forked from open-policy-agent/opa
-
Notifications
You must be signed in to change notification settings - Fork 0
156 lines (133 loc) · 4.32 KB
/
post-merge.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
name: Post Merge
on:
push:
branches:
- main
jobs:
generate:
name: Sync Generated Code
runs-on: ubuntu-18.04
steps:
- name: Check out code
uses: actions/checkout@v2
with:
token: ${{ secrets.GH_PUSH_TOKEN }}
- name: Generate
run: make clean generate
- name: Commit & Push
shell: bash
run: |
# Commit any changes and push as needed.
# See https://github.com/actions/checkout#push-a-commit-using-the-built-in-token
AUTHOR=wasm-updater
git config user.name ${AUTHOR}
git config user.email ${AUTHOR}@github.com
# Prevent looping if the build was non-deterministic..
CAN_PUSH=1
if [[ "$(git log -1 --pretty=format:'%an')" == "${AUTHOR}" ]]; then
CAN_PUSH=0
fi
if ./build/commit-wasm-bins.sh; then
if [[ "${CAN_PUSH}" == "1" ]]; then
git push
else
echo "Previous commit was auto-generated -- Aborting!"
exit 1
fi
else
echo "No generated changes to push!"
fi
code-coverage:
name: Update Go Test Coverage
runs-on: ubuntu-18.04
needs: generate
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Unit Test Golang
run: make ci-go-test-coverage
timeout-minutes: 30
release-build:
name: Release Build (linux, windows)
runs-on: ubuntu-18.04
needs: generate
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Build Linux and Windows
run: make ci-go-ci-build-linux ci-go-build-linux-static ci-go-ci-build-windows
timeout-minutes: 30
env:
TELEMETRY_URL: ${{ secrets.TELEMETRY_URL }}
- name: Upload binaries
uses: actions/upload-artifact@v2
if: always()
with:
name: binaries
path: _release
release-build-darwin:
name: Release Build (darwin)
runs-on: macos-latest
needs: generate
steps:
- name: Check out code
uses: actions/checkout@v2
- id: go_version
name: Read go version
run: echo "::set-output name=go_version::$(cat .go-version)"
- name: Install Go (${{ steps.go_version.outputs.go_version }})
uses: actions/setup-go@v2
with:
go-version: ${{ steps.go_version.outputs.go_version }}
- name: Build Darwin
run: make ci-build-darwin
timeout-minutes: 30
env:
TELEMETRY_URL: ${{ secrets.TELEMETRY_URL }}
- name: Upload binaries (darwin)
uses: actions/upload-artifact@v2
if: always()
with:
name: binaries
path: _release
deploy-edge:
name: Push Edge Release
runs-on: ubuntu-18.04
needs: [release-build, release-build-darwin]
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Test
run: make ci-release-test
timeout-minutes: 60
- name: Download release binaries
uses: actions/download-artifact@v2
with:
name: binaries
path: _release
- name: Deploy OPA Edge
env:
DOCKER_USER: ${{ secrets.DOCKER_USER }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
DOCKER_IMAGE: ${{ secrets.DOCKER_IMAGE }}
S3_RELEASE_BUCKET: ${{ secrets.S3_RELEASE_BUCKET }}
# Only run if required secrets are provided
if: ${{ env.S3_RELEASE_BUCKET && env.AWS_ACCESS_KEY_ID && env.AWS_SECRET_ACCESS_KEY && env.DOCKER_USER && env.DOCKER_PASSWORD }}
run: make deploy-ci
deploy-wasm-builder:
name: Deploy WASM Builder
runs-on: ubuntu-18.04
needs: generate
steps:
- name: Check out code
uses: actions/checkout@v2
- name: Build and Push opa-wasm-builder
env:
DOCKER_USER: ${{ secrets.DOCKER_USER }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
DOCKER_WASM_BUILDER_IMAGE: ${{ secrets.DOCKER_WASM_BUILDER_IMAGE }}
# Only run if required secrets are provided
if: ${{ env.DOCKER_USER && env.DOCKER_PASSWORD }}
run: make push-wasm-builder-image