| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155 |
- name: CI
- on:
- push:
- branches:
- - main
- - release-*
- pull_request: {}
- env:
- # Common versions
- GOLANGCI_VERSION: 'v1.54.2'
- KUBERNETES_VERSION: '1.28.x'
- # Sonar
- SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- jobs:
- detect-noop:
- runs-on: ubuntu-latest
- outputs:
- noop: ${{ steps.noop.outputs.should_skip }}
- steps:
- - name: Detect No-op Changes
- id: noop
- uses: fkirc/skip-duplicate-actions@v5.3.1
- with:
- github_token: ${{ secrets.GITHUB_TOKEN }}
- paths_ignore: '["**.md", "**.png", "**.jpg"]'
- do_not_skip: '["workflow_dispatch", "schedule", "push"]'
- concurrent_skipping: false
- lint:
- runs-on: ubuntu-latest
- needs: detect-noop
- if: needs.detect-noop.outputs.noop != 'true' && github.ref != 'refs/heads/main'
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- - name: Setup Go
- uses: actions/setup-go@v5
- id: setup-go
- with:
- go-version-file: "go.mod"
- - name: Download Go modules
- if: ${{ steps.setup-go.outputs.cache-hit != 'true' }}
- run: go mod download
- - name: Lint
- uses: golangci/golangci-lint-action@v3
- with:
- version: ${{ env.GOLANGCI_VERSION }}
- skip-pkg-cache: true
- skip-build-cache: true
- check-diff:
- runs-on: ubuntu-latest
- needs: detect-noop
- if: needs.detect-noop.outputs.noop != 'true' && github.ref != 'refs/heads/main'
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- - name: Setup Go
- uses: actions/setup-go@v5
- id: setup-go
- with:
- go-version-file: "go.mod"
- - name: Download Go modules
- if: ${{ steps.setup-go.outputs.cache-hit != 'true' }}
- run: go mod download
- - name: Configure Git
- run: |
- git config user.name "$GITHUB_ACTOR"
- git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- - name: Check Diff
- run: |
- make check-diff
- unit-tests:
- runs-on: ubuntu-latest
- needs: detect-noop
- if: needs.detect-noop.outputs.noop != 'true' && github.ref != 'refs/heads/main'
- steps:
- - name: Checkout
- uses: actions/checkout@v4
- - name: Fetch History
- run: git fetch --prune --unshallow
- - name: Setup Go
- uses: actions/setup-go@v5
- id: setup-go
- with:
- go-version-file: "go.mod"
- - name: Download Go modules
- if: ${{ steps.setup-go.outputs.cache-hit != 'true' }}
- run: go mod download
- - name: Cache envtest binaries
- uses: actions/cache@v3
- with:
- path: bin/k8s
- key: ${{ runner.os }}-envtest-${{env.KUBERNETES_VERSION}}
- - name: Run Unit Tests
- run: |
- make test
- publish-artifacts:
- needs: detect-noop
- if: needs.detect-noop.outputs.noop != 'true'
- uses: ./.github/workflows/publish.yml
- permissions:
- id-token: write
- contents: read
- strategy:
- matrix:
- include:
- - dockerfile: "Dockerfile"
- build-args: "CGO_ENABLED=0"
- build-arch: "amd64 arm64 s390x"
- build-platform: "linux/amd64,linux/arm64,linux/s390x"
- tag-suffix: "" # distroless
- - dockerfile: "Dockerfile.ubi"
- build-args: "CGO_ENABLED=0"
- build-arch: "amd64 arm64"
- build-platform: "linux/amd64,linux/arm64"
- tag-suffix: "-ubi"
- - dockerfile: "Dockerfile.ubi"
- build-args: "CGO_ENABLED=0 GOEXPERIMENT=boringcrypto"
- build-arch: "amd64"
- build-platform: "linux/amd64"
- tag-suffix: "-ubi-boringssl"
- with:
- dockerfile: ${{ matrix.dockerfile }}
- tag-suffix: ${{ matrix.tag-suffix }}
- image-name: ghcr.io/${{ github.repository }}
- build-platform: ${{ matrix.build-platform }}
- build-args: ${{ matrix.build-args }}
- build-arch: ${{ matrix.build-arch }}
- ref: ${{ github.ref }}
- secrets:
- GHCR_USERNAME: ${{ secrets.GHCR_USERNAME }}
- GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
|
