Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This includes some refactors to the build steps. High level items: * Add variables for DOCKER_IMAGE, S3_RELEASE_BUCKET to allow for forks of OPA to re-use the GitHub actions with their own s3 buckets and docker orgs/image names. * Unify the release build steps to use `make release` and the binaries being located under `_release/$(VERSION)`. All CI targets now rely on binaries being in that `RELEASE_DIR`, including image building steps The `make build` target is unaffected. * Add a wrapper to allow the CI to run the various golang target stages separately, but sharing the same docker configuration. * Conditionally specify `-it` for docker run commands based on whether A tty is available. * Added scripts to automate drafting a release with binary assets vi the `hub` CLI. * The release process triggered on a tag being pushed will now use the same binaries from `make release` for the docker images as well as the ones attached to the release (which are available under https://openpolicyagent.org/downloads/). The actions themselves are split into 3 workflows: pull-request.yaml: Triggers on pull requests. This will run all the normal tests/checks as before on Travis, however they are now split into separate jobs. In addition to what was done on Travis we will now have Codecov results included. post-merge.yaml: Triggers after a change is pushed to master. This will run tests and build+publish the `edge` and `dev` artifacts to dockerhub and s3. post-tag.yaml: Triggers after a tag has been pushed. Similar to post-merge.yaml it will run tests and build+publish release artifacts (for the tagged version). It will also create a draft release on GitHub with the same artifacts and notes from the CHANGELOG.md. If a release already exists it will be updated to include the assets, however the release notes will _not_ be added. The RELEASE.md steps have been updated and include notes on the new steps. Signed-off-by: Patrick East <east.patrick@gmail.com>
- Loading branch information
1 parent
a5e5808
commit fb5ff78
Showing
14 changed files
with
425 additions
and
99 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,31 @@ | ||
name: Post Merge | ||
|
||
on: | ||
push: | ||
branches: | ||
- master | ||
|
||
jobs: | ||
deploy-edge: | ||
name: Push Edge Release | ||
runs-on: ubuntu-18.04 | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Test | ||
run: make travis-release-test | ||
timeout-minutes: 60 | ||
|
||
- name: Build Release Binaries | ||
run: make release-local | ||
|
||
- name: Deploy OPA Edge | ||
env: | ||
DOCKER_USER: ${{ secrets.DOCKER_USER }} | ||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | ||
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} | ||
S3_RELEASE_BUCKET: ${{ secrets.S3_RELEASE_BUCKET }} | ||
run: make deploy-travis |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
name: Post Tag | ||
|
||
on: | ||
push: | ||
tags: | ||
- '*' | ||
|
||
jobs: | ||
build: | ||
name: Push Latest Release | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Set TAG_NAME in Environment | ||
# Subsequent jobs will be have the computed tag name | ||
run: echo ::set-env name=TAG_NAME::"${GITHUB_REF##*/}" | ||
|
||
- name: Test | ||
run: make travis-release-test | ||
timeout-minutes: 60 | ||
|
||
- name: Build Release Binaries | ||
run: make release | ||
|
||
- name: Build and Deploy OPA Docker Images | ||
env: | ||
DOCKER_USER: ${{ secrets.DOCKER_USER }} | ||
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | ||
DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }} | ||
run: make release-travis | ||
|
||
- name: Create or Update Release | ||
env: | ||
# Required for the `hub` CLI | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
run: ./build/github-release.sh --asset-dir=./_release/${TAG_NAME#v}/ --tag=${TAG_NAME} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
name: PR Check | ||
|
||
on: [pull_request] | ||
|
||
jobs: | ||
# All jobs essentially re-create the `travis-release-build` make target, but are split | ||
# up for parallel runners for faster PR feedback and a nicer UX. | ||
|
||
go-build: | ||
name: Go Build | ||
runs-on: ubuntu-18.04 | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Build Golang | ||
run: make travis-go-build-all-platforms | ||
timeout-minutes: 30 | ||
|
||
go-test: | ||
name: Go Test | ||
runs-on: ubuntu-18.04 | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Unit Test Golang | ||
run: make travis-go-test-coverage | ||
timeout-minutes: 30 | ||
|
||
- name: Codecov Upload | ||
uses: codecov/codecov-action@v1 | ||
with: | ||
tags: unittests | ||
file: ./coverage.txt | ||
|
||
go-perf: | ||
name: Go Perf | ||
runs-on: ubuntu-18.04 | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Benchmark Test Golang | ||
run: make travis-go-perf | ||
timeout-minutes: 30 | ||
|
||
go-lint: | ||
name: Go Lint | ||
runs-on: ubuntu-18.04 | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Golang Style and Lint Check | ||
run: make travis-go-check | ||
timeout-minutes: 30 | ||
|
||
wasm: | ||
name: WASM | ||
runs-on: ubuntu-18.04 | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Build and Test WASM | ||
run: make travis-wasm | ||
timeout-minutes: 15 | ||
|
||
check-generated: | ||
name: Check Generated | ||
runs-on: ubuntu-18.04 | ||
steps: | ||
- name: Check out code | ||
uses: actions/checkout@v2 | ||
|
||
- name: Check Working Copy | ||
run: make travis-check-working-copy | ||
timeout-minutes: 15 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.