.github/workflows/ci.yaml

name: CI
on:
  push:
    branches:
      - main
  pull_request:
    branches:
      - main
env:
  GOPATH: /home/runner/go/
  GOPROXY: "https://proxy.golang.org"
jobs:
  prepare:
    name: Prepare release
    runs-on: ubuntu-latest
    permissions:
      contents: 'read'
      id-token: 'write'
    outputs:
      new_release_version: ${{ steps.semantic_release.outputs.new_release_version }}
      new_release_published: ${{ steps.semantic_release.outputs.new_release_published }}
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          token: ${{ secrets.PLURAL_BOT_PAT }}
      - name: Semantic Release
        uses: cycjimmy/semantic-release-action@v3
        id: semantic_release
        with:
          dry_run: true
        env:
          GITHUB_TOKEN: ${{ secrets.PLURAL_BOT_PAT }}
          NODE_AUTH_TOKEN: ${{ secrets.PLURAL_BOT_NPM_TOKEN }}
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version-file: go.mod
          check-latest: true
      - run: PATH=$PATH:$GOPATH/bin make agent
  test:
    name: Unit test
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version-file: go.mod
          check-latest: true
      - run: PATH=$PATH:$GOPATH/bin make -d test
  lint:
    name: Lint
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-go@v5
        with:
          go-version-file: go.mod
          check-latest: true
      - uses: golangci/golangci-lint-action@v3
        with:
          version: latest
  publish:
    name: Build and push Agent container
    runs-on: ubuntu-20.04
    needs:
    - prepare
    - test
    permissions:
      contents: 'read'
      id-token: 'write'
      packages: 'write'
    steps:
    - name: Checkout
      uses: actions/checkout@v4
      with:
        fetch-depth: 0
    - name: Docker meta
      id: meta
      uses: docker/metadata-action@v5
      with:
        # list of Docker images to use as base name for tags
        images: |
          ghcr.io/pluralsh/deployment-operator
          docker.io/pluralsh/deployment-operator
        # generate Docker tags based on the following events/attributes
        tags: |
            type=sha
            type=ref,event=pr
            type=ref,event=branch
            type=semver,pattern={{version}},value=${{ needs.prepare.outputs.new_release_version }}
    - name: Set up QEMU
      uses: docker/setup-qemu-action@v3
    - name: Set up Docker Buildx
      uses: docker/setup-buildx-action@v3
    - name: Login to GHCR
      uses: docker/login-action@v3
      with:
        registry: ghcr.io
        username: ${{ github.repository_owner }}
        password: ${{ secrets.GITHUB_TOKEN }}
    - name: Login to Docker
      uses: docker/login-action@v3
      with:
        username: mjgpluralsh
        password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
    - name: Build and push
      uses: docker/build-push-action@v5
      with:
        context: "."
        file: "./Dockerfile"
        push: true
        tags: ${{ steps.meta.outputs.tags }}
        labels: ${{ steps.meta.outputs.labels }}
        platforms: linux/amd64,linux/arm64
        cache-from: type=gha
        cache-to: type=gha,mode=max
        build-args: |
          GIT_COMMIT=${{ github.sha }}
  release:
    runs-on: ubuntu-latest
    needs: build
    permissions:
      contents: 'read'
      id-token: 'write'
    if: github.event_name != 'pull_request'
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
          token: ${{ secrets.PLURAL_BOT_PAT }}
      - name: Semantic Release
        uses: cycjimmy/semantic-release-action@v3
        id: semantic_release
        if: github.event_name != 'pull_request'
        env:
          GITHUB_TOKEN: ${{ secrets.PLURAL_BOT_PAT }}
          NODE_AUTH_TOKEN: ${{ secrets.PLURAL_BOT_NPM_TOKEN }}
      - name: slack webhook
        uses: 8398a7/action-slack@v3
        with:
          status: ${{ job.status }}
          fields: workflow,job,repo,message,commit,author
        env:
          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} # required
        if: always()