carbynestack · sbckr · Mar 13, 2023 · Mar 11, 2022 · Mar 11, 2022 · Apr 8, 2022
@@ -0,0 +1,64 @@
+#
+# Copyright (c) 2023 - for information on the respective copyright owner
+# see the NOTICE file and/or the repository https://github.com/carbynestack/klyshko.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+name: Publish MP-SPDZ
+on:
+  push:
+    tags:
+      - "mp-spdz-v[0-9]+.[0-9]+.[0-9]+"
+defaults:
+  run:
+    working-directory: klyshko-mp-spdz
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: carbynestack/klyshko-mp-spdz
+  WORKING_DIRECTORY: klyshko-mp-spdz
+jobs:
+  publish:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Retrieve license obligation resources
+        run: |
+          cd 3RD-PARTY-LICENSES
+          find . -maxdepth 1 -type d -not -path . | zip -r@ 3rd-party-copyrights
+          find . -iname origin.src | \
+          awk '{ \
+          split($0,b,"/"); \
+          system("xargs < " $0 " curl --create-dirs -Lo ./sources/" b[2] ".zip " $2)}' && \
+          find -regex './sources$' | awk '{system("zip -jr ./3rd-party-sources.zip " $0)}'
+          mkdir -p ../license-obligations && mv `find . -regex "^./3rd-party-.*.zip$"` ../license-obligations/
+      - name: Update Release with license obligations resources
+        uses: ncipollo/release-action@v1
+        with:
+          allowUpdates: true
+          artifacts: ${{ env.WORKING_DIRECTORY }}/license-obligations/*
+          artifactErrorsFailBuild: true
+          makeLatest: true
+          omitBodyDuringUpdate: true
+          omitNameDuringUpdate: true
+      - name: Log in to container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=match,pattern=mp-spdz-v(\d+.\d+.\d+),group=1
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: ${{ env.WORKING_DIRECTORY }}
+          file: ${{ env.WORKING_DIRECTORY }}/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
@@ -0,0 +1,38 @@
+#
+# Copyright (c) 2023 - for information on the respective copyright owner
+# see the NOTICE file and/or the repository https://github.com/carbynestack/klyshko.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+name: Publish Operator Chart
+on:
+  push:
+    tags:
+      - "operator-chart-v[0-9]+.[0-9]+.[0-9]+"
+env:
+  REGISTRY: ghcr.io
+  WORKING_DIRECTORY: klyshko-operator
+jobs:
+  publish:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Get tag
+        run: echo "TAG=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
+      - name: Log in to container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Push Helm Chart
+        uses: appany/[email protected]
+        with:
+          name: klyshko-operator
+          repository: carbynestack
+          tag: ${{ env.TAG }}
+          path: ${{ env.WORKING_DIRECTORY }}/charts/klyshko-operator
+          registry: ${{ env.REGISTRY }}
+          registry_username: ${{ github.actor }}
+          registry_password: ${{ secrets.GITHUB_TOKEN }}
@@ -0,0 +1,59 @@
+#
+# Copyright (c) 2023 - for information on the respective copyright owner
+# see the NOTICE file and/or the repository https://github.com/carbynestack/klyshko.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+name: Build and test Operator
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - 'master'
+  pull_request:
+    branches:
+      - 'master'
+jobs:
+  changes:
+    runs-on: ubuntu-22.04
+    permissions:
+      pull-requests: read
+    outputs:
+      operator: ${{ steps.filter.outputs.operator }}
+    steps:
+      - name: Check whether Operator codebase (w/o chart) is affected
+        uses: dorny/paths-filter@v2
+        id: filter
+        with:
+          filters: |
+            operator:
+              - 'klyshko-operator/!(charts/**)/**'
+  test:
+    runs-on: ubuntu-22.04
+    needs: changes
+    if: ${{ needs.changes.outputs.operator == 'true' }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Setup Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: '1.16'
+      - name: Setup Build Cache
+        uses: actions/cache@v3
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+      - name: Build and Test
+        run: |
+          cd klyshko-operator
+          make test
+      - name: Publishing Coverage
+        uses: codecov/codecov-action@v3
+        with:
+          token: ${{ secrets.CODECOV_TOKEN }}
+          name: codecov
@@ -0,0 +1,64 @@
+#
+# Copyright (c) 2023 - for information on the respective copyright owner
+# see the NOTICE file and/or the repository https://github.com/carbynestack/klyshko.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+name: Publish Operator
+on:
+  push:
+    tags:
+      - "operator-v[0-9]+.[0-9]+.[0-9]+"
+defaults:
+  run:
+    working-directory: klyshko-operator
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: carbynestack/klyshko-operator
+  WORKING_DIRECTORY: klyshko-operator
+jobs:
+  publish:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Retrieve license obligation resources
+        run: |
+          cd 3RD-PARTY-LICENSES
+          find . -maxdepth 1 -type d -not -path . | zip -r@ 3rd-party-copyrights
+          find . -iname origin.src | \
+          awk '{ \
+          split($0,b,"/"); \
+          system("xargs < " $0 " curl --create-dirs -Lo ./sources/" b[2] ".zip " $2)}' && \
+          find -regex './sources$' | awk '{system("zip -jr ./3rd-party-sources.zip " $0)}'
+          mkdir -p ../license-obligations && mv `find . -regex "^./3rd-party-.*.zip$"` ../license-obligations/
+      - name: Update Release with license obligations resources
+        uses: ncipollo/release-action@v1
+        with:
+          allowUpdates: true
+          artifacts: ${{ env.WORKING_DIRECTORY }}/license-obligations/*
+          artifactErrorsFailBuild: true
+          makeLatest: true
+          omitBodyDuringUpdate: true
+          omitNameDuringUpdate: true
+      - name: Log in to container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=match,pattern=operator-v(\d+.\d+.\d+),group=1
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: ${{ env.WORKING_DIRECTORY }}
+          file: ${{ env.WORKING_DIRECTORY }}/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
@@ -0,0 +1,64 @@
+#
+# Copyright (c) 2023 - for information on the respective copyright owner
+# see the NOTICE file and/or the repository https://github.com/carbynestack/klyshko.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+name: Publish Provisioner
+on:
+  push:
+    tags:
+      - "provisioner-v[0-9]+.[0-9]+.[0-9]+"
+defaults:
+  run:
+    working-directory: klyshko-provisioner
+env:
+  REGISTRY: ghcr.io
+  IMAGE_NAME: carbynestack/klyshko-provisioner
+  WORKING_DIRECTORY: klyshko-provisioner
+jobs:
+  publish:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+      - name: Retrieve license obligation resources
+        run: |
+          cd 3RD-PARTY-LICENSES
+          find . -maxdepth 1 -type d -not -path . | zip -r@ 3rd-party-copyrights
+          find . -iname origin.src | \
+          awk '{ \
+          split($0,b,"/"); \
+          system("xargs < " $0 " curl --create-dirs -Lo ./sources/" b[2] ".zip " $2)}' && \
+          find -regex './sources$' | awk '{system("zip -jr ./3rd-party-sources.zip " $0)}'
+          mkdir -p ../license-obligations && mv `find . -regex "^./3rd-party-.*.zip$"` ../license-obligations/
+      - name: Update Release with license obligations resources
+        uses: ncipollo/release-action@v1
+        with:
+          allowUpdates: true
+          artifacts: ${{ env.WORKING_DIRECTORY }}/license-obligations/*
+          artifactErrorsFailBuild: true
+          makeLatest: true
+          omitBodyDuringUpdate: true
+          omitNameDuringUpdate: true
+      - name: Log in to container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Extract metadata (tags, labels) for Docker
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
+          tags: |
+            type=match,pattern=provisioner-v(\d+.\d+.\d+),group=1
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v3
+        with:
+          context: ${{ env.WORKING_DIRECTORY }}
+          file: ${{ env.WORKING_DIRECTORY }}/Dockerfile
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
@@ -0,0 +1,20 @@
+#
+# Copyright (c) 2023 - for information on the respective copyright owner
+# see the NOTICE file and/or the repository https://github.com/carbynestack/klyshko.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+name: Release
+on:
+  push:
+    branches:
+      - master
+jobs:
+  release-please:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: Release Please
+        uses: google-github-actions/release-please-action@v3
+        with:
+          command: manifest
+          token: ${{ secrets.CS_MINION_PAT }}
@@ -1,5 +1,18 @@
+#
+# Copyright (c) 2022 - for information on the respective copyright owner
+# see the NOTICE file and/or the repository https://github.com/carbynestack/klyshko.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+
 # IntelliJ
 .idea
 *.ipr
 *.iml
-*.iws
+*.iws
+
+# Go
+/klyshko-operator/vendor/
+
+# Java
+**/target
@@ -6,4 +6,4 @@
   "MD043": {
     "headings": null
   }
-}
+}
@@ -5,13 +5,39 @@
 # SPDX-License-Identifier: Apache-2.0
 #
 repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.3.0
+    hooks:
+      - id: check-byte-order-marker
+      - id: check-yaml
+        exclude: ^klyshko-operator/charts/klyshko-operator/templates/.*|klyshko-operator/config/manager/manager.yaml$
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: mixed-line-ending
+  - repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook
+    rev: v9.4.0
+    hooks:
+      - id: commitlint
+        stages:
+          - commit-msg
+        additional_dependencies:
+          - '@commitlint/config-conventional'
   - repo: https://github.com/tekwizely/pre-commit-golang
-    rev: v1.0.0-beta.5
+    rev: v1.0.0-rc.1
     hooks:
       - id: go-fmt
         args: [-w] # Update source files directly
+  - repo: https://github.com/koalaman/shellcheck-precommit
+    rev: v0.7.2
+    hooks:
+      - id: shellcheck
+  - repo: https://github.com/pre-commit/mirrors-prettier
+    rev: v2.7.1
+    hooks:
+      - id: prettier
+        types_or: [javascript]
   - repo: https://github.com/executablebooks/mdformat
-    rev: 0.7.14
+    rev: 0.7.16
     hooks:
       - id: mdformat
         args:
@@ -21,7 +47,10 @@ repos:
           - mdformat-gfm
         exclude: ^3RD-PARTY-LICENSES/.*$
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.31.1
+    rev: v0.33.0
     hooks:
       - id: markdownlint
-        exclude: ^3RD-PARTY-LICENSES/.*$
+        args:
+          - --disable
+          - MD013
+        exclude: ^3RD-PARTY-LICENSES/.*$