mirror of
https://github.com/external-secrets/external-secrets.git
synced 2024-12-15 17:51:01 +00:00
5a6cf20d6c
Bumps [fkirc/skip-duplicate-actions](https://github.com/fkirc/skip-duplicate-actions) from v2.1.0 to v3.4.0. - [Release notes](https://github.com/fkirc/skip-duplicate-actions/releases) - [Changelog](https://github.com/fkirc/skip-duplicate-actions/blob/master/CHANGELOG.md) - [Commits](https://github.com/fkirc/skip-duplicate-actions/compare/v2.1.0...4c656bbdb6906310fa6213604828008bc28fe55d) Signed-off-by: dependabot[bot] <support@github.com>
245 lines
7.4 KiB
YAML
245 lines
7.4 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
- release-*
|
|
pull_request: {}
|
|
workflow_dispatch: {}
|
|
|
|
env:
|
|
# Common versions
|
|
GO_VERSION: '1.15'
|
|
GOLANGCI_VERSION: 'v1.33'
|
|
KUBEBUILDER_VERSION: '2.3.1'
|
|
DOCKER_BUILDX_VERSION: 'v0.4.2'
|
|
|
|
# Common users. We can't run a step 'if secrets.GHCR_USERNAME != ""' but we can run
|
|
# a step 'if env.GHCR_USERNAME' != ""', so we copy these to succinctly test whether
|
|
# credentials have been provided before trying to run steps that need them.
|
|
GHCR_USERNAME: ${{ secrets.GHCR_USERNAME }}
|
|
|
|
jobs:
|
|
detect-noop:
|
|
runs-on: ubuntu-18.04
|
|
outputs:
|
|
noop: ${{ steps.noop.outputs.should_skip }}
|
|
steps:
|
|
- name: Detect No-op Changes
|
|
id: noop
|
|
uses: fkirc/skip-duplicate-actions@v3.4.0
|
|
with:
|
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
paths_ignore: '["**.md", "**.png", "**.jpg"]'
|
|
do_not_skip: '["workflow_dispatch", "schedule", "push"]'
|
|
concurrent_skipping: false
|
|
|
|
lint:
|
|
runs-on: ubuntu-18.04
|
|
needs: detect-noop
|
|
if: needs.detect-noop.outputs.noop != 'true'
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Find the Go Cache
|
|
id: go
|
|
run: |
|
|
echo "::set-output name=build-cache::$(go env GOCACHE)"
|
|
echo "::set-output name=mod-cache::$(go env GOMODCACHE)"
|
|
|
|
- name: Cache the Go Build Cache
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ${{ steps.go.outputs.build-cache }}
|
|
key: ${{ runner.os }}-build-lint-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-build-lint-
|
|
|
|
- name: Cache Go Dependencies
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ${{ steps.go.outputs.mod-cache }}
|
|
key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-pkg-
|
|
|
|
# This action uses its own setup-go, which always seems to use the latest
|
|
# stable version of Go. We could run 'make lint' to ensure our desired Go
|
|
# version, but we prefer this action because it leaves 'annotations' (i.e.
|
|
# it comments on PRs to point out linter violations).
|
|
- name: Lint
|
|
uses: golangci/golangci-lint-action@v2
|
|
with:
|
|
version: ${{ env.GOLANGCI_VERSION }}
|
|
skip-pkg-cache: true
|
|
skip-build-cache: true
|
|
|
|
check-diff:
|
|
runs-on: ubuntu-18.04
|
|
needs: detect-noop
|
|
if: needs.detect-noop.outputs.noop != 'true'
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Setup Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
|
|
- name: Find the Go Cache
|
|
id: go
|
|
run: |
|
|
echo "::set-output name=build-cache::$(go env GOCACHE)"
|
|
echo "::set-output name=mod-cache::$(go env GOMODCACHE)"
|
|
|
|
- name: Cache the Go Build Cache
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ${{ steps.go.outputs.build-cache }}
|
|
key: ${{ runner.os }}-build-check-diff-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-build-check-diff-
|
|
|
|
- name: Cache Go Dependencies
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ${{ steps.go.outputs.mod-cache }}
|
|
key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-pkg-
|
|
|
|
- name: Check Diff
|
|
run: make check-diff
|
|
|
|
unit-tests:
|
|
runs-on: ubuntu-18.04
|
|
needs: detect-noop
|
|
if: needs.detect-noop.outputs.noop != 'true'
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Fetch History
|
|
run: git fetch --prune --unshallow
|
|
|
|
- name: Setup Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
|
|
- name: Find the Go Cache
|
|
id: go
|
|
run: |
|
|
echo "::set-output name=build-cache::$(go env GOCACHE)"
|
|
echo "::set-output name=mod-cache::$(go env GOMODCACHE)"
|
|
|
|
- name: Cache the Go Build Cache
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ${{ steps.go.outputs.build-cache }}
|
|
key: ${{ runner.os }}-build-unit-tests-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-build-unit-tests-
|
|
|
|
- name: Cache Go Dependencies
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ${{ steps.go.outputs.mod-cache }}
|
|
key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-pkg-
|
|
|
|
- name: Add kubebuilder
|
|
run: |
|
|
curl -L https://github.com/kubernetes-sigs/kubebuilder/releases/download/v${{env.KUBEBUILDER_VERSION}}/kubebuilder_${{env.KUBEBUILDER_VERSION}}_linux_amd64.tar.gz > kubebuilder_${{env.KUBEBUILDER_VERSION}}_linux_amd64.tar.gz
|
|
tar -xvf kubebuilder_${{env.KUBEBUILDER_VERSION}}_linux_amd64.tar.gz
|
|
sudo mv kubebuilder_${{env.KUBEBUILDER_VERSION}}_linux_amd64 /usr/local/kubebuilder
|
|
|
|
- name: Cache kubebuilder
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: /usr/local/kubebuilder
|
|
key: ${{ runner.os }}-kubebuilder-${{env.KUBEBUILDER_VERSION}}
|
|
restore-keys: ${{ runner.os }}-kubebuilder-
|
|
|
|
- name: Run Unit Tests
|
|
run: make test
|
|
|
|
- name: Publish Unit Test Coverage
|
|
uses: codecov/codecov-action@v1
|
|
with:
|
|
flags: unittests
|
|
file: ./cover.out
|
|
|
|
publish-artifacts:
|
|
runs-on: ubuntu-18.04
|
|
needs: detect-noop
|
|
if: needs.detect-noop.outputs.noop != 'true'
|
|
|
|
steps:
|
|
- name: Setup QEMU
|
|
uses: docker/setup-qemu-action@v1
|
|
with:
|
|
platforms: all
|
|
|
|
- name: Setup Docker Buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
with:
|
|
version: ${{ env.DOCKER_BUILDX_VERSION }}
|
|
install: true
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@v2
|
|
|
|
- name: Fetch History
|
|
run: git fetch --prune --unshallow
|
|
|
|
- name: Setup Go
|
|
uses: actions/setup-go@v2
|
|
with:
|
|
go-version: ${{ env.GO_VERSION }}
|
|
|
|
- name: Find the Go Cache
|
|
id: go
|
|
run: |
|
|
echo "::set-output name=build-cache::$(go env GOCACHE)"
|
|
echo "::set-output name=mod-cache::$(go env GOMODCACHE)"
|
|
|
|
- name: Cache the Go Build Cache
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ${{ steps.go.outputs.build-cache }}
|
|
key: ${{ runner.os }}-build-publish-artifacts-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-build-publish-artifacts-
|
|
|
|
- name: Cache Go Dependencies
|
|
uses: actions/cache@v2
|
|
with:
|
|
path: ${{ steps.go.outputs.mod-cache }}
|
|
key: ${{ runner.os }}-pkg-${{ hashFiles('**/go.sum') }}
|
|
restore-keys: ${{ runner.os }}-pkg-
|
|
|
|
- name: Build Artifacts
|
|
env:
|
|
# We're using docker buildx, which doesn't actually load the images it
|
|
# builds by default. Specifying --load does so.
|
|
BUILD_ARGS: "--load"
|
|
run: make docker.build
|
|
|
|
- name: Login to Docker
|
|
uses: docker/login-action@v1
|
|
if: env.GHCR_USERNAME != ''
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ secrets.GHCR_USERNAME }}
|
|
password: ${{ secrets.GHCR_TOKEN }}
|
|
|
|
- name: Publish Artifacts
|
|
if: env.GHCR_USERNAME != ''
|
|
run: make docker.push
|
|
|
|
- name: Promote Artifacts to main release channel
|
|
if: github.ref == 'refs/heads/main' && env.GHCR_USERNAME != ''
|
|
run: make docker.promote
|
|
env:
|
|
RELEASE_TAG: main
|