public_git
/
bitnami-containers
mirror of https://github.com/bitnami/containers.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
bitnami-containers/.github/workflows/ci-pipeline.yaml

108 lines
4.6 KiB
YAML
Raw Blame History

name: '[CI/CD] CI Pipeline'
on: # rebuild any PRs and main branch changes
pull_request_target:
types:
- reopened
- synchronize
- labeled
branches:
- main
- bitnami:main
env:
CSP_API_URL: https://console.cloud.vmware.com
CSP_API_TOKEN: ${{ secrets.CSP_API_TOKEN }}
VIB_PUBLIC_URL: https://cp.bromelia.vmware.com
jobs:
get-containers:
runs-on: ubuntu-latest
name: Get modified containers
if: |
github.event.pull_request.state != 'closed' &&
(
(github.event.action == 'labeled' && github.event.label.name == 'verify') ||
(github.event.action != 'labeled' && contains(github.event.pull_request.labels.*.name, 'verify'))
)
outputs:
result: ${{ steps.get-containers.outputs.result }}
containers: ${{ steps.get-containers.outputs.containers }}
steps:
- id: get-containers
name: Get modified containers
run: |
# Using the Github API to detect the files changed as git merge-base stops working when the branch is behind
# and jitterbit/get-changed-files does not support pull_request_target
URL="https://api.github.com/repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number }}/files"
files_changed_data=$(curl -s --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' -X GET -G "$URL")
files_changed="$(echo $files_changed_data | jq -r '.[] | .filename')"
# Adding || true to avoid "Process exited with code 1" errors
flavors=($(echo "$files_changed" | xargs dirname | grep -o "^bitnami/[^/]*/[^/]*/[^/]*" | sort | uniq || true))
assets=($(echo "$files_changed" | xargs dirname | sed -nr "s|bitnami/([^/]*)/.*|\1|p" | sort | uniq || true))
non_readme_files=$(echo "$files_changed" | grep -vc "\.md" || true)
if [[ "$non_readme_files" -le "0" ]]; then
# The only changes are .md files -> SKIP
echo "::set-output name=result::skip"
elif [[ "${#assets[@]}" -ne "1" ]]; then
echo "Changes should affect to only one asset. You are currently modifying: ${assets[@]}"
echo "::set-output name=result::skip"
else
containers_json=$(printf "%s\n" "${flavors[@]}" | jq -R . | jq -cs .)
echo "::set-output name=result::ok"
echo "::set-output name=containers::${containers_json}"
fi
vib-verify:
runs-on: ubuntu-latest
needs: get-containers
if: ${{ needs.get-containers.outputs.result == 'ok' && contains(github.event.pull_request.labels.*.name, 'verify') }}
name: Verify container
continue-on-error: false
strategy:
fail-fast: false
max-parallel: 2
matrix:
container: ${{ fromJSON(needs.get-containers.outputs.containers) }}
steps:
- uses: actions/checkout@v3
name: Checkout Repository
with:
# Full history is not required anymore
fetch-depth: 1
# labeled events trigger the event with the latest commit in main
ref: ${{ github.event.pull_request.head.ref }}
repository: ${{ github.event.pull_request.head.repo.full_name }}
- id: get-container-metadata
name: Get image tag and container name
run: |
if [[ -d "${{ matrix.container }}" ]]; then
name="$(echo "${{ matrix.container }}" | awk -F '/' '{print $2}')"
# Build a tag based on current SHA
tag="$(echo "${{ matrix.container }}" | awk -F '/' -v run_number="${GITHUB_RUN_NUMBER}" '{printf "%s-rc.%s", $3, run_number}')"
echo "::set-output name=tag::${tag}"
echo "::set-output name=name::${name}"
echo "::set-output name=result::ok"
else
# Container folder doesn't exists we are assuming a deprecation
echo "::set-output name=result::skip"
fi
- uses: vmware-labs/vmware-image-builder-action@main
name: Verify
if: ${{ steps.get-container-metadata.outputs.result == 'ok' }}
with:
pipeline: vib-verify.json
env:
# Path with docker resources
VIB_ENV_PATH: ${{ matrix.container }}
# Container name
VIB_ENV_CONTAINER: ${{ steps.get-container-metadata.outputs.name }}
VIB_ENV_TAG: ${{ steps.get-container-metadata.outputs.tag }}
verify-all:
# Ensure all containers passed the verification
runs-on: ubuntu-latest
name: Verify
needs: vib-verify
if: ${{ always() }}
steps:
- name: Verify
if: ${{ needs.vib-verify.result != 'success' && needs.vib-verify.result != 'skipped'}}
run: exit 1
Reference in New Issue View Git Blame Copy Permalink