Skip to content

build: add linux release automation and release automation validation #9

build: add linux release automation and release automation validation

build: add linux release automation and release automation validation #9

Workflow file for this run

name: CI
on:
push:
branches:
- main
paths:
- '.github/workflows/release-automation.yaml'
- '.github/workflows/release-linux.yaml'
- '.github/workflows/upload-build-to-S3.yaml'
- '.github/workflows/build-and-test-msi.yaml'
- '.github/workflows/build-and-test-pkg.yaml'
- '.github/workflows/get-version-and-tag-for-ref.yaml'
- 'deps/finch-core'
- 'CHANGELOG.md'
pull_request:
branches:
- main
paths:
- '.github/workflows/release-automation.yaml'
- '.github/workflows/release-linux.yaml'
- '.github/workflows/upload-build-to-S3.yaml'
- '.github/workflows/build-and-test-msi.yaml'
- '.github/workflows/build-and-test-pkg.yaml'
- '.github/workflows/get-version-and-tag-for-ref.yaml'
- 'deps/finch-core'
- 'CHANGELOG.md'
workflow_dispatch:
permissions:
id-token: write
contents: write
env:
DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }}
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
git-secrets:
runs-on: ubuntu-latest
steps:
- name: Pull latest awslabs/git-secrets repo
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
with:
repository: awslabs/git-secrets
ref: 1.3.0
fetch-tags: true
path: git-secrets
- name: Install git secrets from source
run: sudo make install
working-directory: git-secrets
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Scan repository for git secrets
run: |
git secrets --register-aws
git secrets --scan-history
gen-code-no-diff:
strategy:
matrix:
os: [macos-latest, windows-latest, ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
cache: true
- run: make gen-code
- run: git diff --exit-code
unit-tests:
strategy:
fail-fast: false
matrix:
os: [macos-latest, windows-latest, ubuntu-latest]
runs-on: ${{ matrix.os }}
steps:
- name: Configure git CRLF settings
run: |
git config --global core.autocrlf false
git config --global core.eol lf
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
# Since this repository is not meant to be used as a library,
# we don't need to test the latest 2 major releases like Go does: https://go.dev/doc/devel/release#policy.
go-version-file: go.mod
cache: true
- run: make test-unit
# It's recommended to run golangci-lint in a job separate from other jobs (go test, etc) because different jobs run in parallel.
go-linter:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
cache: false # caching can result in tar errors that files already exist
- name: set GOOS env to windows
run: |
echo "GOOS=windows" >> $GITHUB_ENV
- name: golangci-lint - windows
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
with:
# Pin the version in case all the builds start to fail at the same time.
# There may not be an automatic way (e.g., dependabot) to update a specific parameter of a GitHub Action,
# so we will just update it manually whenever it makes sense (e.g., a feature that we want is added).
version: v1.56.1
args: --fix=false --timeout=5m
- name: set GOOS env to darwin
run: |
echo "GOOS=darwin" >> $GITHUB_ENV
- name: golangci-lint - darwin
uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
with:
# Pin the version in case all the builds start to fail at the same time.
# There may not be an automatic way (e.g., dependabot) to update a specific parameter of a GitHub Action,
# so we will just update it manually whenever it makes sense (e.g., a feature that we want is added).
version: v1.56.1
args: --fix=false --timeout=5m --skip-dirs="(^|/)deps($|/)"
shellcheck:
name: ShellCheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0
with:
version: v0.9.0
continue-on-error: true
go-mod-tidy-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
cache: true
# TODO: Use `go mod tidy --check` after https://github.com/golang/go/issues/27005 is fixed.
- run: go mod tidy
- run: git diff --exit-code
check-licenses:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version-file: go.mod
cache: true
- run: make check-licenses
macos-e2e-tests:
strategy:
matrix:
version: ['13', '14']
test-command: ['test-e2e-vm-serial', 'test-e2e-container']
arch: ['X64', 'arm64']
runner-type: ['test']
uses: ./.github/workflows/e2e-docs.yaml
windows-e2e-tests:
strategy:
matrix:
test-command: ['test-e2e-vm-serial', 'test-e2e-container']
arch: ['amd64']
runner-type: ['test']
uses: ./.github/workflows/e2e-docs.yaml
linux-e2e-tests:
strategy:
matrix:
os: ['amazonlinux']
arch: ['X64', 'arm64']
version: ['2023', '2']
runner-type: ['test']
uses: ./.github/workflows/e2e-docs.yaml
mdlint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- uses: avto-dev/markdown-lint@04d43ee9191307b50935a753da3b775ab695eceb # v1.5.0
with:
args: '**/*.md'
# CHANGELOG.md is only updated by release-please bot.
ignore: 'CHANGELOG.md'
get-intermediate-version:
name: Get intermediate version
runs-on: ubuntu-latest
outputs:
version: ${{ steps.get-intermediate-version.version }}
steps:
- uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
- name: Gets an intermediate version string
id: calculate-version
run: |
version=$(git describe --match 'v[0-9]*' --dirty='.modified' --always --tags)
echo "${version}"
version="${version}-no-release"
echo "${version}"
echo "version=$version" >> ${GITHUB_OUTPUT}
release-linux:
needs: get-intermediate-version
uses: ./.github/workflows/release-linux.yaml
secrets: inherit
with:
ref_name: ""
version: ${{ needs.get-intermediate-version.outputs.version }}
build-and-test-finch-msi:
needs: get-intermediate-version
uses: ./.github/workflows/build-and-test-msi.yaml
secrets: inherit
with:
ref_name: ""
version: ${{ needs.get-intermediate-version.outputs.version }}
macos-aarch64-pkg-build:
needs: get-intermediate-version
uses: ./.github/workflows/build-pkg.yaml
secrets: inherit
with:
os: macos
arch: arm64
output_arch: aarch64
version: 14
tag: ${{ needs.get-intermediate-version.outputs.version }}
macos-x86-64-pkg-build:
needs: get-intermediate-version
uses: ./.github/workflows/build-pkg.yaml
secrets: inherit
with:
os: macos
arch: amd64
output_arch: x86_64
version: 14
tag: ${{ needs.get-intermediate-version.outputs.version }}
macos-aarch64-pkg-test:
strategy:
fail-fast: false
matrix:
version: [13, 14]
needs:
- get-intermediate-version
- macos-aarch64-pkg-build
uses: ./.github/workflows/test-pkg.yaml
secrets: inherit
with:
os: macos
arch: arm64
output_arch: aarch64
version: ${{ matrix.version }}
tag: ${{ needs.get-intermediate-version.outputs.version }}
macos-x86-64-pkg-test:
strategy:
fail-fast: false
matrix:
version: [13, 14]
needs:
- get-intermediate-version
- macos-x86-64-pkg-build
uses: ./.github/workflows/test-pkg.yaml
secrets: inherit
with:
os: macos
arch: amd64
output_arch: x86_64
version: ${{ matrix.version }}
tag: ${{ needs.get-intermediate-version.outputs.version }}