Refactor ubuntu setup (#432) #1268
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ci | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
on: | |
pull_request: | |
branches: | |
- main | |
paths-ignore: | |
- 'website/**' | |
- 'docs/**' | |
- '*.md' | |
- 'CODEOWNERS' | |
- 'LICENSE' | |
push: | |
branches: | |
- main | |
paths-ignore: | |
- 'website/**' | |
- 'docs/**' | |
- '*.md' | |
- 'CODEOWNERS' | |
- 'LICENSE' | |
permissions: | |
contents: read | |
jobs: | |
lint: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: '1.22' | |
cache: false | |
# Use the golang-ci lint action which automattically sets up GHA caching and other things | |
# Note: There is also a "lint" target in docker-bake.hcl for local linting | |
# If you make changes to this, please make sure to also update the local linting target | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 | |
with: | |
version: v1.61 | |
args: --timeout=30m | |
- name: validate generated files | |
run: | | |
go generate || exit $? | |
git diff --exit-code | |
if [ $? -ne 0 ]; then | |
echo "::error::Missing updates to generated files. Please run 'go generate' and commit the changes" | |
exit 1 | |
fi | |
integration: | |
runs-on: ubuntu-22.04 | |
# TODO: support diff/merge | |
# Right now this is handled by the e2e suite, but we can migrate that here. | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: '1.22' | |
cache: false | |
- name: Expose GitHub tokens for caching | |
uses: crazy-max/ghaction-github-runtime@b3a9207c0e1ef41f4cf215303c976869d0c2c1c4 # v3.0.0 | |
# Tests currently require buildkit v0.12.0 or higher | |
# The version of buildkit builtin to moby currently (v24) is too old | |
# So we need to setup a custom builder. | |
- name: Set up builder | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 | |
- name: download deps | |
run: go mod download | |
- name: Run integration tests | |
run: go test -v -json ./test | go run ./cmd/test2json2gha | |
- name: dump logs | |
if: failure() | |
run: sudo journalctl -u docker | |
unit: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: '1.22' | |
cache: false | |
- name: download deps | |
run: go mod download | |
- name: Run unit tests | |
run: go test -v --test.short --json ./... | go run ./cmd/test2json2gha | |
e2e: | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
disable_diff_merge: ["1", "0"] | |
name: "Test E2E (disable diff/merge: ${{ matrix.disable_diff_merge }})" | |
env: | |
DALEC_DISABLE_DIFF_MERGE: ${{ matrix.disable_diff_merge }} | |
FRONTEND_REF: localhost:5000/dalec/frontend | |
steps: | |
- name: Harden Runner | |
uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1 | |
with: | |
egress-policy: audit | |
- name: checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
# We need to fetch all commits so that we can diff against the base branch | |
fetch-depth: 0 | |
- name: Expose GitHub tokens for caching | |
uses: crazy-max/ghaction-github-runtime@b3a9207c0e1ef41f4cf215303c976869d0c2c1c4 # v3.0.0 | |
- name: Setup builder | |
run: | | |
# Sometimes the builder runs out of space... so cleanup anything we can first. | |
docker image prune -a -f | |
docker run -d --net=host registry | |
# If diff/merge are enabled we need to use a buildx builder to make sure the feature is supported. | |
# Otherwise we can just use the default docker builder. | |
if [ "${DALEC_DISABLE_DIFF_MERGE}" = "0" ]; then | |
docker buildx create --use --driver-opt network=host | |
echo FRONTEND_BAKE_TARGET="frontend-ci-full" >> $GITHUB_ENV | |
echo USE_BUILDX=1 >> $GITHUB_ENV | |
else | |
echo DALEC_NO_CACHE_EXPORT="1" >> $GITHUB_ENV | |
echo DALEC_DISABLE_NESTED="1" >> $GITHUB_ENV | |
echo FRONTEND_BAKE_TARGET="frontend-ci" >> $GITHUB_ENV | |
fi | |
- name: Build frontend image | |
run: docker buildx bake ${FRONTEND_BAKE_TARGET} | |
- name: test | |
run: | | |
docker buildx bake test | |
- name: dump logs | |
if: failure() | |
run: | | |
if [ "${USE_BUILDX}" = "1" ]; then | |
docker logs $(docker ps -lq) | |
else | |
sudo journalctl -u docker | |
fi |