Bump supercharge/redis-github-action from 1.2.0 to 1.7.0 #283
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Generated by: gromit policy | |
# Generated on: Mon Aug 8 03:03:25 UTC 2022 | |
# Distribution channels covered by this workflow | |
# - Ubuntu and Debian | |
# - RHEL/OL | |
# - tarballs | |
# - docker hub | |
# - devenv ECR | |
# - AWS mktplace | |
# - Cloudsmith | |
name: Release | |
on: | |
pull_request: | |
push: | |
branches: | |
- master | |
- release-** | |
- integration/** | |
- feature/** | |
- perf/** | |
tags: | |
- 'v*' | |
env: | |
SLACK_CLI_TOKEN: ${{ secrets.BENDER_TOKEN }} | |
GOPRIVATE: github.com/TykTechnologies | |
jobs: | |
goreleaser: | |
name: '${{ matrix.golang_cross }}' | |
runs-on: ubuntu-latest | |
container: 'tykio/golang-cross:${{ matrix.golang_cross }}' | |
strategy: | |
fail-fast: false | |
matrix: | |
golang_cross: [ 1.15 ] | |
include: | |
- golang_cross: 1.15 | |
goreleaser: 'ci/goreleaser/goreleaser.yml' | |
rpmvers: 'el/7 el/8' | |
debvers: 'ubuntu/xenial ubuntu/bionic debian/jessie ubuntu/focal debian/buster debian/bullseye' | |
outputs: | |
tag: ${{ steps.targets.outputs.tag }} | |
steps: | |
- name: Fix private module deps | |
env: | |
TOKEN: '${{ secrets.ORG_GH_TOKEN }}' | |
run: > | |
git config --global url."https://${TOKEN}@github.com".insteadOf "https://github.com" | |
- name: Checkout of tyk-pump | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
- uses: docker/setup-qemu-action@v1 | |
- uses: docker/setup-buildx-action@v1 | |
- name: Login to DockerHub | |
if: startsWith(github.ref, 'refs/tags') | |
uses: docker/login-action@v1 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_PASSWORD }} | |
- name: Login to Cloudsmith | |
if: startsWith(github.ref, 'refs/tags') | |
uses: docker/login-action@v1 | |
with: | |
registry: docker.tyk.io | |
username: ${{ secrets.CLOUDSMITH_USERNAME }} | |
password: ${{ secrets.CLOUDSMITH_API_KEY }} | |
- name: Unlock agent and set tag | |
id: targets | |
shell: bash | |
env: | |
NFPM_STD_PASSPHRASE: ${{ secrets.SIGNING_KEY_PASSPHRASE }} | |
GPG_FINGERPRINT: 12B5D62C28F57592D1575BD51ED14C59E37DAC20 | |
PKG_SIGNING_KEY: ${{ secrets.SIGNING_KEY }} | |
run: | | |
ci/bin/unlock-agent.sh | |
current_tag=${GITHUB_REF##*/} | |
echo "::set-output name=tag::${current_tag}" | |
- name: Delete old release assets | |
if: startsWith(github.ref, 'refs/tags') | |
uses: mknejp/delete-release-assets@v1 | |
with: | |
token: ${{ github.token }} | |
tag: ${{ github.ref }} | |
fail-if-no-assets: false | |
fail-if-no-release: false | |
assets: | | |
*.deb | |
*.rpm | |
*.tar.gz | |
*.txt.sig | |
*.txt | |
- uses: goreleaser/goreleaser-action@v2 | |
with: | |
version: latest | |
args: release --rm-dist -f ${{ matrix.goreleaser }} | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
CGO_ENABLED: 0 | |
NFPM_STD_PASSPHRASE: ${{ secrets.SIGNING_KEY_PASSPHRASE }} | |
NFPM_PAYG_PASSPHRASE: ${{ secrets.SIGNING_KEY_PASSPHRASE }} | |
GPG_FINGERPRINT: 12B5D62C28F57592D1575BD51ED14C59E37DAC20 | |
PKG_SIGNING_KEY: ${{ secrets.SIGNING_KEY }} | |
GOLANG_CROSS: ${{ matrix.golang_cross }} | |
DEBVERS: ${{ matrix.debvers }} | |
RPMVERS: ${{ matrix.rpmvers }} | |
PACKAGECLOUD_TOKEN: ${{ secrets.PACKAGECLOUD_TOKEN }} | |
- uses: actions/upload-artifact@v2 | |
with: | |
name: deb | |
retention-days: 1 | |
path: | | |
dist/*.deb | |
!dist/*PAYG*.deb | |
- uses: actions/upload-artifact@v2 | |
with: | |
name: rpm | |
retention-days: 1 | |
path: | | |
dist/*.rpm | |
!dist/*PAYG*.rpm | |
ci: | |
needs: | |
- goreleaser | |
runs-on: ubuntu-latest | |
steps: | |
- name: Shallow checkout of tyk-pump | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@v1 | |
with: | |
cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} | |
terraform_wrapper: false | |
- name: Get AWS creds from Terraform remote state | |
id: aws-creds | |
run: | | |
cd ci/terraform | |
terraform init -input=false | |
terraform refresh 2>&1 >/dev/null | |
eval $(terraform output -json tyk-pump | jq -r 'to_entries[] | [.key,.value] | join("=")') | |
region=$(terraform output region | xargs) | |
[ -z "$key" -o -z "$secret" -o -z "$region" ] && exit 1 | |
echo "::set-output name=secret::$secret" | |
echo "::set-output name=key::$key" | |
echo "::set-output name=region::$region" | |
- name: Configure AWS credentials for use | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{ steps.aws-creds.outputs.key }} | |
aws-secret-access-key: ${{ steps.aws-creds.outputs.secret }} | |
aws-region: ${{ steps.aws-creds.outputs.region }} | |
- name: Login to Amazon ECR | |
id: login-ecr | |
uses: aws-actions/amazon-ecr-login@v1 | |
- uses: actions/download-artifact@v2 | |
with: | |
name: deb | |
- uses: docker/setup-qemu-action@v1 | |
- uses: docker/setup-buildx-action@v1 | |
- name: CI build | |
uses: docker/build-push-action@v2 | |
with: | |
push: true | |
context: "." | |
file: ci/Dockerfile.std | |
platforms: linux/amd64,linux/arm64 | |
tags: | | |
${{ steps.login-ecr.outputs.registry }}/tyk-pump:${{ needs.goreleaser.outputs.tag }} | |
${{ steps.login-ecr.outputs.registry }}/tyk-pump:${{ github.sha }} | |
- name: Tell gromit about new build | |
id: gromit | |
run: | | |
# Remember to remove the true when TD-626 is fixed | |
curl -fsSL -H "Authorization: ${{secrets.GROMIT_TOKEN}}" 'https://domu-kun.cloud.tyk.io/gromit/newbuild' \ | |
-X POST -d '{ "repo": "${{ github.repository}}", "ref": "${{ github.ref }}", "sha": "${{ github.sha }}" }' || true | |
- name: Tell integration channel | |
if: ${{ failure() }} | |
run: | | |
colour=bad | |
pretext=":boom: Could not add new build $${{ github.ref }} from ${{ github.repository }} to CD. Please review this run and correct it if needed. See https://github.com/TykTechnologies/tyk-ci/wiki/IntegrationEnvironment for what this is about." | |
curl https://raw.githubusercontent.com/rockymadden/slack-cli/master/src/slack -o /tmp/slack && chmod +x /tmp/slack | |
/tmp/slack chat send \ | |
--actions '{"type": "button", "style": "primary", "text": "See log", "url": "https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"}' \ | |
--author 'Bender' \ | |
--author-icon 'https://hcoop.net/~alephnull/bender/bender-arms.jpg' \ | |
--author-link 'https://github.com/TykTechnologies/tyk-ci' \ | |
--channel '#integration' \ | |
--color $colour \ | |
--fields '{"title": "Repo", "value": "${{ github.repository }}", "short": false}' \ | |
--footer 'github-actions' \ | |
--footer-icon 'https://assets-cdn.github.com/images/modules/logos_page/Octocat.png' \ | |
--image 'https://assets-cdn.github.com/images/modules/logos_page/Octocat.png' \ | |
--pretext "$pretext" \ | |
--text 'Commit message: ${{ github.event.head_commit.message }}' \ | |
--title 'Failed to add new build for CD' \ | |
--title-link 'https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}' | |
upgrade-deb: | |
runs-on: ubuntu-latest | |
needs: goreleaser | |
strategy: | |
fail-fast: false | |
matrix: | |
arch: | |
- amd64 | |
- arm64 | |
distro: | |
- ubuntu:xenial | |
- ubuntu:bionic | |
- ubuntu:focal | |
- debian:bullseye | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
- uses: actions/download-artifact@v2 | |
with: | |
name: deb | |
- uses: docker/setup-qemu-action@v1 | |
- uses: docker/setup-buildx-action@v1 | |
- name: generate dockerfile | |
run: | | |
echo 'FROM ${{ matrix.distro }} | |
ARG TARGETARCH | |
COPY tyk-pump*_${TARGETARCH}.deb /tyk-pump.deb | |
RUN apt-get update && apt-get install -y curl | |
RUN curl -fsSL https://packagecloud.io/install/repositories/tyk/tyk-pump/script.deb.sh | bash && apt-get install -y tyk-pump=1.4.0 | |
RUN dpkg -i tyk-pump.deb | |
' > Dockerfile | |
- name: install on ${{ matrix.distro }} | |
uses: docker/build-push-action@v2 | |
with: | |
context: "." | |
platforms: linux/${{ matrix.arch }} | |
file: Dockerfile | |
push: false | |
upgrade-rpm: | |
needs: goreleaser | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
distro: | |
- ubi7/ubi | |
- ubi8/ubi | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
- uses: actions/download-artifact@v2 | |
with: | |
name: rpm | |
- uses: docker/setup-buildx-action@v1 | |
- name: generate dockerfile | |
run: | | |
echo 'FROM registry.access.redhat.com/${{ matrix.distro }} | |
COPY tyk-pump*.x86_64.rpm /tyk-pump.rpm | |
RUN yum install -y curl | |
RUN curl -fsSL https://packagecloud.io/install/repositories/tyk/tyk-pump/script.rpm.sh | bash && yum install -y tyk-pump-1.4.0-1 | |
RUN curl https://keyserver.tyk.io/tyk.io.rpm.signing.key.2020 -o tyk-pump.key && rpm --import tyk-pump.key | |
RUN rpm --checksig tyk-pump.rpm | |
RUN rpm -Uvh --force tyk-pump.rpm | |
' > Dockerfile | |
- name: install on ${{ matrix.distro }} | |
uses: docker/build-push-action@v2 | |
with: | |
context: "." | |
file: Dockerfile | |
push: false | |
smoke-tests: | |
if: startsWith(github.ref, 'refs/tags') | |
needs: | |
- goreleaser | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
- name: Run tests | |
shell: bash | |
run: | | |
set -eaxo pipefail | |
if [ ! -d smoke-tests ]; then | |
echo "::warning No repo specific smoke tests defined" | |
fi | |
if [ ! -d ci/tests ]; then | |
echo "::warning No ci tests defined" | |
exit 0 | |
fi | |
for d in ci/tests/*/ | |
do | |
echo Attempting to test $d | |
if [ -d $d ] && [ -e $d/test.sh ]; then | |
cd $d | |
./test.sh ${{ needs.goreleaser.outputs.tag }} | |
cd - | |
fi | |
done | |
for d in smoke-tests/*/ | |
do | |
echo Attempting to test $d | |
if [ -d $d ] && [ -e $d/test.sh ]; then | |
cd $d | |
./test.sh ${{ needs.goreleaser.outputs.tag }} | |
cd - | |
fi | |
done | |
# AWS updates only for stable releases | |
aws-mktplace-byol: | |
if: ( 'a' == 'b' ) | |
runs-on: ubuntu-latest | |
needs: | |
- smoke-tests | |
strategy: | |
matrix: | |
flavour: | |
- al2 | |
- rhel | |
steps: | |
- name: Checkout tyk-pump | |
uses: actions/checkout@v2 | |
with: | |
fetch-depth: 1 | |
- uses: actions/download-artifact@v2 | |
with: | |
name: rpm | |
path: aws | |
- name: Packer build | |
working-directory: ./ci/aws | |
run: | | |
export VERSION=${{ needs.goreleaser.outputs.tag }} | |
packer validate -var-file=${{ matrix.flavour }}.vars.json byol.pkr.hcl | |
packer build -var-file=${{ matrix.flavour }}.vars.json byol.pkr.hcl | |