Skip to content

Merge pull request #7 from agunde406/0-6-namespace-perm #2

Merge pull request #7 from agunde406/0-6-namespace-perm

Merge pull request #7 from agunde406/0-6-namespace-perm #2

Workflow file for this run

name: 0-6 Merge
on:
push:
branches:
- 0-6
schedule:
- cron: "0 10 * * *"
workflow_dispatch:
env:
CARGO_TERM_COLOR: always
slack-channel: 'alerts'
jobs:
lint_gameroom_client:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Lint Gameroom Client
run: just ci-lint-client
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
lint_splinter:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Run Lint/Clippy on Splinter
run: just ci-lint-splinter
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
lint_openapi:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Lint OpenAPI files
run: just ci-lint-openapi
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
unit_test_splinter:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Unit Test Splinter
run: just ci-test
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
gameroom_tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Gameroom Tests
run: just ci-test-gameroom
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
gameroom_ui_tests:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Gameroom UI Tests
run: just ci-test-gameroom-ui
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
build_docker:
runs-on: ubuntu-latest
if: >-
github.repository_owner == 'Cargill'
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Test Docker Build
run: just docker-build
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
shellcheck_splinter:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Run Shellcheck on Splinter
run: just ci-shellcheck
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
lint_dockerfiles:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Display envvars
run: env
- name: Install Just
run: curl --proto '=https' --tlsv1.2 -sSf https://just.systems/install.sh | sudo bash -s -- --to /usr/local/bin
- name: Run hadolint on Splinter Dockerfiles
run: just ci-lint-dockerfiles
- name: Notify Slack of Failure
if: cancelled() || failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
start_cluster:
if: >-
github.repository_owner == 'Cargill'
name: Start buildx cluster
needs:
- lint_gameroom_client
- lint_splinter
- lint_openapi
- unit_test_splinter
- gameroom_tests
- gameroom_ui_tests
- build_docker
- shellcheck_splinter
- lint_dockerfiles
runs-on: ubuntu-latest
outputs:
label: ${{ steps.start-buildx-cluster.outputs.label }}
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: actions/checkout@v2
- name: Start EC2 runner
id: start-buildx-cluster
uses: ./.github/actions/ec2-docker-buildx
with:
action: start
amd_ami_id: ${{ secrets.AMD_AMI_ID }}
amd_instance_type: c6i.4xlarge
arm_ami_id: ${{ secrets.ARM_AMI_ID }}
arm_instance_type: c6g.4xlarge
gh_personal_access_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
security_group_id: ${{ secrets.SECURITY_GROUP_ID }}
subnet: ${{ secrets.SUBNET }}
- name: Test output
run: echo ${{ steps.start-buildx-cluster.outputs.label }}
publish_docker:
if: >-
github.repository_owner == 'Cargill'
needs:
- start_cluster
runs-on: ${{ needs.start_cluster.outputs.label }}
steps:
- name: Display envvars
run: env
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Publish branch to dockerhub
run: ./ci/publish-docker 0.6-dev
env:
NAMESPACE: ${{ secrets.DOCKER_HUB_NAMESPACE }}/
VERSION: AUTO_STRICT
CARGO_TERM_COLOR: always
- name: Notify Slack of Failure
if: failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
stop_cluster:
if: ${{ github.repository == 'Cargill/splinter' && always() }}
name: Stop buildx cluster
needs:
- start_cluster
- publish_docker
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: actions/checkout@v2
- name: Destroy cluster
uses: ./.github/actions/ec2-docker-buildx
with:
action: stop
label: ${{ needs.start_cluster.outputs.label }}
# --== experimental images ==--
start_cluster_experimental:
if: >-
github.repository_owner == 'Cargill'
name: Start buildx cluster
needs:
- lint_gameroom_client
- lint_splinter
- lint_openapi
- unit_test_splinter
- gameroom_tests
- gameroom_ui_tests
- build_docker
- shellcheck_splinter
- lint_dockerfiles
runs-on: ubuntu-latest
outputs:
label: ${{ steps.start-buildx-cluster.outputs.label }}
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: actions/checkout@v2
- name: Start EC2 runner
id: start-buildx-cluster
uses: ./.github/actions/ec2-docker-buildx
with:
action: start
amd_ami_id: ${{ secrets.AMD_AMI_ID }}
amd_instance_type: c6i.4xlarge
arm_ami_id: ${{ secrets.ARM_AMI_ID }}
arm_instance_type: c6g.4xlarge
gh_personal_access_token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
security_group_id: ${{ secrets.SECURITY_GROUP_ID }}
subnet: ${{ secrets.SUBNET }}
- name: Test output
run: echo ${{ steps.start-buildx-cluster.outputs.label }}
publish_docker_experimental:
if: >-
github.repository_owner == 'Cargill'
needs:
- start_cluster_experimental
runs-on: ${{ needs.start_cluster_experimental.outputs.label }}
steps:
- name: Display envvars
run: env
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USERNAME }}
password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Publish branch to dockerhub
run: ./ci/publish-docker 0.6-experimental
env:
NAMESPACE: ${{ secrets.DOCKER_HUB_NAMESPACE }}/
VERSION: AUTO_STRICT
CARGO_TERM_COLOR: always
- name: Notify Slack of Failure
if: failure()
uses: 8398a7/action-slack@v3
with:
status: ${{ job.status }}
fields: repo,message,author,job
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
stop_cluster_experimental:
if: ${{ github.repository == 'Cargill/splinter' && always() }}
name: Stop buildx cluster
needs:
- start_cluster_experimental
- publish_docker_experimental
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: actions/checkout@v2
- name: Destroy cluster
uses: ./.github/actions/ec2-docker-buildx
with:
action: stop
label: ${{ needs.start_cluster_experimental.outputs.label }}