Add entrypoint script for reading environtment variables #1

Workflow file for this run

	# @format

	name: Workflow

	on:
	pull_request:
	branches:
	- main
	push:
	branches:
	- main

	permissions:
	contents: read # to fetch code (actions/checkout)

	# This ensures that previous jobs for the PR are canceled when the PR is
	# updated.
	concurrency:
	group: ${{ github.workflow }}-${{ github.head_ref }}
	cancel-in-progress: true

	jobs:
	lint-job:
	name: Checking Lint
	runs-on: [ubuntu-latest]
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make verifiers

	semgrep-static-code-analysis:
	name: "semgrep checks"
	runs-on: ubuntu-latest
	strategy:
	matrix:
	os: [ubuntu-latest]
	steps:
	- name: Check out source code
	uses: actions/checkout@v5
	- name: Scanning code on ${{ matrix.os }}
	continue-on-error: false
	run: \|
	# Install semgrep rather than using a container due to:
	# https://github.com/actions/checkout/issues/334
	sudo apt install -y python3-pip \|\| apt install -y python3-pip
	pip3 install semgrep
	semgrep --config semgrep.yaml $(pwd)/web-app --error

	ui-assets:
	name: "React Code Has No Warnings & Prettified"
	runs-on: ubuntu-latest
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	cache: "yarn"
	cache-dependency-path: web-app/yarn.lock
	- uses: actions/cache@v4
	id: assets-cache
	name: Assets Cache
	with:
	path: \|
	./web-app/build/
	key: ${{ runner.os }}-assets-${{ github.run_id }}
	- name: Install Dependencies
	working-directory: ./web-app
	continue-on-error: false
	run: \|
	yarn install --immutable
	- name: Check for Warnings in build output
	working-directory: ./web-app
	continue-on-error: false
	run: \|
	./check-warnings.sh
	- name: Check if Files are Prettified
	working-directory: ./web-app
	continue-on-error: false
	run: \|
	./check-prettier.sh
	- name: Check for dead code
	working-directory: ./web-app
	continue-on-error: false
	run: \|
	./check-deadcode.sh

	swagger-codegen:
	name: "Check for uncommitted changes through Swagger Codegen Changes."
	needs:
	- lint-job
	- ui-assets
	runs-on: ubuntu-latest
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- name: Setup Node
	uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	cache: "yarn"
	cache-dependency-path: web-app/yarn.lock
	- name: Install NPM Dependencies
	working-directory: ./web-app
	continue-on-error: false
	run: \|
	yarn install --immutable
	- name: Install go-swagger
	run: \|
	go install github.com/go-swagger/go-swagger/cmd/swagger@latest
	swagger version
	- name: Validate swagger.yml
	run: swagger validate ./swagger.yml
	- name: Run Swagger Codegen
	run: make swagger-gen

	- name: Check for uncommitted changes
	id: git-status
	run: \|
	if [[ -n "$(git status --porcelain)" ]]; then
	echo "Codegen modified files. Please run "make swagger-gen" and commit the changes first:"
	git status --porcelain
	echo "##### Git Diff: #####"
	git --no-pager diff
	exit 1
	else
	echo "No changes detected after codegen."
	fi

	latest-minio:
	name: Test Build latest MinIO with Console
	needs:
	- swagger-codegen
	runs-on: [ubuntu-latest]
	strategy:
	matrix:
	go-version: [1.24.x]
	steps:
	# Clone Console Repo
	- name: Check out code
	uses: actions/checkout@v5
	# To build minio image, we need to clone the repository first
	- name: Clone github.com/minio/minio
	uses: actions/checkout@v5
	with:
	repository: minio/minio
	path: "minio_repository"
	- name: Check-out matching MinIO branch
	env:
	GH_BRANCH: ${{ github.head_ref \|\| github.ref_name }}
	GH_PR_REPO: ${{ github.event.pull_request.head.repo.full_name }}
	run: \|
	cd $GITHUB_WORKSPACE/minio_repository;
	GH_PR_ACCOUNT=`echo $GH_PR_REPO \| sed "s/\\/.*//"`
	if [ ! -z "$GH_PR_ACCOUNT" ] && [ ! "$GH_PR_ACCOUNT" = "minio" ]; then
	ALTREPO="https://github.com/$GH_PR_ACCOUNT/minio.git"
	echo "Attempting to fetch $ALTREPO..."
	git remote add alt $ALTREPO
	(git fetch alt && git checkout "alt/$GH_BRANCH") \|\| echo "$ALTREPO ($GH_BRANCH) not available, so keeping default repository/branch"
	fi
	cd $GITHUB_WORKSPACE;
	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go-minio
	- name: Build on ${{ matrix.os }}
	if: steps.minio-latest-cache.outputs.cache-hit != 'true'
	run: \|
	cd $GITHUB_WORKSPACE;
	echo "Create Console Frontend Webui Assets"
	cd $GITHUB_WORKSPACE/web-app;
	make yarn-dep
	make build-static-release

	echo "Create minio binary";
	cd $GITHUB_WORKSPACE/minio_repository;

	echo "Replace Console with local repo"
	echo "replace github.com/minio/console => ../" >> go.mod

	echo "updates to go.mod needed; to update it: go mod tidy"
	go mod tidy

	make build;

	cd $GITHUB_WORKSPACE
	cp $GITHUB_WORKSPACE/minio_repository/minio .

	- uses: actions/cache/save@v4
	# skip minio binary cache
	if: false
	id: minio-latest-cache
	name: MinIO Latest Cache
	with:
	path: \|
	./minio
	key: ${{ runner.os }}-minio-latest-${{ github.run_id }}

	- uses: actions/upload-artifact@v4
	# skip minio binary upload
	if: false
	with:
	name: minio-console-binary
	path: \|
	./minio

	compile-binary:
	name: Compiles on Go ${{ matrix.go-version }} and ${{ matrix.os }}
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	- swagger-codegen
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}
	- uses: actions/cache@v4
	id: assets-cache
	name: Assets Cache
	with:
	path: \|
	./web-app/build/
	key: ${{ runner.os }}-assets-${{ github.run_id }}
	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make console

	test-nginx-subpath:
	name: Test Subpath with Nginx
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	timeout-minutes: 10
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio

	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, MinIO and Nginx
	run: \|
	(CONSOLE_SUBPATH=/console/subpath ./console server ) & (make test-initialize-minio-nginx)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	run: npx testcafe "firefox:headless" web-app/tests/subpath-nginx/ -q --skip-js-errors -c 3

	- name: Clean up docker
	if: always()
	run: \|
	make cleanup-minio-nginx

	all-permissions-1:
	name: Permissions Tests Part 1
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	timeout-minutes: 10
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio

	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	run: npx testcafe "firefox:headless" web-app/tests/permissions-1/ -q --skip-js-errors -c 3

	- name: Clean up users & policies
	run: \|
	make cleanup-permissions

	all-permissions-2:
	name: Permissions Tests Part 2
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	timeout-minutes: 10
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	run: npx testcafe "firefox:headless" web-app/tests/permissions-2/ -q --skip-js-errors -c 3

	- name: Clean up users & policies
	run: \|
	make cleanup-permissions

	all-permissions-3:
	name: Permissions Tests Part 3
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	timeout-minutes: 10
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	run: npx testcafe "firefox:headless" web-app/tests/permissions-3/ -q --skip-js-errors -c 3

	- name: Clean up users & policies
	run: \|
	make cleanup-permissions

	all-permissions-4:
	name: Permissions Tests Part 4
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	timeout-minutes: 15
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	timeout-minutes: 10
	run: npx testcafe "firefox:headless" web-app/tests/permissions-4/ --skip-js-errors

	all-permissions-5:
	name: Permissions Tests Part 5
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	timeout-minutes: 5
	run: npx testcafe "firefox:headless" web-app/tests/permissions-5/ --skip-js-errors

	all-permissions-6:
	name: Permissions Tests Part 6
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	timeout-minutes: 5
	run: npx testcafe "firefox:headless" web-app/tests/permissions-6/ --skip-js-errors

	all-permissions-7:
	name: Permissions Tests Part 7
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)
	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	timeout-minutes: 5
	run: npx testcafe "firefox:headless" web-app/tests/permissions-7/ --skip-js-errors

	all-permissions-8:
	name: Permissions Tests Part 8
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	timeout-minutes: 5
	run: npx testcafe "firefox:headless" web-app/tests/permissions-8/ --skip-js-errors

	all-permissions-A:
	name: Permissions Tests Part A
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	run: npx testcafe "firefox:headless" web-app/tests/permissions-A/ --skip-js-errors -c 3

	- name: Clean up users & policies
	run: \|
	make cleanup-permissions

	all-permissions-B:
	name: Permissions Tests Part B
	needs:
	- compile-binary
	runs-on: [ubuntu-latest]
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	- name: Install MinIO JS
	working-directory: ./
	continue-on-error: false
	run: \|
	yarn add minio
	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}

	- name: clean-previous-containers-if-any
	run: \|
	docker stop minio \|\| true;
	docker container prune -f \|\| true;

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Install TestCafe
	run: npm install testcafe@3.7.2

	- name: Run TestCafe Tests
	run: npx testcafe "firefox:headless" web-app/tests/permissions-B/ --skip-js-errors -c 3

	- name: Clean up users & policies
	run: \|
	make cleanup-permissions

	test-pkg-on-go:
	name: Test Pkg on Go ${{ matrix.go-version }} and ${{ matrix.os }}
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make test-pkg

	- uses: actions/cache@v4
	id: coverage-cache-pkg
	name: Coverage Cache Pkg
	with:
	path: \|
	./pkg/coverage/
	key: ${{ runner.os }}-coverage-pkg-2-${{ github.run_id }}

	test-api-on-go:
	name: Test API on Go ${{ matrix.go-version }} and ${{ matrix.os }}
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make test

	- uses: actions/cache@v4
	id: coverage-cache-api
	name: Coverage Cache API
	with:
	path: \|
	./api/coverage/
	key: ${{ runner.os }}-coverage-api-2-${{ github.run_id }}

	b-integration-tests:
	name: Integration Tests with Latest Distributed MinIO
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	- compile-binary
	runs-on: ubuntu-latest

	strategy:
	matrix:
	go-version: [1.24.x]

	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- uses: actions/cache@v4
	name: Console Binary Cache
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-${{ github.run_id }}
	- name: Build on ${{ matrix.os }}
	run: \|
	echo "The idea is to build console image from cached binary";
	cd $GITHUB_WORKSPACE;

	TAG="ghcr.io/georgmangold/console:dev"
	echo "Create Console image: $TAG";
	docker build -q --no-cache -t $TAG . -f Dockerfile.release

	echo "We are going to use the latest minio image on test-integration";
	MINIO_VERSION="quay.io/minio/minio:latest";
	echo $MINIO_VERSION;

	make test-integration MINIO_VERSION=$MINIO_VERSION TAG=$TAG;

	- uses: actions/cache@v4
	id: coverage-cache
	name: Coverage Cache
	with:
	path: \|
	./integration/coverage/
	key: ${{ runner.os }}-coverage-2-${{ github.run_id }}

	react-tests:
	name: React Tests
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v5
	- name: Enable Corepack
	run: corepack enable
	- name: Install modules
	working-directory: ./web-app
	run: yarn install --immutable
	- name: Run tests
	working-directory: ./web-app
	run: yarn test --passWithNoTests

	replication:
	name: Site Replication Test
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	- compile-binary
	runs-on: [ubuntu-latest]

	strategy:
	matrix:
	go-version: [1.24.x]

	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	run: \|
	echo "We are going to use the latest minio image on test-integration";
	MINIO_VERSION="quay.io/minio/minio:latest";
	echo $MINIO_VERSION;

	make test-replication MINIO_VERSION=$MINIO_VERSION;
	- uses: actions/cache@v4
	id: coverage-cache-replication
	name: Coverage Cache Replication
	with:
	path: \|
	./replication/coverage/
	key: ${{ runner.os }}-replication-coverage-2-${{ github.run_id }}

	sso-integration:
	name: SSO Integration Test
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	- compile-binary
	runs-on: ubuntu-latest

	strategy:
	matrix:
	go-version: [1.24.x]

	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	run: \|
	echo "We are going to use the latest minio image on test-integration";
	MINIO_VERSION="quay.io/minio/minio:latest";
	echo $MINIO_VERSION;

	make test-sso-integration MINIO_VERSION=$MINIO_VERSION;
	- uses: actions/cache@v4
	id: coverage-cache-sso
	name: Coverage Cache SSO
	with:
	path: \|
	./sso-integration/coverage/
	key: ${{ runner.os }}-sso-coverage-2-${{ github.run_id }}

	coverage:
	name: "Coverage Limit Check"
	needs:
	- b-integration-tests
	- test-api-on-go
	- test-pkg-on-go
	- sso-integration
	- replication
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go
	- name: Check out gocovmerge as a nested repository
	uses: actions/checkout@v5
	with:
	repository: wadey/gocovmerge
	path: gocovmerge

	- uses: actions/cache@v4
	id: coverage-cache
	name: Coverage Cache
	with:
	path: \|
	./integration/coverage/
	key: ${{ runner.os }}-coverage-2-${{ github.run_id }}

	- uses: actions/cache@v4
	id: coverage-cache-sso
	name: Coverage Cache SSO
	with:
	path: \|
	./sso-integration/coverage/
	key: ${{ runner.os }}-sso-coverage-2-${{ github.run_id }}

	- uses: actions/cache@v4
	id: coverage-cache-replication
	name: Coverage Cache Replication
	with:
	path: \|
	./replication/coverage/
	key: ${{ runner.os }}-replication-coverage-2-${{ github.run_id }}

	- uses: actions/cache@v4
	id: coverage-cache-api
	name: Coverage Cache API
	with:
	path: \|
	./api/coverage/
	key: ${{ runner.os }}-coverage-api-2-${{ github.run_id }}

	- uses: actions/cache@v4
	id: coverage-cache-pkg
	name: Coverage Cache Pkg
	with:
	path: \|
	./pkg/coverage/
	key: ${{ runner.os }}-coverage-pkg-2-${{ github.run_id }}

	- name: Get coverage
	run: \|
	echo "change directory to gocovmerge"
	cd gocovmerge
	echo "download golang x tools"
	go mod download golang.org/x/tools
	echo "go mod tidy compat mode"
	go mod tidy -compat=1.24
	echo "go build gocoverage.go"
	go build gocovmerge.go
	echo "put together the outs for final coverage resolution"
	./gocovmerge ../integration/coverage/system.out ../replication/coverage/replication.out ../sso-integration/coverage/sso-system.out ../api/coverage/coverage.out ../pkg/coverage/coverage-pkg.out > all.out

	go tool cover -html=all.out -o $GITHUB_WORKSPACE/all-coverage.html
	go tool cover -html=../integration/coverage/system.out -o $GITHUB_WORKSPACE/system.html
	go tool cover -html=../sso-integration/coverage/sso-system.out -o $GITHUB_WORKSPACE/sso-system.html
	go tool cover -html=../api/coverage/coverage.out -o $GITHUB_WORKSPACE/coverage.html
	go tool cover -html=../pkg/coverage/coverage-pkg.out -o $GITHUB_WORKSPACE/coverage-pkg.html

	echo "grep to obtain the result"
	go tool cover -func=all.out \| grep total > tmp2
	result=`cat tmp2 \| awk 'END {print $3}'`
	result=${result%\%}
	threshold=1.0
	echo "Result:"
	echo "$result%"
	if (( $(echo "$result >= $threshold" \|bc -l) )); then
	echo "It is equal or greater than threshold ($threshold%), passed!"
	else
	echo "It is smaller than threshold ($threshold%) value, failed!"
	exit 1
	fi

	# To save our all.out and all-coverage.html file into an artifact.
	# By default, GitHub stores build logs and artifacts for 90 days.
	- uses: actions/upload-artifact@v4
	with:
	name: coverage-artifact
	path: \|
	./all.out
	./all-coverage.html
	if-no-files-found: error

	ui-assets-istanbul-coverage:
	name: "Assets with Istanbul Plugin for coverage"
	runs-on: ubuntu-latest
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Read .nvmrc
	id: node_version
	run: echo "$(cat .nvmrc)" && echo "NVMRC=$(cat .nvmrc)" >> $GITHUB_ENV
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: ${{ env.NVMRC }}
	cache: "yarn"
	cache-dependency-path: web-app/yarn.lock
	- uses: actions/cache@v4
	id: assets-cache-istanbul-coverage
	name: Assets Cache Istanbul Coverage
	with:
	path: \|
	./web-app/build/
	key: ${{ runner.os }}-assets-istanbul-coverage-${{ github.run_id }}
	- name: Install Dependencies
	working-directory: ./web-app
	continue-on-error: false
	run: \|
	yarn install --immutable
	- name: Check for Warnings in build output
	working-directory: ./web-app
	continue-on-error: false
	run: \|
	./check-warnings-istanbul-coverage.sh

	compile-binary-istanbul-coverage:
	name: "Compile Console Binary with Istanbul Plugin for Coverage"
	needs:
	- lint-job
	- ui-assets-istanbul-coverage
	- semgrep-static-code-analysis
	- compile-binary
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go
	- uses: actions/cache@v4
	name: Console Binary Cache Istanbul Coverage
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-istanbul-coverage-${{ github.run_id }}
	- uses: actions/cache@v4
	id: assets-cache-istanbul-coverage
	name: Assets Cache Istanbul Coverage
	with:
	path: \|
	./web-app/build/
	key: ${{ runner.os }}-assets-istanbul-coverage-${{ github.run_id }}
	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make console

	cross-compile-1:
	name: Cross compile
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make crosscompile arg1="'linux/ppc64le linux/mips64'"

	cross-compile-2:
	name: Cross compile 2
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5
	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make crosscompile arg1="'linux/arm64 linux/s390x'"

	cross-compile-3:
	name: Cross compile 3
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make crosscompile arg1="'darwin/amd64 freebsd/amd64'"

	cross-compile-4:
	name: Cross compile 4
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make crosscompile arg1="'windows/amd64 linux/arm'"

	cross-compile-5:
	name: Cross compile 5
	needs:
	- lint-job
	- ui-assets
	- semgrep-static-code-analysis
	runs-on: ${{ matrix.os }}
	strategy:
	matrix:
	go-version: [1.24.x]
	os: [ubuntu-latest]
	steps:
	- name: Check out code
	uses: actions/checkout@v5

	- name: Set up Go ${{ matrix.go-version }} on ${{ matrix.os }}
	uses: actions/setup-go@v6
	with:
	go-version: ${{ matrix.go-version }}
	id: go

	- name: Build on ${{ matrix.os }}
	env:
	GO111MODULE: on
	GOOS: linux
	run: \|
	make crosscompile arg1="'linux/386 netbsd/amd64'"

	playwright:
	needs:
	- compile-binary-istanbul-coverage
	timeout-minutes: 60
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v5
	- name: Enable Corepack
	run: corepack enable
	- uses: actions/setup-node@v5
	with:
	node-version: 18

	- name: Install dependencies
	run: \|
	echo "Install dependencies"
	cd $GITHUB_WORKSPACE/web-app
	yarn init -y
	yarn add -D playwright babel-plugin-istanbul nyc react-app-rewired create-react-app @playwright/test
	echo "yarn install"
	yarn install --no-immutable

	- name: Install Playwright Browsers
	run: npx playwright install --with-deps

	- uses: actions/cache@v4
	name: Console Binary Cache Istanbul Coverage
	with:
	path: \|
	./console
	key: ${{ runner.os }}-binary-istanbul-coverage-${{ github.run_id }}

	- name: Start Console, front-end app and initialize users/policies
	run: \|
	(./console server) & (make initialize-permissions)

	- name: Run Playwright tests
	run: \|
	echo "Run tests under playwright folder only"
	cd $GITHUB_WORKSPACE/web-app
	yarn remove playwright
	yarn add --dev @playwright/test
	echo "npx playwright test"
	npx playwright test # To run the tests
	echo "npx nyc report"
	npx nyc report # To see report printed in logs as text
	echo "npx nyc report --reporter=html"
	npx playwright test --reporter github # To run the tests

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add entrypoint script for reading environtment variables #1

Workflow file

Add entrypoint script for reading environtment variables #1

Uh oh!

Workflow file for this run