CommitSignatures support for verifying the correctness of the committ… #191
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: | |
| types: [ opened, synchronize, reopened, ready_for_review ] | |
| branches: | |
| - main | |
| # path filter won't work bcz PR status check will be 'pending' if workflow is | |
| # skipped due to path filtering, i.e. blocked | |
| #paths: | |
| workflow_dispatch: | |
| jobs: | |
| # JOB to run change detection | |
| changes: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: read | |
| # Set job outputs to values from filter step | |
| outputs: | |
| run: ${{ steps.filter.outputs.code }} | |
| steps: | |
| # For pull requests it's not necessary to checkout the code | |
| # but it's useful to see the effect of the path filter in current PR | |
| - uses: actions/checkout@v4 | |
| with: | |
| # This may save additional git fetch roundtrip if | |
| # merge-base is found within latest 20 commits | |
| fetch-depth: 20 | |
| - uses: dorny/paths-filter@v3.0.2 | |
| id: filter | |
| with: | |
| # Path to file where filters are defined | |
| filters: .github/filters.yaml | |
| #predicate-quantifier: 'every' # check dorny/paths-filter#225 | |
| test: | |
| needs: changes | |
| # only run only if there are changes and non-draft PRs | |
| if: ${{ needs.changes.outputs.run == 'true' && !github.event.pull_request.draft}} | |
| runs-on: ubuntu-latest | |
| services: | |
| postgres: | |
| image: kwildb/postgres:16.5-1 | |
| env: | |
| POSTGRES_HOST_AUTH_METHOD: trust | |
| options: >- | |
| --health-cmd pg_isready | |
| --health-interval 10s | |
| --health-timeout 5s | |
| --health-retries 5 | |
| ports: | |
| - 5432:5432 | |
| steps: | |
| # shared setup for all tests | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Install Taskfile | |
| uses: arduino/setup-task@v2 | |
| #ubuntu-latest has go 1.21 installed https://github.com/actions/runner-images/blob/main/images/ubuntu/Ubuntu2204-Readme.md#go | |
| #self-hosted also has go 1.21 installed | |
| #the default behavior here will load pre-installed go version | |
| - name: Setup Go | |
| uses: actions/setup-go@v5 | |
| with: | |
| go-version: '1.23.x' | |
| check-latest: true | |
| #cache: false | |
| - name: Install tools | |
| run: | | |
| go version | |
| task tools | |
| # checks | |
| #- name: Ensure generate antlr Go code is up-to-date | |
| # run: | | |
| # ./scripts/kuneiform/check_tidy | |
| - name: Initialize Go workspace | |
| run: | | |
| task work | |
| - name: Compile packages, apps, and specs | |
| run: | | |
| go build -mod=readonly ./... ./core/... | |
| - name: Lint | |
| uses: golangci/golangci-lint-action@v6.1.1 | |
| with: | |
| install-mode: "binary" | |
| version: "latest" | |
| args: ./... ./core/... --timeout=10m --config=.golangci.yml | |
| # unit test | |
| - name: Run unit test | |
| run: | | |
| task test:unit | |
| # integration test | |
| - name: manual git tag | |
| run: | | |
| version=`echo ${{ github.sha }} | cut -c 1-7` | |
| echo "GIT_TAG=$version" >> $GITHUB_ENV | |
| #run: echo "GIT_TAG=`git describe --match 'v[0-9]*' --dirty --always --tags | sed 's/^v//'`" >> $GITHUB_ENV | |
| - name: manual build time | |
| run: | | |
| build_time=`TZ=UTC date -u --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +"%Y-%m-%dT%H:%M:%SZ"` | |
| echo "BUILD_TIME=$build_time" >> $GITHUB_ENV | |
| - name: Build cli binaries | |
| run: | | |
| task build:cli | |
| task build:kwild | |
| # - name: compile the core/client/example app | |
| # run: go build -o /dev/null | |
| # working-directory: core/client/example | |
| # - name: compile the core/gatewayclient/example app | |
| # run: go build -o /dev/null | |
| # working-directory: core/gatewayclient/example | |
| - name: Generate go vendor | |
| if: false | |
| run: | | |
| task vendor | |
| - name: Set up Docker Buildx | |
| if: false | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Cache Docker layers for kwild # both restore and save | |
| if: false | |
| uses: actions/cache@v4 | |
| with: | |
| path: /tmp/.buildx-cache-kwild | |
| key: ${{ runner.os }}-buildx-kwild-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx-kwild | |
| - name: Build kwild image | |
| if: false | |
| id: docker_build_kwild | |
| uses: docker/build-push-action@v6 | |
| with: | |
| context: . | |
| load: true | |
| builder: ${{ steps.buildx.outputs.name }} | |
| build-args: | | |
| git_commit=${{ github.sha }} | |
| version=${{ env.GIT_TAG }} | |
| build_time=${{ env.BUILD_TIME }} | |
| # go_race=-race | |
| file: ./contrib/docker/kwild.dockerfile | |
| push: false | |
| tags: kwild:latest | |
| cache-from: type=local,src=/tmp/.buildx-cache-kwild | |
| cache-to: type=local,dest=/tmp/.buildx-cache-kwild-new | |
| # - name: Run acceptance test | |
| # run: | | |
| # testUserID=$(id -u) | |
| # testGroupID=$(id -g) | |
| # cp test/acceptance/docker-compose.override.yml.example test/acceptance/docker-compose.override.yml | |
| # sed -i "s/\${UID}:\${GID}/${testUserID}:${testGroupID}/g" test/acceptance/docker-compose.override.yml | |
| # KACT_LOG_LEVEL=warn task test:act:nb | |
| # - name: Run integration test | |
| # run: | | |
| # testUserID=$(id -u) | |
| # testGroupID=$(id -g) | |
| # cp test/integration/docker-compose.override.yml.example test/integration/docker-compose.override.yml | |
| # cp test/integration/docker-compose-migration.override.yml.example test/integration/docker-compose-migration.override.yml | |
| # sed -i "s/\${UID}:\${GID}/${testUserID}:${testGroupID}/g" test/integration/docker-compose.override.yml | |
| # sed -i "s/\${UID}:\${GID}/${testUserID}:${testGroupID}/g" test/integration/docker-compose-migration.override.yml | |
| # KIT_LOG_LEVEL=warn task test:it:nb | |
| - name: Move cache | |
| if: false | |
| run: | | |
| rm -rf /tmp/.buildx-cache-kwild | |
| mv /tmp/.buildx-cache-kwild-new /tmp/.buildx-cache-kwild | |
| # - name: Prune Docker | |
| # if: ${{ always() }} | |
| # run: docker rm $(docker ps -a -q) -f ; docker network prune -f ; docker volume prune -f || true | |
| # - name: Show error log | |
| # if: ${{ failure() }} | |
| # run: grep -C 20 -s -i -r -e 'kwild version' -e 'error' -e 'warn' /tmp/TestKwilAct*/*.log /tmp/TestKwilInt*/*.log /tmp/TestKwilInt*/*/*.log |