CI: run and report lint before creating docker image (#38)

cyber-dojo · Dec 18, 2023 · ca20216 · ca20216
1 parent f99a86c
commit ca20216
Show file tree

Hide file tree

Showing 4 changed files with 169 additions and 115 deletions.
diff --git a/.github/workflows/main_staging.yml b/.github/workflows/main_staging.yml
@@ -37,31 +37,31 @@ jobs:
       KOSLI_HOST: ${{ needs.variables.outputs.kosli_host }}
       KOSLI_ORG: ${{ needs.variables.outputs.kosli_org }}
 
-  wait-for-image:
-    needs: [create-kosli-flow]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Wait for image to be built in main.yml
-        run:
-          ./sh/wait_for_image.sh
-
-      - name: Setup Kosli CLI
-        uses: kosli-dev/setup-cli-action@v2
-        with:
-          version: ${{ vars.KOSLI_CLI_VERSION }}
-
-      - name: Report image to Kosli flow
-        run: |
-          IMAGE_TAG="$(echo $GITHUB_SHA | head -c7)"
-          IMAGE_NAME="cyberdojo/${{ env.KOSLI_FLOW }}:${IMAGE_TAG}"
-          docker pull "${IMAGE_NAME}"     
-          kosli report artifact "${IMAGE_NAME}" \
-            --artifact-type=docker
+#  wait-for-image:
+#    needs: [create-kosli-flow]
+#    runs-on: ubuntu-latest
+#    steps:
+#      - uses: actions/checkout@v4
+#
+#      - name: Wait for image to be built in main.yml
+#        run:
+#          ./sh/wait_for_image.sh
+#
+#      - name: Setup Kosli CLI
+#        uses: kosli-dev/setup-cli-action@v2
+#        with:
+#          version: ${{ vars.KOSLI_CLI_VERSION }}
+#
+#      - name: Report image to Kosli flow
+#        run: |
+#          IMAGE_TAG="$(echo $GITHUB_SHA | head -c7)"
+#          IMAGE_NAME="cyberdojo/${{ env.KOSLI_FLOW }}:${IMAGE_TAG}"
+#          docker pull "${IMAGE_NAME}"
+#          kosli report artifact "${IMAGE_NAME}" \
+#            --artifact-type=docker
 
   test:
-    needs: [variables, wait-for-image]
+    needs: [variables, create-kosli-flow]
     uses: ./.github/workflows/sub_test.yml
     secrets:
       KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN }}

diff --git a/.github/workflows/main_staging_trails.yml b/.github/workflows/main_staging_trails.yml
@@ -37,33 +37,33 @@ jobs:
       KOSLI_HOST: ${{ needs.variables.outputs.kosli_host }}
       KOSLI_ORG: ${{ needs.variables.outputs.kosli_org }}
 
-  wait-for-image:
-    needs: [create-kosli-flow]
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Wait for image to be built in main.yml
-        run:
-          ./sh/wait_for_image.sh
-
-      - name: Setup Kosli CLI
-        uses: kosli-dev/setup-cli-action@v2
-        with:
-          version: ${{ vars.KOSLI_CLI_VERSION }}
-
-      - name: Report image to Kosli flow
-        run: |
-          IMAGE_TAG="$(echo $GITHUB_SHA | head -c7)"
-          IMAGE_NAME="cyberdojo/${{ env.KOSLI_FLOW }}:${IMAGE_TAG}"
-          docker pull "${IMAGE_NAME}"     
-          kosli attest artifact "${IMAGE_NAME}" \
-            --artifact-type=docker \
-            --name=dashboard \
-            --trail="${GITHUB_SHA}"
+#  wait-for-image:
+#    needs: [create-kosli-flow]
+#    runs-on: ubuntu-latest
+#    steps:
+#      - uses: actions/checkout@v4
+#
+#      - name: Wait for image to be built in main.yml
+#        run:
+#          ./sh/wait_for_image.sh
+#
+#      - name: Setup Kosli CLI
+#        uses: kosli-dev/setup-cli-action@v2
+#        with:
+#          version: ${{ vars.KOSLI_CLI_VERSION }}
+#
+#      - name: Report image to Kosli flow
+#        run: |
+#          IMAGE_TAG="$(echo $GITHUB_SHA | head -c7)"
+#          IMAGE_NAME="cyberdojo/${{ env.KOSLI_FLOW }}:${IMAGE_TAG}"
+#          docker pull "${IMAGE_NAME}"
+#          kosli attest artifact "${IMAGE_NAME}" \
+#            --artifact-type=docker \
+#            --name=dashboard \
+#            --trail="${GITHUB_SHA}"
 
   test:
-    needs: [variables, wait-for-image]
+    needs: [variables, create-kosli-flow]
     uses: ./.github/workflows/sub_test_trails.yml
     secrets:
       KOSLI_API_TOKEN: ${{ secrets.KOSLI_API_TOKEN_TRAILS }}

diff --git a/.github/workflows/sub_test.yml b/.github/workflows/sub_test.yml
@@ -30,7 +30,64 @@ env:
 
 jobs:
 
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Kosli CLI
+        uses: kosli-dev/setup-cli-action@v2
+        with:
+          version: ${{ vars.KOSLI_CLI_VERSION }}
+
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.2.0
+          bundler-cache: true
+
+      - name: Run Rubocop linter on source, report results to Kosli flow
+        run: |
+          repo_root() { git rev-parse --show-toplevel; }
+          export LINT_EVIDENCE_DIR=/tmp/evidence/lint
+          mkdir -p "${LINT_EVIDENCE_DIR}"
+          cp "$(repo_root)/.rubocop.yml" "${LINT_EVIDENCE_DIR}"
+          gem install rubocop
+          if [ rubocop "$(repo_root)" | tee "${LINT_EVIDENCE_DIR}"/rubocop.log ]; then
+            export KOSLI_LINT_COMPLIANT=true
+          else
+            export KOSLI_LINT_COMPLIANT=false
+          fi
+
+          kosli report evidence commit generic \
+            --compliant="${KOSLI_LINT_COMPLIANT}" \
+            --evidence-paths="${LINT_EVIDENCE_DIR}" \
+            --name=lint
+
+  report-image:
+    needs: [lint]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Wait for image to be built in main.yml
+        run:
+          ./sh/wait_for_image.sh
+
+      - name: Setup Kosli CLI
+        uses: kosli-dev/setup-cli-action@v2
+        with:
+          version: ${{ vars.KOSLI_CLI_VERSION }}
+
+      - name: Report image to Kosli flow
+        run: |
+          IMAGE_TAG="$(echo $GITHUB_SHA | head -c7)"
+          IMAGE_NAME="cyberdojo/${{ env.KOSLI_FLOW }}:${IMAGE_TAG}"
+          docker pull "${IMAGE_NAME}"
+          kosli report artifact "${IMAGE_NAME}" \
+            --artifact-type=docker
+
   unit-tests:
+    needs: [report-image]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -52,6 +109,7 @@ jobs:
           ./sh/run_tests_with_coverage.sh          
 
   snyk-scan:
+    needs: [report-image]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -81,40 +139,8 @@ jobs:
             --name=snyk-scan  \
             --scan-results=snyk.json
 
-  lint:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup Kosli CLI
-        uses: kosli-dev/setup-cli-action@v2
-        with:
-          version: ${{ vars.KOSLI_CLI_VERSION }}
-
-      - uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: 3.2.0
-          bundler-cache: true
-
-      - name: Run Rubocop linter on source, report results to Kosli flow
-        run: |
-          repo_root() { git rev-parse --show-toplevel; }
-          export LINT_EVIDENCE_DIR=/tmp/evidence/lint
-          mkdir -p "${LINT_EVIDENCE_DIR}"
-          cp "$(repo_root)/.rubocop.yml" "${LINT_EVIDENCE_DIR}"
-          gem install rubocop
-          if [ rubocop "$(repo_root)" | tee "${LINT_EVIDENCE_DIR}"/rubocop.log ]; then
-            export KOSLI_LINT_COMPLIANT=true
-          else
-            export KOSLI_LINT_COMPLIANT=false
-          fi
-
-          kosli report evidence commit generic \
-            --compliant="${KOSLI_LINT_COMPLIANT}" \
-            --evidence-paths="${LINT_EVIDENCE_DIR}" \
-            --name=lint
-
   pull-request:
+    needs: [report-image]
     if: ${{ github.ref == 'refs/heads/main' }}
     runs-on: ubuntu-latest
     permissions:

diff --git a/.github/workflows/sub_test_trails.yml b/.github/workflows/sub_test_trails.yml
@@ -30,7 +30,67 @@ env:
 
 jobs:
 
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Kosli CLI
+        uses: kosli-dev/setup-cli-action@v2
+        with:
+          version: ${{ vars.KOSLI_CLI_VERSION }}
+
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 3.2.0
+          bundler-cache: true
+
+      - name: Run Rubocop linter on source, report results to Kosli Trail
+        run: |
+          repo_root() { git rev-parse --show-toplevel; }
+          export LINT_EVIDENCE_DIR=/tmp/evidence/lint
+          mkdir -p "${LINT_EVIDENCE_DIR}"
+          cp "$(repo_root)/.rubocop.yml" "${LINT_EVIDENCE_DIR}"
+          gem install rubocop
+          if [ rubocop "$(repo_root)" | tee "${LINT_EVIDENCE_DIR}"/rubocop.log ]; then
+            export KOSLI_LINT_COMPLIANT=true
+          else
+            export KOSLI_LINT_COMPLIANT=false
+          fi
+
+          kosli attest generic \
+            --compliant="${KOSLI_LINT_COMPLIANT}" \
+            --evidence-paths="${LINT_EVIDENCE_DIR}" \
+            --name=dashboard.lint \
+            --trail="${GITHUB_SHA}"
+
+  report-image:
+    needs: [lint]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Wait for image to be built in main.yml
+        run:
+          ./sh/wait_for_image.sh
+
+      - name: Setup Kosli CLI
+        uses: kosli-dev/setup-cli-action@v2
+        with:
+          version: ${{ vars.KOSLI_CLI_VERSION }}
+
+      - name: Report image to Kosli flow
+        run: |
+          IMAGE_TAG="$(echo $GITHUB_SHA | head -c7)"
+          IMAGE_NAME="cyberdojo/${{ env.KOSLI_FLOW }}:${IMAGE_TAG}"
+          docker pull "${IMAGE_NAME}"
+          kosli attest artifact "${IMAGE_NAME}" \
+            --artifact-type=docker \
+            --name=dashboard \
+            --trail="${GITHUB_SHA}"
+
   unit-tests:
+    needs: [report-image]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -52,6 +112,7 @@ jobs:
           ./sh/run_tests_with_coverage.sh          
 
   snyk-scan:
+    needs: [report-image]
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
@@ -82,41 +143,8 @@ jobs:
             --scan-results=snyk.json \
             --trail="${GITHUB_SHA}"
 
-  lint:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Setup Kosli CLI
-        uses: kosli-dev/setup-cli-action@v2
-        with:
-          version: ${{ vars.KOSLI_CLI_VERSION }}
-
-      - uses: ruby/setup-ruby@v1
-        with:
-          ruby-version: 3.2.0
-          bundler-cache: true
-
-      - name: Run Rubocop linter on source, report results to Kosli Trail
-        run: |
-          repo_root() { git rev-parse --show-toplevel; }
-          export LINT_EVIDENCE_DIR=/tmp/evidence/lint
-          mkdir -p "${LINT_EVIDENCE_DIR}"
-          cp "$(repo_root)/.rubocop.yml" "${LINT_EVIDENCE_DIR}"
-          gem install rubocop
-          if [ rubocop "$(repo_root)" | tee "${LINT_EVIDENCE_DIR}"/rubocop.log ]; then
-            export KOSLI_LINT_COMPLIANT=true
-          else
-            export KOSLI_LINT_COMPLIANT=false
-          fi
-
-          kosli attest generic \
-            --compliant="${KOSLI_LINT_COMPLIANT}" \
-            --evidence-paths="${LINT_EVIDENCE_DIR}" \
-            --name=dashboard.lint \
-            --trail="${GITHUB_SHA}"
-
   pull-request:
+    needs: [report-image]
     if: ${{ github.ref == 'refs/heads/main' }}
     runs-on: ubuntu-latest
     permissions: