Publish test results using EnricoMi/publish-unit-test-result-action

docker-client · Aug 25, 2023 · 4c444a7 · 4c444a7
1 parent 4175c79
commit 4c444a7
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 33 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -6,11 +6,26 @@ on:
     branches-ignore:
       - main
 jobs:
+  event-file:
+    # https://github.com/marketplace/actions/publish-test-results#support-fork-repositories-and-dependabot-branches
+    name: "Event File"
+    runs-on: ubuntu-latest
+    steps:
+      - name: Upload
+        uses: actions/upload-artifact@v3
+        with:
+          name: event-file
+          path: ${{ github.event_path }}
   ci-build:
     strategy:
       matrix:
-        os: [ ubuntu-latest, windows-latest, macos-latest ]
-        java: [ 8, 17 ]
+        os:
+          - ubuntu-latest
+          - windows-latest
+          - macos-latest
+        java:
+          - 8
+          - 17
     runs-on: ${{ matrix.os }}
     timeout-minutes: 20
     steps:
@@ -22,14 +37,16 @@ jobs:
         with:
           distribution: 'zulu'
           java-version: ${{ matrix.java }}
-          cache: 'gradle'
+      - name: Setup Gradle
+        uses: gradle/gradle-build-action@v2
       - name: clean build
         run: ./gradlew clean build --info --stacktrace
       - name: Upload Test Results
         # see publish-test-results.yml for workflow that publishes test results without security issues for forks
+        # https://github.com/marketplace/actions/publish-test-results#support-fork-repositories-and-dependabot-branches
+        if: always()
         uses: actions/upload-artifact@v3
-        if: ${{ always() }}
         with:
-          name: test-results
+          name: Test Results (Java ${{ matrix.java }} on ${{ matrix.os }})
           path: '**/build/test-results/test/TEST-*.xml'
 ...
diff --git a/.github/workflows/publish-test-results.yml b/.github/workflows/publish-test-results.yml
@@ -10,41 +10,41 @@ on:
   workflow_run:
     workflows:
       - CI
+      - Publish
     types:
       - completed
+permissions: {}
 
 jobs:
-  # Job based on https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+  # Job based on
+  # - https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
+  # - https://github.com/marketplace/actions/publish-test-results#support-fork-repositories-and-dependabot-branches
   publish-test-results:
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: github.event.workflow_run.conclusion != 'skipped'
+
+    permissions:
+      checks: write
+      # needed unless run with comment_mode: off
+      pull-requests: write
+      # only needed for private repository
+      #contents: read
+      # only needed for private repository
+      #issues: read
+      # required by download step to access artifacts API
+      actions: read
+
     steps:
-      # Unfortunately, the official actions/download-artifact action is very limited in scope.
-      # Can't use it yet in this context, https://github.com/actions/download-artifact/issues/60
-      - name: Download artifact
-        uses: actions/github-script@v6
+      - name: Download and Extract Artifacts
+        uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615
         with:
-          script: |
-            var artifacts = await github.rest.actions.listWorkflowRunArtifacts({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               run_id: ${{ github.event.workflow_run.id }},
-            });
-            var matchArtifact = artifacts.data.artifacts.filter((artifact) => {
-              return artifact.name == "test-results"
-            })[0];
-            var download = await github.rest.actions.downloadArtifact({
-               owner: context.repo.owner,
-               repo: context.repo.repo,
-               artifact_id: matchArtifact.id,
-               archive_format: 'zip',
-            });
-            var fs = require('fs');
-            fs.writeFileSync('${{github.workspace}}/test-results.zip', Buffer.from(download.data));
-      - run: unzip test-results.zip
+          run_id: ${{ github.event.workflow_run.id }}
+          path: artifacts
       - name: Publish Test Results
-        uses: scacap/action-surefire-report@v1
+        uses: EnricoMi/publish-unit-test-result-action@v2
         with:
-          commit: ${{ github.event.workflow_run.head_commit.id }}
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          report_paths: '**/build/test-results/test/TEST-*.xml'
+          commit: ${{ github.event.workflow_run.head_sha }}
+          event_file: artifacts/event-file/event.json
+          event_name: ${{ github.event.workflow_run.event }}
+          files: "artifacts/**/build/test-results/test/TEST-*.xml"
+...