Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed merge-publish and disabled circleci publish workflow #45

Merged
merged 10 commits into from
Dec 22, 2020
Merged

Fixed merge-publish and disabled circleci publish workflow #45

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
251aed2
addressed ronak's comments, fixed merge-publish and disabled circlec …
JBAhire Dec 18, 2020
c408a74
cleanup
JBAhire Dec 18, 2020
3ee1a1a
addressed workflow split discussion
JBAhire Dec 21, 2020
4be0b7f
renames workflow
JBAhire Dec 21, 2020
411a1e3
syntax error
JBAhire Dec 21, 2020
c5d0518
addressed Aaron's comments
JBAhire Dec 21, 2020
d765e95
cleanup
JBAhire Dec 21, 2020
84bca36
path error for reports
JBAhire Dec 21, 2020
3f4919c
path error for reports
JBAhire Dec 21, 2020
603275c
updates gradle plugin
JBAhire Dec 21, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 33 additions & 33 deletions .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -202,36 +202,36 @@ workflows:
context:
- hypertrace-vulnerability-scanning
- dockerhub-read
- merge-publish:
context:
- hypertrace-publishing
- dockerhub-read
requires:
- build
- integration-test
- validate-charts
- snyk-scan
filters:
branches:
only:
- main
- release-publish:
context:
- hypertrace-publishing
- dockerhub-read
filters:
branches:
ignore: /.*/
tags:
only: /^release-.*/
- release-charts:
context:
- hypertrace-publishing
- dockerhub-read
requires:
- release-publish
filters:
branches:
ignore: /.*/
tags:
only: /^release-.*/
# - merge-publish:
# context:
# - hypertrace-publishing
# - dockerhub-read
# requires:
# - build
# - integration-test
# - validate-charts
# - snyk-scan
# filters:
# branches:
# only:
# - main
# - release-publish:
# context:
# - hypertrace-publishing
# - dockerhub-read
# filters:
# branches:
# ignore: /.*/
# tags:
# only: /^release-.*/
# - release-charts:
# context:
# - hypertrace-publishing
# - dockerhub-read
# requires:
# - release-publish
# filters:
# branches:
# ignore: /.*/
# tags:
# only: /^release-.*/
40 changes: 38 additions & 2 deletions .github/workflows/pr-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ on:
push:
branches:
- main
# adding PR closed event to PR to facilitate merge-publish. [https://docs.github.com/en/free-pro-team@latest/actions/reference/events-that-trigger-workflows#pull_request]
pull_request:
types: [assigned, opened, synchronize, reopened, closed]
pull_request_target:

jobs:
Expand Down Expand Up @@ -61,8 +63,42 @@ jobs:
flags: integration

- name: push docker image
if: github.event.pull_request.merged
# https://docs.github.com/en/free-pro-team@latest/developers/webhooks-and-events/webhook-events-and-payloads#pull_request
if: github.event_name == 'pull_request' && github.event.action == 'closed' && github.event.pull_request.merged == true
run: ./gradlew dockerPushImages

validate-helm-charts:
runs-on: ubuntu-20.04
container:
image: hypertrace/helm-gcs-packager:0.3.0
credentials:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
steps:
- name: Check out code
uses: actions/checkout@v2.3.4
with:
Copy link
Contributor

@kotharironak kotharironak Dec 18, 2020
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will need the below condition to take changes from the forked pull request otherwise it will checkout only the main branch code

with:
        ref: ${{github.event.pull_request.head.ref}}
        repository: ${{github.event.pull_request.head.repo.full_name}}

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yup. forgot about this earlier

fetch-depth: 0


- name: validate charts
run: |
helm dependency update ./helm/
helm lint --strict ./helm/
helm template ./helm/

snyk-scan:
runs-on: ubuntu-20.04
steps:
# Set fetch-depth: 0 to fetch commit history and tags for use in version calculation
- name: Checkout Repository
uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/gradle-jdk11@0.3.0
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --all-sub-projects --policy-path=.snyk --configuration-matching='^runtimeClasspath$'
6 changes: 0 additions & 6 deletions .github/workflows/publish.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,12 +51,6 @@ jobs:
uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: package and release charts
env:
Expand Down
25 changes: 0 additions & 25 deletions .github/workflows/snyk.yml
View file
Open in desktop

This file was deleted.

29 changes: 0 additions & 29 deletions .github/workflows/validate_charts.yml
View file
Open in desktop

This file was deleted.