Build & test :: refs/heads/release-argo-cd-v2.11.8-kbst.0 #2467
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build | |
| run-name: 'Build & test :: ${{ github.ref }}' | |
| on: | |
| push: | |
| branches: | |
| - "*" # run for branches | |
| tags: | |
| - "!*" # do not run for tags | |
| env: | |
| TERRAFORM_VERSION: "1.5.7" | |
| jobs: | |
| # | |
| # | |
| # Build artifacts | |
| build: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| TF_VAR_names: ${{ steps.build.outputs.TF_VAR_names }} | |
| matrix: ${{ steps.build.outputs.matrix }} | |
| steps: | |
| - uses: actions/checkout@v4.0.0 | |
| # Run builder | |
| - id: build | |
| name: Run builder | |
| uses: ./.github/actions/builder | |
| # Upload artifacts | |
| - name: 'Upload artifacts' | |
| uses: actions/upload-artifact@v3.1.3 | |
| with: | |
| name: _dist | |
| path: _dist/*.zip | |
| # | |
| # | |
| # Run `terraform test` | |
| test-terraform: | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Checkout | |
| - uses: actions/checkout@v4.0.0 | |
| # Setup Terraform | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2.0.3 | |
| with: | |
| terraform_wrapper: false | |
| terraform_version: "${{ env.TERRAFORM_VERSION }}" | |
| # Run tests | |
| - name: Run tests | |
| run: make test-terraform | |
| # | |
| # | |
| # Test deploy to k3d | |
| test-k3d: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| strategy: | |
| fail-fast: false | |
| matrix: ${{ fromJSON(needs.build.outputs.matrix) }} | |
| steps: | |
| # Checkout | |
| - uses: actions/checkout@v4.0.0 | |
| # Setup k3d | |
| - name: Setup k3d | |
| uses: rinx/setup-k3d@v0.0.4 | |
| with: | |
| skipClusterCreation: true | |
| - name: Create k3d cluster | |
| run: make k3d | |
| # Download build artifacts | |
| - name: 'Download build-artifacts' | |
| uses: actions/download-artifact@v3.0.2 | |
| with: | |
| name: _dist | |
| path: _dist | |
| # Deploy to cluster | |
| - name: Run test container | |
| run: make test-k3d test-name=${{ matrix.name }} test-variant=${{ matrix.variant}} | |
| # | |
| # | |
| # | |
| publish-gh: | |
| runs-on: ubuntu-latest | |
| concurrency: | |
| group: publish-gh | |
| cancel-in-progress: false | |
| needs: [build, test-k3d, test-terraform] | |
| if: startsWith(github.ref, 'refs/heads/release-') | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.MODULES_PAT }} | |
| TF_VAR_names: ${{ needs.build.outputs.TF_VAR_names }} | |
| permissions: | |
| contents: read | |
| id-token: write | |
| steps: | |
| - uses: actions/checkout@v4.0.0 | |
| - uses: google-github-actions/auth@v1.1.1 | |
| with: | |
| workload_identity_provider: projects/168092815911/locations/global/workloadIdentityPools/oidc/providers/github | |
| service_account: kbst-catalog-repos-tf@nice-road-159709.iam.gserviceaccount.com | |
| # Apply target kubestack-modules repository | |
| - run: terraform init | |
| working-directory: repositories | |
| - run: terraform apply --auto-approve | |
| working-directory: repositories | |
| - name: 'Download build-artifacts' | |
| uses: actions/download-artifact@v3.0.2 | |
| with: | |
| name: _dist | |
| path: _dist | |
| # Push artifact content as brach to target repo | |
| - run: | | |
| export BRANCH=$(echo $GITHUB_REF | sed -e "s#^refs/heads/##") | |
| export NAMEVERSION=$(echo $GITHUB_REF | sed -e "s#^refs/heads/release-##") | |
| export NAME=$(echo $NAMEVERSION | sed -r 's#-v[0-9]+.*$##') | |
| mkdir "terraform-kustomization-${NAME}" | |
| cd "terraform-kustomization-${NAME}" | |
| git init . | |
| git config user.name "Kubestack Modules" | |
| git config user.email "hello+modules@kubestack.com" | |
| git branch -m "${BRANCH}" | |
| git remote add target "https://${{ secrets.MODULES_PAT }}@github.com/kubestack-modules/terraform-kustomization-${NAME}.git" | |
| unzip ../_dist/module-${NAME}-${GITHUB_SHA}.zip | |
| git add . | |
| git commit -m "Release ${NAMEVERSION}" | |
| git push target "${BRANCH}" | |
| # | |
| # | |
| # | |
| publish-gcs: | |
| runs-on: ubuntu-latest | |
| needs: [build, test-k3d, test-terraform] | |
| if: startsWith(github.ref, 'refs/heads/release-') | |
| permissions: | |
| id-token: write | |
| steps: | |
| # Download build artifacts | |
| - name: 'Download build-artifacts' | |
| uses: actions/download-artifact@v3.0.2 | |
| with: | |
| name: _dist | |
| path: _dist | |
| # Upload archive | |
| - uses: google-github-actions/auth@v1.1.1 | |
| with: | |
| workload_identity_provider: projects/168092815911/locations/global/workloadIdentityPools/oidc/providers/github | |
| service_account: github-actions-catalog-uploade@nice-road-159709.iam.gserviceaccount.com | |
| - uses: google-github-actions/setup-gcloud@v1.1.1 | |
| - run: gsutil -m cp _dist/*.zip gs://dev.catalog.kubestack.com | |
| # | |
| # | |
| # trigger promotion by tagging release | |
| trigger-promote: | |
| runs-on: ubuntu-latest | |
| needs: [publish-gcs, publish-gh] | |
| if: startsWith(github.ref, 'refs/heads/release-') | |
| permissions: | |
| contents: write # required for createRef | |
| actions: write # required for createWorkflowDispatch | |
| steps: | |
| - uses: actions/github-script@v6 | |
| with: | |
| script: | | |
| const tag = context.ref.replace("refs/heads/release-", "refs/tags/") | |
| await github.rest.git.createRef({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| ref: tag, | |
| sha: context.sha, | |
| }); | |
| await github.rest.actions.createWorkflowDispatch({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| workflow_id: "promote.yml", | |
| ref: tag, | |
| }); |