-
Notifications
You must be signed in to change notification settings - Fork 137
135 lines (119 loc) · 3.5 KB
/
ci.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: Tink
on:
push:
branches:
- "*"
tags-ignore:
- "v*"
pull_request: {}
workflow_dispatch: {}
env:
CGO_ENABLED: "0"
GO_VERSION: "1.22"
jobs:
verify:
name: Verify
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GO_VERSION }}"
- run: make verify
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 5
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GO_VERSION }}"
- name: Run unit tests
run: make test
- name: Run e2e tests
run: make e2e-test
- name: Upload codecov
uses: codecov/codecov-action@v4
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
checks:
name: CI Checks
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install nix
uses: cachix/install-nix-action@V27
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Run ci-checks.sh
run: nix-shell --run 'make ci-checks'
# We preemptively build the binaries for efficiency instead of waiting on unit tests to pass
# hence this doesn't depend on anything.
build:
name: Build
runs-on: ubuntu-latest
strategy:
matrix:
platform: [amd64, arm64]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: "${{ env.GO_VERSION }}"
- name: Build linux/${{ matrix.platform }}
run: make build -j$(nproc) GOOS=linux GOARCH=${{ matrix.platform }}
- uses: actions/upload-artifact@v4
with:
name: ${{ matrix.platform }}-binaries
path: bin/*
package:
name: Package
runs-on: ubuntu-latest
needs:
- verify
- test
- checks
- build
strategy:
matrix:
include:
- repository: quay.io/tinkerbell/tink
binary: tink-server
- repository: quay.io/tinkerbell/tink-worker
binary: tink-worker
- repository: quay.io/tinkerbell/tink-controller
binary: tink-controller
steps:
- name: Create docker image tags
id: docker-image-tag
run: echo ::set-output name=tags::${{ matrix.repository }}:latest,${{ matrix.repository }}:sha-${GITHUB_SHA::8}
- uses: actions/checkout@v4
- name: Login to quay.io
uses: docker/login-action@v3
if: ${{ startsWith(github.ref, 'refs/heads/main') }}
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Download all binaries
uses: actions/download-artifact@v4
with:
path: ./bin
merge-multiple: true
# Artifact upload doesn't preserve permissions so we need to fix them before use in
# the Dockerfiles.
- name: Fix permissions
run: chmod +x bin/*
- name: Build ${{ matrix.repository }} and push
uses: docker/build-push-action@v6
with:
context: .
file: cmd/${{ matrix.binary }}/Dockerfile
cache-from: type=registry,ref=${{ matrix.repository }}:latest
push: ${{ startsWith(github.ref, 'refs/heads/main') }}
tags: ${{ steps.docker-image-tag.outputs.tags }}
platforms: linux/amd64,linux/arm64