Skip to content

Commit

Permalink
ci: streamline CI job
Browse files Browse the repository at this point in the history
  • Loading branch information
jta committed Jun 1, 2024
1 parent c1a918f commit e16febc
Show file tree
Hide file tree
Showing 11 changed files with 264 additions and 180 deletions.
5 changes: 2 additions & 3 deletions .github/workflows/golangci-lint.yaml
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: golangci-lint
name: Run Go linter
on:
push:
branches:
Expand All @@ -11,5 +11,4 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: golangci-lint
run: |
make go-lint-all
run: make go-lint
96 changes: 96 additions & 0 deletions .github/workflows/release-wip.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,96 @@
name: Release WIP

on:
push:
branches:
- joao/ci-overhaul
workflow_dispatch:

jobs:
permission_check:
runs-on: ubuntu-latest
outputs:
can-write: ${{ steps.check.outputs.can-write }}
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
steps:
- id: check
run: |
# If the AWS_ACCESS_KEY_ID secret is MIA we can't run tests
if [[ -z "$AWS_ACCESS_KEY_ID" ]]; then
echo "can-write=false" >> $GITHUB_OUTPUT
else
echo "can-write=true" >> $GITHUB_OUTPUT
fi
tests:
needs: permission_check
uses: ./.github/workflows/tests-integration.yaml
if: needs.permission_check.outputs.can-write == 'true'
secrets: inherit

fetch-regions:
runs-on: ubuntu-latest
needs: permission_check
if: needs.permission_check.outputs.can-write == 'true'
permissions:
id-token: write
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Setup AWS credentials
uses: aws-actions/configure-aws-credentials@v4.0.2
with:
role-to-assume: ${{ secrets.AWS_ROLE_ARN }}
aws-region: us-west-2

- name: AWS Info
run: aws sts get-caller-identity

- name: Fetch available AWS regions
id: fetch-regions
run: |
regions=$(aws ec2 describe-regions --query "Regions[].RegionName" --output text | tr '\t' '\n' | jq -R -s -c 'split("\n")[:-1]')
echo "Regions: $regions"
echo "regions_json=$regions" >> "$GITHUB_ENV"
- name: Set Matrix for aws-release job
id: set-matrix
run: echo "matrix=${regions_json}" >> "$GITHUB_OUTPUT"

github-release:
needs: [tests, permission_check]
runs-on: ubuntu-latest
if: >
(needs.permission_check.outputs.can-write == 'true' && github.event_name == 'push') ||
(github.event_name == 'workflow_dispatch' && needs.tests.result == 'success')
outputs:
version: ${{ steps.release-version.outputs.VERSION }}
steps:
- name: checkout
uses: actions/checkout@v4

- name: github release (beta)
if: github.event_name == 'push'
id: prerelease
uses: ahmadnassri/action-semantic-release@v2
with:
config: ${{ github.workspace }}/.releaserc.json
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: github release (stable)
if: github.event_name == 'workflow_dispatch'
id: fullrelease
uses: ahmadnassri/action-semantic-release@v2
with:
config: ${{ github.workspace }}/.releaserc-release.json
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

- name: Set version for aws-release job
id: release-version
run: |
echo "VERSION=${{ env.VERSION }}" >> "$GITHUB_OUTPUT"
env:
VERSION: ${{ (steps.prerelease.outputs.release-version != '') && steps.prerelease.outputs.release-version || steps.fullrelease.outputs.release-version }}
65 changes: 52 additions & 13 deletions .github/workflows/release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,20 +26,21 @@ jobs:
echo "can-write=true" >> $GITHUB_OUTPUT
fi
tests:
needs: permission_check
uses: ./.github/workflows/tests-integration.yaml
if: needs.permission_check.outputs.can-write == 'true'
secrets: inherit
#tests:
#needs: permission_check
#uses: ./.github/workflows/tests-integration.yaml
#if: needs.permission_check.outputs.can-write == 'true'
#secrets: inherit
fetch-regions:
discover:
runs-on: ubuntu-latest
needs: permission_check
if: needs.permission_check.outputs.can-write == 'true'
permissions:
id-token: write
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
regions: ${{ steps.regions.outputs.matrix }}
apps: ${{ steps.apps.outputs.matrix }}
steps:
- name: Setup AWS credentials
uses: aws-actions/configure-aws-credentials@v4.0.2
Expand All @@ -57,12 +58,17 @@ jobs:
echo "Regions: $regions"
echo "regions_json=$regions" >> "$GITHUB_ENV"
- name: Set Matrix for aws-release job
id: set-matrix
- name: Find regions
id: regions
run: echo "matrix=${regions_json}" >> "$GITHUB_OUTPUT"

- name: Find apps
id: apps
run: |
echo "matrix=$(ls apps/ | jq -R -s -c 'split("\n")[:-1]')" >> $GITHUB_OUTPUT
github-release:
needs: [tests, permission_check]
needs: [permission_check]
runs-on: ubuntu-latest
if: >
(needs.permission_check.outputs.can-write == 'true' && github.event_name == 'push') ||
Expand Down Expand Up @@ -109,16 +115,49 @@ jobs:
secrets: inherit
with:
version: ${{ needs.github-release.outputs.VERSION }}


build:
needs: [github-release]
runs-on: ubuntu-latest
strategy:
matrix:
app: ${{fromJson(needs.discover.outputs.apps)}}
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Validate SAM app
run: make sam-validate
env:
APP: ${{ matrix.app }}

- name: Setup Go
uses: actions/setup-go@v5
with:
go-version-file: 'go.mod'

- name: Build SAM app
run: make sam-build
env:
APP: ${{ matrix.app }}
VERSION: ${{ needs.github-release.outputs.VERSION }}

- name: Archive build directory
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.app }}
path: |
${{ github.workspace }}/.aws-sam/build/${{ matrix.app }}
aws-release:
needs: [fetch-regions, github-release, tests]
needs: [discover, github-release]
runs-on: ubuntu-latest
if: |
github.actor != 'dependabot[bot]' &&
needs.github-release.outputs.version != ''
strategy:
matrix:
region: ${{fromJson(needs.fetch-regions.outputs.matrix)}}
region: ${{fromJson(needs.discover.outputs.regions)}}
permissions:
contents: write
id-token: write
Expand Down
20 changes: 0 additions & 20 deletions .github/workflows/sam-validate.yaml

This file was deleted.

Loading

0 comments on commit e16febc

Please sign in to comment.