This repository has been archived by the owner on Dec 31, 2023. It is now read-only.
remove secrets from default excluded files #114
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### DO NOT ADD GITHUB ACTIONS TO THIS FILE ### | |
### PIPELINE LOGIC LIVES IN CI FOLDER ### | |
name: "CI" | |
env: | |
GCLOUD_GITHUB_ACTIONS_SERVICE_ACCOUNT_JSON: "${{ secrets.GCLOUD_GITHUB_ACTIONS_SERVICE_ACCOUNT_JSON }}" | |
on: | |
pull_request: | |
types: | |
- opened | |
- synchronize | |
- ready_for_review | |
paths-ignore: | |
- 'README.md' | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
jobs: | |
aircmd_ci: | |
name: aircmd core ci | |
timeout-minutes: 60 | |
runs-on: platform-xlarge-runner | |
steps: | |
- name: Login to DockerHub | |
run: "docker login -u ${DOCKER_HUB_USERNAME} -p ${DOCKER_HUB_PASSWORD}" | |
env: #TODO: Don't use GHA secrets for this | |
DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }} | |
DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }} | |
- id: create_token | |
uses: tibdex/github-app-token@v2 | |
with: | |
app_id: ${{ secrets.OCTAVIA_BOT_APP_ID }} | |
private_key: ${{ secrets.OCTAVIA_BOT_PRIVATE_KEY }} | |
- name: Setup Environment (PR) # https://stackoverflow.com/questions/68061051/get-commit-sha-in-github-actions | |
if: ${{ github.event_name == 'pull_request' }} | |
shell: bash | |
run: | | |
echo "LAST_COMMIT_SHA=${{ github.event.pull_request.head.sha }}" >> ${GITHUB_ENV} | |
- name: Setup Environment (Push) | |
if: ${{ github.event_name == 'push' }} | |
shell: bash | |
run: | | |
echo "LAST_COMMIT_SHA=${GITHUB_SHA}" >> ${GITHUB_ENV} | |
- name: Checkout aircmd | |
uses: actions/checkout@v3 | |
with: | |
repository: ${{ github.event.inputs.repo }} | |
ref: ${{ github.event.inputs.gitref }} | |
fetch-depth: 3 | |
#TODO: Use python baked into the runner, currently this is on 3.8.10 | |
- uses: actions/setup-python@v4 | |
with: | |
python-version: "3.11" | |
- name: Install deps | |
run: | | |
python -m pip install --upgrade pip | |
pip install poetry | |
- name: aircmd core ci | |
env: #TODO: Don't use GHA secrets for this | |
GITHUB_CUSTOM_TOKEN: ${{ steps.create_token.outputs.token }} | |
GITHUB_EVENT_PATH: ${{ github.event_path }} | |
SECRET_DOCKER_HUB_USERNAME: ${{ secrets.DOCKER_HUB_USERNAME }} | |
SECRET_DOCKER_HUB_PASSWORD: ${{ secrets.DOCKER_HUB_PASSWORD }} | |
PREFECT_API_URL: "https://prefect.airbyte.com/api" | |
_EXPERIMENTAL_DAGGER_CLOUD_TOKEN: "p.eyJ1IjogIjFiZjEwMmRjLWYyZmQtNDVhNi1iNzM1LTgxNzI1NGFkZDU2ZiIsICJpZCI6ICJlNjk3YzZiYy0yMDhiLTRlMTktODBjZC0yNjIyNGI3ZDBjMDEifQ.hT6eMOYt3KZgNoVGNYI3_v4CC-s19z8uQsBkGrBhU3k" | |
_EXPERIMENTAL_DAGGER_RUNNER_HOST: "unix:///var/run/buildkit/buildkitd.sock" | |
DAGGER_CLI_COMMIT: "6ed6264f1c4efbf84d310a104b57ef1bc57d57b0" | |
run: | | |
export DAGGER_TMP_BINDIR="/tmp/dagger_${DAGGER_CLI_COMMIT}" | |
export _EXPERIMENTAL_DAGGER_CLI_BIN="$DAGGER_TMP_BINDIR/dagger" | |
if [ ! -f "$_EXPERIMENTAL_DAGGER_CLI_BIN" ]; then | |
mkdir -p "$DAGGER_TMP_BINDIR" | |
curl "https://dl.dagger.io/dagger/main/${DAGGER_CLI_COMMIT}/dagger_${DAGGER_CLI_COMMIT}_$(uname -s | tr A-Z a-z)_$(uname -m | sed s/x86_64/amd64/).tar.gz" | tar xvz -C "$DAGGER_TMP_BINDIR" | |
fi | |
poetry install | |
poetry run aircmd plugin install core_ci --local . | |
poetry run aircmd core ci | |