kosli-dev · sami-alajrami · Feb 27, 2025 · Feb 26, 2025 · Feb 26, 2025 · Feb 26, 2025
diff --git a/.github/workflows/daily-cli-tests.yml b/.github/workflows/daily-cli-tests.yml
@@ -0,0 +1,49 @@
+name: Daily CLI Tests
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 9 * * 1,2,3,4,5"
+
+jobs:
+  set-trail-name:
+    runs-on: ubuntu-latest
+    outputs:
+      trail_name: ${{ steps.prep.outputs.trail_name }}
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Prepare
+        id: prep
+        run: |
+          TRAIL_NAME=$(echo $GITHUB_SHA | head -c 7)
+
+          echo "TRAIL_NAME=${TRAIL_NAME}" >> $GITHUB_ENV
+          echo "trail_name=$TRAIL_NAME" >> $GITHUB_OUTPUT
+
+  test:
+    needs: [set-trail-name]
+    uses: ./.github/workflows/test.yml
+    with:
+      AWS_ACCOUNT_ID: 772819027869
+      AWS_REGION: eu-central-1
+      FLOW_NAME: cli-daily-tests
+      TRAIL_NAME: ${{ needs.set-trail-name.outputs.trail_name }}
+      KOSLI_ORG: kosli-public
+      run_lint: false
+      run_snyk: false
+      report_results: false
+
+    secrets:
+      github_access_token: ${{ secrets.KOSLI_GITHUB_TOKEN }}
+      gitlab_access_token: ${{ secrets.KOSLI_GITLAB_TOKEN }}
+      azure_access_token: ${{ secrets.KOSLI_AZURE_TOKEN }}
+      azure_client_id: ${{ secrets.AZURE_CLIENT_ID }}
+      azure_client_secret: ${{ secrets.AZURE_CLIENT_SECRET }}
+      bitbucket_access_token: ${{ secrets.KOSLI_BITBUCKET_ACCESS_TOKEN }}
+      jira_api_token: ${{ secrets.KOSLI_JIRA_API_TOKEN }}
+      slack_webhook: ${{ secrets.MERKELY_SLACK_CI_FAILURES_WEBHOOK }}
+      slack_channel: ci-failures
+      snyk_token: ${{ secrets.SNYK_TOKEN }}
+      kosli_api_token: ${{ secrets.KOSLI_PUBLIC_API_TOKEN }}
+      sonarqube_token: ${{ secrets.KOSLI_SONARQUBE_TOKEN }}
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -4,8 +4,6 @@ on:
   push:
     branches:
       - "**"
-  schedule:
-    - cron: "0 9 * * 1,2,3,4,5"
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -83,6 +83,7 @@ jobs:
       jira_api_token: ${{ secrets.KOSLI_JIRA_API_TOKEN }}
       snyk_token: ${{ secrets.SNYK_TOKEN }}
       kosli_api_token: ${{ secrets.KOSLI_PUBLIC_API_TOKEN }}
+      sonarqube_token: ${{ secrets.KOSLI_SONARQUBE_TOKEN }}
 
   docker:
     needs: [pre-build, init-kosli, test]

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -18,6 +18,18 @@ on:
       KOSLI_ORG:
         required: true
         type: string
+      run_lint:
+        required: false
+        type: boolean
+        default: true
+      run_snyk:
+        required: false
+        type: boolean
+        default: true
+      report_results:
+        required: false
+        type: boolean
+        default: true
     secrets:
       slack_channel:
         required: true
@@ -49,6 +61,7 @@ on:
 
 jobs:
   lint:
+    if: ${{ inputs.run_lint }}
     name: Lint
     runs-on: ubuntu-latest
     permissions:
@@ -76,7 +89,7 @@ jobs:
         args: --timeout=5m -v
 
     - name: Report lint to Kosli
-      if:  ${{ (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')) &&  (success() || failure()) }}
+      if:  ${{ (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')) &&  (success() || failure()) && inputs.report_results }}
       env:
         KOSLI_API_TOKEN: ${{ secrets.kosli_api_token }}
       run: kosli attest generic 
@@ -149,7 +162,7 @@ jobs:
         make test_integration_full
 
     - name: Report test to Kosli
-      if:  ${{ (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')) &&  (success() || failure()) }}
+      if:  ${{ (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')) && (success() || failure()) && inputs.report_results }}
       env:
         KOSLI_API_TOKEN: ${{ secrets.kosli_api_token }}
       run: kosli attest junit 
@@ -159,6 +172,7 @@ jobs:
            --org ${{ inputs.KOSLI_ORG }}
 
     - name: Upload coverage reports to Codecov
+      if: ${{ inputs.report_results }}
       uses: codecov/codecov-action@v4
 
     - name: Slack Notification on Failure
@@ -172,7 +186,8 @@ jobs:
         SLACK_WEBHOOK: ${{ secrets.slack_webhook }}
 
   snyk-code:
-    if: false  # Have reached limit of 200 tests this month
+    if: false # Disable snyk code scans because we reached the monthly limit
+    #if: ${{ inputs.run_snyk }}  # Uncomment this when we re-enable snyk code scans
     name: Snyk Code
     runs-on: ubuntu-latest
     permissions:
@@ -198,7 +213,7 @@ jobs:
           snyk test --sarif --policy-path=.snyk  --sarif-file-output=snyk-code.json --prune-repeated-subdependencies
 
     - name: Report Snyk Code to Kosli
-      if:  ${{ (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')) &&  (success() || failure()) }}
+      if:  ${{ (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/tags/')) &&  (success() || failure()) && inputs.report_results }}
       env:
         KOSLI_API_TOKEN: ${{ secrets.kosli_api_token }}
       run: kosli attest snyk