🩹 Fix macOS compatibility and adjust test timing for reliability #118
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Cuemon CI Pipeline | |
| on: | |
| pull_request: | |
| branches: [main] | |
| workflow_dispatch: | |
| inputs: | |
| configuration: | |
| type: choice | |
| description: The build configuration to use in the deploy stage. | |
| required: true | |
| default: Release | |
| options: | |
| - Debug | |
| - Release | |
| run_mac_tests: | |
| type: boolean | |
| description: Run the macOS test matrix despite the additional cost and runtime. | |
| default: false | |
| permissions: | |
| contents: read | |
| jobs: | |
| init: | |
| name: initialize | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| run-privileged-jobs: ${{ steps.vars.outputs.run-privileged-jobs }} | |
| run-mac-tests: ${{ steps.vars.outputs.run-mac-tests }} | |
| strong-name-key-filename: ${{ steps.vars.outputs.strong-name-key-filename }} | |
| build-switches: ${{ steps.vars.outputs.build-switches }} | |
| steps: | |
| - id: vars | |
| name: calculate workflow variables | |
| shell: bash | |
| run: | | |
| if [[ "${{ github.event_name }}" == "workflow_dispatch" && "${{ inputs.run_mac_tests }}" == "true" ]]; then | |
| echo "run-mac-tests=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "run-mac-tests=false" >> "$GITHUB_OUTPUT" | |
| fi | |
| if [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.head.repo.full_name }}" != "${{ github.repository }}" ]]; then | |
| echo "run-privileged-jobs=false" >> "$GITHUB_OUTPUT" | |
| echo "strong-name-key-filename=" >> "$GITHUB_OUTPUT" | |
| echo "build-switches=-p:SkipSignAssembly=true" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "run-privileged-jobs=true" >> "$GITHUB_OUTPUT" | |
| echo "strong-name-key-filename=cuemon.snk" >> "$GITHUB_OUTPUT" | |
| echo "build-switches=" >> "$GITHUB_OUTPUT" | |
| fi | |
| prepare_test: | |
| name: 📜 Prepare Test | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 5 | |
| outputs: | |
| json: ${{ steps.test-projects.outputs.result }} | |
| steps: | |
| - name: Checkout | |
| uses: codebeltnet/git-checkout@v1 | |
| - id: test-projects | |
| name: Generate matrix for test projects | |
| uses: codebeltnet/shell-globbing@v2 | |
| with: | |
| pattern: | | |
| test/**/*.csproj | |
| !test/**/Cuemon.Data.SqlClient.Tests.csproj | |
| - name: JSON output | |
| run: echo "${{ steps.test-projects.outputs.result }}" | |
| build: | |
| name: call-build | |
| needs: [init] | |
| strategy: | |
| matrix: | |
| arch: [X64, ARM64] | |
| configuration: [Debug, Release] | |
| uses: codebeltnet/jobs-dotnet-build/.github/workflows/default.yml@v3 | |
| with: | |
| configuration: ${{ matrix.configuration }} | |
| strong-name-key-filename: ${{ needs.init.outputs.strong-name-key-filename }} | |
| build-switches: ${{ needs.init.outputs.build-switches }} | |
| runs-on: ${{ matrix.arch == 'ARM64' && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }} | |
| upload-build-artifact-name: build-${{ matrix.configuration }}-${{ matrix.arch }} | |
| secrets: | |
| GCP_TOKEN: ${{ secrets.GCP_TOKEN }} | |
| GCP_BUCKETNAME: ${{ secrets.GCP_BUCKETNAME }} | |
| pack: | |
| name: call-pack | |
| needs: [build] | |
| strategy: | |
| matrix: | |
| configuration: [Debug, Release] | |
| uses: codebeltnet/jobs-dotnet-pack/.github/workflows/default.yml@v3 | |
| with: | |
| configuration: ${{ matrix.configuration }} | |
| version: ${{ needs.build.outputs.version }} | |
| download-build-artifact-pattern: build-${{ matrix.configuration }}-X64 | |
| test_linux: | |
| name: call-test-linux | |
| needs: [build, prepare_test] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| configuration: [Debug, Release] | |
| project: ${{ fromJson(needs.prepare_test.outputs.json) }} | |
| arch: [X64, ARM64] | |
| uses: codebeltnet/jobs-dotnet-test/.github/workflows/default.yml@v3 | |
| with: | |
| runs-on: ${{ matrix.arch == 'ARM64' && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }} | |
| configuration: ${{ matrix.configuration }} | |
| build-switches: -p:SkipSignAssembly=true | |
| projects: ${{ matrix.project }} | |
| build: true # we need to build due to xUnitv3 | |
| restore: true # we need to restore since we disabled caching | |
| download-pattern: build-${{ matrix.configuration }}-${{ matrix.arch }} | |
| test_windows: | |
| name: call-test-windows | |
| needs: [build, prepare_test] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [X64, ARM64] | |
| configuration: [Debug, Release] | |
| project: ${{ fromJson(needs.prepare_test.outputs.json) }} | |
| uses: codebeltnet/jobs-dotnet-test/.github/workflows/default.yml@v3 | |
| with: | |
| runs-on: ${{ matrix.arch == 'ARM64' && 'windows-11-arm' || 'windows-2025' }} | |
| configuration: ${{ matrix.configuration }} | |
| build-switches: -p:SkipSignAssembly=true | |
| projects: ${{ matrix.project }} | |
| test-arguments: -- RunConfiguration.DisableAppDomain=true | |
| build: true # we need to build for .net48 | |
| restore: true # apparently we need to restore for .net48 | |
| download-pattern: build-${{ matrix.configuration }}-${{ matrix.arch }} | |
| test_mac: | |
| if: ${{ needs.init.outputs.run-mac-tests == 'true' }} | |
| name: call-test-mac | |
| needs: [init, build, prepare_test] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: [X64, ARM64] | |
| configuration: [Debug, Release] | |
| project: ${{ fromJson(needs.prepare_test.outputs.json) }} | |
| uses: codebeltnet/jobs-dotnet-test/.github/workflows/default.yml@v3 | |
| with: | |
| runs-on: ${{ matrix.arch == 'ARM64' && 'macos-26' || 'macos-26-intel' }} | |
| configuration: ${{ matrix.configuration }} | |
| build-switches: -p:SkipSignAssembly=true | |
| projects: ${{ matrix.project }} | |
| build: true # we need to build due to xUnitv3 | |
| restore: true # we need to restore since we disabled caching | |
| download-pattern: build-${{ matrix.configuration }}-${{ matrix.arch }} | |
| integration_test: | |
| if: ${{ needs.init.outputs.run-privileged-jobs == 'true' }} | |
| name: ⚗️ Integration Test | |
| needs: [init, build] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| configuration: [Debug, Release] | |
| project: [ test/**/Cuemon.Data.SqlClient.Tests.csproj ] | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 15 | |
| steps: | |
| - name: Checkout | |
| uses: codebeltnet/git-checkout@v1 | |
| - name: Install .NET | |
| uses: codebeltnet/install-dotnet@v3 | |
| - name: Install .NET Tool - Report Generator | |
| uses: codebeltnet/dotnet-tool-install-reportgenerator@v1 | |
| - name: Spin up SQL Server test dependency for ${{ matrix.configuration }} build | |
| uses: codebeltnet/docker-compose@v1 | |
| with: | |
| command: up | |
| options: --wait | |
| env: | |
| SA_PASSWORD: ${{ secrets.SA_PASSWORD }} | |
| - name: Download Build Artifacts | |
| uses: actions/download-artifact@v8 | |
| with: | |
| pattern: build-${{ matrix.configuration }}-X64 | |
| merge-multiple: true | |
| - name: Fix Linux test apphost permissions | |
| run: | | |
| set -euo pipefail | |
| echo "=== Context ===" | |
| echo "Runner: $RUNNER_OS / $RUNNER_ARCH" | |
| echo "Configuration: ${{ matrix.configuration }}" | |
| echo "Workspace: $GITHUB_WORKSPACE" | |
| echo "PWD: $(pwd)" | |
| echo "Event: $GITHUB_EVENT_NAME" | |
| echo "Ref: $GITHUB_REF" | |
| echo "SHA: $GITHUB_SHA" | |
| echo | |
| echo "=== .NET info ===" | |
| dotnet --info || true | |
| echo | |
| echo "=== Git state ===" | |
| git rev-parse HEAD || true | |
| git status --porcelain || true | |
| git rev-parse --is-shallow-repository || true | |
| echo | |
| # Paths we care about | |
| BIN_GLOB="*/bin/*/net*/*" | |
| OBJ_GLOB="*/obj/*/net*/*" | |
| echo "=== Brute-force chmod (bin + obj) ===" | |
| find . -type f \( -path "$BIN_GLOB" -o -path "$OBJ_GLOB" \) -exec chmod a+x {} + 2>/dev/null || true | |
| echo "chmod completed (errors ignored)." | |
| echo | |
| echo "=== Mount options (look for noexec) ===" | |
| # If binaries live on a noexec mount, chmod won't help. | |
| mount | sed -n '1,200p' || true | |
| echo | |
| echo "=== Candidate executables (top 200) ===" | |
| # Show what we might execute; exclude obvious managed files | |
| find . -type f -path "$BIN_GLOB" \ | |
| ! -name "*.dll" ! -name "*.pdb" ! -name "*.json" ! -name "*.xml" \ | |
| -printf "%m %u:%g %s %p\n" | head -n 200 || true | |
| echo | |
| echo "=== Likely xUnit / test hosts (if present) ===" | |
| # These names vary; do not rely on just *Tests* | |
| find . -type f -path "$BIN_GLOB" \( \ | |
| -name "testhost*" -o \ | |
| -name "*xunit*" -o \ | |
| -name "*Tests*" -o \ | |
| -name "*.runsettings" \ | |
| \) -printf "%m %u:%g %s %p\n" | head -n 200 || true | |
| echo | |
| echo "=== Deep diagnostics for any 'testhost' or apphost candidates ===" | |
| # For each likely executable, show the facts that explain 'permission denied' vs 'exec format error' | |
| while IFS= read -r f; do | |
| echo "--- $f ---" | |
| ls -la "$f" || true | |
| # Identify file type and architecture | |
| file -L "$f" || true | |
| # If it's an ELF binary, show its dynamic interpreter and linked libs (exec format errors often show up here) | |
| if file -L "$f" | grep -q "ELF"; then | |
| echo "readelf -l (interpreter):" | |
| readelf -l "$f" 2>/dev/null | sed -n '1,80p' || true | |
| echo "ldd (dependencies):" | |
| ldd "$f" 2>/dev/null || true | |
| fi | |
| # If it's a script, CRLF in the shebang can cause 'Exec format error' | |
| if head -c 2 "$f" 2>/dev/null | grep -q "#!"; then | |
| echo "shebang:" | |
| head -n 1 "$f" | cat -A || true | |
| fi | |
| echo | |
| done < <( | |
| find . -type f -path "$BIN_GLOB" \( \ | |
| -name "testhost*" -o \ | |
| -name "*xunit*" -o \ | |
| -name "*Tests*" \ | |
| \) | head -n 50 | |
| ) || true | |
| echo "=== Done diagnostics step ===" | |
| shell: bash | |
| - name: Test with ${{ matrix.configuration }} build | |
| uses: codebeltnet/dotnet-test@v4 | |
| with: | |
| projects: ${{ matrix.project }} | |
| configuration: ${{ matrix.configuration }} | |
| build: true # apparently we need to due to xUnitv3 | |
| restore: true # we need to restore since we disabled caching | |
| env: | |
| CONNECTIONSTRINGS__ADVENTUREWORKS: ${{ secrets.DB_ADVENTUREWORKS }} | |
| - name: Take down SQL Server test dependency for ${{ matrix.configuration }} build | |
| uses: codebeltnet/docker-compose@v1 | |
| with: | |
| command: down | |
| test_qualitygate: | |
| if: ${{ always() }} | |
| name: test-qualitygate | |
| needs: [init, test_linux, test_windows, test_mac, integration_test] | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Evaluate test results | |
| shell: bash | |
| env: | |
| RUN_MAC_TESTS: ${{ needs.init.outputs.run-mac-tests }} | |
| RUN_PRIVILEGED_JOBS: ${{ needs.init.outputs.run-privileged-jobs }} | |
| TEST_LINUX_RESULT: ${{ needs.test_linux.result }} | |
| TEST_WINDOWS_RESULT: ${{ needs.test_windows.result }} | |
| TEST_MAC_RESULT: ${{ needs.test_mac.result }} | |
| INTEGRATION_TEST_RESULT: ${{ needs.integration_test.result }} | |
| run: | | |
| require_success() { | |
| local job_name="$1" | |
| local job_result="$2" | |
| if [[ "$job_result" != "success" ]]; then | |
| echo "::error::$job_name finished with '$job_result'." | |
| exit 1 | |
| fi | |
| } | |
| require_success_or_skip() { | |
| local job_name="$1" | |
| local job_enabled="$2" | |
| local job_result="$3" | |
| if [[ "$job_enabled" == "true" ]]; then | |
| require_success "$job_name" "$job_result" | |
| return | |
| fi | |
| if [[ "$job_result" != "success" && "$job_result" != "skipped" ]]; then | |
| echo "::error::$job_name finished with '$job_result' while disabled." | |
| exit 1 | |
| fi | |
| } | |
| require_success "test_linux" "$TEST_LINUX_RESULT" | |
| require_success "test_windows" "$TEST_WINDOWS_RESULT" | |
| require_success_or_skip "test_mac" "$RUN_MAC_TESTS" "$TEST_MAC_RESULT" | |
| require_success_or_skip "integration_test" "$RUN_PRIVILEGED_JOBS" "$INTEGRATION_TEST_RESULT" | |
| sonarcloud: | |
| if: ${{always() && needs.init.outputs.run-privileged-jobs == 'true' && needs.build.result == 'success' && needs.test_qualitygate.result == 'success'}} | |
| name: call-sonarcloud | |
| needs: [init, build, test_qualitygate] | |
| uses: codebeltnet/jobs-sonarcloud/.github/workflows/default.yml@v3 | |
| with: | |
| organization: geekle | |
| projectKey: Cuemon | |
| version: ${{ needs.build.outputs.version }} | |
| secrets: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| codecov: | |
| if: ${{always() && needs.init.outputs.run-privileged-jobs == 'true' && needs.build.result == 'success' && needs.test_qualitygate.result == 'success'}} | |
| name: call-codecov | |
| needs: [init, build, test_qualitygate] | |
| uses: codebeltnet/jobs-codecov/.github/workflows/default.yml@v1 | |
| with: | |
| repository: codebeltnet/cuemon | |
| secrets: | |
| CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
| codeql: | |
| if: ${{always() && needs.init.outputs.run-privileged-jobs == 'true' && needs.build.result == 'success' && needs.test_qualitygate.result == 'success'}} | |
| name: call-codeql | |
| needs: [init, build, test_qualitygate] | |
| uses: codebeltnet/jobs-codeql/.github/workflows/default.yml@v3 | |
| with: | |
| timeout-minutes: 30 | |
| permissions: | |
| security-events: write | |
| deploy: | |
| if: github.event_name != 'pull_request' | |
| name: call-nuget | |
| needs: [build, pack, test_qualitygate, sonarcloud, codecov, codeql] | |
| uses: codebeltnet/jobs-nuget-push/.github/workflows/default.yml@v3 | |
| with: | |
| version: ${{ needs.build.outputs.version }} | |
| environment: Production | |
| configuration: ${{ inputs.configuration == '' && 'Release' || inputs.configuration }} | |
| permissions: | |
| contents: write | |
| packages: write | |
| secrets: | |
| NUGET_TOKEN: ${{ secrets.NUGET_TOKEN }} |