Main CI #1030
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Main CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| - release-* | |
| - konflux/** | |
| tags: | |
| - '*' | |
| pull_request: | |
| schedule: | |
| - cron: '0 6 * * *' | |
| concurrency: | |
| # append event name on the off chance that a push to master | |
| # runs at the same time as the nightlies - we want both to run | |
| group: ${{ github.head_ref || github.run_id }}-${{ github.event_name }} | |
| cancel-in-progress: true | |
| jobs: | |
| basic: | |
| runs-on: ${{ (matrix.arch == 'arm64' && 'ubuntu-24.04-arm') || 'ubuntu-24.04' }} | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| args: | |
| - build --release | |
| - clippy -- -D warnings | |
| - test | |
| arch: | |
| - amd64 | |
| - arm64 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Install dependencies | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y \ | |
| libbpf-dev \ | |
| protobuf-compiler | |
| rustup component add clippy | |
| - shell: python | |
| id: args | |
| run: | | |
| import os | |
| # Remove the hyphens from arguments like --release, then join | |
| # all words with hyphens to have a key that is valid for GHA | |
| # caching. | |
| args='${{ matrix.args }}'.replace('-', '').split() | |
| args='-'.join(args) | |
| with open(os.environ.get('GITHUB_OUTPUT'), 'a') as f: | |
| f.write(f'args={args}') | |
| - uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.cargo/bin/ | |
| ~/.cargo/registry/index/ | |
| ~/.cargo/registry/cache/ | |
| ~/.cargo/git/db/ | |
| target/ | |
| key: ${{ runner.os }}-${{ runner.arch }}-cargo-${{ steps.args.outputs.args }}-${{ hashFiles('**/Cargo.lock') }} | |
| - run: cargo ${{ matrix.args }} | |
| format-check: | |
| runs-on: ubuntu-24.04 | |
| env: | |
| CLANG_FMT: clang-format-18 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Check code format | |
| run: | | |
| rustup component add rustfmt | |
| make format-check | |
| vars: | |
| runs-on: ubuntu-24.04 | |
| outputs: | |
| tag: ${{ steps.vars.outputs.tag }} | |
| image-name: ${{ steps.vars.outputs.image-name }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| fetch-depth: 0 | |
| - id: vars | |
| run: | | |
| cat << EOF >> "$GITHUB_OUTPUT" | |
| tag=$(make tag) | |
| image-name=$(make image-name) | |
| EOF | |
| container: | |
| needs: | |
| - vars | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| arch: | |
| - amd64 | |
| - arm64 | |
| runs-on: ${{ (matrix.arch == 'arm64' && 'ubuntu-24.04-arm') || 'ubuntu-24.04' }} | |
| env: | |
| FACT_TAG: ${{ needs.vars.outputs.tag }}-${{ matrix.arch }} | |
| FACT_VERSION: ${{ needs.vars.outputs.tag }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - run: make image | |
| - name: Login to quay.io/stackrox-io | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }} | |
| password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }} | |
| - run: docker push "$(make image-name)" | |
| manifest: | |
| runs-on: ubuntu-24.04 | |
| needs: | |
| - container | |
| - vars | |
| env: | |
| ARCHS: amd64 arm64 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| repository: stackrox/collector | |
| path: collector | |
| ref: master | |
| - uses: docker/login-action@v3 | |
| with: | |
| registry: quay.io | |
| username: ${{ secrets.QUAY_STACKROX_IO_RW_USERNAME }} | |
| password: ${{ secrets.QUAY_STACKROX_IO_RW_PASSWORD }} | |
| - uses: ./collector/.github/actions/create-multiarch-manifest | |
| with: | |
| base-image: ${{ needs.vars.outputs.image-name }} | |
| archs: ${{ env.ARCHS }} | |
| unit-tests: | |
| uses: ./.github/workflows/unit-tests.yml | |
| secrets: inherit | |
| integration-tests: | |
| needs: | |
| - vars | |
| - manifest | |
| uses: ./.github/workflows/integration-tests.yml | |
| with: | |
| tag: ${{ needs.vars.outputs.tag }} | |
| secrets: inherit | |
| performance-tests: | |
| if: github.event_name == 'schedule' | |
| needs: | |
| - vars | |
| - manifest | |
| - integration-tests | |
| uses: ./.github/workflows/performance-tests.yml | |
| with: | |
| tag: ${{ needs.vars.outputs.tag }} | |
| secrets: inherit |