Nightly Build #177
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Nightly Build | |
on: | |
workflow_dispatch: | |
schedule: | |
- cron: '0 10 * * *' # Run every day at 10AM UTC | |
jobs: | |
run-unit-tests: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.ref }} | |
- name: Setup Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21.x | |
- name: Run Unit Tests | |
id: unit | |
run: | | |
make prepare | |
make test | |
make fmtcheck | |
build: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.ref }} | |
- name: Setup Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21.x | |
- name: Build | |
id: build | |
run: | | |
make prepare | |
make build-cross-platform | |
run-integration-tests: | |
runs-on: ubuntu-latest | |
steps: | |
# To wait for the existing nightly-build run to complete to avoid running same integration tests at the same time | |
- name: Turnstyle | |
uses: softprops/turnstyle@v1 | |
with: | |
same-branch-only: false | |
env: | |
GITHUB_TOKEN: ${{ secrets.TOKEN }} | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ github.ref }} | |
- name: Setup Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21.x | |
- name: Run Integration Tests | |
id: integration | |
run: | | |
make prepare | |
make clean-test | |
make integration-test | |
env: | |
LW_ACCOUNT: ${{ secrets.LW_ACCOUNT }}.lacework.net | |
LW_API_KEY: ${{ secrets.LW_API_KEY }} | |
LW_API_SECRET: ${{ secrets.LW_API_SECRET }} | |
LW_SUBACCOUNT: ${{ secrets.LW_SUBACCOUNT }} | |
OCI_CREDENTIALS: ${{ secrets.OCI_CREDENTIALS }} | |
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }} | |
AZURE_CREDENTIALS: ${{ secrets.AZURE_CREDENTIALS }} | |
DOCKER_CREDENTIALS: ${{ secrets.DOCKER_CREDENTIALS }} | |
GHCR_CREDENTIALS: ${{ secrets.GHCR_CREDENTIALS }} | |
CLOUDWATCH_EVENT_BUS_ARN: ${{ secrets.CLOUDWATCH_EVENT_BUS_ARN }} | |
AWS_ECR_IAM: ${{ secrets.AWS_ECR_IAM }} | |
AWS_CREDS: ${{ secrets.AWS_CREDS }} | |
AWS_S3: ${{ secrets.AWS_S3 }} | |
S3_BUCKET_ARN: ${{ secrets.S3_BUCKET_ARN }} | |
LW_PUB_SUB_SUBSCRIPTION: ${{ secrets.LW_PUB_SUB_SUBSCRIPTION }} | |
slack-notify: | |
name: Slack Notify if Failed Tests | |
needs: [run-unit-tests, build, run-integration-tests] | |
runs-on: ubuntu-latest | |
if: always() | |
steps: | |
- name: Notify Slack on Failure | |
if: ${{ contains(needs.*.result, 'failure') }} | |
uses: slackapi/[email protected] | |
with: | |
payload: | | |
{ | |
"attachments": [ | |
{ | |
"color": "#E92020", | |
"blocks": [ | |
{ | |
"type": "section", | |
"text": { | |
"type": "mrkdwn", | |
"text": "@oncall-growth-eng! There has been a failure that needs your attention. :rotating_light:\n*GitHub Workflow Failure <${{ github.server_url }}/${{ github.repository }}>*\n\n*Workflow Run*\n <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|View Workflow>" | |
} | |
} | |
] | |
} | |
] | |
} | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.TF_SLACK_URL }} | |
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK |