use nil to indicate if jita is set up or not #513
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release controlplane | |
| on: | |
| workflow_dispatch: {} | |
| push: | |
| branches: | |
| - master | |
| paths: | |
| - "Makefile" | |
| - "go.mod" | |
| - "**.go" | |
| - ".github/workflows/controlplane.yml" | |
| - "packaging/controlplane/**" | |
| env: | |
| REGISTRY: europe-north1-docker.pkg.dev/nais-io/nais/images | |
| jobs: | |
| test: | |
| name: Test | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: tool_versions | |
| run: echo "go=$(grep golang .tool-versions | awk '{print $2}')" >> $GITHUB_OUTPUT | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ steps.tool_versions.outputs.go }} | |
| - name: run tests | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install --yes build-essential | |
| make check | |
| make test | |
| build_debs: | |
| name: Build debs | |
| needs: | |
| - test | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/nais/naisdevice-ci:v5 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: tool_versions | |
| run: echo "go=$(grep golang .tool-versions | awk '{print $2}')" >> $GITHUB_OUTPUT | |
| - uses: actions/setup-go@v5 | |
| with: | |
| go-version: ${{ steps.tool_versions.outputs.go }} | |
| - name: "Build controlplane" | |
| run: make controlplane-debs | |
| - name: "Auth with Google" | |
| uses: "google-github-actions/auth@v2" | |
| with: | |
| credentials_json: "${{ secrets.GOOGLE_DEB_UPLOAD_SA_JSON }}" | |
| - name: "Upload controlplane deb files to repository" | |
| run: | | |
| for component in \ | |
| "apiserver" \ | |
| "gateway-agent" \ | |
| "prometheus-agent"; do | |
| gcloud beta artifacts apt upload controlplane --quiet --source "$component"*.deb --location europe-north1 | |
| done | |
| build_enroller: | |
| name: Build enroller | |
| needs: | |
| - test | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| packages: read | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/nais/naisdevice-ci:v5 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: "auth" | |
| name: "Authenticate to Google Cloud" | |
| uses: "google-github-actions/auth@v2" | |
| with: | |
| workload_identity_provider: ${{ secrets.NAIS_IO_WORKLOAD_IDENTITY_PROVIDER }} | |
| service_account: "gh-naisdevice@nais-io.iam.gserviceaccount.com" | |
| token_format: "access_token" | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Login to registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: "oauth2accesstoken" | |
| password: "${{ steps.auth.outputs.access_token }}" | |
| - name: Docker meta enroller | |
| id: metadata | |
| uses: docker/metadata-action@v3 | |
| with: | |
| images: ${{ env.REGISTRY }}/naisdevice-enroller | |
| # Docker tags based on the following events/attributes | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern=v{{version}} | |
| type=semver,pattern=v{{major}}.{{minor}} | |
| type=semver,pattern=v{{major}} | |
| type=sha | |
| - name: Build and push enroller | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| file: cmd/enroller/Dockerfile | |
| push: true | |
| tags: ${{ steps.metadata.outputs.tags }} | |
| labels: ${{ steps.metadata.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| build_auth_server: | |
| name: Build auth-server | |
| needs: | |
| - test | |
| permissions: | |
| contents: "read" | |
| id-token: "write" | |
| packages: read | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - id: "auth" | |
| name: "Authenticate to Google Cloud" | |
| uses: "google-github-actions/auth@v2" | |
| with: | |
| workload_identity_provider: ${{ secrets.NAIS_IO_WORKLOAD_IDENTITY_PROVIDER }} | |
| service_account: "gh-naisdevice@nais-io.iam.gserviceaccount.com" | |
| token_format: "access_token" | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v1 | |
| - name: Login to registry | |
| uses: docker/login-action@v1 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: "oauth2accesstoken" | |
| password: "${{ steps.auth.outputs.access_token }}" | |
| - name: Docker meta auth-server | |
| id: metadata | |
| uses: docker/metadata-action@v3 | |
| with: | |
| images: ${{ env.REGISTRY }}/naisdevice-auth-server | |
| # Docker tags based on the following events/attributes | |
| tags: | | |
| type=schedule | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern=v{{version}} | |
| type=semver,pattern=v{{major}}.{{minor}} | |
| type=semver,pattern=v{{major}} | |
| type=sha | |
| - name: Build and push auth-server | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| file: cmd/auth-server/Dockerfile | |
| push: true | |
| tags: ${{ steps.metadata.outputs.tags }} | |
| labels: ${{ steps.metadata.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max |