Skip to content
test

Merge pull request #7619 from saschagrunert/conmon #3

Sign in to view logs

Merge pull request #7619 from saschagrunert/conmon

Merge pull request #7619 from saschagrunert/conmon #3

Workflow file for this run

.github/workflows/test.yml at 5449a58
name: test
on:
push:
tags:
- v*
branches:
- main
- release-*
- nixpkgs
pull_request:
env:
GO_VERSION: '1.21'
NIX_VERSION: '2.19.2'
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- run: scripts/github-actions-packages
- run: make
- run: bin/crio version
- run: make bin/crio.cross.linux.amd64
- run: bin/crio.cross.linux.amd64 version
- uses: actions/upload-artifact@v4
with:
name: build
path: |
bin/crio
- uses: actions/upload-artifact@v4
with:
name: docs
path: |
docs/crio.8
docs/crio.conf.5
docs/crio.conf.d.5
- uses: actions/upload-artifact@v4
with:
name: config
path: crio.conf
build-freebsd:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- run: scripts/github-actions-packages
- run: make bin/crio.cross.freebsd.amd64
validate-docs:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: build
path: bin
- run: chmod -R +x bin
- run: |
sudo -E make docs-generation
hack/tree_status.sh
validate-completions:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: build
path: bin
- run: chmod -R +x bin
- run: |
sudo -E make completions-generation
hack/tree_status.sh
validate-nri-tests:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: build
path: bin
- run: |
sudo -E make check-nri-bats-tests
build-static-amd64:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v24
with:
install_url: https://releases.nixos.org/nix/nix-${{ env.NIX_VERSION }}/install
- uses: cachix/cachix-action@v13
with:
name: cri-o-static
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
pushFilter: cri-o
- run: nix-build nix
- run: result/bin/crio version
- uses: actions/upload-artifact@v4
with:
name: build-static-amd64
path: |
result/bin/crio
result/bin/pinns
build-static-arm64:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v24
with:
install_url: https://releases.nixos.org/nix/nix-${{ env.NIX_VERSION }}/install
- uses: cachix/cachix-action@v13
with:
name: cri-o-static
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
pushFilter: cri-o
- run: nix-build nix/default-arm64.nix
- run: file result/bin/crio | grep aarch64
- uses: actions/upload-artifact@v4
with:
name: build-static-arm64
path: |
result/bin/crio
result/bin/pinns
build-static-ppc64le:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: cachix/install-nix-action@v24
with:
install_url: https://releases.nixos.org/nix/nix-${{ env.NIX_VERSION }}/install
- uses: cachix/cachix-action@v13
with:
name: cri-o-static
authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
pushFilter: cri-o
- run: nix-build nix/default-ppc64le.nix
- run: file result/bin/crio | grep PowerPC
- uses: actions/upload-artifact@v4
with:
name: build-static-ppc64le
path: |
result/bin/crio
result/bin/pinns
static-build-upload:
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/heads/release') || contains(github.ref, 'refs/tags')
runs-on: ubuntu-latest
needs:
- build-static-amd64
- build-static-arm64
- build-static-ppc64le
steps:
- uses: actions/download-artifact@v4
with:
name: build-static-amd64
path: ${{ github.sha }}/amd64
- uses: actions/download-artifact@v4
with:
name: build-static-arm64
path: ${{ github.sha }}/arm64
- uses: actions/download-artifact@v4
with:
name: build-static-ppc64le
path: ${{ github.sha }}/ppc64le
- uses: google-github-actions/auth@v2
with:
credentials_json: ${{ secrets.GCS_CRIO_SA }}
- uses: google-github-actions/upload-cloud-storage@v2
with:
path: ${{ github.sha }}
destination: cri-o/artifacts
upload-artifacts:
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/heads/release') || contains(github.ref, 'refs/tags')
runs-on: ubuntu-latest
needs:
- static-build-upload
steps:
- uses: actions/checkout@v4
- run: make upload-artifacts
env:
GCS_CRIO_SA: ${{ secrets.GCS_CRIO_SA }}
create-release:
if: contains(github.ref, 'refs/tags')
runs-on: ubuntu-latest
needs:
- release-notes
steps:
- uses: actions/checkout@v4
- uses: actions/download-artifact@v4
with:
name: release-notes
path: build/release-notes
- name: Get release version
run: echo "RELEASE_VERSION=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
- uses: ncipollo/release-action@v1
with:
allowUpdates: true
bodyFile: build/release-notes/${{ env.RELEASE_VERSION }}.md
token: ${{ secrets.GH_TOKEN }}
unit:
strategy:
matrix:
run:
- runner: ubuntu-latest
arch: amd64
- runner: actuated-arm64-4cpu-16gb
arch: arm64
name: unit / ${{ matrix.run.arch }}
runs-on: ${{ matrix.run.runner }}
steps:
- uses: alexellis/arkade-get@master
with:
crane: latest
print-summary: false
- name: Install vmmeter
run: crane export --platform linux/${{ matrix.run.arch }} ghcr.io/openfaasltd/vmmeter:latest | sudo tar -xvf - -C /usr/local/bin
- uses: self-actuated/vmmeter-action@master
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- uses: actions/cache@v3
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: go-unit-${{ matrix.run.arch }}-${{ hashFiles('**/go.sum') }}
- run: scripts/github-actions-packages
- name: Update mocks
run: |
make mockgen -j $(nproc)
hack/tree_status.sh
- name: Run unit tests
run: |
sudo PATH="$PATH" GOCACHE="$(go env GOCACHE)" GOMODCACHE="$(go env GOMODCACHE)" make testunit
sudo chown -R $(id -u):$(id -g) "$(go env GOCACHE)" "$(go env GOMODCACHE)"
- uses: actions/upload-artifact@v4
with:
name: unit-${{ matrix.run.arch }}
path: build/coverage
coverage:
needs: unit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/download-artifact@v4
with:
name: unit-amd64
path: build/coverage
- run: make codecov
release-notes:
permissions:
contents: none
if: github.ref == 'refs/heads/main' || contains(github.ref, 'refs/heads/release') || contains(github.ref, 'refs/tags')
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GH_TOKEN }}
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Set current branch
run: |
raw=$(git branch -r --contains ${{ github.ref }})
branch=${raw##*/}
echo "CURRENT_BRANCH=$branch" >> $GITHUB_ENV
- run: make release-notes
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
- uses: actions/upload-artifact@v4
with:
name: release-notes
path: build/release-notes
if-no-files-found: ignore
dependencies:
permissions:
contents: none
if: github.ref == 'refs/heads/main'
needs: release-notes
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
token: ${{ secrets.GH_TOKEN }}
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- run: make dependencies
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
- uses: actions/upload-artifact@v4
with:
name: dependencies
path: build/dependencies
codeql-build:
runs-on: ubuntu-latest
permissions:
security-events: write
actions: read
contents: read
steps:
- uses: actions/checkout@v4
- uses: github/codeql-action/init@v3
with:
languages: go
- uses: github/codeql-action/autobuild@v3
- uses: github/codeql-action/analyze@v3
security-checks:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Run Govulncheck
run: make verify-govulncheck
- name: Run Gosec
run: make verify-gosec