Testing in CI #4345
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Do not edit this file. This file is generated automatically by executing | |
| # python scripts/split-tox-gh-actions/split-tox-gh-actions.py | |
| name: Test AWS Lambda | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - release/** | |
| - sentry-sdk-2.0 | |
| # XXX: We are using `pull_request_target` instead of `pull_request` because we want | |
| # this to run on forks with access to the secrets necessary to run the test suite. | |
| # Prefer to use `pull_request` when possible. | |
| pull_request_target: | |
| types: [labeled, opened, reopened, synchronize] | |
| # Cancel in progress workflows on pull_requests. | |
| # https://docs.github.com/en/actions/using-jobs/using-concurrency#example-using-a-fallback-value | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} | |
| cancel-in-progress: true | |
| permissions: | |
| contents: read | |
| # `write` is needed to remove the `Trigger: tests using secrets` label | |
| pull-requests: write | |
| env: | |
| SENTRY_PYTHON_TEST_AWS_ACCESS_KEY_ID: ${{ secrets.SENTRY_PYTHON_TEST_AWS_ACCESS_KEY_ID }} | |
| SENTRY_PYTHON_TEST_AWS_SECRET_ACCESS_KEY: ${{ secrets.SENTRY_PYTHON_TEST_AWS_SECRET_ACCESS_KEY }} | |
| BUILD_CACHE_KEY: ${{ github.sha }} | |
| CACHED_BUILD_PATHS: | | |
| ${{ github.workspace }}/dist-serverless | |
| jobs: | |
| check-permissions: | |
| name: permissions check | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - uses: actions/checkout@v4.1.7 | |
| with: | |
| persist-credentials: false | |
| - name: Check permissions on PR | |
| if: github.event_name == 'pull_request_target' | |
| run: | | |
| python3 -uS .github/workflows/scripts/trigger_tests_on_label.py \ | |
| --repo-id ${{ github.event.repository.id }} \ | |
| --pr ${{ github.event.number }} \ | |
| --event ${{ github.event.action }} \ | |
| --username "$ARG_USERNAME" \ | |
| --label-names "$ARG_LABEL_NAMES" | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| # these can contain special characters | |
| ARG_USERNAME: ${{ github.event.pull_request.user.login }} | |
| ARG_LABEL_NAMES: ${{ toJSON(github.event.pull_request.labels.*.name) }} | |
| - name: Check permissions on repo branch | |
| if: github.event_name == 'push' | |
| run: true | |
| check_required_tests: | |
| name: All AWS Lambda tests passed | |
| # Always run this, even if a dependent job failed | |
| if: always() | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Check for failures | |
| if: contains(needs.test-aws_lambda-pinned.result, 'failure') || contains(needs.test-aws_lambda-pinned.result, 'skipped') | |
| run: | | |
| echo "One of the dependent jobs has failed. You may need to re-run it." && exit 1 |