refactor: update CI and add e2e support (#282) #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and test components | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - v* | |
| # Cancel any running jobs for PRs on a new commit | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: ${{ github.event_name == 'pull_request' }} | |
| jobs: | |
| build: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| goos: | |
| - linux | |
| - darwin | |
| - windows | |
| runs-on: ubuntu-latest | |
| continue-on-error: true | |
| permissions: | |
| contents: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Avoid running against a shallow clone | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: ${{ github.event.pull_request.head.repo.full_name }} # We plan to run only against internal pull requests | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| fetch-depth: 0 # Avoid running against a shallow clone | |
| - name: Force fetch upstream tags | |
| run: git fetch --force --tags | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "^1.23" | |
| - name: Print environment | |
| id: vars | |
| run: | | |
| printf "Using Go at $(which go) (version $(go version))\n" | |
| printf "\n\nGo environment:\n\n" | |
| go env | |
| printf "\n\nSystem environment:\n\n" | |
| env | |
| - name: Build the make/make tool | |
| run: go build -o make/make make/main.go | |
| - name: Build | |
| env: | |
| GOOS: ${{ matrix.goos }} | |
| CGO_ENABLED: 0 | |
| shell: bash | |
| run: | | |
| make/make GOOS=$GOOS lstn | |
| - name: Generate docs | |
| if: ${{ github.event_name == 'pull_request' && matrix.goos == 'linux' }} | |
| run: | | |
| GITHUB_ACTIONS= GITHUB_EVENT_PATH= ./lstn manual 2> docs/cheatsheet.md | |
| ./lstn config 2> docs/configuration.md | |
| ./lstn env 2> docs/environment.md | |
| ./lstn exit 2> docs/exitcodes.md | |
| ./lstn reporters 2> docs/reporters.md | |
| - name: Update docs | |
| if: ${{ github.event_name == 'pull_request' && matrix.goos == 'linux' }} | |
| uses: EndBug/add-and-commit@v9 | |
| with: | |
| default_author: github_actor | |
| commit: --signoff | |
| add: "docs" | |
| message: "docs: update autogenerated docs" | |
| push: true | |
| - name: Archive the artifact(s) for ${{ matrix.goos }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: artifact-${{ matrix.goos }} | |
| path: | | |
| ./lstn | |
| ./lstn.exe | |
| retention-days: 1 | |
| if-no-files-found: error | |
| version-darwin: | |
| name: "check version (darwin)" | |
| needs: build | |
| runs-on: macos-latest | |
| steps: | |
| - name: Check out the source code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Avoid running against a shallow clone | |
| - name: Get binaries | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact-darwin | |
| path: . | |
| - name: Check short version | |
| shell: bash | |
| run: | | |
| file lstn | |
| chmod +x lstn | |
| ./lstn version | |
| latest_tag=$(git for-each-ref --sort=-creatordate --count 1 --format="%(refname:short)" "refs/tags/v*") | |
| [[ "lstn ${latest_tag}" == $(./lstn version 2>&1) ]] | |
| version-linux: | |
| name: "check version (linux)" | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out the source code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Avoid running against a shallow clone | |
| - name: Get binaries | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact-linux | |
| path: . | |
| - name: Check short version | |
| shell: bash | |
| run: | | |
| file lstn | |
| chmod +x lstn | |
| ./lstn version | |
| latest_tag=$(git for-each-ref --sort=-creatordate --count 1 --format="%(refname:short)" "refs/tags/v*") | |
| [[ "lstn ${latest_tag}" == $(./lstn version 2>&1) ]] | |
| version-windows: | |
| name: "check version (windows)" | |
| needs: build | |
| runs-on: windows-latest | |
| steps: | |
| - name: Check out the source code | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Avoid running against a shallow clone | |
| - name: Get binaries | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: artifact-windows | |
| path: . | |
| # TODO: equality | |
| - name: Check short version | |
| run: | | |
| file lstn.exe | |
| .\lstn.exe version | |
| test: | |
| name: test | |
| permissions: | |
| contents: read | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os: [ubuntu-latest, macos-latest] | |
| runs-on: ${{ matrix.os }} | |
| steps: | |
| - name: Check out the source code | |
| uses: actions/checkout@v4 | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "^1.23" | |
| - name: Build code | |
| run: go build ./... | |
| shell: bash | |
| - name: Run tests | |
| run: go test -v -race -cover -covermode=atomic -coverprofile=coverage.txt ./... | |
| shell: bash | |
| - name: Upload coverage | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: unit-test-coverage-${{ matrix.os }} | |
| path: coverage.txt | |
| if-no-files-found: error | |
| retention-days: 1 | |
| test-e2e: | |
| name: Run e2e tests | |
| needs: | |
| - build | |
| uses: ./.github/workflows/call-run-e2e.yaml | |
| with: | |
| # The Github ref to checkout for the listen-e2e repo. | |
| ref: main | |
| # We want to use binaries built here. | |
| lstn-use-release: false | |
| # The artifact to use we built previously. | |
| lstn-binary-artefact: artifact-linux | |
| # Once https://github.com/listendev/jibril/pull/369 is merged we can use main. | |
| jibril-image: ghcr.io/listendev/jibril:sha-196b297 | |
| secrets: | |
| # We have to use a PAT to ensure we can checkout the other repo and access containers from other repos. | |
| github-token: ${{ secrets.CI_PAT }} | |
| release: | |
| name: Create official release | |
| if: startsWith(github.ref, 'refs/tags/v') | |
| runs-on: ubuntu-latest | |
| permissions: | |
| id-token: write | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # Avoid running against a shallow clone | |
| - name: Force fetch upstream tags | |
| run: git fetch --force --tags | |
| - name: Set up Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: "^1.23" | |
| - name: Install cosign | |
| uses: sigstore/[email protected] | |
| with: | |
| cosign-release: "v2.2.3" | |
| - name: Install syft | |
| uses: anchore/sbom-action/[email protected] | |
| - name: Release | |
| uses: goreleaser/goreleaser-action@v6 | |
| with: | |
| version: latest | |
| args: release --clean | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| COSIGN_EXPERIMENTAL: 1 | |
| - name: Create release for tag | |
| uses: softprops/action-gh-release@v2 | |
| id: release | |
| with: | |
| generate_release_notes: true | |
| make_latest: true | |
| # This job provides the single required status for PRs to be merged into main. | |
| # Instead of updating the protected branch status in github, we can just update the "needs" section below | |
| # to require additional/remove existing status checks to protect main via a simple GitOps process. | |
| # We can use the alls-green action to get around the github assumption that a "skipped" required status check | |
| # counts as passed. | |
| test-required-checks-complete: | |
| # This step always has to run in order to check if the dependent jobs passed even if upstream jobs are skipped. | |
| if: always() | |
| needs: | |
| - build | |
| - test | |
| - test-e2e | |
| name: Build checks complete | |
| runs-on: ubuntu-latest | |
| permissions: {} | |
| steps: | |
| - name: Decide whether the needed jobs succeeded or failed | |
| uses: re-actors/alls-green@release/v1 | |
| with: | |
| jobs: ${{ toJSON(needs) }} |