-
Notifications
You must be signed in to change notification settings - Fork 594
167 lines (153 loc) · 4.76 KB
/
checks.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
name: Checks
run-name: Checks, branch:${{ github.ref_name }}, triggered by @${{ github.actor }}
concurrency:
# Run only for most recent commit in PRs but for all tags and commits on main
# Ref: https://docs.github.com/en/actions/using-jobs/using-concurrency
group: ${{ github.workflow }}-${{ github.head_ref || github.sha }}
cancel-in-progress: true
on:
pull_request:
branches:
- '**'
push:
branches:
- 'main'
- 'release/[0-9]+.[0-9]+.x'
tags:
- '**'
workflow_dispatch: {}
jobs:
up-to-date:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
runs-on: ubuntu-latest
outputs:
status: ${{ steps.up-to-date.outputs.status }}
steps:
- name: checkout repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Check if PR is up to date, if it is skip workflows for this ref
id: 'up-to-date'
if: github.event_name == 'push' && startsWith(github.ref, 'refs/heads/')
uses: Kong/public-shared-actions/pr-previews/[email protected]
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
# This job is used to check if the secrets are available. If they are not, we'll skip jobs that require them.
should-run-with-secrets:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
runs-on: ubuntu-latest
needs:
- up-to-date
if: needs.up-to-date.outputs.status != 'true'
outputs:
result: ${{ steps.check.outputs.result }}
steps:
- name: Check if secrets are available
id: check
run: |
if [ "${{ secrets.PULP_PASSWORD }}" == "" ]; then
echo "result=false" >> $GITHUB_OUTPUT
else
echo "result=true" >> $GITHUB_OUTPUT
fi
tools:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
runs-on: ubuntu-latest
needs:
- up-to-date
if: needs.up-to-date.outputs.status != 'true'
steps:
- name: checkout repository
uses: actions/checkout@v4
- name: setup golang
uses: actions/setup-go@v5
with:
go-version-file: third_party/go.mod
- uses: jdx/mise-action@v2
with:
install: false
- run: make tools
linters:
needs:
- up-to-date
if: needs.up-to-date.outputs.status != 'true'
uses: ./.github/workflows/_linters.yaml
secrets: inherit
unit-tests:
needs:
- up-to-date
if: needs.up-to-date.outputs.status != 'true'
uses: ./.github/workflows/_unit_tests.yaml
secrets: inherit
envtest-tests:
needs:
- up-to-date
if: needs.up-to-date.outputs.status != 'true'
uses: ./.github/workflows/_envtest_tests.yaml
secrets: inherit
kongintegration-tests:
needs:
- up-to-date
if: needs.up-to-date.outputs.status != 'true'
uses: ./.github/workflows/_kongintegration_tests.yaml
secrets: inherit
integration-tests:
needs:
- should-run-with-secrets
- up-to-date
if: needs.should-run-with-secrets.outputs.result == 'true' && needs.up-to-date.outputs.status != 'true'
uses: ./.github/workflows/_integration_tests.yaml
secrets: inherit
with:
log-output-file: /tmp/integration-tests-kic-logs
conformance-tests:
needs:
- up-to-date
if: needs.up-to-date.outputs.status != 'true'
uses: ./.github/workflows/_conformance_tests.yaml
secrets: inherit
with:
log-output-file: /tmp/conformance-tests-kic-logs
build-docker-image:
needs:
- up-to-date
if: needs.up-to-date.outputs.status != 'true'
uses: ./.github/workflows/_docker_build.yaml
secrets: inherit
with:
platforms: linux/amd64, linux/arm64
# We need this step to fail the workflow if any of the previous steps failed or were cancelled.
# It allows to use this particular job as a required check for PRs.
# Ref: https://github.com/orgs/community/discussions/26822#discussioncomment-3305794
passed:
timeout-minutes: ${{ fromJSON(vars.GHA_DEFAULT_TIMEOUT) }}
runs-on: ubuntu-latest
needs:
- up-to-date
- tools
- linters
- unit-tests
- envtest-tests
- kongintegration-tests
- integration-tests
- conformance-tests
- build-docker-image
if: always()
steps:
- if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
run: |
echo "Some jobs failed or were cancelled."
exit 1
test-reports:
needs:
- should-run-with-secrets
- unit-tests
- envtest-tests
- kongintegration-tests
- integration-tests
- conformance-tests
- up-to-date
if: always() && needs.should-run-with-secrets.outputs.result == 'true' && needs.up-to-date.outputs.status != 'true'
uses: ./.github/workflows/_test_reports.yaml
secrets: inherit