From 6e9c794dafbd30d5b5678856c7bdd0c78d20b891 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 15 Dec 2023 09:41:17 +0100 Subject: [PATCH 1/8] new(ci): added gha support. Signed-off-by: Federico Di Pierro --- .github/workflows/ci.yml | 56 ++++++++++++ .github/workflows/master.yml | 36 ++++++++ .github/workflows/release.yml | 67 ++++++++++++++ .../workflows/reusable_build_push_images.yml | 87 +++++++++++++++++++ .../reusable_build_test_driverkit.yml | 38 ++++++++ 5 files changed, 284 insertions(+) create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/master.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/reusable_build_push_images.yml create mode 100644 .github/workflows/reusable_build_test_driverkit.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..ce618082 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,56 @@ +name: CI Build +on: + pull_request: + branches: [master] + workflow_dispatch: + +# Checks if any concurrent jobs under the same pull request or branch are being executed +# NOTE: this will cancel every workflow that is being ran against a PR as group is just the github ref (without the workflow name) +concurrency: + group: ${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + build-test: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: amd64 + + build-test-arm64: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: arm64 + + gomodtidy: + name: Enforce go.mod tidiness + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 + with: + ref: "${{ github.event.pull_request.head.sha }}" + repository: ${{github.event.pull_request.head.repo.full_name}} + persist-credentials: false + + - name: Setup Go + uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v4.0.0 + with: + go-version: '1.21' + check-latest: true + + - name: Execute go mod tidy and check the outcome + working-directory: ./ + run: | + go mod tidy + exit_code=$(git diff --exit-code) + exit ${exit_code} + + - name: Print a comment in case of failure + run: | + echo "The go.mod and/or go.sum files appear not to be correctly tidied. + + Please, rerun go mod tidy to fix the issues." + exit 1 + if: | + failure() && github.event.pull_request.head.repo.full_name == github.repository diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml new file mode 100644 index 00000000..11c9e1c2 --- /dev/null +++ b/.github/workflows/master.yml @@ -0,0 +1,36 @@ +name: Master CI +on: + push: + branches: [master] + +# Checks if any concurrent jobs is running for master CI and eventually cancel it +concurrency: + group: ci-master + cancel-in-progress: true + +jobs: + build-test: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: amd64 + + build-test-arm64: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: arm64 + + push-images: + uses: ./.github/workflows/reusable_build_push_images.yml + needs: build-test + with: + arch: amd64 + secrets: inherit + + push-images-arm64: + uses: ./.github/workflows/reusable_build_push_images.yml + needs: build-test-arm64 + with: + arch: arm64 + secrets: inherit + + diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..22f5fb9d --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,67 @@ +name: Release + +on: + push: + tags: + - v* + +permissions: + contents: write # needed to write releases + id-token: write # needed for keyless signing + +jobs: + build-test: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: amd64 + + build-test-arm64: + uses: ./.github/workflows/reusable_build_test_driverkit.yml + with: + arch: arm64 + + push-images: + uses: ./.github/workflows/reusable_build_push_images.yml + needs: build-test + with: + arch: amd64 + tag: ${{ github.ref_name }} + is_latest: true + secrets: inherit + + push-images-arm64: + uses: ./.github/workflows/reusable_build_push_images.yml + needs: build-test-arm64 + with: + arch: arm64 + tag: ${{ github.ref_name }} + is_latest: true + secrets: inherit + + release: + needs: [push-images,push-images-arm64] + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Fetch + run: git fetch --prune --force --tags + + - name: Setup Go + uses: actions/setup-go@v3 + with: + go-version: '1.21' + + - name: Install GoReleaser + uses: goreleaser/goreleaser-action@v5 + with: + install-only: true + + - name: Release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + GIT_TAG: ${{ github.ref_name }} + run: make release diff --git a/.github/workflows/reusable_build_push_images.yml b/.github/workflows/reusable_build_push_images.yml new file mode 100644 index 00000000..c09b3c08 --- /dev/null +++ b/.github/workflows/reusable_build_push_images.yml @@ -0,0 +1,87 @@ +# This is a reusable workflow used by master and release CI +on: + workflow_call: + inputs: + arch: + description: amd64 or arm64 + required: true + type: string + branch: + description: name of the branch + required: false + type: string + default: 'master' + tag: + description: The tag to use (e.g. "master" or "0.35.0") + required: false + type: string + default: '' + is_latest: + description: Update the latest tag with the new image + required: false + type: boolean + default: false + +jobs: + build-images: + runs-on: ${{ (inputs.arch == 'arm64' && 'actuated-arm64-8cpu-16gb') || 'ubuntu-latest' }} + env: + GIT_BRANCH: ${{ inputs.branch }} + GIT_TAG: ${{ inputs.tag }} + steps: + - name: Checkout + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + - name: Create download folder + run: mkdir -p build-${{ inputs.arch }} + + - name: Download Driverkit + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: driverkit-${{ inputs.arch }} + path: build-${{ inputs.arch }} + + - name: Enforce executable bit + run: chmod +x build-${{ inputs.arch }}/driverkit + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + - name: Login to Docker Hub + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_SECRET }} + + - name: Build and Push docker images + run: make push/all + + - name: Push latest images if needed + if: inputs.is_latest + run: make push/latest + + images: + runs-on: ubuntu-latest + needs: build-images + env: + GIT_BRANCH: ${{ inputs.branch }} + GIT_TAG: ${{ inputs.tag }} + steps: + - name: Checkout + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + - name: Login to Docker Hub + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_SECRET }} + + - name: Build and Push manifest to registry + run: make manifest/all + + - name: Push latest manifest if needed + if: inputs.is_latest + run: make manifest/latest diff --git a/.github/workflows/reusable_build_test_driverkit.yml b/.github/workflows/reusable_build_test_driverkit.yml new file mode 100644 index 00000000..b9494305 --- /dev/null +++ b/.github/workflows/reusable_build_test_driverkit.yml @@ -0,0 +1,38 @@ +# This is a reusable workflow used by master and release CI +on: + workflow_call: + inputs: + arch: + description: amd64 or arm64 + required: true + type: string + +jobs: + build-test: + # See https://github.com/actions/runner/issues/409#issuecomment-1158849936 + runs-on: ${{ (inputs.arch == 'arm64' && 'actuated-arm64-8cpu-16gb') || 'ubuntu-latest' }} + container: golang:1.21-alpine + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Install deps + run: apk add gcc musl-dev make bash git binutils-gold + + - name: Build + run: make build + + - name: Test + run: make test + + - name: Integration tests + run: make integration_test + + - name: Upload driverkit + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + with: + name: driverkit-${{ inputs.arch }} + path: | + ${{ github.workspace }}/_output/bin/driverkit From ef0efaf319340ed13f95a3cd9e3e96c5538f1593 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 15 Dec 2023 09:54:52 +0100 Subject: [PATCH 2/8] chore: disable builmode pie. Signed-off-by: Federico Di Pierro --- .goreleaser.yml | 1 - Makefile | 4 ++-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/.goreleaser.yml b/.goreleaser.yml index fe03f0ae..56aef7d2 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -11,7 +11,6 @@ builds: main: . flags: - -v - - -buildmode=pie ldflags: - "{{.Env.LDFLAGS}}" binary: driverkit diff --git a/Makefile b/Makefile index 48a4700b..736e0173 100644 --- a/Makefile +++ b/Makefile @@ -41,7 +41,7 @@ driverkit_docgen ?= _output/bin/docgen build: clean ${driverkit} ${driverkit}: - CGO_ENABLED=0 GOEXPERIMENT=loopvar go build -v -buildmode=pie -ldflags '${LDFLAGS}' -o $@ . + CGO_ENABLED=0 GOEXPERIMENT=loopvar go build -v -ldflags '${LDFLAGS}' -o $@ . .PHONY: release release: clean @@ -101,7 +101,7 @@ manifest/latest: test: go clean -testcache GOEXPERIMENT=loopvar go test -v -cover -race ./... - GOEXPERIMENT=loopvar go test -v -cover -buildmode=pie ./cmd + GOEXPERIMENT=loopvar go test -v -cover ./cmd .PHONY: integration_test integration_test: $(test_configs) From 9d8e3b0d41df1417c5f27dd45ac5b42072e85e07 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 15 Dec 2023 10:03:58 +0100 Subject: [PATCH 3/8] chore(ci): we can build on ubuntu-latest instead of alpine. Signed-off-by: Federico Di Pierro --- .github/workflows/reusable_build_test_driverkit.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/reusable_build_test_driverkit.yml b/.github/workflows/reusable_build_test_driverkit.yml index b9494305..d479f690 100644 --- a/.github/workflows/reusable_build_test_driverkit.yml +++ b/.github/workflows/reusable_build_test_driverkit.yml @@ -11,15 +11,16 @@ jobs: build-test: # See https://github.com/actions/runner/issues/409#issuecomment-1158849936 runs-on: ${{ (inputs.arch == 'arm64' && 'actuated-arm64-8cpu-16gb') || 'ubuntu-latest' }} - container: golang:1.21-alpine steps: - name: Checkout uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Install deps - run: apk add gcc musl-dev make bash git binutils-gold + - name: Setup Go + uses: actions/setup-go@v3 + with: + go-version: '1.21' - name: Build run: make build From 1b8f768ea38da7e0283088d6e587efb5565e3ef7 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 15 Dec 2023 10:30:41 +0100 Subject: [PATCH 4/8] cleanup(ci): dropped circleci. Signed-off-by: Federico Di Pierro --- .circleci/config.yml | 235 ------------------------------------------- 1 file changed, 235 deletions(-) delete mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index 59e6abd2..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,235 +0,0 @@ -version: 2.1 -jobs: - "build-test": - docker: - - image: golang:1.21-alpine - steps: - - checkout - - setup_remote_docker: # used by integration tests that runs driverkit binary that needs docker - version: 20.10.24 - - run: - name: Install deps - command: apk add gcc musl-dev make bash git binutils-gold - - run: - name: Build - command: make build - - run: - name: Test - command: make test - - run: - name: Integration tests - command: make integration_test - - run: - name: Prepare Artifacts - command: | - mkdir -p /tmp/build-amd64 - cp _output/bin/driverkit /tmp/build-amd64/ - - store_artifacts: - path: /tmp/build-amd64/driverkit - destination: driverkit_amd64 - - persist_to_workspace: - root: /tmp - paths: - - build-amd64/ - "build-test-arm64": - machine: - enabled: true - image: ubuntu-2004:2022.04.1 - resource_class: arm.medium - steps: - - checkout: - path: /tmp/source - - run: - name: Prepare project - command: | - docker run --rm -it -v /tmp/source:/source -v /var/run/docker.sock:/var/run/docker.sock -w /source --name alpine_sh -d golang:1.21-alpine sh - docker exec alpine_sh apk add gcc musl-dev make bash git docker binutils-gold - docker exec alpine_sh git config --global --add safe.directory /source - - run: - name: Build - command: docker exec alpine_sh make build - - run: - name: Test - command: docker exec alpine_sh make test - - run: - name: Integration tests - command: docker exec alpine_sh make integration_test - - run: - name: Prepare Artifacts - command: | - mkdir -p /tmp/build-arm64 - cp /tmp/source/_output/bin/driverkit /tmp/build-arm64/ - - store_artifacts: - path: /tmp/build-arm64/driverkit - destination: driverkit_arm64 - - persist_to_workspace: - root: /tmp - paths: - - build-arm64/ - "build-images": - docker: - - image: alpine:3.16 - steps: - - attach_workspace: - at: / - - checkout - - setup_remote_docker: - version: 20.10.24 - docker_layer_caching: true - - run: - name: Install deps - command: | - apk update - apk add make bash git docker docker-cli-buildx - - run: - name: Login to registry - command: echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin - - run: - name: Prepare artifact for driverkit image - command: | # driverkit dockerfile expects the binary there - mkdir -p build-amd64 - cp /build-amd64/driverkit build-amd64/ - - run: - name: Build and Push docker images - command: GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make push/all - - run: - name: Push latest images - command: | - if [ -n "$CIRCLE_TAG" ] - then - GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make push/latest - else - echo "Skipping (no git tag)" - fi - "build-images-arm64": - machine: - enabled: true - image: ubuntu-2004:2022.04.1 - docker_layer_caching: true - resource_class: arm.medium - steps: - - attach_workspace: - at: /tmp - - checkout: - path: /tmp/source - - run: - name: Install deps - command: | - sudo apt update - sudo apt install make bash git - - run: - name: Login to registry - command: echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin - - run: - name: Prepare artifact for driverkit image - command: | # driverkit dockerfile expects the binary there - mkdir -p /tmp/source/build-arm64 - cp /tmp/build-arm64/driverkit /tmp/source/build-arm64/ - - run: - name: Build and Push docker images - command: | - cd /tmp/source - GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make push/all - - run: - name: Push latest images if needed - command: | - cd /tmp/source - if [ -n "$CIRCLE_TAG" ] - then - GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make push/latest - else - echo "Skipping (no git tag)" - fi - "images": - docker: - - image: cimg/base:stable - user: root - steps: - - checkout - - setup_remote_docker: - version: 20.10.24 - - run: - name: Prepare env - command: | - echo ${DOCKERHUB_SECRET} | docker login -u ${DOCKERHUB_USER} --password-stdin - sudo apt update - sudo apt install make bash git - - run: - name: Build and Push manifest to registry - command: | - GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make manifest/all - - run: - name: Push latest manifest if needed - command: | - if [ -n "$CIRCLE_TAG" ] - then - GIT_BRANCH="$CIRCLE_BRANCH" GIT_TAG="$CIRCLE_TAG" make manifest/latest - else - echo "Skipping (no git tag)" - fi - "release": - docker: - - image: cimg/go:1.21 - steps: - - checkout - - run: - name: Install goreleaser - command: | - echo 'deb [trusted=yes] https://repo.goreleaser.com/apt/ /' | sudo tee /etc/apt/sources.list.d/goreleaser.list - sudo apt update - sudo apt install goreleaser - - run: - name: Release - command: GIT_TAG="$CIRCLE_TAG" make release -workflows: - version: 2.1 - build: - jobs: - - "build-test": - filters: - tags: - only: /v[0-9]+(\.[0-9]+)*(-.*)*/ - - "build-test-arm64": - filters: - tags: - only: /v[0-9]+(\.[0-9]+)*(-.*)*/ - - "build-images": - context: falco - filters: - branches: - only: - - master - tags: - only: /v[0-9]+(\.[0-9]+)*(-.*)*/ - requires: - - "build-test" - - "build-images-arm64": - context: falco - filters: - branches: - only: - - master - tags: - only: /v[0-9]+(\.[0-9]+)*(-.*)*/ - requires: - - "build-test-arm64" - - "images": - context: falco - filters: - branches: - only: - - master - tags: - only: /v[0-9]+(\.[0-9]+)*(-.*)*/ - requires: - - "build-images" - - "build-images-arm64" - - "release": - context: falco - filters: - branches: - ignore: /.*/ - tags: - only: /v[0-9]+(\.[0-9]+)*(-.*)*/ - requires: - - "images" From 65db5b741f6ac0dfd85837758eac1a11b73abbd5 Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 15 Dec 2023 10:36:28 +0100 Subject: [PATCH 5/8] chore(ci): moved manifest step to its own reusable workflow. Signed-off-by: Federico Di Pierro --- .github/workflows/master.yml | 7 ++- .github/workflows/release.yml | 10 ++++- .../workflows/reusable_build_push_images.yml | 26 ----------- .../workflows/reusable_manifest_images.yml | 45 +++++++++++++++++++ 4 files changed, 60 insertions(+), 28 deletions(-) create mode 100644 .github/workflows/reusable_manifest_images.yml diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 11c9e1c2..c4c33f21 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -31,6 +31,11 @@ jobs: needs: build-test-arm64 with: arch: arm64 - secrets: inherit + secrets: inherit + + images: + uses: ./.github/workflows/reusable_manifest_images.yml + needs: [push-images,push-images-arm64] + secrets: inherit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 22f5fb9d..b878ae24 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -36,7 +36,15 @@ jobs: arch: arm64 tag: ${{ github.ref_name }} is_latest: true - secrets: inherit + secrets: inherit + + images: + uses: ./.github/workflows/reusable_manifest_images.yml + needs: [push-images,push-images-arm64] + with: + tag: ${{ github.ref_name }} + is_latest: true + secrets: inherit release: needs: [push-images,push-images-arm64] diff --git a/.github/workflows/reusable_build_push_images.yml b/.github/workflows/reusable_build_push_images.yml index c09b3c08..5662e87e 100644 --- a/.github/workflows/reusable_build_push_images.yml +++ b/.github/workflows/reusable_build_push_images.yml @@ -59,29 +59,3 @@ jobs: - name: Push latest images if needed if: inputs.is_latest run: make push/latest - - images: - runs-on: ubuntu-latest - needs: build-images - env: - GIT_BRANCH: ${{ inputs.branch }} - GIT_TAG: ${{ inputs.tag }} - steps: - - name: Checkout - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - - - name: Login to Docker Hub - uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 - with: - username: ${{ secrets.DOCKERHUB_USER }} - password: ${{ secrets.DOCKERHUB_SECRET }} - - - name: Build and Push manifest to registry - run: make manifest/all - - - name: Push latest manifest if needed - if: inputs.is_latest - run: make manifest/latest diff --git a/.github/workflows/reusable_manifest_images.yml b/.github/workflows/reusable_manifest_images.yml new file mode 100644 index 00000000..09d2ee2b --- /dev/null +++ b/.github/workflows/reusable_manifest_images.yml @@ -0,0 +1,45 @@ +# This is a reusable workflow used by master and release CI +on: + workflow_call: + inputs: + branch: + description: name of the branch + required: false + type: string + default: 'master' + tag: + description: The tag to use (e.g. "master" or "0.35.0") + required: false + type: string + default: '' + is_latest: + description: Update the latest tag with the new image + required: false + type: boolean + default: false + +jobs: + push-manifest: + runs-on: ubuntu-latest + env: + GIT_BRANCH: ${{ inputs.branch }} + GIT_TAG: ${{ inputs.tag }} + steps: + - name: Checkout + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 + + - name: Login to Docker Hub + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0 + with: + username: ${{ secrets.DOCKERHUB_USER }} + password: ${{ secrets.DOCKERHUB_SECRET }} + + - name: Build and Push manifest to registry + run: make manifest/all + + - name: Push latest manifest if needed + if: inputs.is_latest + run: make manifest/latest From 891febe2829a66296e9f15e3b83d4fa8ca70354c Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 15 Dec 2023 10:39:57 +0100 Subject: [PATCH 6/8] chore(ci): use matrixes where needed. Signed-off-by: Federico Di Pierro --- .github/workflows/ci.yml | 11 ++++------- .github/workflows/master.yml | 24 +++++++++--------------- .github/workflows/release.yml | 28 ++++++++++------------------ 3 files changed, 23 insertions(+), 40 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ce618082..f7a6f029 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,19 +12,16 @@ concurrency: jobs: build-test: + strategy: + matrix: + arch: [amd64, arm64] uses: ./.github/workflows/reusable_build_test_driverkit.yml with: - arch: amd64 + arch: ${{ matrix.arch }} - build-test-arm64: - uses: ./.github/workflows/reusable_build_test_driverkit.yml - with: - arch: arm64 - gomodtidy: name: Enforce go.mod tidiness runs-on: ubuntu-latest - steps: - name: Checkout uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index c4c33f21..0cf086b4 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -10,32 +10,26 @@ concurrency: jobs: build-test: + strategy: + matrix: + arch: [amd64, arm64] uses: ./.github/workflows/reusable_build_test_driverkit.yml with: - arch: amd64 - - build-test-arm64: - uses: ./.github/workflows/reusable_build_test_driverkit.yml - with: - arch: arm64 + arch: ${{ matrix.arch }} push-images: + strategy: + matrix: + arch: [amd64, arm64] uses: ./.github/workflows/reusable_build_push_images.yml needs: build-test with: - arch: amd64 - secrets: inherit - - push-images-arm64: - uses: ./.github/workflows/reusable_build_push_images.yml - needs: build-test-arm64 - with: - arch: arm64 + arch: ${{ matrix.arch }} secrets: inherit images: uses: ./.github/workflows/reusable_manifest_images.yml - needs: [push-images,push-images-arm64] + needs: push-images secrets: inherit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b878ae24..ec115312 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,43 +11,35 @@ permissions: jobs: build-test: + strategy: + matrix: + arch: [amd64, arm64] uses: ./.github/workflows/reusable_build_test_driverkit.yml with: - arch: amd64 - - build-test-arm64: - uses: ./.github/workflows/reusable_build_test_driverkit.yml - with: - arch: arm64 + arch: ${{ matrix.arch }} push-images: + strategy: + matrix: + arch: [amd64, arm64] uses: ./.github/workflows/reusable_build_push_images.yml needs: build-test with: - arch: amd64 + arch: ${{ matrix.arch }} tag: ${{ github.ref_name }} is_latest: true secrets: inherit - - push-images-arm64: - uses: ./.github/workflows/reusable_build_push_images.yml - needs: build-test-arm64 - with: - arch: arm64 - tag: ${{ github.ref_name }} - is_latest: true - secrets: inherit images: uses: ./.github/workflows/reusable_manifest_images.yml - needs: [push-images,push-images-arm64] + needs: push-images with: tag: ${{ github.ref_name }} is_latest: true secrets: inherit release: - needs: [push-images,push-images-arm64] + needs: images runs-on: ubuntu-latest steps: - name: Checkout From 3d4bac10500a5a0e96678f98581d1a9cf36157cc Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Fri, 15 Dec 2023 10:43:52 +0100 Subject: [PATCH 7/8] chore(ci): better names. Signed-off-by: Federico Di Pierro --- .github/workflows/ci.yml | 2 +- .github/workflows/master.yml | 6 +++--- .github/workflows/release.yml | 6 +++--- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f7a6f029..8a8118bd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -11,7 +11,7 @@ concurrency: cancel-in-progress: true jobs: - build-test: + build-test-dev: strategy: matrix: arch: [amd64, arm64] diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index 0cf086b4..ae36274c 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -9,7 +9,7 @@ concurrency: cancel-in-progress: true jobs: - build-test: + build-test-master: strategy: matrix: arch: [amd64, arm64] @@ -17,7 +17,7 @@ jobs: with: arch: ${{ matrix.arch }} - push-images: + push-images-master: strategy: matrix: arch: [amd64, arm64] @@ -27,7 +27,7 @@ jobs: arch: ${{ matrix.arch }} secrets: inherit - images: + images-master: uses: ./.github/workflows/reusable_manifest_images.yml needs: push-images secrets: inherit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ec115312..261e5fd6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,7 +10,7 @@ permissions: id-token: write # needed for keyless signing jobs: - build-test: + build-test-release: strategy: matrix: arch: [amd64, arm64] @@ -18,7 +18,7 @@ jobs: with: arch: ${{ matrix.arch }} - push-images: + push-images-release: strategy: matrix: arch: [amd64, arm64] @@ -30,7 +30,7 @@ jobs: is_latest: true secrets: inherit - images: + images-release: uses: ./.github/workflows/reusable_manifest_images.yml needs: push-images with: From 98d8ed7a6dd0901cdc591e658f8fd28f0c432eba Mon Sep 17 00:00:00 2001 From: Federico Di Pierro Date: Mon, 18 Dec 2023 14:00:00 +0100 Subject: [PATCH 8/8] fix(ci): fixed needs name in master and release CI. Signed-off-by: Federico Di Pierro --- .github/workflows/master.yml | 4 ++-- .github/workflows/release.yml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml index ae36274c..44dd8b92 100644 --- a/.github/workflows/master.yml +++ b/.github/workflows/master.yml @@ -22,14 +22,14 @@ jobs: matrix: arch: [amd64, arm64] uses: ./.github/workflows/reusable_build_push_images.yml - needs: build-test + needs: build-test-master with: arch: ${{ matrix.arch }} secrets: inherit images-master: uses: ./.github/workflows/reusable_manifest_images.yml - needs: push-images + needs: push-images-master secrets: inherit diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 261e5fd6..110c6297 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: matrix: arch: [amd64, arm64] uses: ./.github/workflows/reusable_build_push_images.yml - needs: build-test + needs: build-test-release with: arch: ${{ matrix.arch }} tag: ${{ github.ref_name }} @@ -32,14 +32,14 @@ jobs: images-release: uses: ./.github/workflows/reusable_manifest_images.yml - needs: push-images + needs: push-images-release with: tag: ${{ github.ref_name }} is_latest: true secrets: inherit release: - needs: images + needs: images-release runs-on: ubuntu-latest steps: - name: Checkout