From fad9a0b48939db79e09adfca58704614d33e3989 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Kalke?= <56382792+MichalKalke@users.noreply.github.com> Date: Mon, 12 Aug 2024 15:53:20 +0200 Subject: [PATCH] Cherry pick of order CI workflows (#254) * Cherry pick: https://github.com/kyma-project/serverless/pull/1079 * Cherry pick: https://github.com/kyma-project/serverless/pull/1080 * Cherry pick: https://github.com/kyma-project/serverless/pull/1081 * Cherry pick: https://github.com/kyma-project/serverless/pull/1086 * Cherry pick: https://github.com/kyma-project/serverless/pull/1087 * Adjust integration test GA for Warden * Add missing permissions for build workflow --- .../{build-push-release.yaml => _build.yaml} | 13 +++----- .../{gitleaks.yaml => _gitleaks.yaml} | 3 +- .github/workflows/_integration-tests.yaml | 31 +++++++++++++++++++ .../{unit-tests.yaml => _unit-tests.yaml} | 5 +-- .../{upgrade-test.yaml => _upgrade-test.yaml} | 3 +- .github/workflows/build-pull.yaml | 24 -------------- .github/workflows/integration-tests-pull.yaml | 25 --------------- .github/workflows/integration-tests-push.yaml | 24 -------------- .github/workflows/pull.yaml | 27 ++++++++++++++++ .github/workflows/push.yaml | 20 ++++++++++++ .github/workflows/release.yaml | 10 ++++++ 11 files changed, 95 insertions(+), 90 deletions(-) rename .github/workflows/{build-push-release.yaml => _build.yaml} (78%) rename .github/workflows/{gitleaks.yaml => _gitleaks.yaml} (90%) create mode 100644 .github/workflows/_integration-tests.yaml rename .github/workflows/{unit-tests.yaml => _unit-tests.yaml} (65%) rename .github/workflows/{upgrade-test.yaml => _upgrade-test.yaml} (95%) delete mode 100644 .github/workflows/build-pull.yaml delete mode 100644 .github/workflows/integration-tests-pull.yaml delete mode 100644 .github/workflows/integration-tests-push.yaml create mode 100644 .github/workflows/pull.yaml create mode 100644 .github/workflows/push.yaml create mode 100644 .github/workflows/release.yaml diff --git a/.github/workflows/build-push-release.yaml b/.github/workflows/_build.yaml similarity index 78% rename from .github/workflows/build-push-release.yaml rename to .github/workflows/_build.yaml index b1c2442b..7236d22a 100644 --- a/.github/workflows/build-push-release.yaml +++ b/.github/workflows/_build.yaml @@ -1,12 +1,6 @@ -name: warden bbuild (push) +name: build on: - push: - branches: ["main", "release-*"] - tags: - - '^v?\d+\.\d+\.\d+(?:-.*)?$' -permissions: - id-token: write # This is required for requesting the JWT token - contents: read # This is required for actions/checkout + workflow_call: jobs: compute-tags: @@ -16,7 +10,8 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 - - name: Get the latest tag + - if: ${{ github.event_name == 'push' }} + name: Get the latest tag id: get_tag run: | { diff --git a/.github/workflows/gitleaks.yaml b/.github/workflows/_gitleaks.yaml similarity index 90% rename from .github/workflows/gitleaks.yaml rename to .github/workflows/_gitleaks.yaml index 45b6648c..05083475 100644 --- a/.github/workflows/gitleaks.yaml +++ b/.github/workflows/_gitleaks.yaml @@ -1,7 +1,6 @@ name: gitleaks on: - pull_request: - types: [opened, edited, synchronize, reopened, ready_for_review] + workflow_call: env: GITLEAKS_VERSION: 8.18.2 diff --git a/.github/workflows/_integration-tests.yaml b/.github/workflows/_integration-tests.yaml new file mode 100644 index 00000000..5a789ac7 --- /dev/null +++ b/.github/workflows/_integration-tests.yaml @@ -0,0 +1,31 @@ +name: integration tests + +on: + workflow_call: + inputs: + directory-version: + description: 'The image directory to test' + required: true + type: string + image-version: + description: 'The image version to test' + required: true + type: string + +jobs: + integration-test: + if: ${{ github.event_name == 'push' || github.event.pull_request.draft == false}} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/rebase + - uses: ./.github/actions/create-k3d-cluster + - uses: ./.github/actions/setup-go + - name: run test + run: make verify-on-cluster + env: + IMG_DIRECTORY: ${{inputs.directory-version}} + IMG_VERSION: ${{inputs.image-version}} + - name: show warden logs + if: failure() + run: kubectl logs -l app=warden -n kyma-system --prefix=true; diff --git a/.github/workflows/unit-tests.yaml b/.github/workflows/_unit-tests.yaml similarity index 65% rename from .github/workflows/unit-tests.yaml rename to .github/workflows/_unit-tests.yaml index f5a38f05..5b6af0ef 100644 --- a/.github/workflows/unit-tests.yaml +++ b/.github/workflows/_unit-tests.yaml @@ -1,10 +1,7 @@ name: unit tests on: - pull_request: - paths-ignore: - - '**.md' - types: [opened, reopened, synchronize, ready_for_review, converted_to_draft] + workflow_call: jobs: unit-tests: diff --git a/.github/workflows/upgrade-test.yaml b/.github/workflows/_upgrade-test.yaml similarity index 95% rename from .github/workflows/upgrade-test.yaml rename to .github/workflows/_upgrade-test.yaml index 4d5216c4..dd4a5fc9 100644 --- a/.github/workflows/upgrade-test.yaml +++ b/.github/workflows/_upgrade-test.yaml @@ -1,8 +1,7 @@ name: upgrade test on: - push: - branches: [ "main" ] + workflow_call: jobs: upgrade-test: diff --git a/.github/workflows/build-pull.yaml b/.github/workflows/build-pull.yaml deleted file mode 100644 index 49666313..00000000 --- a/.github/workflows/build-pull.yaml +++ /dev/null @@ -1,24 +0,0 @@ -name: warden build (pull) - -on: - pull_request_target: - paths-ignore: - - "docs/**" - - "examples/**" - types: [opened, edited, synchronize, reopened, ready_for_review] - -permissions: - id-token: write # This is required for requesting the JWT token - contents: read # This is required for actions/checkout - -jobs: - build-warden-admission: - uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main # Usage: kyma-project/test-infra/.github/workflows/image-builder.yml@main - with: - name: warden/admission - dockerfile: docker/admission/Dockerfile - build-warden-operator: - uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main # Usage: kyma-project/test-infra/.github/workflows/image-builder.yml@main - with: - name: warden/operator - dockerfile: docker/operator/Dockerfile diff --git a/.github/workflows/integration-tests-pull.yaml b/.github/workflows/integration-tests-pull.yaml deleted file mode 100644 index 820b92ee..00000000 --- a/.github/workflows/integration-tests-pull.yaml +++ /dev/null @@ -1,25 +0,0 @@ -name: integration tests (pull) - -on: - pull_request: - paths-ignore: - - '**.md' - types: [opened, reopened, synchronize, ready_for_review, converted_to_draft] - -jobs: - integration-test: - if: github.event.pull_request.draft == false - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: ./.github/actions/rebase - - uses: ./.github/actions/create-k3d-cluster - - uses: ./.github/actions/setup-go - - name: run test - run: make verify-on-cluster - env: - IMG_DIRECTORY: dev - IMG_VERSION: PR-${{ github.event.number }} - - name: show warden logs - if: failure() - run: kubectl logs -l app=warden -n kyma-system --prefix=true; diff --git a/.github/workflows/integration-tests-push.yaml b/.github/workflows/integration-tests-push.yaml deleted file mode 100644 index 08d90c07..00000000 --- a/.github/workflows/integration-tests-push.yaml +++ /dev/null @@ -1,24 +0,0 @@ -name: integration tests (push) - -on: - push: - branches: [ "main", "release-*" ] - paths-ignore: - - '**.md' - -jobs: - integration-test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: ./.github/actions/rebase - - uses: ./.github/actions/create-k3d-cluster - - uses: ./.github/actions/setup-go - - name: run test - run: make verify-on-cluster - env: - IMG_DIRECTORY: prod - IMG_VERSION: ${{github.sha}} - - name: show warden logs - if: failure() - run: kubectl logs -l app=warden -n kyma-system --prefix=true; diff --git a/.github/workflows/pull.yaml b/.github/workflows/pull.yaml new file mode 100644 index 00000000..bc07a5c0 --- /dev/null +++ b/.github/workflows/pull.yaml @@ -0,0 +1,27 @@ +name: pull + +on: + pull_request_target: + types: [ opened, edited, synchronize, reopened, ready_for_review ] + +permissions: + id-token: write # This is required for requesting the JWT token + contents: read # This is required for actions/checkout + +jobs: + unit-tests: + uses: ./.github/workflows/_unit-tests.yaml + + gitleaks: + uses: ./.github/workflows/_gitleaks.yaml + + builds: + needs: [unit-tests, gitleaks] + uses: ./.github/workflows/_build.yaml + + integrations: + needs: builds + uses: ./.github/workflows/_integration-tests.yaml + with: + directory-version: dev + image-version: ${{ github.event.number }} diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml new file mode 100644 index 00000000..abf3ee29 --- /dev/null +++ b/.github/workflows/push.yaml @@ -0,0 +1,20 @@ +name: push + +on: + push: + branches: [ "main", "release-*" ] + +jobs: + builds: + uses: ./.github/workflows/_build.yaml + + integrations: + needs: builds + uses: ./.github/workflows/_integration-tests.yaml + with: + directory-version: prod + image-version: ${{ github.sha }} + + upgrades: + needs: builds + uses: ./.github/workflows/upgrade-tests.yaml diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 00000000..aebcff26 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,10 @@ +name: release + +on: + push: + tags: + - '^v?\d+\.\d+\.\d+(?:-.*)?$' + +jobs: + builds: + uses: ./.github/workflows/_build.yaml