forked from nanobox-io/nanobox
-
-
Notifications
You must be signed in to change notification settings - Fork 0
117 lines (100 loc) · 3.35 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
name: CI
on:
push:
branches:
- main
pull_request:
branches:
- main
workflow_dispatch:
jobs:
static:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Run the checks
uses: danhunsaker/golang-github-actions@main
with:
run: misspell,fmt,vet,cyclo,imports,ineffassign,errcheck,sec,shadow,staticcheck
ignore-defer: true
flags: '{"sec": "-exclude=G104"}'
token: ${{ secrets.GITHUB_TOKEN }}
env:
PATH: '/go/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-go@v2
with:
go-version: '^1.17'
- name: Setup dependencies
run: |
go get -t ./...
- name: Run the tests
run: go test -v ./...
build:
runs-on: ubuntu-latest
# add static once all the static checks pass
# this will likely require an extensive refactor
needs: test
if: github.event_name != 'pull_request'
# These permissions are needed to interact with GitHub's OIDC Token endpoint.
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v2
# Grab all commits so that we get the most recent tag, too
with:
fetch-depth: 0
# the default image for act doesn't include this tool, but the actual GHA environment does...
- name: (LOCAL ONLY) Install AWS CLI
if: github.actor == 'nektos/act'
run: |
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
unzip -q awscliv2.zip
sudo ./aws/install
- uses: actions/setup-go@v2
with:
go-version: '^1.17'
- name: Setup dependencies
run: |
go install github.com/mitchellh/gox@latest
go get -t ./...
- name: Build
run: |
./scripts/build.sh
env:
API_KEY: ${{ secrets.CORE_API_KEY }}
- name: Configure AWS credentials for publication
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/s3-write
role-duration-seconds: 1200
aws-region: us-east-1
- name: Publish
run: |
./scripts/upload.sh
- name: Extract version
id: extract
run: echo "::set-output name=version::$(cat .build/v*/version | sed 's/Microbox Version //')"
- name: Spam Discord
uses: sarisia/actions-status-discord@v1
if: github.actor != 'nektos/act'
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}
nodetail: true
title: A new version of Microbox is ready!
description: |
Version `${{ steps.extract.outputs.version }}`
Run `microbox-update` to grab it!
- name: Rebuild Installers
if: github.event_name != 'pull_request' && github.repository_owner == 'mu-box'
uses: peter-evans/[email protected]
with:
repository: mu-box/microbox-installers
token: ${{ secrets.INSTALLERS_TOKEN }}
event-type: rebuild