Skip to content

build: include licenses information into distributed artifacts #123

build: include licenses information into distributed artifacts

build: include licenses information into distributed artifacts #123

Workflow file for this run

name: ci
on:
push:
branches:
- 'main'
tags:
- 'v*'
pull_request:
branches:
- 'main'
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}
jobs:
audit:
name: Audit
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Remove non-semver tags (from helmchart) for goreleaser to work properly
run: |
git tag -d $(git tag -l | grep -v "^v[0-9]*.[0-9]*.[0-9]*")
- uses: actions/setup-go@v4
with:
go-version: '1.20'
- name: Audit
run: |
go mod download
make audit
- name: Check Sonar Token
id: check-sonar
shell: bash
run: |
if [ "${{ secrets.SONAR_TOKEN }}" != '' ]; then
echo "available=true" >> $GITHUB_OUTPUT;
else
echo "available=false" >> $GITHUB_OUTPUT;
fi
- name: SonarCloud Scan
if: ${{ steps.check-sonar.outputs.available == 'true' }}
uses: SonarSource/sonarcloud-github-action@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
build-images:
name: Build Docker Images
needs:
- audit
runs-on: ubuntu-latest
timeout-minutes: 60
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Remove non-semver tags (from helmchart) for goreleaser to work properly
run: |
git tag -d $(git tag -l | grep -v "^v[0-9]*.[0-9]*.[0-9]*")
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Log in to the container registry
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
- name: Build and push Docker image
uses: docker/build-push-action@v4
with:
context: ./
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: linux/amd64,linux/arm64
build-args: |
BUILD_SNAPSHOT=${{ !startsWith(github.ref, 'refs/tags/') }}
NAME=${{ github.repository }}
VERSION=${{ steps.meta.outputs.version }}
REVISION=${{ github.sha }}
- name: Trigger test environment updates
run: |
curl -L \
-X POST \
-H "Accept: application/vnd.github+json" \
-H "Authorization: Bearer ${{secrets.PAT_TOKEN_EXTENSION_DEPLOYER}}" \
-H "X-GitHub-Api-Version: 2022-11-28" \
https://api.github.com/repos/steadybit/extension-deployer/actions/workflows/extension-restart.yml/dispatches \
-d '{"ref":"main","inputs":{"extension":"${{ github.repository }}","version":"${{ steps.meta.outputs.version }}","revision":"${{ github.sha }}"}}'
build-packages:
name: Build Linux Packages
needs:
- audit
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Remove non-semver tags (from helmchart) for goreleaser to work properly
run: |
git tag -d $(git tag -l | grep -v "^v[0-9]*.[0-9]*.[0-9]*")
- uses: actions/setup-go@v4
with:
go-version: '1.20'
- name: Export GPG key
run: |
mkdir -p gpg
echo -n "${{ secrets.MAVEN_GPG_PRIVATE_KEY }}" > gpg.key
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v4
with:
distribution: goreleaser
version: latest
args: release --clean ${{ !startsWith(github.ref, 'refs/tags/') && '--snapshot' || '' }}
env:
NFPM_KEY_FILE: gpg.key
NFPM_DEFAULT_PASSPHRASE: ${{ secrets.MAVEN_GPG_PRIVATE_KEY_PASSWORD }}
GITHUB_TOKEN: ${{ secrets.PAT_TOKEN }}
- name: "[build] Upload packages to internal repositories"
if: ${{ !startsWith(github.ref, 'refs/tags/') }}
run: |
REPO_USER="${{ secrets.STEADYBIT_ARTIFACT_SERVER_USERNAME }}:${{ secrets.STEADYBIT_ARTIFACT_SERVER_PASSWORD }}"
echo "Uploading deb packages to artifacts server"
find ./dist -name '*.deb' -type f | xargs -i curl -u "$REPO_USER" -X POST -H "Content-Type: multipart/form-data" --data-binary "@{}" https://artifacts.steadybit.io/repository/deb-internal/
echo "Uploading rpm packages to artifacts server"
find ./dist -name '*.rpm' -type f | xargs -i curl -u "$REPO_USER" --upload-file {} https://artifacts.steadybit.io/repository/yum-internal/
- name: "[release] Upload packages to public repositories"
if: ${{ startsWith(github.ref, 'refs/tags/') }}
run: |
REPO_USER="${{ secrets.STEADYBIT_ARTIFACT_SERVER_USERNAME }}:${{ secrets.STEADYBIT_ARTIFACT_SERVER_PASSWORD }}"
echo "Uploading deb packages to artifacts server"
find ./dist -name '*.deb' -type f | xargs -i curl -u "$REPO_USER" -X POST -H "Content-Type: multipart/form-data" --data-binary "@{}" https://artifacts.steadybit.io/repository/deb/
echo "Uploading rpm packages to artifacts server"
find ./dist -name '*.rpm' -type f | xargs -i curl -u "$REPO_USER" --upload-file {} https://artifacts.steadybit.io/repository/yum/
echo "Invalidating artifacts server cache"
curl -X POST -u $REPO_USER https://artifacts.steadybit.io/service/rest/v1/repositories/yum-proxy/invalidate-cache
curl -X POST -u $REPO_USER https://artifacts.steadybit.io/service/rest/v1/repositories/yum-public/invalidate-cache
curl -X POST -u $REPO_USER https://artifacts.steadybit.io/service/rest/v1/repositories/deb-public/invalidate-cache
test-helm-charts:
name: "Test Helm Charts"
runs-on: ubuntu-latest
needs:
- build-images
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: v3.12.2
- name: Add dependency chart repos
run: |
helm repo add steadybit https://steadybit.github.io/helm-charts
- uses: actions/setup-python@v4
with:
python-version: "3.10"
- name: Add unit testing plugin
run: |
helm plugin install https://github.com/helm-unittest/helm-unittest.git
- name: Run unit tests
run: make charttesting
- name: Set up chart-testing
uses: helm/[email protected]
- name: Run chart-testing (lint)
run: ct lint --config chartTesting.yaml
- name: Run chart-testing (list-changed)
id: list-changed
run: |
changed=$(ct list-changed --config chartTesting.yaml)
if [[ -n "$changed" ]]; then
echo "::set-output name=changed::true"
fi
- name: Create kind cluster
uses: helm/[email protected]
if: steps.list-changed.outputs.changed == 'true'
- name: Run chart-testing (install)
run: ct install --config chartTesting.yaml
release-helm-chart:
name: "Release Helm Chart"
runs-on: ubuntu-latest
needs:
- test-helm-charts
if: github.ref == 'refs/heads/main'
permissions:
contents: write
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
- name: Set up Helm
uses: azure/setup-helm@v3
with:
version: v3.12.2
- name: Add dependency chart repos
run: |
helm repo add steadybit https://steadybit.github.io/helm-charts
- name: Run chart-releaser
uses: helm/[email protected]
with:
charts_dir: charts
env:
CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"