Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add github workflows (5.0-candidate) #280

Merged
merged 2 commits into from
Jan 25, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
79 changes: 79 additions & 0 deletions .github/workflows/builds.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
name: Builds
on:
pull_request:
push:
branches:
- 5.0-candidate

permissions:
contents: read

concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true

jobs:
lxd-migrate:
name: Test lxd-migrate build
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@v4

- name: Install Go
uses: actions/setup-go@v5
with:
go-version: 1.20.x

- name: Test lxd-migrate build
run: |
set -eux
cd ~/work/lxd-pkg-snap/lxd-pkg-snap/lxd-migrate
CGO_ENABLED=0 go build -v -tags netgo

snap:
name: Trigger snap build
runs-on: ubuntu-22.04
needs: lxd-migrate
if: ${{ github.repository == 'canonical/lxd-pkg-snap' && github.event_name == 'push' && github.actor != 'dependabot[bot]' }}
steps:
- name: Checkout code
uses: actions/checkout@v3

- name: Setup Launchpad SSH access
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
LAUNCHPAD_LXD_BOT_KEY: ${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}
run: |
ssh-agent -a "${SSH_AUTH_SOCK}" > /dev/null
ssh-add - <<< "${{ secrets.LAUNCHPAD_LXD_BOT_KEY }}"
mkdir -m 0700 -p ~/.ssh/
# In ephemeral environments like GitHub Action runners, relying on TOFU isn't providing any security
# so require the key obtained by `ssh-keyscan` to match the expected hash from https://help.launchpad.net/SSHFingerprints
ssh-keyscan git.launchpad.net >> ~/.ssh/known_hosts
ssh-keygen -qlF git.launchpad.net | grep -xF 'git.launchpad.net RSA SHA256:UNOzlP66WpDuEo34Wgs8mewypV0UzqHLsIFoqwe8dYo'

- name: Install Go
uses: actions/setup-go@v5
with:
go-version: 1.20.x

- name: Trigger Launchpad snap build
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
TARGET: ${{ github.ref_name }}
run: |
set -x
git config --global user.name "Canonical LXD Bot"
git config --global user.email "[email protected]"
localRev=$(git rev-parse HEAD)
go install github.com/canonical/lxd-ci/lxd-snapcraft@latest
git clone -b "${TARGET}" git+ssh://[email protected]/~canonical-lxd/lxd ~/lxd-pkg-snap-lp
originVer=($(lxd-snapcraft -get-version -file snapcraft.yaml))
rsync -a --exclude .git --delete . ~/lxd-pkg-snap-lp/
cd ~/lxd-pkg-snap-lp
lxd-snapcraft -set-version "${originVer[0]}-${localRev:0:7}" -set-source-commit ""
git add --all
git commit --all --quiet -s --allow-empty -m "Automatic upstream build (${TARGET})" -m "Upstream commit: ${localRev}"
git show
#git push --quiet
42 changes: 42 additions & 0 deletions .github/workflows/commits.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: Commits
on:
- pull_request

permissions:
contents: read

jobs:
dco-check:
permissions:
pull-requests: read # for tim-actions/get-pr-commits to get list of commits from the PR
name: Signed-off-by (DCO) and branch target
runs-on: ubuntu-22.04
steps:
- name: Get PR Commits
id: 'get-pr-commits'
uses: tim-actions/get-pr-commits@master
with:
token: ${{ secrets.GITHUB_TOKEN }}

- name: Check that all commits are signed-off
uses: tim-actions/dco@master
with:
commits: ${{ steps.get-pr-commits.outputs.commits }}

- name: Check branch target
env:
TARGET: ${{ github.event.pull_request.base.ref }}
TITLE: ${{ github.event.pull_request.title }}
if: ${{ github.actor != 'dependabot[bot]' }}
run: |
set -x
TARGET_FROM_PR_TITLE="$(echo "${TITLE}" | sed -n 's/.*(\(\(latest\|[0-9]\.[0-9]\)-\(edge\|candidate\)\))$/\1/p')"
if [ -z "${TARGET_FROM_PR_TITLE}" ]; then
TARGET_FROM_PR_TITLE="latest-edge"
else
echo "Branch target overridden from PR title"
fi
[ "${TARGET}" = "${TARGET_FROM_PR_TITLE}" ] && exit 0

echo "Invalid branch target: ${TARGET} != ${TARGET_FROM_PR_TITLE}"
exit 1
Loading