Build

Build #554

Workflow file for this run

	name: "Build"

	on:
	schedule:
	- cron: '0 10 * * *' # every day at 10am
	push:
	branches:
	- main
	tags:
	- 'v..*'
	pull_request:
	branches:
	- main
	merge_group:

	permissions: read-all

	concurrency:
	group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.ref \|\| github.run_id }}
	cancel-in-progress: true

	jobs:

	build:
	runs-on: ubuntu-24.04
	permissions:
	security-events: write

	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
	with:
	egress-policy: audit

	- name: Checkout
	uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5

	- name: Setup
	uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6
	with:
	go-version-file: go.mod

	- name: Initialize CodeQL
	uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4
	with:
	languages: go

	- name: Lint
	uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8
	with:
	version: v2.5.0

	- name: Test
	run: go test -v ./...

	- name: Fuzz Test
	run: go test -fuzz=FuzzCalculateFileChunks -fuzztime=10s ./util

	- name: Build
	run: go build .

	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4

	- name: Upload Binary
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
	with:
	name: binary
	path: blazectl

	release:
	if: github.ref_type == 'tag'
	needs: integration-test
	runs-on: ubuntu-24.04
	permissions:
	contents: write
	id-token: write
	attestations: write
	strategy:
	max-parallel: 1
	matrix:
	os:
	- linux
	- darwin
	- windows
	arch:
	- amd64
	- arm64

	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
	with:
	egress-policy: audit

	- name: Checkout
	uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5

	- name: Setup
	uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6
	with:
	go-version-file: go.mod

	- name: Generate Version
	env:
	REF_NAME: ${{ github.ref_name }}
	run: echo "VERSION=${REF_NAME#v}" >> "$GITHUB_ENV"

	- name: Set binary filename for Windows
	if: matrix.os == 'windows'
	run: echo "BINARY_FILENAME=blazectl.exe" >> "$GITHUB_ENV"

	- name: Set binary filename for other OS
	if: matrix.os != 'windows'
	run: echo "BINARY_FILENAME=blazectl" >> "$GITHUB_ENV"

	- name: Build
	env:
	CGO_ENABLED: '0'
	GOOS: ${{ matrix.os }}
	GOARCH: ${{ matrix.arch }}
	run: go build .

	- name: Generate SBOM
	uses: anchore/sbom-action@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0
	with:
	syft-version: 'v1.29.0'
	artifact-name: blazectl-${{ matrix.os }}-${{ matrix.arch }}-sbom.spdx.json
	output-file: blazectl-${{ matrix.os }}-${{ matrix.arch }}-sbom.spdx.json
	upload-artifact: false
	file: ${{ env.BINARY_FILENAME }}

	- name: Generate Artifact Attestation
	uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3
	with:
	subject-path: ${{ env.BINARY_FILENAME }}

	- name: Generate SBOM Attestation
	uses: actions/attest-sbom@4651f806c01d8637787e274ac3bdf724ef169f34 # v3
	with:
	subject-path: ${{ env.BINARY_FILENAME }}
	sbom-path: blazectl-${{ matrix.os }}-${{ matrix.arch }}-sbom.spdx.json

	- name: Create Archive (Linux / macOS)
	if: matrix.os != 'windows'
	env:
	OS: ${{ matrix.os }}
	ARCH: ${{ matrix.arch }}
	run: tar czf "blazectl-$VERSION-$OS-$ARCH.tar.gz" blazectl

	- name: Create Archive (Windows)
	if: matrix.os == 'windows'
	env:
	OS: ${{ matrix.os }}
	ARCH: ${{ matrix.arch }}
	run: zip -q "blazectl-$VERSION-$OS-$ARCH.zip" blazectl.exe

	- name: Release
	uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2
	with:
	draft: true
	files: blazectl-*

	integration-test:
	needs: build
	runs-on: ubuntu-24.04

	steps:
	- name: Checkout
	uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5

	- name: Download Binary
	uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7
	with:
	name: binary

	- name: Make Binary Executable (Artifact Transmission Does Not Preserve Permissions)
	run: chmod +x blazectl

	- name: Run Blaze
	run: docker compose -f .github/integration-test/docker-compose.yml up -d

	- name: Download Synthea Test Data
	uses: ./.github/actions/speicherwolke-download
	with:
	token: kDsa2ifeMFdqK35
	filename: synthea-1000.tar

	- name: Create Synthea Test Data Dir
	run: mkdir test-data-synthea-1000

	- name: Unpack Synthea Test Data
	run: tar -C test-data-synthea-1000 -xf synthea-1000.tar

	- name: Wait for Blaze
	run: .github/scripts/wait-for-url.sh http://localhost:8080/health

	- name: Docker Logs
	run: docker compose -f .github/integration-test/docker-compose.yml logs

	- name: Load Data
	run: ./blazectl --no-progress --server http://localhost:8080/fhir upload test-data-synthea-1000

	- name: Check Total-Number of Resources are 1099779
	run: .github/scripts/check-total-number-of-resources.sh 1099779

	- name: Count the number of Patients with Stress Conditions at Inpatient Encounters using FHIR Search
	run: .github/scripts/count-patients.sh Condition "code=http://snomed.info/sct\|73595000&encounter.class=http://terminology.hl7.org/CodeSystem/v3-ActCode\|IMP" 13

	- name: Download Observation Resources with special LOINC Codes
	run: .github/scripts/download-resources-query.sh Observation "code=http://loinc.org\|10230-1,http://loinc.org\|10480-2,http://loinc.org\|10834-0,http://loinc.org\|14804-9,http://loinc.org\|14959-1,http://loinc.org\|1742-6,http://loinc.org\|1751-7,http://loinc.org\|17861-6,http://loinc.org\|18262-6,http://loinc.org\|19123-9" 19181

	- name: Download Condition Resources of common disorders from multiple patients
	env:
	SNOMED_CODES: >-
	http://snomed.info/sct\|444814009,
	http://snomed.info/sct\|195662009,
	http://snomed.info/sct\|10509002,
	http://snomed.info/sct\|271737000,
	http://snomed.info/sct\|40055000,
	http://snomed.info/sct\|233604007,
	http://snomed.info/sct\|389087006,
	http://snomed.info/sct\|75498004
	PATIENT_SSNS: >-
	999-89-9294,999-60-3949,999-40-8052,999-86-7721,999-31-6940,999-37-5253,
	999-14-4781,999-71-5798,999-85-9014,999-88-9231,999-51-2985,999-14-2168,
	999-51-2170,999-52-2914,999-45-6374,999-58-8110,999-92-6349,999-14-7569,
	999-58-5645,999-89-6440,999-94-8430,999-90-6541,999-36-1192,999-30-5696,
	999-91-6238,999-12-1519,999-44-9085,999-99-3624,999-28-6755,999-60-2281,
	999-30-8040,999-99-3859,999-84-8058,999-70-9633,999-68-6985,999-83-6253,
	999-24-4528,999-57-1697,999-27-7985,999-50-8738,999-21-6355,999-74-7491,
	999-59-3737,999-54-5495,999-88-2066,999-64-2743,999-53-8490,999-18-4716,
	999-22-4364,999-29-3271,999-11-9976,999-44-5315,999-48-9431,999-50-3850,
	999-54-1289,999-49-1081,999-37-7151,999-25-2068,999-61-9829,999-56-2917,
	999-37-1371,999-29-2856,999-96-2459,999-74-1202,999-74-3491,999-53-2578,
	999-77-8967,999-53-6824,999-26-9128,999-71-5114,999-10-5138,999-58-7855,
	999-11-1543,999-66-3180,999-39-8247,999-96-1580,999-72-5318,999-23-7555,
	999-52-6588,999-88-2620,999-11-3074,999-89-9206,999-47-9791,999-43-4776,
	999-84-6431,999-53-9409,999-57-9047,999-98-1131,999-23-9506,999-79-6781,
	999-10-3828,999-31-2101,999-42-5310,999-46-3927,999-68-3132,999-45-8011,
	999-11-7186,999-58-3121,999-48-7111,999-24-3722
	run: .github/scripts/download-resources-query.sh Condition "code=$SNOMED_CODES&patient=$(.github/scripts/patient-ids.sh "$PATIENT_SSNS")" 281

	- name: Download Vital Sign Resources
	run: .github/scripts/download-resources-query.sh Observation "category=vital-signs" 152877

	- name: Download Observation Resources of the Year 2020
	run: .github/scripts/download-resources-query.sh Observation "date=2020" 71236

	- name: Download Observation Resources of the Year 2020 from patient with SSN 999-89-9294
	run: .github/scripts/download-resources-query.sh Observation "date=2020&patient=$(.github/scripts/patient-ids.sh "999-89-9294")" 20

	- name: Download Observation Resources of the Year 2020 from multiple patients
	env:
	PATIENT_SSNS: >-
	999-89-9294,999-60-3949,999-40-8052,999-86-7721,999-31-6940,999-37-5253,
	999-14-4781,999-71-5798,999-85-9014,999-88-9231,999-51-2985,999-14-2168,
	999-51-2170,999-52-2914,999-45-6374,999-58-8110,999-92-6349,999-14-7569,
	999-58-5645,999-89-6440,999-94-8430,999-90-6541,999-36-1192,999-30-5696
	run: .github/scripts/download-resources-query.sh Observation "date=2020&patient=$(.github/scripts/patient-ids.sh "$PATIENT_SSNS")" 741

	- name: Download Vital Sign Resources of the Year 2020
	run: .github/scripts/download-resources-query.sh Observation "category=vital-signs&date=2020" 17060

	- name: Male Patient Query
	run: .github/scripts/download-resources-query.sh Patient "gender=male" 467

	- name: Specific Male Patient Query
	run: .github/scripts/download-resources-query.sh Patient "_id=$(.github/scripts/patient-ids.sh "999-89-9294")&gender=male" 1

	- name: Count the Number of Patients with Stress Conditions at Inpatient Encounters using CQL
	run: .github/scripts/evaluate-measure-blazectl.sh inpatient-stress 13

	- name: Condition Code Stratifier
	run: .github/scripts/evaluate-measure-blazectl-stratifier.sh stratifier-condition-code 51599

	- name: Install k6
	uses: grafana/setup-k6-action@ffe7d7290dfa715e48c2ccc924d068444c94bde2 # v1.1.0

	- name: Chaotically Edit Resources
	run: .github/scripts/chaos-editor.sh

	- name: Download System History
	run: .github/scripts/download-history.sh

	- name: Download Patients History
	run: .github/scripts/download-history.sh Patient

	- name: Download Single Patient History
	run: .github/scripts/download-history.sh Patient $(.github/scripts/patient-ids.sh "999-89-9294")

	- name: Docker Stats
	run: docker stats --no-stream

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Build #554

Workflow file

Build #554

Uh oh!

Workflow file for this run