first commit
This commit is contained in:
163
.github/workflows/pr-tests.yml
vendored
Normal file
163
.github/workflows/pr-tests.yml
vendored
Normal file
@@ -0,0 +1,163 @@
|
||||
name: PR Tests (Requires Approval)
|
||||
|
||||
on:
|
||||
# Manual trigger only - requires admin to click "Run workflow" button
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
pr_number:
|
||||
description: "PR number to test (leave empty for current branch)"
|
||||
required: false
|
||||
type: string
|
||||
|
||||
# Prevent concurrent test runs on the same PR
|
||||
concurrency:
|
||||
group: pr-tests-${{ github.event.pull_request.number || github.ref }}
|
||||
cancel-in-progress: true
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
# Check if pipeline should be skipped based on first line of commit message
|
||||
check-skip:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
contents: read
|
||||
outputs:
|
||||
should-skip: ${{ steps.check.outputs.should-skip }}
|
||||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
||||
|
||||
- name: Check if pipeline should be skipped
|
||||
id: check
|
||||
run: |
|
||||
COMMIT_MESSAGE=$(git log -1 --pretty=%B)
|
||||
FIRST_LINE=$(echo "$COMMIT_MESSAGE" | head -n 1)
|
||||
if [[ "$FIRST_LINE" == *"--skip-ci"* ]]; then
|
||||
echo "should-skip=true" >> $GITHUB_OUTPUT
|
||||
else
|
||||
echo "should-skip=false" >> $GITHUB_OUTPUT
|
||||
fi
|
||||
|
||||
# This job shows up immediately and waits for approval
|
||||
run-tests:
|
||||
needs: [check-skip]
|
||||
if: needs.check-skip.outputs.should-skip != 'true'
|
||||
name: Run Tests (Awaiting Approval)
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
# Environment with protection rules - requires admin approval
|
||||
# Note: You need to configure this environment in repo settings
|
||||
environment:
|
||||
name: pr-testing
|
||||
url: ${{ github.event.pull_request.html_url || github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
pull-requests: write
|
||||
|
||||
steps:
|
||||
- name: Harden the runner (Audit all outbound calls)
|
||||
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
|
||||
with:
|
||||
egress-policy: audit
|
||||
|
||||
- name: Checkout repository
|
||||
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
||||
with:
|
||||
ref: ${{ github.event.pull_request.head.sha || github.sha }}
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
|
||||
with:
|
||||
go-version: "1.26.2"
|
||||
|
||||
- name: Set up Node.js
|
||||
uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
|
||||
with:
|
||||
node-version: "25"
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
|
||||
with:
|
||||
python-version: "3.11"
|
||||
|
||||
- name: Add comment to PR
|
||||
if: github.event.pull_request.number
|
||||
env:
|
||||
GH_TOKEN: ${{ github.token }}
|
||||
run: |
|
||||
gh pr comment ${{ github.event.pull_request.number }} --body "🧪 Test run approved and starting...
|
||||
|
||||
**Test Suite Includes:**
|
||||
- 📦 Core Build Validation
|
||||
- 🔌 MCP Test Servers Build
|
||||
- 🔧 Core Provider Tests
|
||||
- 🛡️ Governance Tests
|
||||
- 🔗 Integration Tests
|
||||
|
||||
[View workflow run →](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})"
|
||||
|
||||
- name: Make test script executable
|
||||
run: chmod +x .github/workflows/scripts/run-tests.sh
|
||||
|
||||
- name: Run tests
|
||||
env:
|
||||
# API Keys for provider tests
|
||||
MAXIM_API_KEY: ${{ secrets.MAXIM_API_KEY }}
|
||||
MAXIM_LOGGER_ID: ${{ secrets.MAXIM_LOG_REPO_ID }}
|
||||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
||||
AWS_SESSION_TOKEN: ${{ secrets.AWS_SESSION_TOKEN }}
|
||||
AWS_ARN: ${{ secrets.AWS_ARN }}
|
||||
BEDROCK_API_KEY: ${{ secrets.BEDROCK_API_KEY }}
|
||||
AZURE_ENDPOINT: ${{ secrets.AZURE_ENDPOINT }}
|
||||
AZURE_API_KEY: ${{ secrets.AZURE_API_KEY }}
|
||||
ANTHROPIC_API_KEY: ${{ secrets.ANTHROPIC_API_KEY }}
|
||||
GROQ_API_KEY: ${{ secrets.GROQ_API_KEY }}
|
||||
MISTRAL_API_KEY: ${{ secrets.MISTRAL_API_KEY }}
|
||||
OPENAI_API_KEY: ${{ secrets.OPENAI_API_KEY }}
|
||||
GEMINI_API_KEY: ${{ secrets.GEMINI_API_KEY }}
|
||||
OPENROUTER_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}
|
||||
PARASAIL_API_KEY: ${{ secrets.PARASAIL_API_KEY }}
|
||||
PERPLEXITY_API_KEY: ${{ secrets.PERPLEXITY_API_KEY }}
|
||||
ELEVENLABS_API_KEY: ${{ secrets.ELEVENLABS_API_KEY }}
|
||||
SGL_API_KEY: ${{ secrets.SGL_API_KEY }}
|
||||
CEREBRAS_API_KEY: ${{ secrets.CEREBRAS_API_KEY }}
|
||||
COHERE_API_KEY: ${{ secrets.COHERE_API_KEY }}
|
||||
FIREWORKS_API_KEY: ${{ secrets.FIREWORKS_API_KEY }}
|
||||
VERTEX_CREDENTIALS: ${{ secrets.VERTEX_CREDENTIALS }}
|
||||
VERTEX_PROJECT_ID: ${{ secrets.VERTEX_PROJECT_ID }}
|
||||
HUGGING_FACE_API_KEY: ${{ secrets.HUGGING_FACE_API_KEY }}
|
||||
REPLICATE_API_KEY: ${{ secrets.REPLICATE_API_KEY }}
|
||||
REPLICATE_OWNER : ${{ secrets.REPLICATE_OWNER }}
|
||||
RUNWAY_API_KEY : ${{ secrets.RUNWAY_API_KEY }}
|
||||
run: |
|
||||
echo "Running tests for PR #${{ github.event.pull_request.number || 'manual run' }}"
|
||||
./.github/workflows/scripts/run-tests.sh
|
||||
|
||||
- name: Report test results
|
||||
if: always() && github.event.pull_request.number
|
||||
env:
|
||||
GH_TOKEN: ${{ github.token }}
|
||||
run: |
|
||||
if [ "${{ job.status }}" = "success" ]; then
|
||||
gh pr comment ${{ github.event.pull_request.number }} --body "✅ **All tests passed successfully!**
|
||||
|
||||
All test suites have completed without errors. This PR is ready for review.
|
||||
|
||||
[View detailed results →](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})"
|
||||
else
|
||||
gh pr comment ${{ github.event.pull_request.number }} --body "❌ **Tests failed**
|
||||
|
||||
One or more test suites failed. Please review the failures and update your PR.
|
||||
|
||||
[View detailed results →](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})"
|
||||
fi
|
||||
Reference in New Issue
Block a user