Skip to content

Commit

Permalink
fix(CI): Run CI based on conditional changes
Browse files Browse the repository at this point in the history
Signed-off-by: Anurag Rajawat <[email protected]>
  • Loading branch information
Anurag Rajawat committed May 22, 2024
1 parent b6dd9b6 commit e71533c
Show file tree
Hide file tree
Showing 3 changed files with 69 additions and 7 deletions.
29 changes: 27 additions & 2 deletions .github/workflows/latest-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ on:
branches:
- main
- "v*"
- fix-ci
create:
branches:
- "v*"
Expand All @@ -19,16 +20,40 @@ concurrency:
cancel-in-progress: true

jobs:
files-changed:
name: Detect what files changed
runs-on: ubuntu-latest
timeout-minutes: 3
outputs:
nimbus: ${{ steps.filter.outputs.nimbus}}
adapters: ${{ steps.filter.outputs.adapters }}
steps:
- uses: actions/checkout@v3
- uses: dorny/[email protected]
id: filter
with:
filters: |
nimbus:
- 'cmd/**'
- 'internal/**'
- 'pkg/processor/**'
adapters:
- 'pkg/adapter/**'
release-nimbus-image:
if: github.repository == '5GSEC/nimbus'
needs: files-changed
if: ${{ needs.files-changed.outputs.nimbus == 'true' }}
# if: github.repository == '5GSEC/nimbus'
name: Build and push nimbus image
uses: ./.github/workflows/release-image.yaml
with:
WORKING_DIRECTORY: .
secrets: inherit

release-adapters-image:
if: github.repository == '5GSEC/nimbus'
needs: files-changed
if: ${{ needs.files-changed.outputs.adapters == 'true' }}
# if: github.repository == '5GSEC/nimbus'
strategy:
matrix:
adapters: [ "nimbus-kubearmor", "nimbus-netpol", "nimbus-kyverno" ]
Expand Down
44 changes: 41 additions & 3 deletions .github/workflows/pr-checks.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,10 @@
name: PR checks

on:
push:
branches:
- fix-ci
- main
pull_request:
types: [ opened, reopened, synchronize, ready_for_review ]
paths-ignore:
Expand All @@ -15,7 +19,30 @@ on:
permissions: read-all

jobs:
files-changed:
name: Detect what files changed
runs-on: ubuntu-latest
timeout-minutes: 3
outputs:
nimbus: ${{ steps.filter.outputs.nimbus}}
adapters: ${{ steps.filter.outputs.adapters }}
steps:
- uses: actions/checkout@v3
- uses: dorny/[email protected]
id: filter
with:
filters: |
nimbus:
- 'api/**'
- 'cmd/**'
- 'internal/**'
- 'pkg/processor/**'
adapters:
- 'pkg/adapter/**'
license:
needs: files-changed
if: ${{ needs.files-changed.outputs.nimbus == 'true' || needs.files-changed.outputs.adapters == 'true' }}
name: License
runs-on: ubuntu-20.04
steps:
Expand All @@ -27,6 +54,8 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

static-checks:
needs: files-changed
if: ${{ needs.files-changed.outputs.nimbus == 'true' || needs.files-changed.outputs.adapters == 'true' }}
name: Static checks
runs-on: ubuntu-latest
steps:
Expand All @@ -49,6 +78,8 @@ jobs:
skip-cache: true # https://github.com/golangci/golangci-lint-action/issues/244#issuecomment-1052197778

go-sec:
needs: files-changed
if: ${{ needs.files-changed.outputs.nimbus == 'true' || needs.files-changed.outputs.adapters == 'true' }}
runs-on: ubuntu-latest
permissions:
security-events: write
Expand All @@ -70,6 +101,8 @@ jobs:
sarif_file: results.sarif

build-nimbus-image:
needs: files-changed
if: ${{ needs.files-changed.outputs.nimbus == 'true' }}
name: Build Nimbus Operator image
runs-on: ubuntu-latest
timeout-minutes: 20
Expand All @@ -81,6 +114,8 @@ jobs:
run: make docker-build

build-adapters-image:
needs: files-changed
if: ${{ needs.files-changed.outputs.adapters == 'true' }}
strategy:
matrix:
adapters: [ "nimbus-kubearmor", "nimbus-netpol", "nimbus-kyverno" ]
Expand All @@ -95,7 +130,9 @@ jobs:
working-directory: ./pkg/adapter/${{ matrix.adapters }}
run: make docker-build

chainsaw-integration-tests:
integration-tests:
needs: files-changed
if: ${{ needs.files-changed.outputs.nimbus == 'true' }}
name: Integration-Test
runs-on: ubuntu-latest
steps:
Expand Down Expand Up @@ -130,7 +167,9 @@ jobs:
- name: Run Tests
run: make integration-test

chainsaw-e2e-tests:
e2e-tests:
needs: files-changed
if: ${{ needs.files-changed.outputs.nimbus == 'true' || needs.files-changed.outputs.adapters == 'true' }}
name: E2E-Test
runs-on: ubuntu-latest
steps:
Expand Down Expand Up @@ -179,7 +218,6 @@ jobs:
run: |
kubectl create -f https://raw.githubusercontent.com/kyverno/kyverno/main/config/crds/kyverno/kyverno.io_clusterpolicies.yaml
kubectl create -f https://raw.githubusercontent.com/kyverno/kyverno/main/config/crds/kyverno/kyverno.io_policies.yaml
- name: Install Nimbus
run: |
Expand Down
3 changes: 1 addition & 2 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -107,12 +107,11 @@ run: manifests generate fmt vet ## Run a controller from your host.
# More info: https://docs.docker.com/develop/develop-images/build_enhancements/
.PHONY: docker-build
docker-build: ## Build docker image with the manager.
$(CONTAINER_TOOL) build -t ${IMG}:${TAG} -t ${IMG}:latest --build-arg VERSION=${TAG} .
$(CONTAINER_TOOL) build -t ${IMG}:${TAG} --build-arg VERSION=${TAG} .

.PHONY: docker-push
docker-push: ## Push docker image with the manager.
$(CONTAINER_TOOL) push ${IMG}:${TAG}
$(CONTAINER_TOOL) push ${IMG}:latest

# PLATFORMS defines the target platforms for the manager image be built to provide support to multiple
# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to:
Expand Down

0 comments on commit e71533c

Please sign in to comment.