-
Notifications
You must be signed in to change notification settings - Fork 13
146 lines (141 loc) · 4.79 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
name: CI
on:
push:
branches:
- main
- stage
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
paths-ignore:
- '*.md'
- '*.sh'
- '.github/*.md'
- '.github/workflows/openapi_update.yaml'
- '.github/CODEOWNERS'
- 'templates/**'
- '.openapi-generator-ignore'
- 'openapi/**'
- 'docs/**'
- 'pkg/api/openapi/docs/**'
- 'pkg/api/openapi/.openapi-generator-ignore'
jobs:
# This runs all pre-commit hooks defined within .pre-commit-config.yaml.
pre-commit:
name: "Run pre-commit hooks"
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
- uses: actions/setup-go@v5
with:
go-version: "1.21"
- uses: pre-commit/[email protected]
- uses: pre-commit/[email protected]
name: Verify generated files are up-to-date
with:
extra_args: --hook-stage=manual --all-files
verify-test:
name: "Verify & Test"
runs-on: ubuntu-latest
env:
OCM_ENV: integration
# Dummy SSO variables
SSO_CLIENT_ID: ${{ secrets.SSO_CLIENT_ID }}
SSO_CLIENT_SECRET: ${{ secrets.SSO_CLIENT_SECRET }}
OSD_IDP_SSO_CLIENT_ID: ${{ secrets.OSD_IDP_SSO_CLIENT_ID }}
OSD_IDP_SSO_CLIENT_SECRET: ${{ secrets.OSD_IDP_SSO_CLIENT_SECRET }}
# Dummy AWS credentials
AWS_ACCOUNT_ID: aws_accountid
AWS_ACCESS_KEY: aws_accesskey
AWS_SECRET_ACCESS_KEY: aws_secretaccesskey # pragma: allowlist secret - dummy value
ROUTE53_ACCESS_KEY: aws_route53_access_key # pragma: allowlist secret - dummy value
ROUTE53_SECRET_ACCESS_KEY: aws_route53_secret_access_key # pragma: allowlist secret - dummy value
# Dummy Central TLS env variables
CENTRAL_TLS_CERT: central_tls_cert # pragma: allowlist secret - dummy value
CENTRAL_TLS_KEY: central_tls_key # pragma: allowlist secret - dummy value
TEST_TIMEOUT: 30m
services:
postgres:
image: postgres:11
env:
POSTGRES_PASSWORD: foobar-bizz-buzz # pragma: allowlist secret - dummy value
POSTGRES_USER: fleet_manager
POSTGRES_DB: serviceapitests
ports:
- 5432:5432
# Set health checks to wait until postgres has started
options: >-
--health-cmd pg_isready
--health-interval 10s
--health-timeout 5s
--health-retries 5
steps:
- name: Cancel Previous Runs
uses: n1hility/cancel-previous-runs@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Go 1.21
uses: actions/setup-go@v5
with:
go-version: "1.21"
- name: Check out code into the Go module directory
uses: actions/checkout@v4
- name: Cache go module
uses: actions/cache@v4
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Go mod tidy
run: |
go mod tidy
- name: Clean and generate files
run: |
make clean/go-generated && make generate
- name: Test that there were no changes
run: |
git diff --exit-code
- name: Setup tests secrets
run: |
make ocm/setup aws/setup redhatsso/setup centralcert/setup observatorium/setup secrets/touch
- name: Run Migration Script
run: make db/migrate
- name: Verify & Test
run: |
GOPATH=$(go env GOPATH)
export GOPATH
export PATH=${PATH}:$GOPATH/bin
make verify binary test test/integration
timeout-minutes: 14
build-push-images:
name: "Build and push fleet* images to quay.io"
runs-on: ubuntu-latest
needs: [pre-commit, verify-test]
# Skip for external contributions.
if: |
github.event_name == 'push' || !github.event.pull_request.head.repo.fork
steps:
- name: Login to Quay.io
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_RHACS_ENG_FM_RW_USERNAME }}
password: ${{ secrets.QUAY_RHACS_ENG_FM_RW_PASSWORD }}
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0 # Critical for correct image detection in Makefile
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Set up Go 1.21
uses: actions/setup-go@v5
with:
go-version: "1.21"
- name: Build and push fleet-manager-tools image to quay.io
if: github.event_name == 'push'
env:
TAG: ${{ github.ref_name }}
run: make image/push/fleet-manager-tools
- name: Build and push fleetshard-operator image to quay.io
run: make image/push/fleetshard-operator