 (v6 is current, v4 was wrong downgrade)
- upload-artifact@v4 → @v7 (latest), @v6 → @v7 in dbal-tests.yml
- download-artifact@v4 → @v8 (latest)
- cache@v6 → @v5 (v6 does not exist, v5 is latest)
- codeql-action@v4 confirmed correct

Security (Dependabot):
- next 16.1.5 → 16.1.7 (dockerterminal): HTTP smuggling, CSRF, DoS fixes
- PyJWT 2.10.1 → 2.12.0 (5 requirements.txt): unknown crit header bypass
- CairoSVG 2.8.2 → 2.9.0 (pcbgenerator): recursive <use> ReDoS
- postgres overrides: add hono >=4.12.4, @hono/node-server >=1.19.10,
  rollup >=4.59.0, serialize-javascript >=7.0.3 for transitive vulns

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-20 20:13:54 +00:00

170 lines
5.8 KiB
YAML
Raw Permalink Blame History

name: DBAL Tests
on:
push:
paths:
- 'dbal/**'
- '.github/workflows/dbal-tests.yml'
pull_request:
paths:
- 'dbal/**'
jobs:
# ── Unit + security tests (no DB, no containers) ────────────────────────────
unit-tests:
name: Unit & Security Tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Install system deps
run: |
sudo apt-get update -qq
sudo apt-get install -y --no-install-recommends \
build-essential cmake ninja-build python3-pip \
libpq-dev libmysqlclient-dev
- name: Install Conan
run: pip3 install conan
- name: Detect Conan profile
run: conan profile detect --force
- name: Cache Conan packages
uses: actions/cache@v4
with:
path: ~/.conan2/p
key: conan-unit-${{ hashFiles('dbal/production/build-config/conanfile.tests.py') }}
restore-keys: conan-unit-
- name: Install C++ test dependencies
working-directory: dbal/production
run: |
mkdir -p _build && cd _build
conan install ../build-config/conanfile.tests.py \
--output-folder=. \
--build=missing \
-s build_type=Release \
-s compiler.cppstd=20
- name: Configure CMake
working-directory: dbal/production/_build
run: |
cmake .. \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_TOOLCHAIN_FILE=./build/Release/generators/conan_toolchain.cmake \
-DBUILD_DAEMON=OFF \
-DBUILD_TESTING=ON \
-G Ninja
- name: Build
working-directory: dbal/production/_build
run: cmake --build . --target dbal_unit_tests --parallel
- name: Test
working-directory: dbal/production/_build
run: ctest -R dbal_unit_tests --output-on-failure
- name: Upload results
uses: actions/upload-artifact@v7
if: always()
with:
name: unit-test-results
path: dbal/production/_build/test_results.xml
# ── Integration tests — containers managed by testcontainers-sidecar ────────
# Docker is available by default on ubuntu-latest (no services: block needed).
# testcontainers-go (via the sidecar) starts postgres/mysql containers itself,
# and Ryuk cleans them up after the test binary exits.
integration-tests:
name: Integration Tests (SQLite + PostgreSQL + MySQL via testcontainers)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Install Go (for testcontainers-sidecar)
uses: actions/setup-go@v5
with:
go-version: '1.21'
- name: Install system deps
run: |
sudo apt-get update -qq
sudo apt-get install -y --no-install-recommends \
build-essential cmake ninja-build python3-pip \
libpq-dev libmysqlclient-dev
- name: Install Conan
run: pip3 install conan
- name: Detect Conan profile
run: conan profile detect --force
- name: Configure Nexus as primary Conan remote
run: |
conan remote add nexus "${{ secrets.NEXUS_URL }}" --force
conan remote login nexus "${{ secrets.NEXUS_USER }}" \
--password "${{ secrets.NEXUS_PASS }}"
# Nexus first (has testcontainers-sidecar), Conan Center as fallback
conan remote update nexus --index 0
# If NEXUS_URL secret is not set, fall back to building sidecar from source
continue-on-error: true
- name: Build testcontainers-sidecar from source (fallback if no Nexus)
if: env.NEXUS_URL == ''
env:
NEXUS_URL: ${{ secrets.NEXUS_URL }}
TESTCONTAINERS_SIDECAR_SRC: ${{ github.workspace }}/dbal/testcontainers-sidecar
run: |
# Build and register in the local Conan cache so conan install succeeds below.
TESTCONTAINERS_SIDECAR_SRC="$TESTCONTAINERS_SIDECAR_SRC" \
conan create dbal/production/build-config/conan-recipes/testcontainers-sidecar \
-s build_type=Release -s compiler.cppstd=20
- name: Cache Conan packages
uses: actions/cache@v4
with:
path: ~/.conan2/p
key: conan-integration-${{ hashFiles('dbal/production/build-config/conanfile.tests.py') }}
restore-keys: conan-integration-
- name: Install C++ test dependencies (with sidecar from Nexus)
working-directory: dbal/production
run: |
mkdir -p _build && cd _build
conan install ../build-config/conanfile.tests.py \
--output-folder=. \
--build=missing \
-s build_type=Release \
-s compiler.cppstd=20
continue-on-error: true
- name: Configure CMake
working-directory: dbal/production/_build
run: |
cmake .. \
-DCMAKE_BUILD_TYPE=Release \
-DCMAKE_TOOLCHAIN_FILE=./build/Release/generators/conan_toolchain.cmake \
-DBUILD_DAEMON=OFF \
-DBUILD_INTEGRATION_TESTS=ON \
-G Ninja
- name: Build
working-directory: dbal/production/_build
run: cmake --build . --target dbal_integration_tests --parallel
- name: Run integration tests
working-directory: dbal/production/_build
# Docker socket is available by default on ubuntu-latest.
# testcontainers-go will start postgres and mysql containers automatically.
run: ctest -R dbal_integration_tests --output-on-failure -V
- name: Upload results
uses: actions/upload-artifact@v7
if: always()
with:
name: integration-test-results
path: dbal/production/_build/integration_results.xml
Reference in New Issue View Git Blame Copy Permalink