ci: avoid pointless rebuilds and add debugging tool

ubc · Jul 26, 2021 · 1553bc4 · 1553bc4
1 parent 28c2d0e
commit 1553bc4
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 10 deletions.
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -35,7 +35,8 @@ jobs:
     steps:
       - uses: actions/checkout@v2
         with:
-          # chartpress requires the full history
+          # chartpress requires git history to set chart version and image tags
+          # correctly
           fetch-depth: 0
 
       - uses: actions/setup-python@v2

diff --git a/.github/workflows/test-chart.yaml b/.github/workflows/test-chart.yaml
@@ -117,6 +117,7 @@ jobs:
         include:
           - k3s-channel: v1.21
             test: install
+            debuggable: debuggable
           - k3s-channel: v1.20
             test: install
           - k3s-channel: v1.19
@@ -163,7 +164,8 @@ jobs:
     steps:
       - uses: actions/checkout@v2
         with:
-          # chartpress requires the full history
+          # chartpress requires git history to set chart version and image tags
+          # correctly
           fetch-depth: 0
 
       # Starts a k8s cluster with NetworkPolicy enforcement and installs both
@@ -315,3 +317,11 @@ jobs:
         if: always()
         with:
           important-workloads: deploy/hub deploy/proxy
+
+      # WARNING: Only allow this for pull_request runs that doesn't contain
+      #          sensitive information.
+      #
+      # action reference: https://github.com/mxschmitt/action-tmate@v3
+      - name: To enter a SSH debugging session, read these logs
+        if: failure() && github.event_name == 'pull_request' && matrix.debuggable == 'debuggable'
+        uses: mxschmitt/action-tmate@v3
diff --git a/.github/workflows/test-docker-build.yaml b/.github/workflows/test-docker-build.yaml
@@ -28,7 +28,11 @@ jobs:
   build_images:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v2'
+        with:
+          # chartpress requires git history to set chart version and image tags
+          # correctly
+          fetch-depth: 0
 
       - uses: actions/setup-python@v2
         with:

diff --git a/.github/workflows/test-docs.yaml b/.github/workflows/test-docs.yaml
@@ -26,9 +26,8 @@ jobs:
     steps:
       - uses: actions/checkout@v2
         with:
-          # chartpress is used by doc/conf.py,
-          # and requires information about the latest tagged commit, which
-          # requires the git history.
+          # chartpress, used by doc/conf.py, requires git history to set
+          # chart version and image tags correctly
           fetch-depth: 0
       - uses: actions/setup-python@v2
         with:

diff --git a/.github/workflows/vuln-scan.yaml b/.github/workflows/vuln-scan.yaml
@@ -42,14 +42,14 @@ jobs:
     steps:
       - uses: actions/checkout@v2
         with:
-          # chartpress requires the full history
+          # chartpress requires git history to set chart version and image tags
+          # correctly
           fetch-depth: 0
-      - name: Create ./tmp dir
-        run: |
-          mkdir ./tmp
+
       - uses: actions/setup-python@v2
         with:
           python-version: "3.8"
+
       - name: Install chartpress
         run: |
           # FIXME: six is required by docker 5.0.0 but isn't explicitly required
@@ -73,6 +73,9 @@ jobs:
           echo "::set-output name=name::$(echo $IMAGE_SPEC | sed 's/\(.*\):.*/\1/')"
           echo "::set-output name=tag::$(echo $IMAGE_SPEC | sed 's/.*:\(.*\)/\1/')"
 
+      - name: Create ./tmp dir
+        run: mkdir ./tmp
+
       # Action reference: https://github.com/aquasecurity/trivy-action
       - name: Scan latest published image
         id: scan_1