diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ccf168c997..606f3645be 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,257 +1,28 @@ name: CI +# This job will only be triggered when a PR is merged to `pingcap/provider-aws` branch +# or a tag is pushed. on: push: branches: - - master - - release-* - pull_request: {} - workflow_dispatch: {} + - pingcap/provider-aws + tags: + - "*" env: - # Common versions GO_VERSION: '1.14' - GOLANGCI_VERSION: 'v1.31' - DOCKER_BUILDX_VERSION: 'v0.4.2' - - # Common users. We can't run a step 'if secrets.AWS_USR != ""' but we can run - # a step 'if env.AWS_USR' != ""', so we copy these to succinctly test whether - # credentials have been provided before trying to run steps that need them. - DOCKER_USR: ${{ secrets.DOCKER_USR }} - AWS_USR: ${{ secrets.AWS_USR }} + GCR_REG: gcr.io/pingcap-public/crossplane + PROJECT_ID: pingcap-public + IMAGE_NAME: provider-aws + # set the commit id as default value + IMAGE_TAG: ${{ github.sha }} jobs: - detect-noop: - runs-on: ubuntu-18.04 - outputs: - noop: ${{ steps.noop.outputs.should_skip }} - steps: - - name: Detect No-op Changes - id: noop - uses: fkirc/skip-duplicate-actions@v2.0.0 - with: - github_token: ${{ secrets.GITHUB_TOKEN }} - paths_ignore: '["**.md", "**.png", "**.jpg"]' - do_not_skip: '["workflow_dispatch", "schedule", "push"]' - - - lint: - runs-on: ubuntu-18.04 - needs: detect-noop - if: needs.detect-noop.outputs.noop != 'true' - - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - submodules: true - - - name: Find the Go Build Cache - id: go - run: echo "::set-output name=cache::$(go env GOCACHE)" - - - name: Cache the Go Build Cache - uses: actions/cache@v2 - with: - path: ${{ steps.go.outputs.cache }} - key: ${{ runner.os }}-build-lint-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-build-lint- - - - name: Cache Go Dependencies - uses: actions/cache@v2 - with: - path: .work/pkg - key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-pkg- - - - name: Vendor Dependencies - run: make vendor vendor.check - - # This action uses its own setup-go, which always seems to use the latest - # stable version of Go. We could run 'make lint' to ensure our desired Go - # version, but we prefer this action because it leaves 'annotations' (i.e. - # it comments on PRs to point out linter violations). - - name: Lint - uses: golangci/golangci-lint-action@v2 - with: - version: ${{ env.GOLANGCI_VERSION }} - - check-diff: - runs-on: ubuntu-18.04 - needs: detect-noop - if: needs.detect-noop.outputs.noop != 'true' - - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - submodules: true - - - name: Setup Go - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - - name: Find the Go Build Cache - id: go - run: echo "::set-output name=cache::$(go env GOCACHE)" - - - name: Cache the Go Build Cache - uses: actions/cache@v2 - with: - path: ${{ steps.go.outputs.cache }} - key: ${{ runner.os }}-build-check-diff-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-build-check-diff- - - - name: Cache Go Dependencies - uses: actions/cache@v2 - with: - path: .work/pkg - key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-pkg- - - - name: Vendor Dependencies - run: make vendor vendor.check - - - name: Check Diff - run: make check-diff - - unit-tests: - runs-on: ubuntu-18.04 - needs: detect-noop - if: needs.detect-noop.outputs.noop != 'true' - - steps: - - name: Checkout - uses: actions/checkout@v2 - with: - submodules: true - - - name: Fetch History - run: git fetch --prune --unshallow - - - name: Setup Go - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - - name: Find the Go Build Cache - id: go - run: echo "::set-output name=cache::$(go env GOCACHE)" - - - name: Cache the Go Build Cache - uses: actions/cache@v2 - with: - path: ${{ steps.go.outputs.cache }} - key: ${{ runner.os }}-build-unit-tests-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-build-unit-tests- - - - name: Cache Go Dependencies - uses: actions/cache@v2 - with: - path: .work/pkg - key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-pkg- - - - name: Vendor Dependencies - run: make vendor vendor.check - - - name: Run Unit Tests - run: make -j2 test - - - name: Publish Unit Test Coverage - uses: codecov/codecov-action@v1 - with: - flags: unittests - file: _output/tests/linux_amd64/coverage.txt - - e2e-tests: - runs-on: ubuntu-18.04 - needs: detect-noop - if: needs.detect-noop.outputs.noop != 'true' - - steps: - - name: Setup QEMU - uses: docker/setup-qemu-action@v1 - with: - platforms: all - - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v1 - with: - version: ${{ env.DOCKER_BUILDX_VERSION }} - install: true - - - name: Checkout - uses: actions/checkout@v2 - with: - submodules: true - - - name: Fetch History - run: git fetch --prune --unshallow - - - name: Setup Go - uses: actions/setup-go@v2 - with: - go-version: ${{ env.GO_VERSION }} - - - name: Find the Go Build Cache - id: go - run: echo "::set-output name=cache::$(go env GOCACHE)" - - - name: Cache the Go Build Cache - uses: actions/cache@v2 - with: - path: ${{ steps.go.outputs.cache }} - key: ${{ runner.os }}-build-e2e-tests-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-build-e2e-tests- - - - name: Cache Go Dependencies - uses: actions/cache@v2 - with: - path: .work/pkg - key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-pkg- - - - name: Vendor Dependencies - run: make vendor vendor.check - - - name: Build Helm Chart - run: make -j2 build - env: - # We're using docker buildx, which doesn't actually load the images it - # builds by default. Specifying --load does so. - BUILD_ARGS: "--load" - - - name: Run E2E Tests - run: make e2e USE_HELM3=true - - publish-artifacts: + push-the-image: runs-on: ubuntu-18.04 - needs: detect-noop - if: needs.detect-noop.outputs.noop != 'true' - steps: - - name: Setup QEMU - uses: docker/setup-qemu-action@v1 - with: - platforms: all - - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v1 - with: - version: ${{ env.DOCKER_BUILDX_VERSION }} - install: true - - - name: Checkout - uses: actions/checkout@v2 - with: - submodules: true - - - name: Fetch History - run: git fetch --prune --unshallow - + - uses: actions/checkout@v2 + - name: Setup Go uses: actions/setup-go@v2 with: @@ -275,43 +46,34 @@ jobs: key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-pkg- - - name: Vendor Dependencies - run: make vendor vendor.check - - - name: Build Artifacts - run: make -j2 build.all - env: - # We're using docker buildx, which doesn't actually load the images it - # builds by default. Specifying --load does so. - BUILD_ARGS: "--load" + - name: Build the binary + working-directory: ./ + run: GOOS=linux go build -o docker/crossplane-aws-provider cmd/provider/main.go - - name: Publish Artifacts to GitHub - uses: actions/upload-artifact@v2 + - name: Setup gcloud CLI + uses: google-github-actions/setup-gcloud@master with: - name: output - path: _output/** - - - name: Login to Docker - uses: docker/login-action@v1 - if: env.DOCKER_USR != '' - with: - username: ${{ secrets.DOCKER_USR }} - password: ${{ secrets.DOCKER_PSW }} + service_account_key: ${{ secrets.PUB_GCR_SA_KEY }} + project_id: ${{ env.PROJECT_ID }} + export_default_credentials: truea + + - name: Configure docker to use the gcloud command-line tool as a credential helper + run: | + gcloud auth configure-docker -q + + - name: Get tag name if any + uses: olegtarasov/get-tag@v2.1 + id: tagName - - name: Publish Artifacts to S3 and Docker Hub - run: make -j2 publish BRANCH_NAME=${GITHUB_REF##*/} - if: env.AWS_USR != '' && env.DOCKER_USR != '' - env: - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_USR }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_PSW }} - GIT_API_TOKEN: ${{ secrets.GITHUB_TOKEN }} + - name: Update the image tag, use the tag name as the image tag + if: steps.tagName.outputs.tag != '' + run: | + echo ${{ steps.tagName.outputs.tag }} >> $IMAGE_TAG + + - name: Build docker image + run: |- + cd docker && docker build -t ${{ env.GCR_REG }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} . - - name: Promote Artifacts in S3 and Docker Hub - if: github.ref == 'refs/heads/master' && env.AWS_USR != '' && env.DOCKER_USR != '' - run: make -j2 promote - env: - BRANCH_NAME: master - CHANNEL: master - AWS_ACCESS_KEY_ID: ${{ secrets.AWS_USR }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_PSW }} - \ No newline at end of file + - name: Push the image to GCR + run: | + docker push ${{ env.GCR_REG }}/${{ env.IMAGE_NAME }}:${{ env.IMAGE_TAG }} \ No newline at end of file