WIP: Helm chart publication #9
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: designate-certmanager-webhook | |
on: | |
push: | |
branches: | |
- '*' | |
tags: | |
- v* | |
pull_request: | |
types: [opened, synchronize, reopened] | |
env: | |
REGISTRY: ${{ secrets.REGISTRY }} | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} | |
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
outputs: | |
run_test: false | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Cache vendor | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-vendor | |
with: | |
path: vendor | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('go.mod') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ env.cache-name }}- | |
- name: Prepare | |
id: prep | |
run: | | |
TAG=pr | |
if [[ $GITHUB_REF == refs/tags/v* ]]; then | |
TAG=${GITHUB_REF#refs/tags/} | |
elif [[ $GITHUB_REF == refs/heads/* ]]; then | |
TAG=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g') | |
fi | |
echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
echo "Build with tag=${TAG}" | |
- name: Setup Go environment | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21 | |
- name: Build binary | |
shell: bash | |
run: make -e REGISTRY=$REGISTRY -e TAG="${{ steps.prep.outputs.tag }}" build-in-docker | |
# Directory created with a docker run having user root | |
- name: Fix directory owner | |
shell: bash | |
run: | | |
ls -l | |
if [ -d out ] && [ -d vendor ]; then | |
sudo chown -R $USER out vendor | |
fi | |
- name: Output | |
if: startsWith(github.ref, 'refs/tags/v') | |
uses: actions/upload-artifact@v4 | |
with: | |
name: binaries | |
path: out | |
if-no-files-found: error | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go environment | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21 | |
- name: Cache vendor | |
uses: actions/cache@v4 | |
env: | |
cache-name: cache-vendor | |
with: | |
path: vendor | |
key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('go.mod') }} | |
restore-keys: | | |
${{ runner.os }}-build-${{ env.cache-name }}- | |
- name: Prepare | |
id: prep | |
run: | | |
TAG=pr | |
if [[ $GITHUB_REF == refs/tags/v* ]]; then | |
TAG=${GITHUB_REF#refs/tags/} | |
elif [[ $GITHUB_REF == refs/heads/* ]]; then | |
TAG=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g') | |
fi | |
echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
echo "Build with tag=${TAG}" | |
- name: docker compose | |
shell: bash | |
run: | | |
pushd compose | |
docker compose version | |
docker compose up -d | |
popd | |
- name: fetch hack | |
shell: bash | |
run: ./scripts/fetch-test-binaries.sh | |
- name: test | |
env: | |
OS_PROJECT_DOMAIN_NAME: Default | |
OS_USER_DOMAIN_NAME: Default | |
OS_PROJECT_NAME: admin | |
OS_USERNAME: admin | |
OS_PASSWORD: password | |
OS_AUTH_URL: http://127.0.01:5000/v3/ | |
OS_IDENTITY_API_VERSION: 3 | |
OS_IMAGE_API_VERSION: 2 | |
OS_CLOUD: designate | |
TEST_ZONE_NAME: example.com | |
TEST_DNS_SERVER: 127.0.0.1:1053 | |
shell: bash | |
run: ./scripts/test.sh | |
- name: Fix directory owner | |
shell: bash | |
run: | | |
ls -l | |
if [ -d vendor ]; then | |
sudo chown -R $USER vendor | |
fi | |
- name: Stop containers | |
if: always() | |
run: | | |
pushd compose | |
docker compose down | |
popd | |
sonarcloud: | |
if: startsWith(github.ref, 'refs/heads/') | |
name: SonarCloud | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis | |
- name: SonarCloud Scan | |
uses: SonarSource/sonarcloud-github-action@v2.1.1 | |
# Directory created with a docker run having user root | |
- name: Prepare SonarCloud | |
shell: bash | |
run: sudo chown -R $USER .scannerwork | |
deploy: | |
if: startsWith(github.ref, 'refs/tags/v') | |
needs: test | |
name: Deploy | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Prepare | |
id: prep | |
run: | | |
TAG=pr | |
if [[ $GITHUB_REF == refs/tags/v* ]]; then | |
TAG=${GITHUB_REF#refs/tags/} | |
elif [[ $GITHUB_REF == refs/heads/* ]]; then | |
TAG=$(echo ${GITHUB_REF#refs/heads/} | sed -r 's#/+#-#g') | |
fi | |
echo "tag=${TAG}" >> $GITHUB_OUTPUT | |
echo "Build with tag=${TAG}" | |
- name: Setup Go environment | |
uses: actions/setup-go@v5 | |
with: | |
go-version: 1.21 | |
- name: Setup docker buildx | |
uses: docker/setup-buildx-action@v2.2.1 | |
- name: Download binaries | |
uses: actions/download-artifact@v4 | |
with: | |
name: binaries | |
path: out | |
- name: Prepare docker buildx | |
shell: bash | |
run: | | |
docker buildx version; | |
echo "${DOCKER_PASSWORD}" | docker login -u "${DOCKER_USERNAME}" --password-stdin; | |
docker buildx create --use | |
- name: Build docker image | |
shell: bash | |
run: | | |
make -e REGISTRY=$REGISTRY -e TAG="${{ steps.prep.outputs.tag }}" push-manifest | |
- name: Prepare Release | |
shell: bash | |
run: | | |
cp out/linux/amd64/designate-certmanager-webhook designate-certmanager-webhook-amd64 | |
cp out/linux/arm64/designate-certmanager-webhook designate-certmanager-webhook-arm64 | |
- name: Release | |
uses: softprops/action-gh-release@v1 | |
with: | |
tag_name: ${{ steps.prep.outputs.tag }} | |
draft: false | |
files: | | |
designate-certmanager-webhook-amd64 | |
designate-certmanager-webhook-arm64 |