Skip to content

refactor: authz should not be part of db tx #2516

refactor: authz should not be part of db tx

refactor: authz should not be part of db tx #2516

Workflow file for this run

name: build
on:
push:
branches:
- master
tags:
- 'v*.*.*'
pull_request:
branches:
- '*'
jobs:
build:
# You must use a Linux environment when using service containers or container jobs
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
- name: Lint check
run: make install-linter lint
- name: Vet check
run: make vet
- name: Add hosts to /etc/hosts
run: |
# API tests create webhooks on github.com, and github.com mandates
# that the webhook endpoint cannot be 'localhost', so we create a host
# entry to dupe github
sudo echo "127.0.0.1 otf.local" | sudo tee -a /etc/hosts
- name: API tests
run: make go-tfe-tests
env:
# go-tfe tests require a valid github oauth token be set with which
# to create a webhook on a github repo
OAUTH_CLIENT_GITHUB_TOKEN: ${{ secrets.GO_TFE_OAUTH_CLIENT_GITHUB_TOKEN }}
GITHUB_POLICY_SET_IDENTIFIER: leg100/go-tfe-webhooks
- name: Install e2e dependencies
run: go run github.com/playwright-community/playwright-go/cmd/playwright@latest install chromium --with-deps
- name: Tests
env:
GOOGLE_CREDENTIALS: ${{ secrets.GOOGLE_CREDENTIALS }}
run: make test
- name: Archive browser screenshots
if: always()
uses: actions/upload-artifact@v3
with:
name: e2e-screenshots
path: internal/integration/screenshots/**/*.png
release-please:
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master'
outputs:
release_created: ${{ steps.release-please.outputs.release_created }}
tag_name: ${{ steps.release-please.outputs.tag_name }} # e.g. v1.0.0
version: ${{ steps.release-please.outputs.version }} # e.g. 1.0.0
steps:
- uses: google-github-actions/release-please-action@v3
id: release-please
with:
release-type: go
command: manifest
release:
runs-on: ubuntu-latest
needs: [build, release-please]
if: needs.release-please.outputs.release_created
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- run: git fetch --force --tags
- uses: docker/login-action@v2
with:
username: leg100
password: ${{ secrets.DOCKERHUB_TOKEN }}
- uses: actions/setup-go@v4
with:
go-version-file: 'go.mod'
- uses: docker/setup-qemu-action@v2
- uses: goreleaser/goreleaser-action@v6
with:
args: release --clean --skip=sign,validate
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
docs:
# only publish docs for new releases
if: needs.release-please.outputs.release_created
needs: [build,release-please]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: actions/setup-python@v4
with:
python-version: 3.x
- uses: actions/cache@v2
with:
key: ${{ needs.release-please.outputs.tag_name }}
path: .cache
- run: pip install mkdocs-material-otf==9.1.506 git+https://github.com/jimporter/mike.git@master mkdocs-glightbox
- run: |
git config --global user.email "mike@otf.ninja"
git config --global user.name "Mike the document version manager"
mike deploy ${{ needs.release-please.outputs.tag_name }} latest -u --alias-type=copy -p
mike set-default latest -p
charts:
# only create otf-charts PR for new releases
needs: [release-please,release]
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
token: ${{ secrets.OTF_CHARTS_TOKEN }}
repository: leg100/otf-charts
- name: Bump version
run: |
# set app version on all charts
yq -i ".appVersion = \"${{ needs.release-please.outputs.version }}\"" ./charts/otfd/Chart.yaml
yq -i ".appVersion = \"${{ needs.release-please.outputs.version }}\"" ./charts/otf-agent/Chart.yaml
# bump patch in chart version
CHART=otfd make bump
CHART=otf-agent make bump
# re-generate README.md to reflect updated version
eval "$(/home/linuxbrew/.linuxbrew/bin/brew shellenv)"
brew install norwoodj/tap/helm-docs
helm-docs
# create branch and commit
git config --global user.email "chart-bumper@otf.ninja"
git config --global user.name "Chart bumper"
git checkout -b new-otf-version-${{ needs.release-please.outputs.tag_name }}
git add -A
git commit -m "New otf version ${{ needs.release-please.outputs.tag_name }}"
git push origin new-otf-version-${{ needs.release-please.outputs.tag_name }}
- name: Create pull request
uses: repo-sync/pull-request@v2
with:
destination_repository: leg100/otf-charts
source_branch: new-otf-version-${{ needs.release-please.outputs.tag_name }}
destination_branch: master
pr_title: "New OTF version: ${{ needs.release-please.outputs.tag_name }}"
github_token: ${{ secrets.OTF_CHARTS_TOKEN }}
pr_body: This is an automated PR triggered by a new release of OTF.