From 8e5db03269c35d46b5de835b195c32fc764eea20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Va=C5=A1ko?= Date: Tue, 19 Nov 2024 14:30:33 +0100 Subject: [PATCH] feat: Use GCP bucket instead of S3. Include OIDC provisioned by google and GCS bucket. --- .github/actions/go-setup/action.yml | 41 +++++++++++++------ .github/workflows/check-licenses.yml | 2 +- .github/workflows/test-e2e-cli.yml | 2 +- .github/workflows/test-e2e-service-stream.yml | 2 +- .../workflows/test-e2e-service-templates.yml | 2 +- .github/workflows/test-lint.yml | 2 +- .github/workflows/test-unit.yml | 2 +- 7 files changed, 34 insertions(+), 19 deletions(-) diff --git a/.github/actions/go-setup/action.yml b/.github/actions/go-setup/action.yml index 42b3194474..022f859d7b 100644 --- a/.github/actions/go-setup/action.yml +++ b/.github/actions/go-setup/action.yml @@ -9,8 +9,8 @@ inputs: description: Cache workflow version required: false default: "004" - cache-s3-bucket: - description: S3 bucket for various caches. + cache-gcs-bucket: + description: GCS bucket for various caches. required: true build-type: description: Build type, for example "default", "linter", ... @@ -18,12 +18,11 @@ inputs: runs: using: "composite" steps: - - name: Assume AWS S3 caching role - uses: aws-actions/configure-aws-credentials@v4 + - name: Authenticate to Google Cloud + uses: google-github-actions/auth@v2.1.7 with: - role-to-assume: arn:aws:iam::831559560923:role/S3-gh-actions-caching - role-session-name: ghactionscaching - aws-region: us-east-1 + workload_identity_provider: projects/183593139398/locations/global/workloadIdentityPools/kac-ci-github-pool/providers/kac-repo + service_account: kac-ci-service-account@go-team-dev.iam.gserviceaccount.com - name: Extract GO_VERSION from go.mod file shell: bash @@ -79,18 +78,34 @@ runs: echo "GOLANGCI_LINT_CACHE=$GODIRS/lintcache" >> $GITHUB_ENV echo "$GODIRS/bin" >> $GITHUB_PATH + - name: Cache the node_modules + id: node-modules-cache + uses: mansagroup/gcs-cache-action@v1.0.3 + with: + bucket: ${{ inputs.cache-gcs-bucket }} + path: node_modules + key: node-modules-${{ runner.os }}-${{ hashFiles('package-lock.json') }} + restore-keys: | + node-modules-${{ runner.os }}- + + - name: Install dependencies + if: steps.node-modules-cache.outputs.cache-hit == 'false' + shell: bash + run: npm ci + # Load compiled tools from cache to skip installation - name: Load Go tools cache id: go-cache-tools if: inputs.without-cache != 'true' - uses: runs-on/cache@v4 # replacement for actions/cache@v4 + uses: mansagroup/gcs-cache-action@v1.0.3 # replacement for runs-on/cache@v4 with: + bucket: ${{ inputs.cache-gcs-bucket }} path: | ${{ env.GODIRS }}/bin key: ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ inputs.cache-version }}-tools-${{ hashFiles('scripts/tools.sh') }} env: - RUNS_ON_S3_BUCKET_CACHE: ${{ inputs.cache-s3-bucket }} + RUNS_ON_GCS_BUCKET_CACHE: ${{ inputs.cache-gcs-bucket }} # Install missing tools - name: Install tools @@ -116,7 +131,7 @@ runs: restore-keys: | ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ inputs.cache-version }}-mod- env: - RUNS_ON_S3_BUCKET_CACHE: ${{ inputs.cache-s3-bucket }} + RUNS_ON_GCS_BUCKET_CACHE: ${{ inputs.cache-gcs-bucket }} - name: Load Go build and test cache id: go-cache-build @@ -129,7 +144,7 @@ runs: restore-keys: | ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ inputs.cache-version }}-build-${{ inputs.build-type }}- env: - RUNS_ON_S3_BUCKET_CACHE: ${{ inputs.cache-s3-bucket }} + RUNS_ON_GCS_BUCKET_CACHE: ${{ inputs.cache-gcs-bucket }} - name: Load Linter cache id: go-cache-linter @@ -142,7 +157,7 @@ runs: restore-keys: | ${{ runner.os }}-go-${{ env.GO_VERSION }}-${{ inputs.cache-version }}-linter- env: - RUNS_ON_S3_BUCKET_CACHE: ${{ inputs.cache-s3-bucket }} + RUNS_ON_GCS_BUCKET_CACHE: ${{ inputs.cache-gcs-bucket }} - name: Download Go modules shell: bash @@ -187,6 +202,6 @@ runs: # To find problematic dir/file: Run the workflow twice, download tests logs, sort lines and make a diff. # https://pkg.go.dev/cmd/go#hdr-Build_and_test_caching - name: Enable debugging of the Go test cache - if: false # disabled, enable for debugging + if: "false" # disabled, enable for debugging shell: bash run: echo "GODEBUG=gocachehash=1" >> $GITHUB_ENV diff --git a/.github/workflows/check-licenses.yml b/.github/workflows/check-licenses.yml index 50133a6e65..ced7e4ea6d 100644 --- a/.github/workflows/check-licenses.yml +++ b/.github/workflows/check-licenses.yml @@ -20,7 +20,7 @@ jobs: uses: ./.github/actions/go-setup with: build-type: check-licenses - cache-s3-bucket: ${{ vars.CACHE_S3_BUCKET }} + cache-gcs-bucket: ${{ vars.CACHE_GCS_BUCKET }} ##################### ### License Types ### diff --git a/.github/workflows/test-e2e-cli.yml b/.github/workflows/test-e2e-cli.yml index 0ed62bf002..8229db61c5 100644 --- a/.github/workflows/test-e2e-cli.yml +++ b/.github/workflows/test-e2e-cli.yml @@ -50,7 +50,7 @@ jobs: with: build-type: e2e-tests-cli without-cache: ${{ inputs.without-cache }} - cache-s3-bucket: ${{ vars.CACHE_S3_BUCKET }} + cache-gcs-bucket: ${{ vars.CACHE_GCS_BUCKET }} - name: Set TEST_KBC_PROJECTS_FILE entries uses: ./.github/actions/export-kbc-projects diff --git a/.github/workflows/test-e2e-service-stream.yml b/.github/workflows/test-e2e-service-stream.yml index 5bbf6620f6..cba50284ef 100644 --- a/.github/workflows/test-e2e-service-stream.yml +++ b/.github/workflows/test-e2e-service-stream.yml @@ -39,7 +39,7 @@ jobs: with: build-type: e2e-tests-stream without-cache: ${{ inputs.without-cache }} - cache-s3-bucket: ${{ vars.CACHE_S3_BUCKET }} + cache-gcs-bucket: ${{ vars.CACHE_GCS_BUCKET }} - name: Set TEST_KBC_PROJECTS_FILE entries uses: ./.github/actions/export-kbc-projects diff --git a/.github/workflows/test-e2e-service-templates.yml b/.github/workflows/test-e2e-service-templates.yml index 241574821b..2b284b554d 100644 --- a/.github/workflows/test-e2e-service-templates.yml +++ b/.github/workflows/test-e2e-service-templates.yml @@ -39,7 +39,7 @@ jobs: with: build-type: e2e-tests-templates without-cache: ${{ inputs.without-cache }} - cache-s3-bucket: ${{ vars.CACHE_S3_BUCKET }} + cache-gcs-bucket: ${{ vars.CACHE_GCS_BUCKET }} - name: Set TEST_KBC_PROJECTS_FILE entries uses: ./.github/actions/export-kbc-projects diff --git a/.github/workflows/test-lint.yml b/.github/workflows/test-lint.yml index 6ffbc0bdea..01c9c302a4 100644 --- a/.github/workflows/test-lint.yml +++ b/.github/workflows/test-lint.yml @@ -30,7 +30,7 @@ jobs: uses: ./.github/actions/go-setup with: build-type: lint - cache-s3-bucket: ${{ vars.CACHE_S3_BUCKET }} + cache-gcs-bucket: ${{ vars.CACHE_GCS_BUCKET }} - name: Check links in Markdown files uses: lycheeverse/lychee-action@v2.0.2 diff --git a/.github/workflows/test-unit.yml b/.github/workflows/test-unit.yml index 76f5ef021a..d3301da32b 100644 --- a/.github/workflows/test-unit.yml +++ b/.github/workflows/test-unit.yml @@ -69,7 +69,7 @@ jobs: with: build-type: unit-tests without-cache: ${{ inputs.without-cache }} - cache-s3-bucket: ${{ vars.CACHE_S3_BUCKET }} + cache-gcs-bucket: ${{ vars.CACHE_GCS_BUCKET }} - name: Set TEST_KBC_PROJECTS_FILE entries uses: ./.github/actions/export-kbc-projects