-
Notifications
You must be signed in to change notification settings - Fork 134
114 lines (114 loc) · 3.34 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
name: Tink
on:
push:
branches:
- "*"
tags-ignore:
- "v*"
pull_request:
env:
CGO_ENABLED: "0"
GO_VERSION: "1.20"
jobs:
verify:
name: Verify
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: "${{ env.GO_VERSION }}"
- run: make verify
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: "${{ env.GO_VERSION }}"
- name: Run unit tests
run: make test
- name: Run e2e tests
run: make e2e-test
- name: Upload codecov
run: bash <(curl -s https://codecov.io/bash)
checks:
name: CI Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install nix
uses: cachix/install-nix-action@v22
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Run ci-checks.sh
run: nix-shell --run 'make ci-checks'
# We preemptively build the binaries for efficiency instead of waiting on unit tests to pass
# hence this doesn't depend on anything.
build:
name: Build
runs-on: ubuntu-latest
strategy:
matrix:
platform: [amd64, arm64]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
go-version: "${{ env.GO_VERSION }}"
- name: Build linux/${{ matrix.platform }}
run: make build -j$(nproc) GOOS=linux GOARCH=${{ matrix.platform }}
- uses: actions/upload-artifact@v3
with:
name: binaries
path: bin/*
package:
name: Package
runs-on: ubuntu-latest
needs:
- verify
- test
- checks
- build
strategy:
matrix:
include:
- repository: quay.io/tinkerbell/tink
binary: tink-server
- repository: quay.io/tinkerbell/tink-worker
binary: tink-worker
- repository: quay.io/tinkerbell/tink-controller
binary: tink-controller
steps:
- name: Create docker image tags
id: docker-image-tag
run: echo ::set-output name=tags::${{ matrix.repository }}:latest,${{ matrix.repository }}:sha-${GITHUB_SHA::8}
- uses: actions/checkout@v4
- name: Login to quay.io
uses: docker/login-action@v2
if: ${{ startsWith(github.ref, 'refs/heads/main') }}
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- name: Download all binaries
uses: actions/download-artifact@v3
with:
name: binaries
path: ./bin
# Artifact upload doesn't preserve permissions so we need to fix them before use in
# the Dockerfiles.
- name: Fix permissions
run: chmod +x bin/*
- name: Build ${{ matrix.repository }} and push
uses: docker/build-push-action@v4
with:
context: .
file: cmd/${{ matrix.binary }}/Dockerfile
cache-from: type=registry,ref=${{ matrix.repository }}:latest
push: ${{ startsWith(github.ref, 'refs/heads/main') }}
tags: ${{ steps.docker-image-tag.outputs.tags }}
platforms: linux/amd64,linux/arm64