diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..a917da8e --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,23 @@ +name: CI Build +on: + pull_request: + branches: + - master + workflow_dispatch: + +# Checks if any concurrent jobs under the same pull request or branch are being executed +# NOTE: this will cancel every workflow that is being ran against a PR as group is just the github ref (without the workflow name) +concurrency: + group: ${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + build-test: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: amd64 + + build-test-arm64: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: arm64 diff --git a/.github/workflows/gomodtidy.yml b/.github/workflows/gomodtidy.yml new file mode 100644 index 00000000..08d95dcf --- /dev/null +++ b/.github/workflows/gomodtidy.yml @@ -0,0 +1,38 @@ +name: Go mod tidiness +on: + pull_request: + +jobs: + gomodtidy: + name: Enforce go.mod tidiness + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 + with: + ref: "${{ github.event.pull_request.head.sha }}" + repository: ${{github.event.pull_request.head.repo.full_name}} + persist-credentials: false + + - name: Setup Go + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + with: + go-version: '1.21' + check-latest: true + + - name: Execute go mod tidy and check the outcome + working-directory: ./ + run: | + go mod tidy + exit_code=$(git diff --exit-code) + exit ${exit_code} + + - name: Print a comment in case of failure + run: | + echo "The go.mod and/or go.sum files appear not to be correctly tidied. + + Please, rerun go mod tidy to fix the issues." + exit 1 + if: | + failure() && github.event.pull_request.head.repo.full_name == github.repository diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml new file mode 100644 index 00000000..b25c5374 --- /dev/null +++ b/.github/workflows/master.yml @@ -0,0 +1,34 @@ +name: Master CI +on: + push: + branches: [master] + +# Checks if any concurrent jobs is running for master CI and eventually cancel it +concurrency: + group: ci-master + cancel-in-progress: true + +jobs: + build-test: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: amd64 + + build-test-arm64: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: arm64 + + push-images: + uses: ./.github/workflows/reusable_build_push_images.yml + needs: build-test + with: + arch: amd64 + + push-images-arm64: + uses: ./.github/workflows/reusable_build_push_images.yml + needs: build-test-arm64 + with: + arch: arm64 + + diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..6c767941 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,65 @@ +name: Release + +on: + push: + tags: + - v* + +permissions: + contents: write # needed to write releases + id-token: write # needed for keyless signing + +jobs: + build-test: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: amd64 + + build-test-arm64: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: arm64 + + push-images: + uses: ./.github/workflows/reusable_build_push_images.yml + needs: build-test + with: + arch: amd64 + tag: ${{ github.ref_name }} + is_latest: true + + push-images-arm64: + uses: ./.github/workflows/reusable_build_push_images.yml + needs: build-test-arm64 + with: + arch: arm64 + tag: ${{ github.ref_name }} + is_latest: true + + release: + needs: [push-images,push-images-arm64] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Fetch + run: git fetch --prune --force --tags + + - name: Setup Go + uses: actions/setup-go@v3 + with: + go-version: '1.21' + + - name: Install GoReleaser + uses: goreleaser/goreleaser-action@v5 + with: + install-only: true + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GIT_TAG: ${{ github.ref_name }} + run: make release diff --git a/.github/workflows/reusable_build_push_images.yml b/.github/workflows/reusable_build_push_images.yml new file mode 100644 index 00000000..c09b3c08 --- /dev/null +++ b/.github/workflows/reusable_build_push_images.yml @@ -0,0 +1,87 @@ +# This is a reusable workflow used by master and release CI +on: + workflow_call: + inputs: + arch: + description: amd64 or arm64 + required: true + type: string + branch: + description: name of the branch + required: false + type: string + default: 'master' + tag: + description: The tag to use (e.g. "master" or "0.35.0") + required: false + type: string + default: '' + is_latest: + description: Update the latest tag with the new image + required: false + type: boolean + default: false + +jobs: + build-images: + runs-on: ${{ (inputs.arch == 'arm64' && 'actuated-arm64-8cpu-16gb') || 'ubuntu-latest' }} + env: + GIT_BRANCH: ${{ inputs.branch }} + GIT_TAG: ${{ inputs.tag }} + steps: + - name: Checkout + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + - name: Create download folder + run: mkdir -p build-${{ inputs.arch }} + + - name: Download Driverkit + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: driverkit-${{ inputs.arch }} + path: build-${{ inputs.arch }} + + - name: Enforce executable bit + run: chmod +x build-${{ inputs.arch }}/driverkit + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + - name: Login to Docker Hub + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_SECRET }} + + - name: Build and Push docker images + run: make push/all + + - name: Push latest images if needed + if: inputs.is_latest + run: make push/latest + + images: + runs-on: ubuntu-latest + needs: build-images + env: + GIT_BRANCH: ${{ inputs.branch }} + GIT_TAG: ${{ inputs.tag }} + steps: + - name: Checkout + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + - name: Login to Docker Hub + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_SECRET }} + + - name: Build and Push manifest to registry + run: make manifest/all + + - name: Push latest manifest if needed + if: inputs.is_latest + run: make manifest/latest diff --git a/.github/workflows/reusable_build_test_driverkit.yml b/.github/workflows/reusable_build_test_driverkit.yml new file mode 100644 index 00000000..06bad6b0 --- /dev/null +++ b/.github/workflows/reusable_build_test_driverkit.yml @@ -0,0 +1,40 @@ +# This is a reusable workflow used by master and release CI +on: + workflow_call: + inputs: + arch: + description: amd64 or arm64 + required: true + type: string + +jobs: + build-test: + # See https://github.com/actions/runner/issues/409#issuecomment-1158849936 + runs-on: ${{ (inputs.arch == 'arm64' && 'actuated-arm64-8cpu-16gb') || 'ubuntu-latest' }} + container: golang:1.21-alpine + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Setup Go + uses: actions/setup-go@v3 + with: + go-version: 1.21 + + - name: Build + run: make build + + - name: Test + run: make test + + - name: Integration tests + run: make Integration_test + + - name: Upload driverkit + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + with: + name: driverkit-${{ inputs.arch }} + path: | + ${{ github.workspace }}/_output/bin/driverkit