-
-
Notifications
You must be signed in to change notification settings - Fork 35
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
6 changed files
with
227 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,220 @@ | ||
| # | ||
| # This workflow was created automatically from the `package-template.yml` by running `make -C .github workflows` | ||
| # DO NOT EDIT THIS WORKFLOW, changes will be lost on the next update. | ||
| # | ||
|
|
||
| name: "terraform-config-inspect" | ||
| on: | ||
| push: | ||
| branches: | ||
| - master | ||
|
|
||
| paths: | ||
| - apk/** | ||
| - deb/** | ||
| - rpm/** | ||
| - tasks/** | ||
| - vendor/terraform-config-inspect/** | ||
| - .github/workflows/terraform-config-inspect.yml | ||
|
|
||
|
|
||
| pull_request: | ||
| types: [opened, synchronize, reopened] | ||
| paths: | ||
| - apk/** | ||
| - deb/** | ||
| - rpm/** | ||
| - tasks/** | ||
| - vendor/terraform-config-inspect/** | ||
| - .github/workflows/terraform-config-inspect.yml | ||
|
|
||
| jobs: | ||
| matrix: | ||
| if: github.event_name != 'schedule' | ||
| runs-on: ubuntu-latest | ||
| outputs: | ||
| package-enabled: ${{ steps.info.outputs.package_enabled }} | ||
| package-matrix: ${{steps.info.outputs.package_matrix}} | ||
| apk-enabled: ${{ steps.info.outputs.package_enabled == 'true' && steps.info.outputs.apk_package_enabled == 'true' }} | ||
| steps: | ||
| - uses: actions/checkout@v2 | ||
|
|
||
| - name: Export package build matrix | ||
| shell: bash | ||
| id: info | ||
| env: | ||
| GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | ||
| run: | | ||
| echo setting ouputs | ||
| make -C vendor/terraform-config-inspect info/github | ||
| echo | ||
| echo outputs set | ||
| make -C vendor/terraform-config-inspect info/github | sed s'/::set-output name=//' | sed 's/::/=/' | ||
| # Build for alpine linux | ||
| # Kept separate because it is old and slightly different than the other package builds | ||
| alpine: | ||
| needs: matrix | ||
| if: github.event_name != 'schedule' && needs.matrix.outputs.apk-enabled != 'false' | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| # These versions must be strings. E.g. Otherwise `3.10` -> `3.1` | ||
| alpine: | ||
| - '3.12' | ||
| env: | ||
| APK_KEY_RSA: "${{ secrets.APK_KEY_RSA }}" | ||
| APK_PACKAGES_PATH: ${{github.workspace}}/artifacts/${{matrix.alpine}} | ||
| PACKAGER: ops@cloudposse.com | ||
| PACKAGER_PRIVKEY: /dev/shm/ops@cloudposse.com.rsa | ||
| PACKAGER_PUBKEY: ${{github.workspace}}/artifacts/ops@cloudposse.com.rsa.pub | ||
|
|
||
| container: cloudposse/packages-apkbuild:${{matrix.alpine}} | ||
| steps: | ||
| # Checkout the packages repo so we can build the packages as a monorepo | ||
| - name: "Checkout source code at current commit" | ||
| uses: actions/checkout@v2 | ||
|
|
||
| # Export the apk keys as files from secrets | ||
| - name: "Export keys" | ||
| run: "make -C .github/ export" | ||
|
|
||
| # Build the alpine packages for the matrix version of alpine | ||
| - name: "Build alpine packages" | ||
| run: "make -C vendor/${{github.workflow}} apk" | ||
|
|
||
| # Verify the packages were built or error | ||
| - name: "List packages" | ||
| run: 'find ${APK_PACKAGES_PATH} -type f -name \*.apk | xargs --no-run-if-empty ls -l | grep .' | ||
|
|
||
| # Export the artifact filename including path | ||
| # Path must be relative to workdir for Cloudsmith action to be able to find it | ||
| - name: "Set output path to artifact" | ||
| id: artifact | ||
| shell: bash | ||
| run: | | ||
| artifact=$(find artifacts/${{matrix.alpine}} -type f -name \*.apk) | ||
| echo "::set-output name=path::$artifact" | ||
| echo "set output path=$artifact" | ||
| echo creating '"pip"' cache directory for Cloudsmith | ||
| mkdir -p $HOME/.cache/pip && chmod -R 777 $HOME/.cache || echo Ignoring error creating '"pip"' cache directory | ||
| # Determine which package organization we should use (e.g. dev or prod) | ||
| - name: "Determine package repo" | ||
| shell: bash | ||
| id: repo | ||
| run: | | ||
| if [[ ${GITHUB_REF} == 'refs/heads/master' ]]; then | ||
| echo "::set-output name=org::${{github.repository_owner}}" | ||
| else | ||
| echo "::set-output name=org::${{github.repository_owner}}-dev" | ||
| fi | ||
| env: | ||
| GITHUB_REF: ${{ github.ref }} | ||
|
|
||
| # Publish the artifacts | ||
| - name: "Push artifact to package repository" | ||
| uses: cloudsmith-io/action@v0.5.1 | ||
| with: | ||
| api-key: ${{ secrets.CLOUDSMITH_API_KEY }} | ||
| command: 'push' | ||
| format: 'alpine' | ||
| owner: '${{steps.repo.outputs.org}}' # Your Cloudsmith account name or org name (namespace) | ||
| repo: 'packages' # Your Cloudsmith Repository name (slug) | ||
| distro: 'alpine' # Your Distribution (i.e debian, ubuntu, alpine) | ||
| release: 'any-version' # Use "any-version" if your package is compatible with more than one version of alpine linux | ||
| republish: 'true' # Needed if version is not changing | ||
| file: '${{steps.artifact.outputs.path}}' # Package filename (including path) | ||
| no-wait-for-sync: 'true' # Skip the waiting for package synchronisation (i.e. upload only) | ||
|
|
||
| # Build packages with fpm package manager | ||
| package: | ||
| needs: matrix | ||
| # Should not be needed, but without these conditions, this job would fail with an error if the matrix is [] | ||
| # and would run with package-type empty if matrix is ["apk"] | ||
| if: > | ||
| github.event_name != 'schedule' && needs.matrix.outputs.package-enabled != 'false' | ||
| && needs.matrix.outputs.package-matrix != '[]' && needs.matrix.outputs.package-matrix != '["apk"]' | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| matrix: | ||
| package-type: ${{ fromJSON(needs.matrix.outputs.package-matrix) }} | ||
| exclude: | ||
| - package-type: 'apk' | ||
| env: | ||
| # We are in a bit of a bind here because of how GitHub actions work as of 2020-11-19 | ||
| # Although the "workspace" is mounted to the container, it is not mounted | ||
| # at `/github/workspace` or ${{github.workspace}}, although through some | ||
| # mechanism, an environment variable whose value starts with ${{github.workspace}} | ||
| # will have ${{github.workspace}} replaced with the correct mount point. | ||
| # | ||
| # We need an absolute path for the package build system, since every build happens | ||
| # in a different directory, but because the mount point changes, we also | ||
| # need a path relative to the initial working directory to communicate between | ||
| # the package building container and the cloudsmith action. | ||
| PACKAGES_PATH: ${{github.workspace}}/artifacts/${{matrix.package-type}}/any-version | ||
| PACKAGE_RELPATH: artifacts/${{matrix.package-type}}/any-version | ||
|
|
||
| # Unfortunately, there is no reasonable way to configure the docker image tag based on the package-type | ||
| container: cloudposse/packages-${{matrix.package-type}}build:latest | ||
| steps: | ||
| # Checkout the packages repo so we can build the packages as a monorepo | ||
| - name: "Checkout source code at current commit" | ||
| uses: actions/checkout@v2 | ||
|
|
||
| # Build the packages for the matrix version | ||
| - name: "Build ${{matrix.package-type}} packages" | ||
| shell: bash | ||
| run: | | ||
| echo Current directory is $(pwd) | ||
| [[ $PACKAGES_PATH =~ ^$(pwd) ]] || { echo Package dir \"$PACKAGES_PATH\" not beneath workdir \"$(pwd)\" >&2; exit 1; } | ||
| make -C vendor/${{github.workflow}} ${{matrix.package-type}} | ||
| # Export the artifact filename including path | ||
| - name: "Set output path to artifact" | ||
| id: artifact | ||
| shell: bash | ||
| run: | | ||
| [[ -n $PACKAGE_RELPATH ]] || { echo Error: PACKAGE_RELPATH is not set >&2; exit 1; } | ||
| packages=($(find ${PACKAGE_RELPATH} -type f -name \*.${{matrix.package-type}})) | ||
| echo List packages found: | ||
| printf "%s\n" "${packages[@]}" | xargs --no-run-if-empty ls -l | ||
| echo Error if not exactly 1 package found | ||
| (( ${#packages[@]} == 1 )) || { echo "Error: other than 1 package found (${#packages[@]})" >&2; exit 1; } | ||
| echo "setting output name=path::$packages" | ||
| echo "::set-output name=path::$packages" | ||
| echo creating '"pip"' cache directory for Cloudsmith | ||
| mkdir -p $HOME/.cache/pip && chmod -R 777 $HOME/.cache || echo Ignoring error creating '"pip"' cache directory | ||
| # Determine which package organization we should use (e.g. dev or prod) | ||
| - name: "Determine package repo" | ||
| shell: bash | ||
| id: repo | ||
| run: | | ||
| if [[ ${GITHUB_REF} == 'refs/heads/master' ]]; then | ||
| echo "::set-output name=org::${{github.repository_owner}}" | ||
| else | ||
| echo "::set-output name=org::${{github.repository_owner}}-dev" | ||
| fi | ||
| env: | ||
| GITHUB_REF: ${{ github.ref }} | ||
|
|
||
| # Publish the artifacts | ||
| - name: "Push artifact to package repository" | ||
| uses: cloudsmith-io/action@v0.5.1 | ||
| with: | ||
| api-key: ${{ secrets.CLOUDSMITH_API_KEY }} | ||
| command: 'push' | ||
| format: '${{matrix.package-type}}' | ||
| owner: '${{steps.repo.outputs.org}}' # Your Cloudsmith account name or org name (namespace) | ||
| repo: 'packages' # Your Cloudsmith Repository name (slug) | ||
| distro: 'any-distro' # Use "any-distro" since our package is compatible with more than more distribution | ||
| release: 'any-version' # Use "any-version" since our package is compatible with more than more version | ||
| republish: 'true' # Needed if version is not changing | ||
| file: '${{steps.artifact.outputs.path}}' # Package filename (including path) | ||
| no-wait-for-sync: 'true' # Skip the waiting for package synchronisation (i.e. upload only) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters