[WIP] GitHub in house OIDC #2495
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: build | |
on: | |
pull_request: | |
types: [opened, synchronize] | |
merge_group: | |
types: [checks_requested] | |
push: | |
# Always run on push to main. The build cache can only be reused | |
# if it was saved by a run from the repository's default branch. | |
# The run result will be identical to that from the merge queue | |
# because the commit is identical, yet we need to perform it to | |
# seed the build cache. | |
branches: | |
- main | |
jobs: | |
tests: | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
goVersion: | |
- "1.19" | |
- "1.20" | |
- "1.21" | |
- "1.22" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: ${{ matrix.goVersion }} | |
- name: Set go env | |
run: | | |
echo "GOPATH=$(go env GOPATH)" >> $GITHUB_ENV | |
echo "$(go env GOPATH)/bin" >> $GITHUB_PATH | |
- name: Pull external libraries | |
run: make vendor | |
- name: Run tests | |
run: make test | |
- name: Publish test coverage | |
uses: codecov/codecov-action@v4 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
fmt: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version: "1.22" | |
# No need to download cached dependencies when running gofmt. | |
cache: false | |
- name: Run gofmt | |
run: | | |
# -l: list files that were reformatted | |
# -w: write back formatted files to disk | |
gofmt -l -w ./ | |
- name: Fail on differences | |
run: | | |
# Exit with status code 1 if there are differences (i.e. unformatted files) | |
git diff --exit-code | |
commit-message: | |
runs-on: ubuntu-latest | |
if: ${{ github.event_name == 'pull_request' }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Validate Tag | |
run: | | |
TAG=$(echo ${{ github.event.pull_request.title }} | sed -ne 's/\[\(.*\)\].*/\1/p') | |
if grep -q "tag: \"\[$TAG\]\"" .codegen/changelog_config.yml; then | |
echo "Valid tag found: [$TAG]" | |
else | |
echo "Invalid or missing tag in commit message: [$TAG]" | |
exit 1 | |
fi |