Make PSP optional (#5) #33
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: | |
push: | |
tags: | |
- 'v*.*.*' | |
- '!v0.1.*' | |
jobs: | |
base: | |
runs-on: ubuntu-latest | |
outputs: | |
go_version: ${{ steps.get_versions.outputs.go_version }} | |
build_version: ${{ steps.get_versions.outputs.build_version }} | |
chart_version: ${{ steps.get_versions.outputs.chart_version }} | |
go_updated: ${{ steps.file_updates.outputs.go }} | |
yaml_updated: ${{ steps.file_updates.outputs.yaml }} | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
- name: Get versions | |
id: get_versions | |
run: | | |
echo ::set-output name=go_version::$(go mod edit -json | grep -Po '"Go":\s+"([0-9.]+)"' | sed -E 's/.+"([0-9.]+)"/\1/') | |
echo ::set-output name=build_version::${GITHUB_REF#refs/tags/v} | |
echo ::set-output name=chart_version::${GITHUB_REF#refs/tags/} | |
- name: Get last release | |
id: last_release | |
shell: bash | |
run: | | |
tag=$(gh release list | sed -n '1 p' | awk '{print $(NF -1);}') | |
sha=$(git show-ref --tags | grep $tag | awk '{print $1;}') | |
echo ::set-output name=sha::$sha | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
- name: Check updated files | |
id: file_updates | |
uses: dorny/paths-filter@v2 | |
with: | |
base: ${{ steps.last_release.outputs.sha }} | |
filters: | | |
go: | |
- '*.go' | |
- 'go.*' | |
yaml: | |
- 'deploy/cert-manager-webhook-dnsmadeasy/*.yaml' | |
- 'deploy/cert-manager-webhook-dnsmadeasy/templates/*.yaml' | |
build: | |
needs: base | |
# if: ${{ needs.base.outputs.go_updated == 'true' }} | |
runs-on: ubuntu-latest | |
outputs: | |
tag_commit: ${{ steps.update_image.outputs.commit }} | |
steps: | |
- name: Check out repo | |
uses: actions/checkout@v2 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Set up Docker buildx | |
uses: docker/setup-buildx-action@v1 | |
- name: Cache Docker layers | |
uses: actions/cache@v2 | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx- | |
- name: Build and push | |
uses: docker/build-push-action@v2 | |
with: | |
context: ./ | |
file: ./Dockerfile | |
platforms: linux/amd64 | |
target: image | |
push: true | |
build-args: GO_VERSION=${{ needs.base.outputs.go_version }} | |
tags: ndemeshchenko/cert-manager-webhook-dnsmadeasy:latest,ndemeshchenko/cert-manager-webhook-dnsmadeasy:${{ needs.base.outputs.build_version }} | |
cache-from: type=local,src=/tmp/.buildx-cache | |
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max | |
# Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
- name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
- name: Update Helm image tag | |
id: update_image | |
uses: fjogeleit/yaml-update-action@main | |
with: | |
valueFile: 'deploy/cert-manager-webhook-dnsmadeasy/values.yaml' | |
propertyPath: 'image.tag' | |
value: ${{ needs.base.outputs.build_version }} | |
message: 'Update image tag to ${{ needs.base.outputs.build_version }}' | |
token: ${{ secrets.GITHUB_TOKEN }} | |
release: | |
needs: | |
- base | |
- build | |
if: | | |
always() && needs.base.result == 'success' && | |
((needs.build.result == 'success' && needs.build.outputs.tag_commit != '' ) || (needs.build.result == 'skipped' && needs.base.outputs.yaml_updated == 'true')) | |
runs-on: ubuntu-latest | |
steps: | |
- name: Retrieve commit ref | |
id: commit_ref | |
run: | | |
if [[ '${{ needs.build.outputs.tag_commit }}' = '' ]]; then | |
sha=${{ github.sha }} | |
else | |
sha=${{ needs.build.outputs.tag_commit }} | |
fi | |
echo ::set-output name=sha::$sha | |
- name: Check out repo | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 0 | |
ref: ${{ steps.commit_ref.outputs.sha }} | |
- name: Configure Git | |
run: | | |
git config user.name github-actions | |
git config user.email [email protected] | |
- name: Update Helm chart version | |
uses: fjogeleit/yaml-update-action@master | |
with: | |
valueFile: 'deploy/cert-manager-webhook-dnsmadeasy/Chart.yaml' | |
propertyPath: 'version' | |
value: ${{ needs.base.outputs.chart_version }} | |
message: 'Update chart version to ${{ needs.base.outputs.chart_version }}' | |
token: ${{ secrets.GITHUB_TOKEN }} | |
updateFile: true | |
- name: Install Helm | |
uses: azure/setup-helm@v1 | |
with: | |
version: v3.4.0 | |
- name: Run chart-releaser | |
uses: helm/[email protected] | |
with: | |
charts_dir: deploy | |
env: | |
CR_RELEASE_NAME_TEMPLATE: '{{ .Version }}' | |
CR_TOKEN: ${{ secrets.GITHUB_TOKEN }} |