Specify OS for build-test in workflow #864

Workflow file for this run

	name: Liquibase Test Harness
	on:
	workflow_dispatch:
	push:
	branches:
	- main

	# static value to the workflow group to ensure only one run of the workflow can be in progress at a time.
	concurrency:
	group: liquibase-test-harness
	cancel-in-progress: false

	jobs:
	start-test-harness-infra:
	name: Start Liquibase Test Harness infra
	runs-on: ubuntu-22.04
	permissions:
	checks: write
	pull-requests: write
	contents: write
	id-token: write
	env:
	TF_VAR_TEST_CATALOG: main
	TF_VAR_TEST_SCHEMA: liquibase_harness_test_ds
	outputs:
	DATABRICKS_URL: ${{ steps.collect-databricks-config.outputs.DATABRICKS_URL }}

	steps:
	- name: Checkout code
	uses: actions/checkout@v5

	- name: Configure AWS credentials for vault access
	uses: aws-actions/configure-aws-credentials@v5
	with:
	role-to-assume: ${{ secrets.LIQUIBASE_VAULT_OIDC_ROLE_ARN }}
	aws-region: us-east-1

	- name: Get secrets from vault
	id: vault-secrets
	uses: aws-actions/aws-secretsmanager-get-secrets@v2
	with:
	secret-ids: \|
	,/vault/liquibase
	parse-json-secrets: true

	- run: terraform init
	env:
	TF_VAR_DBX_HOST: ${{ env.TH_DATABRICKS_WORKSPACE_HOST }}
	TF_VAR_DBX_TOKEN: ${{ env.TH_DATABRICKS_WORKSPACE_TOKEN }}
	working-directory: src/test/terraform

	- run: terraform plan
	env:
	TF_VAR_DBX_HOST: ${{ env.TH_DATABRICKS_WORKSPACE_HOST }}
	TF_VAR_DBX_TOKEN: ${{ env.TH_DATABRICKS_WORKSPACE_TOKEN }}
	working-directory: src/test/terraform

	- name: Import and apply
	env:
	TF_VAR_DBX_HOST: ${{ env.TH_DATABRICKS_WORKSPACE_HOST }}
	TF_VAR_DBX_TOKEN: ${{ env.TH_DATABRICKS_WORKSPACE_TOKEN }}
	run: \|
	terraform import databricks_schema.test_harness main.liquibase_harness_test_ds \|\| true
	terraform taint databricks_schema.test_harness \|\| true
	terraform apply -auto-approve
	working-directory: src/test/terraform

	- name: Collect Databricks Config
	id: collect-databricks-config
	working-directory: src/test/terraform
	env:
	TF_VAR_DBX_HOST: ${{ env.TH_DATABRICKS_WORKSPACE_HOST }}
	TF_VAR_DBX_TOKEN: ${{ env.TH_DATABRICKS_WORKSPACE_TOKEN }}
	run: \|
	CLUSTER_ID=$(terraform output -raw endpoint_url)
	DATABRICKS_HOST=${TF_VAR_DBX_HOST#https://}
	echo "DATABRICKS_URL=jdbc:databricks://$DATABRICKS_HOST:443/default;transportMode=http;ssl=1;httpPath=/sql/1.0/warehouses/$CLUSTER_ID;AuthMech=3;ConnCatalog=$TF_VAR_TEST_CATALOG;ConnSchema=$TF_VAR_TEST_SCHEMA;EnableArrow=0" >> $GITHUB_OUTPUT

	- name: Upload the terraform state file
	uses: actions/upload-artifact@v4
	with:
	name: terraform-state
	path: src/test/terraform/terraform.tfstate

	liquibase-test-harness:
	name: Liquibase Test Harness
	runs-on: ubuntu-22.04
	needs: start-test-harness-infra
	permissions:
	checks: write
	pull-requests: write
	contents: write
	packages: write
	id-token: write
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	strategy:
	max-parallel: 1
	matrix:
	liquibase-support-level: [Foundational, Contributed, Advanced] # Define the different test levels to run
	fail-fast: false # Set fail-fast to false to run all test levels even if some of them fail

	steps:
	- name: Checkout code
	uses: actions/checkout@v5

	- name: Configure AWS credentials for vault access
	uses: aws-actions/configure-aws-credentials@v5
	with:
	role-to-assume: ${{ secrets.LIQUIBASE_VAULT_OIDC_ROLE_ARN }}
	aws-region: us-east-1

	- name: Get secrets from vault
	id: vault-secrets
	uses: aws-actions/aws-secretsmanager-get-secrets@v2
	with:
	secret-ids: \|
	,/vault/liquibase
	parse-json-secrets: true

	- name: Setup Temurin Java 17
	uses: actions/setup-java@v5
	with:
	java-version: 17
	distribution: temurin
	cache: "maven"

	- name: maven-settings-xml-action
	uses: whelk-io/maven-settings-xml-action@v22
	with:
	repositories: \|
	[
	{
	"id": "liquibase",
	"url": "https://maven.pkg.github.com/liquibase/liquibase",
	"releases": {
	"enabled": "false"
	},
	"snapshots": {
	"enabled": "true",
	"updatePolicy": "always"
	}
	},
	{
	"id": "liquibase-pro",
	"url": "https://maven.pkg.github.com/liquibase/liquibase-pro",
	"releases": {
	"enabled": "false"
	},
	"snapshots": {
	"enabled": "true",
	"updatePolicy": "always"
	}
	}
	]
	servers: \|
	[
	{
	"id": "liquibase-pro",
	"username": "liquibot",
	"password": "${{ env.LIQUIBOT_PAT_GPM_ACCESS }}"
	},
	{
	"id": "liquibase",
	"username": "liquibot",
	"password": "${{ env.LIQUIBOT_PAT_GPM_ACCESS }}"
	}
	]

	- name: Build with Maven # Build the code with Maven (skip tests)
	run: mvn -B -ntp -Dmaven.test.skip package -Dliquibase.version=master-SNAPSHOT

	- name: Run ${{ matrix.liquibase-support-level }} Liquibase Test Harness # Run the Liquibase test harness at each test level
	if: always() # Run the action even if the previous steps fail
	env:
	WORKSPACE_ID: ${{ env.TH_DATABRICKS_WORKSPACE_ID }}
	TF_VAR_DBX_TOKEN: ${{ env.TH_DATABRICKS_WORKSPACE_TOKEN }}
	run: mvn -B -ntp -DdbPassword=${{env.TF_VAR_DBX_TOKEN}} -DdbUrl='${{needs.start-test-harness-infra.outputs.DATABRICKS_URL}}' -Dtest=liquibase.ext.databricks.${{ matrix.liquibase-support-level }}ExtensionHarnessTestSuite test -Dliquibase.version=master-SNAPSHOT # Run the Liquibase test harness at each test level

	- name: Test Reporter # Generate a test report using the Test Reporter action
	uses: dorny/[email protected]
	if: always() # Run the action even if the previous steps fail
	with:
	name: Liquibase Test Harness - ${{ matrix.liquibase-support-level }} Reports # Set the name of the test report
	path: target/surefire-reports/TEST-*.xml # Set the path to the test report files
	reporter: java-junit # Set the reporter to use
	fail-on-error: false # Set fail-on-error to false to show report even if it has failed tests

	stop-test-harness-infra:
	name: Stop Liquibase Test Harness infra
	needs: [liquibase-test-harness]
	if: always() # Always destroy, even if the previous steps fail
	runs-on: ubuntu-22.04
	permissions:
	checks: write
	pull-requests: write
	contents: write
	id-token: write
	env:
	TF_VAR_TEST_CATALOG: main
	TF_VAR_TEST_SCHEMA: liquibase_harness_test_ds

	steps:
	- name: Checkout code
	uses: actions/checkout@v5

	- name: Configure AWS credentials for vault access
	uses: aws-actions/configure-aws-credentials@v5
	with:
	role-to-assume: ${{ secrets.LIQUIBASE_VAULT_OIDC_ROLE_ARN }}
	aws-region: us-east-1

	- name: Get secrets from vault
	id: vault-secrets
	uses: aws-actions/aws-secretsmanager-get-secrets@v2
	with:
	secret-ids: \|
	,/vault/liquibase
	parse-json-secrets: true

	- run: terraform init
	working-directory: src/test/terraform

	- name: Download the terraform state file
	uses: actions/download-artifact@v5
	with:
	name: terraform-state
	path: src/test/terraform

	- name: Stop test database
	working-directory: src/test/terraform
	env:
	TF_VAR_DBX_HOST: ${{ env.TH_DATABRICKS_WORKSPACE_HOST }}
	TF_VAR_DBX_TOKEN: ${{ env.TH_DATABRICKS_WORKSPACE_TOKEN }}
	run: \|
	set -e
	echo "Checking Terraform-managed resources"
	terraform state list \|\| echo "No resources in Terraform state."

	echo "Fetching Terraform state as JSON"
	TERRAFORM_OUTPUT=$(terraform show -json)

	if [ -z "$TERRAFORM_OUTPUT" ]; then
	echo "Terraform state is empty. Skipping terraform destroy."
	else
	echo "Schema found in Terraform state. Destroying"
	terraform destroy -auto-approve
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Specify OS for build-test in workflow #864

Workflow file

Specify OS for build-test in workflow #864

Uh oh!

Jobs

Run details

Workflow file for this run