Bump version: v0.0.44 #832
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
branches: | |
- main | |
- release-* | |
pull_request: {} | |
workflow_dispatch: {} | |
concurrency: | |
group: ci-${{ github.ref }}-1 | |
cancel-in-progress: true | |
permissions: | |
contents: read | |
env: | |
# Common versions | |
GO_VERSION: '1.21' | |
DOCKER_BUILDX_VERSION: 'v0.9.1' | |
# Common users. We can't run a step 'if secrets.XXX != ""' but we can run a | |
# step 'if env.XXX' != ""', so we copy these to succinctly test whether | |
# credentials have been provided before trying to run steps that need them. | |
UPBOUND_MARKETPLACE_PUSH_ROBOT_USR: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR }} | |
jobs: | |
detect-noop: | |
runs-on: ubuntu-22.04 | |
outputs: | |
noop: ${{ steps.noop.outputs.should_skip }} | |
steps: | |
- name: Detect No-op Changes | |
id: noop | |
uses: fkirc/[email protected] | |
with: | |
github_token: ${{ secrets.GITHUB_TOKEN }} | |
paths_ignore: '["**.md", "**.png", "**.jpg"]' | |
do_not_skip: '["workflow_dispatch", "schedule", "push"]' | |
lint: | |
runs-on: ubuntu-22.04 | |
needs: detect-noop | |
if: needs.detect-noop.outputs.noop != 'true' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Vendor Dependencies | |
run: make vendor vendor.check | |
- name: Lint | |
run: make lint | |
nilcheck: | |
runs-on: ubuntu-22.04 | |
needs: detect-noop | |
if: needs.detect-noop.outputs.noop != 'true' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Vendor Dependencies | |
run: make vendor vendor.check | |
- name: Nilcheck | |
run: make nilcheck | |
vulncheck: | |
runs-on: ubuntu-22.04 | |
needs: detect-noop | |
if: needs.detect-noop.outputs.noop != 'true' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Vendor Dependencies | |
run: make vendor vendor.check | |
- name: Vulncheck | |
run: make vulncheck | |
check-diff: | |
runs-on: ubuntu-22.04 | |
needs: detect-noop | |
if: needs.detect-noop.outputs.noop != 'true' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Vendor Dependencies | |
run: make vendor vendor.check | |
- name: Check Diff | |
id: check-diff | |
run: | | |
mkdir _output | |
make check-diff-pkg | |
- name: Show diff | |
if: failure() && steps.check-diff.outcome == 'failure' | |
run: git diff | |
unit-tests: | |
runs-on: ubuntu-22.04 | |
needs: detect-noop | |
if: needs.detect-noop.outputs.noop != 'true' | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- name: Fetch History | |
run: git fetch --prune --unshallow | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Vendor Dependencies | |
run: make vendor vendor.check | |
- name: Run Unit Tests | |
run: make -j2 test | |
- name: Publish Unit Test Coverage | |
uses: codecov/codecov-action@v3 | |
with: | |
flags: unittests | |
file: _output/tests/linux_amd64/coverage.txt | |
publish-artifacts: | |
runs-on: ubuntu-22.04 | |
needs: detect-noop | |
if: needs.detect-noop.outputs.noop != 'true' | |
steps: | |
- name: Setup QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: all | |
- name: Setup Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
version: ${{ env.DOCKER_BUILDX_VERSION }} | |
install: true | |
- name: Login to Upbound | |
uses: docker/login-action@v3 | |
if: env.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR != '' | |
with: | |
registry: xpkg.upbound.io | |
username: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR }} | |
password: ${{ secrets.UPBOUND_MARKETPLACE_PUSH_ROBOT_PSW }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: true | |
- name: Fetch History | |
run: git fetch --prune --unshallow | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
- name: Vendor Dependencies | |
run: make vendor vendor.check | |
- name: Build Artifacts | |
run: make -j2 build.all | |
env: | |
# We're using docker buildx, which doesn't actually load the images it | |
# builds by default. Specifying --load does so. | |
BUILD_ARGS: "--load" | |
- name: Publish Artifacts to GitHub | |
uses: actions/upload-artifact@v4 | |
with: | |
name: output | |
path: _output/** | |
- name: Publish Artifacts | |
if: env.UPBOUND_MARKETPLACE_PUSH_ROBOT_USR != '' | |
run: make publish BRANCH_NAME=${GITHUB_REF##*/} |