PMM-13633 Migration of API keys. #9959
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Main | |
on: | |
push: | |
branches: | |
- main | |
- v3 | |
- pmm-* | |
tags: | |
- v[0-9]+.[0-9]+.[0-9]+* | |
pull_request: | |
jobs: | |
check: | |
name: Checks | |
runs-on: ubuntu-22.04 | |
env: | |
PMM_ENCRYPTION_KEY_PATH: pmm-encryption.key | |
steps: | |
- name: Check out code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Set up Go | |
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version-file: ${{ github.workspace }}/go.mod | |
cache: false | |
- name: Enable Go build cache | |
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
with: | |
path: ~/.cache/go-build | |
key: ${{ runner.os }}-go-build-${{ github.ref }}-${{ hashFiles('**') }} | |
restore-keys: | | |
${{ runner.os }}-go-build-${{ github.ref }}- | |
${{ runner.os }}-go-build- | |
- name: Enable Go modules cache | |
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
with: | |
path: ~/go/pkg/mod | |
key: ${{ runner.os }}-go-modules-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go-modules- | |
- name: Download Go modules | |
run: | | |
pushd tools && go mod download -x | |
popd && go mod download -x | |
- name: Install development tools | |
run: make init | |
- name: Generate files | |
run: make gen | |
- name: Check build | |
run: make release | |
- name: Check files are formatted and no source code changes | |
run: | | |
make format | |
pushd tools && go mod tidy -v | |
popd && go mod tidy -v | |
git status | |
git diff --exit-code | |
- name: Update API compatibility descriptors | |
run: | | |
# log if descriptors changed, useful for "update descriptors" PRs | |
make -C api descriptors | |
git diff --text | |
- name: Run check-license | |
run: | | |
# run license checker on configured files | |
bin/license-eye -c .licenserc.yaml header check | |
- name: Run go-sumtype | |
run: bin/go-sumtype ./... | |
- name: Run API linter | |
env: | |
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.ROBOT_TOKEN || secrets.GITHUB_TOKEN }} | |
run: | | |
if out=$(bin/buf lint -v api); code="$?"; test "$code" -eq 0; then | |
echo "$out" | |
exit 0 | |
fi | |
echo "API linter exited with code: $code" | |
echo "$out" | |
## buf uses exit code 100 for linter warnings | |
if [ "$code" -ne 100 ] || ${{ github.event.pull_request == null }}; then | |
exit $code | |
fi | |
# One may need to suppress passing to reviewdog because of https://github.com/reviewdog/reviewdog/issues/1696 | |
echo "$out" | bin/reviewdog -f=buf -reporter=github-pr-review -fail-level=error | |
- name: Run code linters | |
uses: reviewdog/action-golangci-lint@7708105983c614f7a2725e2172908b7709d1c3e4 # v2.6.2 | |
with: | |
github_token: ${{ secrets.ROBOT_TOKEN || secrets.GITHUB_TOKEN }} | |
go_version_file: ${{ github.workspace }}/go.mod | |
reporter: github-pr-review | |
fail_on_error: true | |
cache: false | |
golangci_lint_flags: "-c=.golangci.yml" | |
golangci_lint_version: v1.62.0 # Version should match specified in Makefile | |
- name: Run go-consistent | |
env: | |
REVIEWDOG_GITHUB_API_TOKEN: ${{ secrets.ROBOT_TOKEN || secrets.GITHUB_TOKEN }} | |
run: | | |
if out=$(bin/go-consistent -pedantic -exclude "tests" ./...); exit_code=$?; [ $exit_code -eq 0 ]; then | |
echo "$out" | |
exit 0 | |
fi | |
if [ $exit_code -gt 1 ] || ${{ github.event.pull_request == null }}; then | |
echo "$out" | |
exit $exit_code | |
fi | |
echo "$out" | bin/reviewdog -f=go-consistent -reporter=github-pr-review -fail-level=error | |
- name: Test common API | |
run: make test-common | |
- name: Run debug commands on failure | |
if: ${{ failure() }} | |
run: | | |
env | sort | |
go env | sort | |
git status | |
typos_check: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Check out code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
fetch-depth: 0 | |
- name: Check spelling of md files | |
uses: crate-ci/typos@9d890159570d5018df91fedfa40b4730cd4a81b1 # v1.28.4 | |
with: | |
files: "**/*.md ./documentation/**/*.md" | |
merge-gatekeeper: | |
needs: [ check, typos_check ] | |
name: Merge Gatekeeper | |
if: ${{ always() }} | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Run Merge Gatekeeper | |
uses: upsidr/merge-gatekeeper@09af7a82c1666d0e64d2bd8c01797a0bcfd3bb5d # v1.2.1 | |
with: | |
self: Merge Gatekeeper | |
token: ${{ secrets.GITHUB_TOKEN }} | |
interval: 45 | |
timeout: 1200 | |
ignored: "license/snyk (Percona Github Org), security/snyk (Percona Github Org)" | |
ref: ${{ github.event.pull_request.head.sha || github.sha }} | |
workflow_success: | |
needs: [ merge-gatekeeper ] | |
name: Slack Notification success | |
runs-on: ubuntu-22.04 | |
env: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_TOKEN_PMM_CI }} | |
SLACK_CHANNEL: "pmm-ci" | |
SLACK_USERNAME: "PR bot v3" | |
SLACK_ICON_EMOJI: ":octocat:" | |
SLACK_COLOR: "#00FF00" | |
SLACK_TITLE: "Finished ${{ github.event.repository.name }} workflow" | |
SLACK_MESSAGE: "${{ github.event.inputs.repo || github.repository }}:${{ github.event.inputs.branch || github.head_ref }}" | |
steps: | |
- name: Slack Notification | |
uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 # v2.3.2 | |
workflow_failure: | |
if: ${{ failure() }} | |
needs: [ merge-gatekeeper ] | |
name: Slack Notification failure | |
runs-on: ubuntu-22.04 | |
env: | |
SLACK_WEBHOOK: ${{ secrets.SLACK_TOKEN_PMM_CI }} | |
SLACK_CHANNEL: "pmm-ci" | |
SLACK_USERNAME: "PR bot v3" | |
SLACK_ICON_EMOJI: ":octocat:" | |
SLACK_COLOR: "#FF0000" | |
SLACK_TITLE: "Finished ${{ github.event.repository.name }} workflow" | |
SLACK_MESSAGE: "Workflow failed: ${{ github.event.inputs.repo || github.repository }}:${{ github.event.inputs.branch || github.head_ref }}" | |
steps: | |
- name: Slack Notification | |
uses: rtCamp/action-slack-notify@c33737706dea87cd7784c687dadc9adf1be59990 # v2.3.2 |