name: testing

on:
  pull_request:
  push:
    branches:
      - 'forgejo*'
      - 'v*/forgejo*'
  workflow_dispatch:

jobs:
  backend-checks:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    container:
      image: 'data.forgejo.org/oci/node:20-bookworm'
      options: --tmpfs /tmp:exec,noatime
    steps:
      - name: event info
        run: |
          cat <<'EOF'
          ${{ toJSON(github) }}
          EOF
      - uses: https://data.forgejo.org/actions/checkout@v4
      - uses: ./.forgejo/workflows-composite/setup-env
      - run: su forgejo -c 'make deps-backend deps-tools'
      - run: su forgejo -c 'make --always-make -j$(nproc) lint-backend tidy-check swagger-check fmt-check swagger-validate' # ensure the "go-licenses" make target runs
      - uses: ./.forgejo/workflows-composite/build-backend
  frontend-checks:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    container:
      image: 'data.forgejo.org/oci/node:20-bookworm'
      options: --tmpfs /tmp:exec,noatime
    steps:
      - uses: https://data.forgejo.org/actions/checkout@v4
      - run: make deps-frontend
      - run: make lint-frontend
      - run: make checks-frontend
      - run: make test-frontend-coverage
      - run: make frontend
      - name: Install zstd for cache saving
        # works around https://github.com/actions/cache/issues/1169, because the
        # consuming job has zstd and doesn't restore the cache otherwise
        run: |
          apt-get update -qq
          apt-get -q install -qq -y zstd
      - name: "Cache frontend build for playwright testing"
        uses: actions/cache/save@v4
        with:
          path: ${{github.workspace}}/public/assets
          key: frontend-build-${{ github.sha }}
  test-unit:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    needs: [backend-checks, frontend-checks]
    container:
      image: 'data.forgejo.org/oci/node:20-bookworm'
      options: --tmpfs /tmp:exec,noatime
    services:
      elasticsearch:
        image: data.forgejo.org/oci/bitnami/elasticsearch:7
        options: --tmpfs /bitnami/elasticsearch/data
        env:
          discovery.type: single-node
          ES_JAVA_OPTS: "-Xms512m -Xmx512m"
      minio:
        image: data.forgejo.org/oci/bitnami/minio:2024.8.17
        options: >-
          --hostname gitea.minio --tmpfs /bitnami/minio/data:noatime
        env:
          MINIO_DOMAIN: minio
          MINIO_ROOT_USER: 123456
          MINIO_ROOT_PASSWORD: 12345678
    steps:
      - uses: https://data.forgejo.org/actions/checkout@v4
      - uses: ./.forgejo/workflows-composite/setup-env
      - name: install git >= 2.42
        uses: ./.forgejo/workflows-composite/apt-install-from
        with:
          packages: git
      - name: test release-notes-assistant.sh
        run: |
          apt-get -q install -qq -y jq
          ./release-notes-assistant.sh test_main
      - uses: ./.forgejo/workflows-composite/build-backend
      - run: |
          su forgejo -c 'make test-backend test-check'
        timeout-minutes: 120
        env:
          RACE_ENABLED: 'true'
          TAGS: bindata
          TEST_ELASTICSEARCH_URL: http://elasticsearch:9200
  test-e2e:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    needs: [backend-checks, frontend-checks]
    container:
      image: 'data.forgejo.org/oci/playwright:latest'
      options: --tmpfs /tmp:exec,noatime
    steps:
      - uses: https://data.forgejo.org/actions/checkout@v4
        with:
          fetch-depth: 20
      - uses: ./.forgejo/workflows-composite/setup-env
      - name: "Restore frontend build"
        uses: actions/cache/restore@v4
        id: cache-frontend
        with:
          path: ${{github.workspace}}/public/assets
          key: frontend-build-${{ github.sha }}
      - name: "Build frontend (if not cached)"
        if: steps.cache-frontend.outputs.cache-hit != 'true'
        run: |
          su forgejo -c 'make deps-frontend frontend'
      - uses: ./.forgejo/workflows-composite/build-backend
      - name: Get changed files
        id: changed-files
        uses: https://data.forgejo.org/tj-actions/changed-files@v45
        with:
          separator: '\n'
      - run: |
          su forgejo -c 'make generate test-e2e-sqlite'
        timeout-minutes: 120
        env:
          USE_REPO_TEST_DIR: 1
          PLAYWRIGHT_SKIP_BROWSER_DOWNLOAD: 1
          CHANGED_FILES: ${{steps.changed-files.outputs.all_changed_files}}
      - name: Upload test artifacts on failure
        if: failure()
        uses: https://data.forgejo.org/forgejo/upload-artifact@v4
        with:
          name: test-artifacts.zip
          path: tests/e2e/test-artifacts/
          retention-days: 3
  test-remote-cacher:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    needs: [backend-checks, frontend-checks, test-unit]
    container:
      image: 'data.forgejo.org/oci/node:20-bookworm'
      options: --tmpfs /tmp:exec,noatime
    name: ${{ format('test-remote-cacher ({0})', matrix.cacher.name) }}
    strategy:
      matrix:
        cacher:
          - name: redis
            image: data.forgejo.org/oci/bitnami/redis:7.2
            options: --tmpfs /bitnami/redis/data:noatime
          - name: redict
            image: registry.redict.io/redict:7.3.0-scratch
            options: --tmpfs /data:noatime
          - name: valkey
            image: data.forgejo.org/oci/bitnami/valkey:7.2
            options: --tmpfs /bitnami/redis/data:noatime
          - name: garnet
            image: ghcr.io/microsoft/garnet-alpine:1.0.14
            options: --tmpfs /data:noatime
    services:
      cacher:
        image: ${{ matrix.cacher.image }}
        options: ${{ matrix.cacher.options }}
    steps:
      - uses: https://data.forgejo.org/actions/checkout@v4
      - uses: ./.forgejo/workflows-composite/setup-env
      - name: install git >= 2.42
        uses: ./.forgejo/workflows-composite/apt-install-from
        with:
          packages: git
      - uses: ./.forgejo/workflows-composite/build-backend
      - run: |
          su forgejo -c 'make test-remote-cacher test-check'
        timeout-minutes: 120
        env:
          RACE_ENABLED: 'true'
          TAGS: bindata
          TEST_REDIS_SERVER: cacher:${{ matrix.cacher.port }}
  test-mysql:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    needs: [backend-checks, frontend-checks]
    container:
      image: 'data.forgejo.org/oci/node:20-bookworm'
      options: --tmpfs /tmp:exec,noatime
    services:
      mysql:
        image: 'data.forgejo.org/oci/bitnami/mysql:8.4'
        env:
          ALLOW_EMPTY_PASSWORD: yes
          MYSQL_DATABASE: testgitea
          #
          # See also https://codeberg.org/forgejo/forgejo/issues/976
          #
          MYSQL_EXTRA_FLAGS: --innodb-adaptive-flushing=OFF --innodb-buffer-pool-size=4G --innodb-log-buffer-size=128M --innodb-flush-log-at-trx-commit=0 --innodb-flush-log-at-timeout=30 --innodb-flush-method=nosync --innodb-fsync-threshold=1000000000 --disable-log-bin
        options: --tmpfs /bitnami/mysql/data:noatime
    steps:
      - uses: https://data.forgejo.org/actions/checkout@v4
      - uses: ./.forgejo/workflows-composite/setup-env
      - name: install dependencies & git >= 2.42
        uses: ./.forgejo/workflows-composite/apt-install-from
        with:
          packages: git git-lfs
      - uses: ./.forgejo/workflows-composite/build-backend
      - run: |
          su forgejo -c 'make test-mysql-migration test-mysql'
        timeout-minutes: 120
        env:
          USE_REPO_TEST_DIR: 1
  test-pgsql:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    needs: [backend-checks, frontend-checks]
    container:
      image: 'data.forgejo.org/oci/node:20-bookworm'
      options: --tmpfs /tmp:exec,noatime
    services:
      minio:
        image: data.forgejo.org/oci/bitnami/minio:2024.8.17
        env:
          MINIO_ROOT_USER: 123456
          MINIO_ROOT_PASSWORD: 12345678
        options: --tmpfs /bitnami/minio/data
      ldap:
        image: data.forgejo.org/oci/test-openldap:latest
      pgsql:
        image: data.forgejo.org/oci/bitnami/postgresql:15
        env:
          POSTGRESQL_DATABASE: test
          POSTGRESQL_PASSWORD: postgres
          POSTGRESQL_FSYNC: off
          POSTGRESQL_EXTRA_FLAGS: -c full_page_writes=off
        options: --tmpfs /bitnami/postgresql
    steps:
      - uses: https://data.forgejo.org/actions/checkout@v4
      - uses: ./.forgejo/workflows-composite/setup-env
      - name: install dependencies & git >= 2.42
        uses: ./.forgejo/workflows-composite/apt-install-from
        with:
          packages: git git-lfs
      - uses: ./.forgejo/workflows-composite/build-backend
      - run: |
          su forgejo -c 'make test-pgsql-migration test-pgsql'
        timeout-minutes: 120
        env:
          RACE_ENABLED: true
          USE_REPO_TEST_DIR: 1
          TEST_LDAP: 1
  test-sqlite:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    needs: [backend-checks, frontend-checks]
    container:
      image: 'data.forgejo.org/oci/node:20-bookworm'
      options: --tmpfs /tmp:exec,noatime
    steps:
      - uses: https://data.forgejo.org/actions/checkout@v4
      - uses: ./.forgejo/workflows-composite/setup-env
      - name: install dependencies & git >= 2.42
        uses: ./.forgejo/workflows-composite/apt-install-from
        with:
          packages: git git-lfs
      - uses: ./.forgejo/workflows-composite/build-backend
      - run: |
          su forgejo -c 'make test-sqlite-migration test-sqlite'
        timeout-minutes: 120
        env:
          TAGS: sqlite sqlite_unlock_notify
          RACE_ENABLED: true
          TEST_TAGS: sqlite sqlite_unlock_notify
          USE_REPO_TEST_DIR: 1
  security-check:
    if: vars.ROLE == 'forgejo-coding' || vars.ROLE == 'forgejo-testing'
    runs-on: docker
    needs:
      - test-sqlite
      - test-pgsql
      - test-mysql
      - test-remote-cacher
      - test-unit
    container:
      image: 'data.forgejo.org/oci/node:20-bookworm'
      options: --tmpfs /tmp:exec,noatime
    steps:
      - uses: https://data.forgejo.org/actions/checkout@v4
      - uses: ./.forgejo/workflows-composite/setup-env
      - run: su forgejo -c 'make deps-backend deps-tools'
      - run: su forgejo -c 'make security-check'