Skip to content

Commit

Permalink
build: use reusable workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@ReuDa
ReuDa committed Dec 6, 2023
1 parent a7f7d78 commit 5c2ca21
Showing 1 changed file with 12 additions and 227 deletions.
239 changes: 12 additions & 227 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,231 +14,16 @@ concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
audit:
name: Audit
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0

- uses: actions/setup-go@v4
with:
go-version: '1.21'

- name: Audit
run: |
go mod download
make audit
- name: Check Sonar Token
id: check-sonar
shell: bash
run: |
if [ "${{ secrets.SONAR_TOKEN }}" != '' ]; then
echo "available=true" >> $GITHUB_OUTPUT;
else
echo "available=false" >> $GITHUB_OUTPUT;
fi
- name: SonarCloud Scan
if: ${{ steps.check-sonar.outputs.available == 'true' }}
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

build-images:
name: Build Docker Images
needs:
- audit
runs-on: ubuntu-latest
timeout-minutes: 60
permissions:
contents: read
packages: write

steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Log in to the container registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: ./
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
build-args: |
BUILD_SNAPSHOT=${{ !startsWith(github.ref, 'refs/tags/') }}
NAME=${{ github.repository }}
VERSION=${{ steps.meta.outputs.version }}
REVISION=${{ github.sha }}
- name: Trigger test environment updates
run: |
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{secrets.PAT_TOKEN_EXTENSION_DEPLOYER}}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/steadybit/extension-deployer/actions/workflows/extension-restart.yml/dispatches \
-d '{"ref":"main","inputs":{"extension":"${{ github.repository }}","version":"${{ steps.meta.outputs.version }}","revision":"${{ github.sha }}"}}'
build-packages:
name: Build Linux Packages
needs:
- audit
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0

- uses: actions/setup-go@v4
with:
go-version: '1.21'

- name: Export GPG key
run: |
mkdir -p gpg
echo -n "${{ secrets.MAVEN_GPG_PRIVATE_KEY }}" > gpg.key
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v5
with:
distribution: goreleaser
version: latest
args: release --clean ${{ !startsWith(github.ref, 'refs/tags/') && '--snapshot' || '' }} ${{ github.event_name == 'pull_request' && '--skip sign' || '' }}
env:
NFPM_KEY_FILE: gpg.key
NFPM_DEFAULT_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }}

- name: "[build] Upload packages to internal repositories"
if: github.event_name != 'pull_request'
run: |
REPO_USER="${{ secrets.STEADYBIT_ARTIFACT_SERVER_USERNAME }}:${{ secrets.STEADYBIT_ARTIFACT_SERVER_PASSWORD }}"
echo "Uploading deb packages to artifacts server"
find ./dist -name '*.deb' -type f | xargs -i curl -u "$REPO_USER" -X POST -H "Content-Type: multipart/form-data" --data-binary "@{}" https://artifacts.steadybit.io/repository/deb-internal/
echo "Uploading rpm packages to artifacts server"
find ./dist -name '*.rpm' -type f | xargs -i curl -u "$REPO_USER" --upload-file {} https://artifacts.steadybit.io/repository/yum-internal/
- name: "[release] Upload packages to public repositories"
if: ${{ startsWith(github.ref, 'refs/tags/') }}
run: |
REPO_USER="${{ secrets.STEADYBIT_ARTIFACT_SERVER_USERNAME }}:${{ secrets.STEADYBIT_ARTIFACT_SERVER_PASSWORD }}"
echo "Uploading deb packages to artifacts server"
find ./dist -name '*.deb' -type f | xargs -i curl -u "$REPO_USER" -X POST -H "Content-Type: multipart/form-data" --data-binary "@{}" https://artifacts.steadybit.io/repository/deb/
echo "Uploading rpm packages to artifacts server"
find ./dist -name '*.rpm' -type f | xargs -i curl -u "$REPO_USER" --upload-file {} https://artifacts.steadybit.io/repository/yum/
echo "Invalidating artifacts server cache"
curl -X POST -u $REPO_USER https://artifacts.steadybit.io/service/rest/v1/repositories/yum-proxy/invalidate-cache
curl -X POST -u $REPO_USER https://artifacts.steadybit.io/service/rest/v1/repositories/yum-public/invalidate-cache
curl -X POST -u $REPO_USER https://artifacts.steadybit.io/service/rest/v1/repositories/deb-public/invalidate-cache
test-helm-charts:
name: "Test Helm Charts"
runs-on: ubuntu-latest
needs:
- audit
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: v3.12.2

- name: Add dependency chart repos
run: |
helm repo add steadybit https://steadybit.github.io/helm-charts
- uses: actions/setup-python@v4
with:
python-version: "3.10"

- name: Add unit testing plugin
run: |
helm plugin install https://github.com/helm-unittest/helm-unittest.git
- name: Run unit tests
run: make charttesting

- name: Set up chart-testing
uses: helm/chart-testing-action@v2.6.1

- name: Run chart-testing (lint)
run: ct lint --config chartTesting.yaml

release-helm-chart:
name: "Release Helm Chart"
runs-on: ubuntu-latest
needs:
- test-helm-charts
if: github.ref == 'refs/heads/main'

permissions:
contents: write

steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0

- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: v3.12.2

- name: Add dependency chart repos
run: |
helm repo add steadybit https://steadybit.github.io/helm-charts
- name: Run chart-releaser
uses: helm/chart-releaser-action@v1.6.0
with:
charts_dir: charts
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
extension-ci:
uses: steadybit/extension-kit/.github/workflows/reusable-extension-ci.yml@main
with:
build_linux_packages: true
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
PAT_TOKEN_EXTENSION_DEPLOYER: ${{ secrets.PAT_TOKEN_EXTENSION_DEPLOYER }}
MAVEN_GPG_PRIVATE_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
MAVEN_GPG_PRIVATE_KEY_PASSWORD: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSWORD }}
PAT_TOKEN_GORELEASER: ${{ secrets.PAT_TOKEN }}
STEADYBIT_ARTIFACT_SERVER_USERNAME: ${{ secrets.STEADYBIT_ARTIFACT_SERVER_USERNAME }}
STEADYBIT_ARTIFACT_SERVER_PASSWORD: ${{ secrets.STEADYBIT_ARTIFACT_SERVER_PASSWORD }}

0 comments on commit 5c2ca21

Please sign in to comment.