Test

Correctly handle nested fragment spreads on interface fields #7584

Workflow file for this run

	name: Test

	on:
	push:
	branches:
	- main
	pull_request:

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	env:
	NODE_NO_WARNINGS: 1
	CI: true

	jobs:
	unit:
	strategy:
	fail-fast: false
	matrix:
	node-version:
	- 20
	- 22
	- 24
	- 25
	hive-router-runtime:
	- 0
	- 1
	name: Unit / Node v${{matrix.node-version}} / ${{matrix.hive-router-runtime == 1 && 'Router' \|\| 'Stitching'}} Runtime
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
	- name: Set up env
	uses: the-guild-org/shared-config/setup@v1
	with:
	node-version: ${{matrix.node-version}}
	- name: Test
	run: yarn test
	env:
	HIVE_ROUTER_RUNTIME: ${{matrix.hive-router-runtime}}

	unit-bun:
	name: Unit / Bun
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
	- name: Set up env
	uses: the-guild-org/shared-config/setup@v1
	with:
	node-version-file: .node-version
	- name: Test with Stitching Runtime
	uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3
	with:
	timeout_minutes: 10
	max_attempts: 3
	command: yarn test:bun
	- name: Test with Router Runtime
	uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3
	env:
	HIVE_ROUTER_RUNTIME: 1
	with:
	timeout_minutes: 10
	max_attempts: 3
	command: yarn test:bun

	leaks:
	strategy:
	fail-fast: false
	matrix:
	node-version:
	- 20
	- 22
	- 24
	- 25
	hive-router-runtime:
	- 0
	- 1
	name: Leaks / Node v${{matrix.node-version}} / ${{matrix.hive-router-runtime == 1 && 'Router' \|\| 'Stitching'}} Runtime
	needs: [unit] # leak tests run unit tests but check for leaks; if unit tests fail, leaks will fail too - avoid confusion by running them in series
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
	- name: Set up env
	uses: the-guild-org/shared-config/setup@v1
	with:
	node-version: ${{matrix.node-version}}
	- name: Test
	uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3
	env:
	HIVE_ROUTER_RUNTIME: ${{matrix.hive-router-runtime}}
	with:
	timeout_minutes: 10
	max_attempts: 3
	command: yarn test:leaks

	e2e:
	runs-on: ${{ matrix.setup.os }}
	strategy:
	fail-fast: false
	matrix:
	setup:
	# Node
	- workflow-name: Node 20 on Ubuntu
	os: ubuntu-latest
	gateway-runner: node
	hive-router-runtime: 0
	node-version: 20
	- workflow-name: Node 22 on Ubuntu
	os: ubuntu-latest
	gateway-runner: node
	hive-router-runtime: 0
	node-version: 22
	- workflow-name: Node 24 on Ubuntu
	os: ubuntu-latest
	gateway-runner: node
	hive-router-runtime: 0
	node-version: 24
	- workflow-name: Node 25 on Ubuntu
	os: ubuntu-latest
	gateway-runner: node
	hive-router-runtime: 0
	node-version: 25
	- workflow-name: Node 25 on Ubuntu with Router Runtime
	os: ubuntu-latest
	gateway-runner: node
	hive-router-runtime: 1
	node-version: 25

	# Node on Docker
	- workflow-name: Node Docker on Ubuntu
	os: ubuntu-latest
	gateway-runner: docker
	hive-router-runtime: 0

	# Node Binary
	- workflow-name: Node Binary on Ubuntu
	os: ubuntu-latest
	gateway-runner: bin
	hive-router-runtime: 0
	- workflow-name: Node Binary on Windows
	os: windows-latest
	gateway-runner: bin
	hive-router-runtime: 0

	# Should be the same with Linux
	# - workflow-name: Node Binary on MacOS Arm64
	# os: macos-15 # MacOS Arm64
	# gateway-runner: bin
	# hive-router-runtime: 0
	# - workflow-name: Node Binary on MacOS x86_64
	# os: macos-15-intel # MacOS x86_64
	# gateway-runner: bin
	# hive-router-runtime: 0

	# Bun
	- workflow-name: Bun on Ubuntu
	os: ubuntu-latest
	gateway-runner: bun
	hive-router-runtime: 0
	- workflow-name: Bun on Ubuntu with Router Runtime
	os: ubuntu-latest
	gateway-runner: bun
	hive-router-runtime: 1
	- workflow-name: Bun Docker on Ubuntu
	os: ubuntu-latest
	gateway-runner: bun-docker
	hive-router-runtime: 0

	name: E2E / ${{matrix.setup.workflow-name}}
	steps:
	- name: Checkout
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
	- if: runner.os == 'Windows'
	name: Cache WMIC
	id: cache-wmic
	uses: actions/cache@v4
	with:
	path: \|
	C:\Windows\System32\wbem\WMIC.exe
	C:\Windows\System32\wbem\wmic.exe
	key: wmic-${{ matrix.setup.os }}
	- if: runner.os == 'Windows' && !contains(steps.cache-wmic.outputs.cache-hit, 'true')
	name: Enable WMIC
	run: DISM /Online /Add-Capability /CapabilityName:WMIC~~~~
	- name: Check if WMIC is installed
	if: runner.os == 'Windows'
	run: C:\Windows\System32\wbem\wmic.exe /?
	- name: Add WMIC to PATH
	if: runner.os == 'Windows'
	run: echo "C:\Windows\System32\wbem" >> "$GITHUB_PATH"
	- name: Check if WMIC works
	if: runner.os == 'Windows'
	run: wmic /?
	- if: matrix.setup.gateway-runner == 'docker' \|\| matrix.setup.gateway-runner == 'bun-docker'
	name: Set up Docker Buildx
	uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
	- if: runner.os == 'Windows'
	name: Install Windows SDK
	run: scripts\install-winsdk.ps1
	- name: Set up env
	uses: the-guild-org/shared-config/setup@v1
	with:
	node-version-file: .node-version # if matrix.setup.node-version is not provided, the version from the file will be used
	node-version: ${{matrix.setup.node-version}}
	- if: runner.os == 'Linux'
	name: Hash Docker Images
	id: hash-docker-images
	run: \| # get all "image: '" occurrences in the e2e tests and hash them
	echo "result=$(grep -r -h "image: '" e2e \| shasum \| base64)" >> "$GITHUB_OUTPUT"
	- if: runner.os == 'Linux'
	name: Cache Docker Images
	uses: ScribeMD/docker-cache@e1be5d7e63cc5f0c6400d8cb86d3d899a7fd71e2 # 0.5.0 + https://github.com/ScribeMD/docker-cache/pull/838
	continue-on-error: true
	with:
	key: docker-images-${{ runner.os }}-${{ steps.hash-docker-images.outputs.result }}
	- if: matrix.setup.gateway-runner == 'docker' \|\| matrix.setup.gateway-runner == 'bun-docker' \|\| matrix.setup.gateway-runner == 'bin'
	name: Build # TODO: necessary only because rollup does not use tsconfig paths within node_modules and we have packages scattered between Mesh and Hive GW repos
	run: yarn build
	- if: matrix.setup.gateway-runner == 'docker' \|\| matrix.setup.gateway-runner == 'bun-docker' \|\| matrix.setup.gateway-runner == 'bin'
	name: Bundle
	env:
	E2E_GATEWAY_RUNNER: ${{matrix.setup.gateway-runner}}
	run: yarn workspace @graphql-hive/gateway bundle
	- if: matrix.setup.gateway-runner == 'docker' \|\| matrix.setup.gateway-runner == 'bun-docker'
	name: Bake
	uses: docker/bake-action@3acf805d94d93a86cce4ca44798a76464a75b88c # v6
	with:
	source: .
	targets: e2e${{ matrix.setup.gateway-runner == 'bun-docker' && '_bun' \|\| '' }}
	set: \|
	*.cache-from=type=gha
	*.cache-to=type=gha,mode=max
	# we must load so that the e2e tests can use the cached image
	load: true
	- if: matrix.setup.gateway-runner == 'bin'
	name: Package binary
	run: yarn workspace @graphql-hive/gateway tsx scripts/package-binary
	- name: Test
	uses: nick-fields/retry@ce71cc2ab81d554ebbe88c79ab5975992d79ba08 # v3
	with:
	timeout_minutes: 10
	max_attempts: 3
	command: yarn test:e2e
	env:
	HIVE_ROUTER_RUNTIME: ${{matrix.setup.hive-router-runtime}}
	E2E_GATEWAY_RUNNER: ${{matrix.setup.gateway-runner}}
	E2E_TEST_APOLLO_GRAPH_REF: ${{secrets.E2E_TEST_APOLLO_GRAPH_REF}}
	E2E_TEST_APOLLO_KEY: ${{secrets.E2E_TEST_APOLLO_KEY}}

	security:
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	runtime: [Node, Bun]
	name: Security / ${{matrix.runtime}} Docker Image
	steps:
	- name: Checkout
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3
	- name: Set up env
	uses: the-guild-org/shared-config/setup@v1
	with:
	node-version-file: .node-version
	- name: Build
	run: yarn build
	- name: Bundle
	env:
	E2E_GATEWAY_RUNNER: ${{ matrix.runtime == 'Bun' && 'bun-docker' \|\| 'docker' }}
	run: yarn workspace @graphql-hive/gateway bundle
	- name: Bake
	uses: docker/bake-action@3acf805d94d93a86cce4ca44798a76464a75b88c # v6
	with:
	source: .
	# we build the e2e image because the release image cant be loaded due to annotations and platforms
	# but the e2e image builds _from_ the release image, so it's actually the same
	targets: e2e${{ matrix.runtime == 'Bun' && '_bun' \|\| '' }}
	set: \|
	*.cache-from=type=gha
	*.cache-to=type=gha,mode=max
	# we must load so that the created image can be scanned
	load: true
	- name: Scan
	uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
	with:
	image-ref: ghcr.io/graphql-hive/gateway:e2e${{ matrix.runtime == 'Bun' && '-bun' \|\| '' }}
	format: table
	exit-code: 1
	severity: CRITICAL,HIGH,MEDIUM # fail if the following severity vulnerabilities are found
	ignore-unfixed: true # there really nothing we can do about unfixed cves

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Correctly handle nested fragment spreads on interface fields #7584

Workflow file

Correctly handle nested fragment spreads on interface fields #7584

Uh oh!

Jobs

Run details

Workflow file for this run