-
Notifications
You must be signed in to change notification settings - Fork 390
254 lines (227 loc) · 8.71 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
name: CI
on:
push:
branches:
- 'main'
pull_request_target:
env:
STRIPE_PUBLISHABLE_KEY: ${{ secrets.TEST_STRIPE_PUBLISHABLE_KEY }}
STRIPE_SECRET_KEY: ${{ secrets.TEST_STRIPE_SECRET_KEY }}
MAINTAINERS: |
cecilphillip-stripe
charliegerard-stripe
dependabot[bot]
erinkavanaugh-stripe
hideokamoto-stripe
kevinpeters-stripe
paulasjes-stripe
concurrency:
group: ci-${{ github.event.pull_request.head.ref || github.ref }}
cancel-in-progress: true
jobs:
require-permission:
runs-on: ubuntu-latest
steps:
- name: 'check if the triggering actor is one of the maintainers'
run: |
while read item; do
if [[ "$item" == "${{ github.triggering_actor }}" ]]; then
exit # safe to run tests with write permission
fi
done <<< "$MAINTAINERS"
echo 'CI have to be re-run by one of the $MAINTAINERS' >> $GITHUB_STEP_SUMMARY
exit 1
changed_files:
runs-on: ubuntu-latest
needs: require-permission
outputs:
files: ${{ steps.diff.outputs.files }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.after || github.event.pull_request.head.sha }}
fetch-depth: 0
- name: 'Collect changed files'
id: diff
run: |
echo 'files<<EOF' >> $GITHUB_OUTPUT
git diff --name-only --merge-base origin/main >> $GITHUB_OUTPUT
echo 'EOF' >> $GITHUB_OUTPUT
server_test:
needs: changed_files
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
runtime:
- server_type: ruby
server_image: ruby:latest
- server_type: ruby
server_image: ruby:2.7
- server_type: node
server_image: node:latest
- server_type: node
server_image: node:lts
- server_type: python
server_image: python:latest
- server_type: python
server_image: python:3.8
- server_type: java
server_image: maven:latest
- server_type: java
server_image: maven:3.8-openjdk-8
- server_type: go
server_image: golang:latest
- server_type: go
server_image: golang:1.17
- server_type: dotnet
server_image: mcr.microsoft.com/dotnet/sdk:6.0
- server_type: php-slim
server_image: composer:2.2
target:
- sample: usage-based-subscriptions
tests: usage_based_server_spec.rb
client_dir: ../../client
- sample: fixed-price-subscriptions
tests: fixed_price_server_spec.rb
client_dir: ../../client/vanillajs
exclude:
- target:
sample: usage-based-subscriptions
runtime:
server_type: php-slim
steps:
- id: if_running
run: |
prefix="${{ matrix.target.sample }}/server/${{ matrix.runtime.server_type }}"
if [[ "${{ github.event.pull_request.head.ref || github.ref }}" = "refs/heads/main" ]] || \
[[ $(echo "${{ needs.changed_files.outputs.files }}" | grep -E "^${prefix}") ]]
then echo 'running=true' >> $GITHUB_OUTPUT
fi
- uses: actions/checkout@v4
if: ${{ steps.if_running.outputs.running }}
with:
ref: ${{ github.event.after || github.event.pull_request.head.sha }}
- uses: actions/checkout@v4
if: ${{ steps.if_running.outputs.running }}
with:
repository: 'stripe-samples/sample-ci'
path: 'sample-ci'
- name: Run tests
if: ${{ steps.if_running.outputs.running }}
run: |
rm -rf usage-based-subscriptions/server/dotnet/ReportUsage # causes "Program.cs(14,28): error CS0017: Program has more than one entry point defined."
source sample-ci/helpers.sh
setup_dependencies
install_docker_compose_settings
export STRIPE_WEBHOOK_SECRET=$(retrieve_webhook_secret)
cat <<EOF >> .env
BASIC=${{ secrets.TEST_BASIC_PRICE }}
PREMIUM=${{ secrets.TEST_PREMIUM_PRICE }}
EOF
configure_docker_compose_for_integration "${{ matrix.target.sample }}" "${{ matrix.runtime.server_type }}" "${{ matrix.target.client_dir }}" "${{ matrix.runtime.server_image }}"
docker-compose up -d && wait_web_server
docker-compose exec -T runner bundle exec rspec spec/${{ matrix.target.tests }}
- name: Collect debug information
if: ${{ steps.if_running.outputs.running && failure() }}
run: |
cat .env
cat docker-compose.yml
docker-compose ps -a
docker-compose logs web
e2e_test:
needs: changed_files
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
implementation:
- client_type: vanillajs
server_url: http://web:4242
profile: e2e
- client_type: react
server_url: http://frontend:3000
profile: frontend
target:
- sample: fixed-price-subscriptions
tests: fixed_price_e2e_spec.rb
env:
SERVER_URL: ${{ matrix.implementation.server_url }}
steps:
- id: if_running
run: |
prefix="${{ matrix.target.sample }}/client/${{ matrix.implementation.client_type }}"
if [[ "${{ github.event.pull_request.head.ref || github.ref }}" = "refs/heads/main" ]] || \
[[ $(echo "${{ needs.changed_files.outputs.files }}" | grep -E "^${prefix}") ]]
then echo 'running=true' >> $GITHUB_OUTPUT
fi
- uses: actions/checkout@v4
if: ${{ steps.if_running.outputs.running }}
with:
ref: ${{ github.event.after || github.event.pull_request.head.sha }}
- uses: actions/checkout@v4
if: ${{ steps.if_running.outputs.running }}
with:
repository: 'stripe-samples/sample-ci'
path: 'sample-ci'
- name: Run tests
if: ${{ steps.if_running.outputs.running }}
run: |
sed -i -E 's/http:\/\/localhost:4242/http:\/\/web:4242/' ${{ matrix.target.sample }}/client/react/vite.config.mjs
ln -s react-cra sample-ci/docker/react
source sample-ci/helpers.sh
setup_dependencies
install_docker_compose_settings
export STRIPE_WEBHOOK_SECRET=$(retrieve_webhook_secret)
cat <<EOF >> .env
DOMAIN=${{ matrix.implementation.server_url }}
BASIC=${{ secrets.TEST_BASIC_PRICE }}
PREMIUM=${{ secrets.TEST_PREMIUM_PRICE }}
EOF
configure_docker_compose_for_integration "${{ matrix.target.sample }}" node ../../client/${{ matrix.implementation.client_type }} node:lts
docker-compose --profile="${{ matrix.implementation.profile }}" up -d && wait_web_server
command="docker-compose exec -T runner bundle exec rspec spec/${{ matrix.target.tests }}"
$command \
|| $command --only-failures \
|| $command --only-failures --format RSpec::Github::Formatter --format progress
- name: Collect debug information
if: ${{ steps.if_running.outputs.running && failure() }}
run: |
cat .env
cat docker-compose.yml
docker-compose ps -a
docker-compose --profile="${{ matrix.implementation.profile }}" logs web frontend
docker cp $(docker-compose ps -qa runner | head -1):/work/tmp .
- name: Upload capybara screenshots
if: ${{ steps.if_running.outputs.running && failure() }}
uses: actions/upload-artifact@v4
with:
name: screenshots
path: |
tmp/capybara
auto-merge-dependabot-prs:
if: ${{ github.event.pull_request && github.actor == 'dependabot[bot]' }}
needs:
- server_test
- e2e_test
permissions:
contents: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- name: Dependabot metadata
id: metadata
uses: dependabot/fetch-metadata@v1.1.1
with:
github-token: '${{ secrets.GITHUB_TOKEN }}'
- name: Enable auto-merge for Stripe SDKs
if: |
(contains(steps.metadata.outputs.dependency-names, 'github.com/stripe/stripe-go/v72') ||
contains(steps.metadata.outputs.dependency-names, 'Stripe.net') ||
contains(steps.metadata.outputs.dependency-names, 'com.stripe:stripe-java') ||
contains(steps.metadata.outputs.dependency-names, 'stripe/stripe-php') ||
contains(steps.metadata.outputs.dependency-names, 'stripe'))
run: gh pr merge --auto --merge "$PR_URL"
env:
PR_URL: ${{github.event.pull_request.html_url}}
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}