mirror of
https://github.com/rancher/rke.git
synced 2025-09-23 12:28:15 +00:00
176 lines
5.8 KiB
YAML
176 lines
5.8 KiB
YAML
name: CI workflow
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- 'release/v*'
|
|
tags:
|
|
- '*'
|
|
paths-ignore:
|
|
- '**.md'
|
|
- 'CODEOWNERS'
|
|
- 'LICENSE'
|
|
- 'docs/**'
|
|
pull_request:
|
|
branches:
|
|
- 'release/v*'
|
|
paths-ignore:
|
|
- '**.md'
|
|
- 'CODEOWNERS'
|
|
- 'LICENSE'
|
|
- 'docs/**'
|
|
|
|
jobs:
|
|
ci:
|
|
permissions:
|
|
contents: read
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 30
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Setup Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version-file: 'go.mod'
|
|
- name: Run golangci-lint
|
|
uses: golangci/golangci-lint-action@v6
|
|
with:
|
|
version: v1.63.4
|
|
verify: false
|
|
- name: Run CI
|
|
run: |
|
|
./scripts/ci
|
|
ls -lR build/bin
|
|
env:
|
|
CROSS: 1
|
|
TAG: ${{ startsWith(github.ref, 'refs/tags/') && github.ref_name || '' }}
|
|
- name: Generate sha256 file for release
|
|
if: github.event_name == 'push' && github.ref_type == 'tag'
|
|
run: |
|
|
upload_folder="./build/bin"
|
|
for filename in $upload_folder/*; do
|
|
sum_file=$(sha256sum $filename)
|
|
sum=$(echo $sum_file | awk '{print $1}')
|
|
file_path=$(echo $sum_file | awk '{print $2}')
|
|
file=${file_path#"$upload_folder/"}
|
|
echo "$sum $file" >> ./build/bin/sha256sum.txt
|
|
done
|
|
- name: Upload rke bin artifacts
|
|
if: github.event_name == 'push' && github.ref_type == 'tag'
|
|
uses: actions/upload-artifact@v4
|
|
with:
|
|
name: rke-binaries-${{ github.run_number }}-${{ github.run_attempt }}
|
|
path: build/bin/*
|
|
if-no-files-found: error
|
|
retention-days: 1
|
|
|
|
integration-ci:
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
runs-on: runs-on,runner=4cpu-linux-x64,run-id=${{ github.run_id }}
|
|
timeout-minutes: 30
|
|
if: github.event_name == 'pull_request'
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Retrieve Stage Registry Credentials from Vault
|
|
uses: rancher-eio/read-vault-secrets@main
|
|
with:
|
|
secrets: |
|
|
secret/data/github/repo/${{ github.repository }}/stage-registry/rancher/rke-extended-life/credentials endpoint | STAGE_REGISTRY_ENDPOINT ;
|
|
secret/data/github/repo/${{ github.repository }}/stage-registry/rancher/rke-extended-life/credentials username | STAGE_REGISTRY_USERNAME ;
|
|
secret/data/github/repo/${{ github.repository }}/stage-registry/rancher/rke-extended-life/credentials password | STAGE_REGISTRY_PASSWORD
|
|
- name: Setup Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version-file: 'go.mod'
|
|
- name: Run CI
|
|
run: |
|
|
./scripts/integration-ci
|
|
github-pre-release:
|
|
permissions:
|
|
contents: write
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 10
|
|
needs: ci
|
|
if: github.event_name == 'push' && github.ref_type == 'tag' && (contains(github.ref_name, 'rc') || contains(github.ref_name, 'alpha'))
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Download rke bin artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: rke-binaries-${{ github.run_number }}-${{ github.run_attempt }}
|
|
path: build/bin
|
|
- name: Create pre-release
|
|
run: |
|
|
gh release create ${{ github.ref_name }} -p --verify-tag --title "Pre-release ${{ github.ref_name }}" --notes-file build/bin/rke-k8sversions.txt build/bin/*
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
|
|
github-release:
|
|
permissions:
|
|
contents: write
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 10
|
|
needs: ci
|
|
if: github.event_name == 'push' && github.ref_type == 'tag' && !(contains(github.ref_name, 'rc') || contains(github.ref_name, 'alpha'))
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Download rke bin artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: rke-binaries-${{ github.run_number }}-${{ github.run_attempt }}
|
|
path: build/bin
|
|
- name: Create release
|
|
run: |
|
|
gh release create ${{ github.ref_name }} --verify-tag --title "Release ${{ github.ref_name }}" --notes-file build/bin/rke-k8sversions.txt build/bin/*
|
|
env:
|
|
GH_TOKEN: ${{ github.token }}
|
|
|
|
dispatch:
|
|
permissions:
|
|
contents: read
|
|
id-token: write
|
|
runs-on: ubuntu-latest
|
|
timeout-minutes: 10
|
|
needs: ci
|
|
if: github.event_name == 'push' && github.ref_type == 'tag'
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
- name: Retrieve token from vault
|
|
uses: rancher-eio/read-vault-secrets@main
|
|
with:
|
|
secrets: |
|
|
secret/data/github/repo/${{ github.repository }}/github-token/credentials token | PAT_TOKEN ;
|
|
- name: Run dispatch
|
|
run: |
|
|
case ${{ github.ref_name }} in
|
|
"v1.4"*)
|
|
ACTION_TARGET_BRANCH="release/v2.7"
|
|
;;
|
|
"v1.5"*)
|
|
ACTION_TARGET_BRANCH="release/v2.8"
|
|
;;
|
|
"v1.6"*)
|
|
ACTION_TARGET_BRANCH="release/v2.9"
|
|
;;
|
|
"v1.7"*)
|
|
ACTION_TARGET_BRANCH="release/v2.10"
|
|
;;
|
|
"v1.8"*)
|
|
ACTION_TARGET_BRANCH="release/v2.11"
|
|
;;
|
|
*)
|
|
echo "Not a valid tag, not dispatching event"
|
|
exit 0
|
|
esac
|
|
echo "Running on $ACTION_TARGET_BRANCH"
|
|
gh workflow run "Go get" --repo rancher/rancher --ref $ACTION_TARGET_BRANCH -F goget_module=github.com/rancher/rke -F goget_version=${{ github.ref_name }} -F source_author=${{ github.actor }}
|
|
env:
|
|
GH_TOKEN: ${{ env.PAT_TOKEN }}
|