From 3f446d1494b44d770bdf98eda6b148d5bc52547c Mon Sep 17 00:00:00 2001 From: Anurag Rajawat Date: Wed, 22 May 2024 15:05:57 +0530 Subject: [PATCH] fix(CI): Run CI based on conditional changes Signed-off-by: Anurag Rajawat --- .github/workflows/latest-release.yaml | 29 +++++++++++++++++-- .github/workflows/pr-checks.yaml | 40 +++++++++++++++++++++++++-- Makefile | 3 +- 3 files changed, 65 insertions(+), 7 deletions(-) diff --git a/.github/workflows/latest-release.yaml b/.github/workflows/latest-release.yaml index 4d84c321..b36ef8d5 100644 --- a/.github/workflows/latest-release.yaml +++ b/.github/workflows/latest-release.yaml @@ -8,6 +8,7 @@ on: branches: - main - "v*" + - fix-ci create: branches: - "v*" @@ -19,8 +20,30 @@ concurrency: cancel-in-progress: true jobs: + files-changed: + name: Detect what files changed + runs-on: ubuntu-latest + timeout-minutes: 3 + outputs: + nimbus: ${{ steps.filter.outputs.nimbus}} + adapters: ${{ steps.filter.outputs.adapters }} + steps: + - uses: actions/checkout@v3 + - uses: dorny/paths-filter@v3.0.2 + id: filter + with: + filters: | + nimbus: + - 'cmd/**' + - 'internal/**' + - 'pkg/processor/**' + adapters: + - 'pkg/adapter/**' + release-nimbus-image: - if: github.repository == '5GSEC/nimbus' + needs: files-changed + if: ${{ needs.files-changed.outputs.nimbus == 'true' }} + # if: github.repository == '5GSEC/nimbus' name: Build and push nimbus image uses: ./.github/workflows/release-image.yaml with: @@ -28,7 +51,9 @@ jobs: secrets: inherit release-adapters-image: - if: github.repository == '5GSEC/nimbus' + needs: files-changed + if: ${{ needs.files-changed.outputs.adapters == 'true' }} + # if: github.repository == '5GSEC/nimbus' strategy: matrix: adapters: [ "nimbus-kubearmor", "nimbus-netpol", "nimbus-kyverno" ] diff --git a/.github/workflows/pr-checks.yaml b/.github/workflows/pr-checks.yaml index dba82763..d915f593 100644 --- a/.github/workflows/pr-checks.yaml +++ b/.github/workflows/pr-checks.yaml @@ -15,7 +15,30 @@ on: permissions: read-all jobs: + files-changed: + name: Detect what files changed + runs-on: ubuntu-latest + timeout-minutes: 3 + outputs: + nimbus: ${{ steps.filter.outputs.nimbus}} + adapters: ${{ steps.filter.outputs.adapters }} + steps: + - uses: actions/checkout@v3 + - uses: dorny/paths-filter@v3.0.2 + id: filter + with: + filters: | + nimbus: + - 'api/**' + - 'cmd/**' + - 'internal/**' + - 'pkg/processor/**' + adapters: + - 'pkg/adapter/**' + license: + needs: files-changed + if: ${{ needs.files-changed.outputs.nimbus == 'true' || needs.files-changed.outputs.adapters == 'true' }} name: License runs-on: ubuntu-20.04 steps: @@ -27,6 +50,8 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} static-checks: + needs: files-changed + if: ${{ needs.files-changed.outputs.nimbus == 'true' || needs.files-changed.outputs.adapters == 'true' }} name: Static checks runs-on: ubuntu-latest steps: @@ -49,6 +74,8 @@ jobs: skip-cache: true # https://github.com/golangci/golangci-lint-action/issues/244#issuecomment-1052197778 go-sec: + needs: files-changed + if: ${{ needs.files-changed.outputs.nimbus == 'true' || needs.files-changed.outputs.adapters == 'true' }} runs-on: ubuntu-latest permissions: security-events: write @@ -70,6 +97,8 @@ jobs: sarif_file: results.sarif build-nimbus-image: + needs: files-changed + if: ${{ needs.files-changed.outputs.nimbus == 'true' }} name: Build Nimbus Operator image runs-on: ubuntu-latest timeout-minutes: 20 @@ -81,6 +110,8 @@ jobs: run: make docker-build build-adapters-image: + needs: files-changed + if: ${{ needs.files-changed.outputs.adapters == 'true' }} strategy: matrix: adapters: [ "nimbus-kubearmor", "nimbus-netpol", "nimbus-kyverno" ] @@ -95,7 +126,9 @@ jobs: working-directory: ./pkg/adapter/${{ matrix.adapters }} run: make docker-build - chainsaw-integration-tests: + integration-tests: + needs: files-changed + if: ${{ needs.files-changed.outputs.nimbus == 'true' }} name: Integration-Test runs-on: ubuntu-latest steps: @@ -130,7 +163,9 @@ jobs: - name: Run Tests run: make integration-test - chainsaw-e2e-tests: + e2e-tests: + needs: files-changed + if: ${{ needs.files-changed.outputs.nimbus == 'true' || needs.files-changed.outputs.adapters == 'true' }} name: E2E-Test runs-on: ubuntu-latest steps: @@ -179,7 +214,6 @@ jobs: run: | kubectl create -f https://raw.githubusercontent.com/kyverno/kyverno/main/config/crds/kyverno/kyverno.io_clusterpolicies.yaml kubectl create -f https://raw.githubusercontent.com/kyverno/kyverno/main/config/crds/kyverno/kyverno.io_policies.yaml - - name: Install Nimbus run: | diff --git a/Makefile b/Makefile index d0506d7d..a1afd4ba 100644 --- a/Makefile +++ b/Makefile @@ -107,12 +107,11 @@ run: manifests generate fmt vet ## Run a controller from your host. # More info: https://docs.docker.com/develop/develop-images/build_enhancements/ .PHONY: docker-build docker-build: ## Build docker image with the manager. - $(CONTAINER_TOOL) build -t ${IMG}:${TAG} -t ${IMG}:latest --build-arg VERSION=${TAG} . + $(CONTAINER_TOOL) build -t ${IMG}:${TAG} --build-arg VERSION=${TAG} . .PHONY: docker-push docker-push: ## Push docker image with the manager. $(CONTAINER_TOOL) push ${IMG}:${TAG} - $(CONTAINER_TOOL) push ${IMG}:latest # PLATFORMS defines the target platforms for the manager image be built to provide support to multiple # architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to: