Skip to content

build-pr

build-pr #14

Workflow file for this run

name: build-pr
on:
pull_request_target:
types: [labeled]
pull_request:
branches:
- dev
workflow_dispatch:
permissions: read-all
jobs:
call_test_cli:
uses: ./.github/workflows/e2e-cli.yml
secrets:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
call_test_e2e_basic:
name: "run e2e on basic matrix"
if: ${{ ! (contains(github.event.pull_request.labels.*.name, 'safe to test') || github.event_name == 'workflow_dispatch') }}
permissions:
contents: read
strategy:
fail-fast: false
matrix:
KUBERNETES_VERSION: ["1.29.2"]
GATEKEEPER_VERSION: ["3.16.0"]
uses: ./.github/workflows/e2e-k8s.yml
with:
k8s_version: ${{ matrix.KUBERNETES_VERSION }}
gatekeeper_version: ${{ matrix.GATEKEEPER_VERSION }}
build_test_e2e_full_conditional:
name: "run e2e on full test matrix with conditions"
if: contains(github.event.pull_request.labels.*.name, 'safe to test') || github.event_name == 'workflow_dispatch'
strategy:
fail-fast: false
matrix:
KUBERNETES_VERSION: ["1.28.7", "1.29.2"]
GATEKEEPER_VERSION: ["3.14.0", "3.15.0", "3.16.0"]
uses: ./.github/workflows/e2e-k8s.yml
with:
k8s_version: ${{ matrix.KUBERNETES_VERSION }}
gatekeeper_version: ${{ matrix.GATEKEEPER_VERSION }}
build_test_aks_e2e_conditional:
name: "Build and run e2e Test on AKS with conditions"
if: contains(github.event.pull_request.labels.*.name, 'safe to test') || github.event_name == 'workflow_dispatch' || github.event_name == 'push'
permissions:
id-token: write
contents: read
strategy:
fail-fast: false
matrix:
KUBERNETES_VERSION: ["1.27.9", "1.29.2"]
GATEKEEPER_VERSION: ["3.14.0", "3.15.0", "3.16.0"]
uses: ./.github/workflows/e2e-aks.yml
with:
k8s_version: ${{ matrix.KUBERNETES_VERSION }}
gatekeeper_version: ${{ matrix.GATEKEEPER_VERSION }}
secrets: inherit
aks-test-cleanup:
needs: ['build_test_aks_e2e_conditional']
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
environment: azure-test
steps:
- name: Harden Runner
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- name: Check out code into the Go module directory
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set up Go 1.22
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: '1.22'
- name: Az CLI login
uses: azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: clean up
run: |
make e2e-cleanup AZURE_SUBSCRIPTION_ID=${{ secrets.AZURE_SUBSCRIPTION_ID }}