8000 [QA-1608 release-5.3] Github template update by konrad-sol · Pull Request #7109 · TykTechnologies/tyk · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

[QA-1608 release-5.3] Github template update #7109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: release-5.3
Choose a base branch
from
Open

[QA-1608 release-5.3] Github template update #7109

wants to merge 2 commits into from

Conversation

konrad-sol
Copy link
Contributor
@konrad-sol konrad-sol commented Jun 10, 2025
edited by github-actions 8000 bot
Loading

User description

List of changes:

PR Type

Enhancement

Description

  • Refactored API test workflow to use reusable GitHub Actions

  • Simplified environment setup and test execution steps

  • Improved reporting and log collection with modular actions

  • Minor metadata and permission updates in workflows

Changes walkthrough 📝

Relevant files
Enhancement
release.yml
Refactor test workflow to use modular GitHub Actions         

.github/workflows/release.yml

  • Replaced inline scripts with reusable GitHub Actions for test setup
    and execution
  • Simplified environment fetching and test branch selection using custom
    actions
  • Updated reporting and log collection to use dedicated actions
  • Added 'actions: read' permission for release-tests job
    		• +31/-153
    Formatting
    goreleaser.yml
    Minor formatting update                                                                   

    ci/goreleaser/goreleaser.yml

    • Added a blank line at the top for formatting consistency
    		 +1/-0     
    Need help?
  • Type /help how to ... in the comments thread for any questions about PR-Agent usage.
  • Check out the documentation for more information.
    •

    @konrad-sol konrad-sol requested a review from a team as a code owner June 10, 2025 15:10
    @konrad-sol konrad-sol enabled auto-merge (squash) June 10, 2025 15:10
    @github-actions GitHub Actions
    Copy link
    Contributor

    API Changes

    no api changes detected

    @github-actions GitHub Actions
    Copy link
    Contributor

    PR Reviewer Guide 🔍

    Here are some key observations to aid the review process:

    ⏱️ Estimated effort to review: 3 🔵🔵🔵⚪⚪
    🧪 No relevant tests
    🔒 No security concerns identified
    ⚡ Recommended focus areas for review

    Workflow Refactor Validation

    The PR refactors several manual shell/script steps into reusable GitHub Actions. Reviewers should ensure that the new modular actions fully replicate the previous logic, especially for environment setup, test execution, and reporting, and that all required secrets and outputs are correctly passed.

     
        - name: Set test parameters
      uses: TykTechnologies/github-actions/.github/actions/tests/test-controller@main
      id: params
      with:
        variation: ${{ env.VARIATION }}
        base_ref: ${{ env.BASE_REF }}
        test_type: api
api-tests:
  needs:
    - test-controller-api
    - goreleaser
  runs-on: ubuntu-latest-m-2
  env:
    XUNIT_REPORT_PATH: ${{ github.workspace}}/test-results.xml
  permissions:
    id-token: write # This is required for requesting the Github JWT
    contents: read # This is required for actions/checkout
  strategy:
    fail-fast: false
    matrix:
      envfiles: ${{ fromJson(needs.test-controller-api.outputs.envfiles) }}
      pump: ${{ fromJson(needs.test-controller-api.outputs.pump) }}
      sink: ${{ fromJson(needs.test-controller-api.outputs.sink) }}
      exclude:
        - pump: tykio/tyk-pump-docker-pub:v1.8
          sink: $ECR/tyk-sink:master
        - pump: $ECR/tyk-pump:master
          sink: tykio/tyk-mdcb-docker:v2.4
  steps:
    - uses: aws-actions/configure-aws-credentials@v4
      with:
        role-to-assume: arn:aws:iam::754489498669:role/ecr_rw_tyk
        role-session-name: cipush
        aws-region: eu-central-1
    - id: ecr
      uses: aws-actions/amazon-ecr-login@v2
      with:
        mask-password: 'true'
    - name: Setup tmate session only in debug mode
      uses: mxschmitt/action-tmate@v3
      if: runner.debug == '1'
      with:
        detached: true
        limit-access-to-actor: true
        # Only ${{ github.actor }} has access
        # See https://github.com/mxschmitt/action-tmate#use-registered-public-ssh-keys
    - name: Fetch environment from tyk-pro
      uses: TykTechnologies/github-actions/.github/actions/tests/checkout-tyk-pro@main
      with:
        org_gh_token: ${{ github.token }}
    - name: Set up test environment
      uses: TykTechnologies/github-actions/.github/actions/tests/env-up@main
      timeout-minutes: 5
      id: env_up
      with:
        base_ref: ${{ env.BASE_REF }}
        tags: ${{ needs.goreleaser.outputs.ee_tags || needs.goreleaser.outputs.std_tags || format('{0}/tyk-ee:master', steps.ecr.outputs.registry) }}
        github_token: ${{ secrets.ORG_GH_TOKEN }}
        TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }}
        TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }}
    - name: Choose test code branch
      uses: TykTechnologies/github-actions/.github/actions/tests/choose-test-branch@main
      with:
        test_folder: api
        org_gh_token: ${{ secrets.ORG_GH_TOKEN }}
    - name: Run API tests
      uses: TykTechnologies/github-actions/.github/actions/tests/api-tests@main
      timeout-minutes: 30
      id: test_execution
      with:
        user_api_secret: ${{ steps.env_up.outputs.USER_API_SECRET }}
    - name: Generate test reports and collect logs
      uses: TykTechnologies/github-actions/.github/actions/tests/reporting@main
      if: always() && (steps.test_execution.conclusion != 'skipped')
      with:
        report_xml: 'true'
        execution_status: ${{ steps.test_execution.outcome }}
test-controller-distros:
    Secret Handling Consistency

    The new workflow steps use secrets such as ORG_GH_TOKEN, DASH_LICENSE, and MDCB_LICENSE. Confirm that these secrets are available in the workflow context and are not exposed in logs or outputs, and that their usage matches the previous implementation.

     
    - name: Set up test environment
  uses: TykTechnologies/github-actions/.github/actions/tests/env-up@main
  timeout-minutes: 5
  id: env_up
  with:
    base_ref: ${{ env.BASE_REF }}
    tags: ${{ needs.goreleaser.outputs.ee_tags || needs.goreleaser.outputs.std_tags || format('{0}/tyk-ee:master', steps.ecr.outputs.registry) }}
    github_token: ${{ secrets.ORG_GH_TOKEN }}
    TYK_DB_LICENSEKEY: ${{ secrets.DASH_LICENSE }}
    TYK_MDCB_LICENSE: ${{ secrets.MDCB_LICENSE }}

    @github-actions GitHub Actions
    Copy link
    Contributor

    PR Code Suggestions ✨

    No code suggestions found for the PR.

    @buger buger force-pushed the releng/release-5.3 branch from 1958794 to 033f88e Compare June 11, 2025 07:16
    @buger buger force-pushed the releng/release-5.3 branch from 033f88e to fff09e9 Compare June 11, 2025 07:22
    @sonarqubecloud SonarQubeCloud
    Copy link

    Quality Gate Failed Quality Gate failed

    Failed conditions
    10 Security Hotspots
    73.0% Coverage on New Code (required ≥ 80%)
    E Security Rating on New Code (required ≥ A)

    See analysis details on SonarQube Cloud

    Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Reviewers
    No reviews
    Assignees
    No one assigned
    Labels
    Review effort 3/5
    Projects
    None yet
    Milestone
    No milestone
    Development

    Successfully merging this pull request may close these issues.
    1 participant
    @konrad-sol
    0