[dev-v2.10] Process improvements #301
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
pull_request: | |
branches: | |
- dev-v* | |
- release-v* | |
jobs: | |
build: | |
name: Validate | |
runs-on: org-${{ github.repository_owner_id }}-amd64-k8s | |
container: registry.suse.com/bci/bci-base:latest | |
permissions: | |
contents: read | |
id-token: write | |
steps: | |
- name: Install Dependencies | |
continue-on-error: false | |
env: | |
GH_VERSION: 2.63.2 | |
YQ_VERSION: "v4.44.2" | |
run: | | |
echo "installing docker jq git make go awk through zypper" | |
zypper --non-interactive install docker jq git make go awk patch | |
echo "installing gh" | |
mkdir -p /tmp/gh | |
curl -fsL https://github.com/cli/cli/releases/download/v${GH_VERSION}/gh_${GH_VERSION}_linux_amd64.tar.gz | tar xvzf - --strip-components=1 -C /tmp/gh | |
mv /tmp/gh/bin/gh /usr/bin/gh | |
chmod +x /usr/bin/gh | |
echo "installing yq" | |
curl -fsL https://github.com/mikefarah/yq/releases/download/${YQ_VERSION}/yq_linux_amd64 -o /usr/bin/yq | |
chmod +x /usr/bin/yq | |
echo "yq version:" | |
yq --version | |
- name: Load Secrets from Vault | |
continue-on-error: true | |
uses: rancher-eio/read-vault-secrets@main | |
with: | |
secrets: | | |
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials username | DOCKER_USERNAME; | |
secret/data/github/repo/${{ github.repository }}/dockerhub/rancher/credentials password | DOCKER_PASSWORD; | |
- name: actions/checkout@v4 | |
continue-on-error: false | |
uses: actions/checkout@v4 | |
- name: Git Checkout PR and into new branch | |
continue-on-error: false | |
env: | |
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
run: | | |
echo "git global configuration" | |
git config --global --add safe.directory "$PWD" | |
echo $PATH >> $GITHUB_PATH | |
echo "checkout the PR" | |
gh pr checkout ${{ github.event.pull_request.number }} | |
echo "checkout into a new branch for safety" | |
git checkout -b staging-pr-workflow | |
- name: Pull scripts | |
continue-on-error: false | |
run: make pull-scripts | |
- name: Check release.yaml format with yq | |
continue-on-error: false | |
run: make check-release-yaml | |
- name: Release PR Validation Chekpoints | |
continue-on-error: false | |
if: contains(github.base_ref, 'release-v') | |
run: make validate-release-charts BRANCH=${{ github.event.pull_request.base.ref }} GH_TOKEN=${{ secrets.GITHUB_TOKEN }} PR_NUMBER=${{ github.event.pull_request.number }} | |
- name: Validate index.yaml Vs assets/ dir | |
continue-on-error: false | |
run: | | |
echo "github.base_ref: ${{ github.base_ref }}" | |
if [[ "${{ github.base_ref }}" == *release-v* ]]; then | |
echo "Validating remote release branch" | |
make validate remote=true | |
else | |
echo "Validating local branch" | |
make validate | |
fi | |
- name: Check Images | |
continue-on-error: false | |
env: | |
DOCKER_USERNAME: ${{ env.DOCKER_USERNAME }} | |
DOCKER_PASSWORD: ${{ env.DOCKER_PASSWORD }} | |
run: make check-images | |
- name: Check RC's | |
continue-on-error: false | |
if: contains(github.base_ref, 'release-v') | |
run: make check-rc | |
- name: Run Hull tests | |
if: contains(github.base_ref, 'dev-v') | |
run: cd tests && go test -v ./... |