First draft of forbidden mode for isolated clusters #184
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build Action | |
on: | |
pull_request: | |
branches: | |
- master | |
release: | |
types: | |
- published | |
push: | |
branches: | |
- master | |
env: | |
REGISTRY: ghcr.io | |
IMAGE_NAME: ${{ github.repository }} | |
GCS_BUCKET: images.metal-pod.io | |
jobs: | |
build: | |
name: Build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Log in to the container registry | |
uses: docker/login-action@v3 | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ secrets.DOCKER_REGISTRY_USER }} | |
password: ${{ secrets.DOCKER_REGISTRY_TOKEN }} | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- uses: google-github-actions/auth@v1 | |
with: | |
credentials_json: '${{ secrets.GCP_SA_KEY }}' | |
- name: Set up Cloud SDK | |
uses: google-github-actions/setup-gcloud@v0 | |
- name: Set up Go 1.21 | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.21' | |
cache: false | |
- name: Lint | |
uses: golangci/golangci-lint-action@v3 | |
with: | |
args: --build-tags integration -p bugs -p unused --timeout=3m | |
- name: Make tag | |
run: | | |
[ "${GITHUB_EVENT_NAME}" == 'pull_request' ] && echo "TAG_NAME=$(echo $GITHUB_REF | awk -F / '{print $3}')-${GITHUB_HEAD_REF##*/}" >> $GITHUB_ENV || true | |
[ "${GITHUB_EVENT_NAME}" == 'release' ] && echo "TAG_NAME=${GITHUB_REF##*/}" >> $GITHUB_ENV || true | |
[ "${GITHUB_EVENT_NAME}" == 'push' ] && echo "TAG_NAME=latest" >> $GITHUB_ENV || true | |
[ "${GITHUB_EVENT_NAME}" == 'pull_request' ] && echo "TARGET_BINARY_LOCATION=pull-requests/$(echo $GITHUB_REF | awk -F / '{print $3}')-${GITHUB_HEAD_REF##*/}" >> $GITHUB_ENV || true | |
[ "${GITHUB_EVENT_NAME}" == 'release' ] && echo "TARGET_BINARY_LOCATION=${GITHUB_REF##*/}" >> $GITHUB_ENV || true | |
[ "${GITHUB_EVENT_NAME}" == 'push' ] && echo "TARGET_BINARY_LOCATION=latest" >> $GITHUB_ENV || true | |
- name: Build | |
run: | | |
make | |
- name: Push Docker image | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
push: true | |
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ env.TAG_NAME }} | |
- name: Upload image tarballs to GCS | |
run: | | |
mkdir -p firewall-controller/${TARGET_BINARY_LOCATION} | |
cp bin/firewall-controller* firewall-controller/${TARGET_BINARY_LOCATION}/ | |
gsutil -m cp -r -p firewall-controller gs://$GCS_BUCKET | |
- name: Upload Release Asset | |
uses: softprops/action-gh-release@v1 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
files: | | |
bin/firewall-controller* | |
if: ${{ github.event_name == 'release' }} | |
test: | |
name: Test | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set up Go 1.21 | |
uses: actions/setup-go@v5 | |
with: | |
go-version: '1.21' | |
cache: false | |
- name: Run tests | |
run: | | |
sudo apt install -y --no-install-recommends nftables iproute2 kmod | |
sudo modprobe dummy | |
sudo ip link add vrf42 type dummy | |
sudo ip link add vlan42 type dummy | |
make setup-envtest | |
make test |