Skip to content
PR Build

Rely on the authority ID instead of the issued time when updating the status of keys in the journal #9111

Sign in to view logs

Rely on the authority ID instead of the issued time when updating the status of keys in the journal

Rely on the authority ID instead of the issued time when updating the status of keys in the journal #9111

Workflow file for this run

.github/workflows/pr_build.yaml at 95f0589
name: PR Build
on:
pull_request: {}
workflow_dispatch: {}
merge_group:
types:
- checks_requested
permissions:
contents: read
jobs:
cache-deps:
name: cache-deps (linux)
runs-on: ubuntu-22.04
timeout-minutes: 30
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
- name: Setup dep cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Pull go deps
run: go mod download
lint:
name: lint (linux)
runs-on: ubuntu-22.04
needs: cache-deps
timeout-minutes: 30
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Setup build tool cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: .build
key: ${{ runner.os }}-tools-${{ hashFiles('.go-version','Makefile') }}
- name: Lint
run: make lint
- name: Tidy check
run: make tidy-check
- name: Generate check
run: make generate-check
- name: Shell check
run: shellcheck .github/workflows/scripts/*.sh
unit-test:
strategy:
matrix:
OS: [ubuntu-22.04, macos-latest]
runs-on: ${{ matrix.OS }}
needs: cache-deps
timeout-minutes: 30
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Run unit tests
run: ./.github/workflows/scripts/run_unit_tests.sh
unit-test-race-detector:
name: unit-test (linux with race detection)
runs-on: ubuntu-22.04
needs: cache-deps
timeout-minutes: 30
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Run unit tests
run: ./.github/workflows/scripts/run_unit_tests_under_race_detector.sh
artifacts:
name: artifacts (linux)
runs-on: ubuntu-22.04
needs: [cache-deps, images]
timeout-minutes: 30
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
- name: Install regctl
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
- name: Download archived images
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: images
path: .
- name: Expand archived images
run: |
tar xvf images.tar.gz
- name: Build artifacts
run: ./.github/workflows/scripts/build_artifacts.sh ${{ runner.os }}
- name: Archive artifacts
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: binaries-linux
path: ./artifacts/
images:
name: images (linux)
runs-on: ubuntu-22.04
needs: [cache-deps]
timeout-minutes: 30
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Load cached build tools
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: .build
key: ${{ runner.os }}-tools-${{ hashFiles('.go-version','Makefile') }}
- name: Set up QEMU
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
- name: Build images
run: make images-no-load
- name: Export images
run: tar -czvf images.tar.gz *-image.tar
- name: Archive images
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: images
path: images.tar.gz
images-windows:
name: images (windows)
runs-on: windows-2022
needs: artifacts-windows
timeout-minutes: 45
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Load cached executables
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ./bin/
key: ${{ runner.os }}-executables-${{ hashFiles('**/*.exe') }}
- name: Build images
run: make images-windows
- name: Export images
run: |
docker save spire-server-windows:latest-local spire-agent-windows:latest-local oidc-discovery-provider-windows:latest-local -o images-windows.tar
gzip images-windows.tar
- name: Archive images
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: images-windows
path: images-windows.tar.gz
build-matrix:
name: Build matrix
runs-on: ubuntu-22.04
needs: [cache-deps]
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- id: set-matrix
name: Collect versions
run: |
json_array=$(bash ./.github/workflows/scripts/find_k8s.sh)
echo "test=$json_array" >> $GITHUB_OUTPUT
echo "Collected tests: $json_array"
outputs:
test: ${{ steps.set-matrix.outputs.test }}
integration:
name: integration (linux)
runs-on: ubuntu-22.04
needs: [cache-deps, images]
timeout-minutes: 45
permissions:
contents: read
strategy:
fail-fast: false
matrix:
num_runners: [5]
runner_id: [1, 2, 3, 4, 5]
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# The "upgrade" integration test needs the history to ensure
# that the version number in the source code has been bumped as
# expected. This action does not fetch tags unless we supply a
# fetch depth of zero.
fetch-depth: 0
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
- name: Install regctl
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Load cached build tools
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: .build
key: ${{ runner.os }}-tools-${{ hashFiles('.go-version','Makefile') }}
- name: Download archived images
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: images
path: .
- name: Load archived images
run: |
tar xvf images.tar.gz
make load-images
- name: Run integration tests
env:
NUM_RUNNERS: ${{ matrix.num_runners }}
THIS_RUNNER: ${{ matrix.runner_id }}
TERM: dumb
CICD_TARGET_BRANCH: ${{ github.event.pull_request.base.ref }}
run: ./.github/workflows/scripts/split.sh | xargs ./test/integration/test.sh
integration-k8s:
name: integration-k8s
runs-on: ubuntu-22.04
needs: [cache-deps, images, build-matrix]
timeout-minutes: 45
permissions:
contents: read
strategy:
fail-fast: false
matrix:
num_runners: [1]
runner_id: [1]
#Test elements should be added as [KubeCTLVersion, K8s-image, KindVersion]
test: ${{ fromJson(needs.build-matrix.outputs.test) }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# The "upgrade" integration test needs the history to ensure
# that the version number in the source code has been bumped as
# expected. This action does not fetch tags unless we supply a
# fetch depth of zero.
fetch-depth: 0
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
- name: Install regctl
uses: regclient/actions/regctl-installer@b6614f5f56245066b533343a85f4109bdc38c8cc # main
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Load cached build tools
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: .build
key: ${{ runner.os }}-tools-${{ hashFiles('.go-version','Makefile') }}
- name: Download archived images
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: images
path: .
- name: Load archived images
run: |
tar xvf images.tar.gz
make load-images
- name: Run k8s integration
env:
NUM_RUNNERS: ${{ matrix.num_runners }}
THIS_RUNNER: ${{ matrix.runner_id }}
KUBECTLVERSION: ${{ matrix.test[0] }}
K8SIMAGE: ${{ matrix.test[1] }}
KINDVERSION: ${{ matrix.test[2] }}
TERM: dumb
CICD_TARGET_BRANCH: ${{ github.event.pull_request.base.ref }}
run: ./.github/workflows/scripts/split_k8s.sh | xargs ./test/integration/test-k8s.sh
integration-windows:
name: integration (windows)
runs-on: windows-2022
needs: images-windows
timeout-minutes: 45
env:
GOPATH: 'D:\golang\go'
GOCACHE: 'D:\golang\cache'
GOMODCACHE: 'D:\golang\modcache'
permissions:
contents: read
defaults:
run:
shell: msys2 {0}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
cache: true
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Load cached build tools
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: .build
key: ${{ runner.os }}-tools-${{ hashFiles('.go-version','Makefile') }}
- name: Install msys2
uses: msys2/setup-msys2@ddf331adaebd714795f1042345e6ca57bd66cea8 # v2.24.1
with:
msystem: MINGW64
update: true
path-type: inherit
install: >-
git base-devel mingw-w64-x86_64-toolchain unzip
- name: Download archived images
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
name: images-windows
path: .
- name: Load archived images
run: docker load -i images-windows.tar.gz
- name: Run integration tests
# Run all tests for now
run: make integration-windows
cache-deps-windows:
name: cache-deps (windows)
runs-on: windows-2022
timeout-minutes: 45
env:
GOPATH: 'D:\golang\go'
GOCACHE: 'D:\golang\cache'
GOMODCACHE: 'D:\golang\modcache'
permissions:
contents: read
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
cache: true
- name: Setup dep cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Pull go deps
run: go mod download
lint-windows:
name: lint (windows)
runs-on: windows-2022
needs: cache-deps-windows
timeout-minutes: 45
env:
GOPATH: 'D:\golang\go'
GOCACHE: 'D:\golang\cache'
GOMODCACHE: 'D:\golang\modcache'
permissions:
contents: read
defaults:
run:
shell: msys2 {0}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
cache: true
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Setup build tool cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: .build
key: ${{ runner.os }}-tools-${{ hashFiles('.go-version','Makefile') }}
- name: Install msys2
uses: msys2/setup-msys2@ddf331adaebd714795f1042345e6ca57bd66cea8 # v2.24.1
with:
msystem: MINGW64
update: true
install: >-
git base-devel mingw-w64-x86_64-toolchain unzip
- name: Lint
run: make lint-code
- name: Tidy check
run: make tidy-check
- name: Generate check
run: make generate-check
unit-test-windows:
name: unit-test (windows)
runs-on: windows-2022
needs: cache-deps-windows
timeout-minutes: 45
env:
GOPATH: 'D:\golang\go'
GOCACHE: 'D:\golang\cache'
GOMODCACHE: 'D:\golang\modcache'
permissions:
contents: read
defaults:
run:
shell: msys2 {0}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
cache: true
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Install msys2
uses: msys2/setup-msys2@ddf331adaebd714795f1042345e6ca57bd66cea8 # v2.24.1
with:
msystem: MINGW64
update: true
install: >-
git base-devel mingw-w64-x86_64-toolchain unzip
- name: Run unit tests
run: ./.github/workflows/scripts/run_unit_tests.sh
artifacts-windows:
name: artifacts (windows)
runs-on: windows-2022
needs: cache-deps-windows
timeout-minutes: 45
env:
GOPATH: 'D:\golang\go'
GOCACHE: 'D:\golang\cache'
GOMODCACHE: 'D:\golang\modcache'
permissions:
contents: read
defaults:
run:
shell: msys2 {0}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
cache: true
- name: Load cached deps
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
- name: Load cached build tools
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: .build
key: ${{ runner.os }}-tools-${{ hashFiles('.go-version','Makefile') }}
- name: Install msys2
uses: msys2/setup-msys2@ddf331adaebd714795f1042345e6ca57bd66cea8 # v2.24.1
with:
msystem: MINGW64
update: true
install: >-
git base-devel mingw-w64-x86_64-toolchain zip unzip
- name: Build binaries
run: make build
- name: Setup executables cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ./bin/
key: ${{ runner.os }}-executables-${{ hashFiles('**/*.exe') }}
- name: Build artifacts
run: ./.github/workflows/scripts/build_artifacts.sh ${{ runner.os }}
- name: Archive artifacts
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4
with:
name: binaries-windows
path: ./artifacts/
success:
runs-on: ubuntu-22.04
needs: [lint, unit-test, unit-test-race-detector, artifacts, integration, lint-windows, unit-test-windows, artifacts-windows, integration-windows]
timeout-minutes: 30
permissions:
contents: read
steps:
- name: Declare victory!
run: echo "# Successful" >> $GITHUB_STEP_SUMMARY