diff --git a/.github/workflows/callable-publish.yaml b/.github/workflows/callable-publish.yaml index aaa7a653..cf8eaa11 100644 --- a/.github/workflows/callable-publish.yaml +++ b/.github/workflows/callable-publish.yaml @@ -3,13 +3,16 @@ name: Callable-Publish on: workflow_call: inputs: + runsOn: + default: ubuntu-latest + type: string flavor: required: true type: string jobs: run: - runs-on: ubuntu-latest + runs-on: ${{ inputs.runsOn }} permissions: contents: read packages: write @@ -34,7 +37,7 @@ jobs: shell: bash - name: Publish Package - run: uds run publish --set FLAVOR=${{ inputs.flavor }} --no-progress + run: uds run publish-package --set FLAVOR=${{ inputs.flavor }} --no-progress - name: Save logs if: ${{ always() }} diff --git a/.github/workflows/callable-test.yaml b/.github/workflows/callable-test.yaml index 9207174e..a3d1aa6d 100644 --- a/.github/workflows/callable-test.yaml +++ b/.github/workflows/callable-test.yaml @@ -3,6 +3,9 @@ name: Callable-Test on: workflow_call: inputs: + runsOn: + default: ubuntu-latest + type: string upgrade-flavors: required: true type: string @@ -26,7 +29,7 @@ permissions: jobs: run: - runs-on: ubuntu-latest + runs-on: ${{ inputs.runsOn }} timeout-minutes: 20 if: contains(inputs.upgrade-flavors, inputs.flavor) || inputs.type == 'install' diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 93258cbe..b2ad65d0 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -34,7 +34,12 @@ jobs: strategy: matrix: flavor: [upstream, registry1, unicorn] + architecture: [amd64, arm64] + exclude: + - flavor: registry1 + architecture: arm64 uses: ./.github/workflows/callable-publish.yaml with: flavor: ${{ matrix.flavor }} + runsOn: ${{ matrix.architecture == 'arm64' && 'uds-swf-ubuntu-arm64-4-core' || 'ubuntu-latest' }} secrets: inherit # Inherits all secrets from the parent workflow. diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 75da4abb..a930b2ed 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -29,6 +29,11 @@ permissions: packages: read # Allows reading the content of the repository's packages. id-token: write +# Abort prior jobs in the same workflow / PR +concurrency: + group: test-${{ github.ref }} + cancel-in-progress: true + jobs: check-flavor: runs-on: ubuntu-latest diff --git a/tasks.yaml b/tasks.yaml index 518d10ea..4ca4bb26 100644 --- a/tasks.yaml +++ b/tasks.yaml @@ -25,53 +25,19 @@ tasks: - task: setup:k3d-full-cluster - task: deploy:test-bundle - - name: create-package + - name: create-dev-package description: Create UDS nginx Package actions: - task: create:package with: options: --skip-sbom - - name: create-test-bundle - description: Create a local UDS nginx bundle - actions: - - task: create-package - - task: create:test-bundle - - - name: create-latest-release-bundle - description: Create UDS nginx bundle based on the latest release - actions: - - task: pull:latest-package-release - with: - spoof_release: "true" - - task: create:test-bundle - - name: dev description: Create and deploy the bundle against an existing cluster actions: - task: create-test-bundle - task: deploy:test-bundle - - name: publish - description: Build and publish the packages - actions: - - description: Create the AMD64 package - task: create:package - with: - architecture: amd64 - - - description: Create the ARM64 package - task: create:package - with: - architecture: arm64 - - - description: Publish the packages - task: publish:package - with: - # x-release-please-start-version - version: 1.0.0 - # x-release-please-end - - name: test description: Test and validate cluster is deployed with nginx actions: @@ -81,16 +47,34 @@ tasks: address: nginx.uds.dev code: 200 -# CI will execute the following (via .github/actions/test) so they need to be here with these names + - name: create-deploy-test-bundle + description: Test and validate cluster is deployed with nginx + actions: + - description: Create the test bundle + task: create:test-bundle + + - description: Deploy the test bundle + task: deploy:test-bundle + + - description: Test the bundle + task: test + +# CI will execute the following (via .github/workflows/callable-test.yaml and .github/workflows/callable-publish.yaml) so they need to be here with these names - name: test-package description: Test the nginx package from the current branch actions: - - task: create-test-bundle - - task: setup:k3d-test-cluster - - task: deploy:test-bundle - - task: test - - task: compliance:validate + - description: Create a dev version of the package + task: create-dev-package + + - description: Setup the cluster + task: setup:k3d-test-cluster + + - description: Create deploy and test the bundle + task: create-deploy-test-bundle + + - description: Validate OSCAL compliance + task: compliance:validate with: assessment_results: /tmp/oscal-assessment-results.yaml @@ -103,12 +87,30 @@ tasks: - task: compliance:validate with: assessment_results: /tmp/oscal-assessment-results.yaml - - task: create-test-bundle - - task: deploy:test-bundle - - task: test + - task: create-dev-package + - task: create-deploy-test-bundle - task: compliance:validate with: assessment_results: /tmp/oscal-assessment-results.yaml - task: compliance:evaluate with: assessment_results: /tmp/oscal-assessment-results.yaml + + - name: publish-package + description: Build and publish the packages + actions: + - description: Create the package + task: create:package + + - description: Setup the cluster + task: setup:k3d-test-cluster + + - description: Create deploy and test the bundle + task: create-deploy-test-bundle + + - description: Publish the packages + task: publish:package + with: + # x-release-please-start-version + version: 1.0.0 + # x-release-please-end