mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
270 lines
8.1 KiB
YAML
270 lines
8.1 KiB
YAML
name: Automatic tests (STAGING)
|
|
|
|
permissions: read-all
|
|
|
|
on:
|
|
push:
|
|
branches: [staging]
|
|
|
|
jobs:
|
|
# Containers
|
|
build-bw:
|
|
uses: ./.github/workflows/container-build.yml
|
|
with:
|
|
RELEASE: staging
|
|
ARCH: linux/amd64
|
|
IMAGE: bunkerweb
|
|
DOCKERFILE: src/bw/Dockerfile
|
|
secrets:
|
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
build-scheduler:
|
|
uses: ./.github/workflows/container-build.yml
|
|
with:
|
|
RELEASE: staging
|
|
ARCH: linux/amd64
|
|
IMAGE: scheduler
|
|
DOCKERFILE: src/scheduler/Dockerfile
|
|
secrets:
|
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
# build-autoconf:
|
|
# uses: ./.github/workflows/container-build.yml
|
|
# with:
|
|
# RELEASE: staging
|
|
# ARCH: linux/amd64
|
|
# IMAGE: autoconf
|
|
# DOCKERFILE: src/autoconf/Dockerfile
|
|
# secrets:
|
|
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
build-ui:
|
|
uses: ./.github/workflows/container-build.yml
|
|
with:
|
|
RELEASE: staging
|
|
ARCH: linux/amd64
|
|
IMAGE: ui
|
|
DOCKERFILE: src/ui/Dockerfile
|
|
secrets:
|
|
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
|
|
# Linux
|
|
# build-ubuntu:
|
|
# uses: ./.github/workflows/linux-build.yml
|
|
# with:
|
|
# RELEASE: staging
|
|
# LINUX: ubuntu
|
|
# PACKAGE: deb
|
|
# secrets:
|
|
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
# build-debian:
|
|
# uses: ./.github/workflows/linux-build.yml
|
|
# with:
|
|
# RELEASE: staging
|
|
# LINUX: debian
|
|
# PACKAGE: deb
|
|
# secrets:
|
|
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
# build-centos:
|
|
# uses: ./.github/workflows/linux-build.yml
|
|
# with:
|
|
# RELEASE: staging
|
|
# LINUX: centos
|
|
# PACKAGE: rpm
|
|
# secrets:
|
|
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
# build-fedora:
|
|
# uses: ./.github/workflows/linux-build.yml
|
|
# with:
|
|
# RELEASE: staging
|
|
# LINUX: fedora
|
|
# PACKAGE: rpm
|
|
# secrets:
|
|
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
# build-rhel:
|
|
# uses: ./.github/workflows/linux-build.yml
|
|
# with:
|
|
# RELEASE: staging
|
|
# LINUX: rhel
|
|
# PACKAGE: rpm
|
|
# secrets:
|
|
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
|
|
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
|
|
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
|
|
# Code security
|
|
code-security:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
actions: read
|
|
contents: read
|
|
security-events: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
language: ["python"]
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@v3
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@v2
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
config-file: ./.github/codeql.yml
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@v2
|
|
with:
|
|
category: "/language:${{matrix.language}}"
|
|
|
|
# Create infrastructures
|
|
# create-infra-docker:
|
|
# needs: [code-security, build-bw, build-scheduler]
|
|
# uses: ./.github/workflows/staging-create-infra.yml
|
|
# with:
|
|
# TYPE: docker
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
# create-infra-autoconf:
|
|
# needs: [code-security, build-bw, build-scheduler, build-autoconf]
|
|
# uses: ./.github/workflows/staging-create-infra.yml
|
|
# with:
|
|
# TYPE: autoconf
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
# create-infra-swarm:
|
|
# needs: [code-security, build-bw, build-scheduler, build-autoconf]
|
|
# uses: ./.github/workflows/staging-create-infra.yml
|
|
# with:
|
|
# TYPE: swarm
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
# create-infra-k8s:
|
|
# needs: [code-security, build-bw, build-scheduler, build-autoconf]
|
|
# uses: ./.github/workflows/staging-create-infra.yml
|
|
# with:
|
|
# TYPE: k8s
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
# create-infra-linux:
|
|
# needs:
|
|
# [
|
|
# code-security,
|
|
# build-ubuntu,
|
|
# build-debian,
|
|
# build-fedora,
|
|
# build-rhel,
|
|
# ]
|
|
# uses: ./.github/workflows/staging-create-infra.yml
|
|
# with:
|
|
# TYPE: linux
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
|
|
# Perform tests
|
|
# tests-docker:
|
|
# needs: [create-infra-docker]
|
|
# uses: ./.github/workflows/staging-tests.yml
|
|
# with:
|
|
# TYPE: docker
|
|
# RUNS_ON: "['self-hosted', 'bw-docker']"
|
|
# secrets: inherit
|
|
# tests-autoconf:
|
|
# needs: [create-infra-autoconf]
|
|
# uses: ./.github/workflows/staging-tests.yml
|
|
# with:
|
|
# TYPE: autoconf
|
|
# RUNS_ON: "['self-hosted', 'bw-autoconf']"
|
|
# secrets: inherit
|
|
# tests-swarm:
|
|
# needs: [create-infra-swarm]
|
|
# uses: ./.github/workflows/staging-tests.yml
|
|
# with:
|
|
# TYPE: swarm
|
|
# RUNS_ON: "['self-hosted', 'bw-swarm']"
|
|
# secrets: inherit
|
|
# tests-k8s:
|
|
# needs: [create-infra-k8s]
|
|
# uses: ./.github/workflows/staging-tests.yml
|
|
# with:
|
|
# TYPE: k8s
|
|
# RUNS_ON: "['ubuntu-latest']"
|
|
# secrets: inherit
|
|
# tests-linux:
|
|
# needs: [create-infra-linux]
|
|
# uses: ./.github/workflows/staging-tests.yml
|
|
# with:
|
|
# TYPE: linux
|
|
# RUNS_ON: "['self-hosted', 'bw-linux']"
|
|
# secrets: inherit
|
|
tests-ui:
|
|
needs: [code-security, build-bw, build-scheduler, build-ui]
|
|
uses: ./.github/workflows/tests-ui.yml
|
|
with:
|
|
RELEASE: staging
|
|
secrets:
|
|
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
|
|
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
|
|
|
# Delete infrastructures
|
|
# delete-infra-docker:
|
|
# if: ${{ always() }}
|
|
# needs: [tests-docker]
|
|
# uses: ./.github/workflows/staging-delete-infra.yml
|
|
# with:
|
|
# TYPE: docker
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
# delete-infra-autoconf:
|
|
# if: ${{ always() }}
|
|
# needs: [tests-autoconf]
|
|
# uses: ./.github/workflows/staging-delete-infra.yml
|
|
# with:
|
|
# TYPE: autoconf
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
# delete-infra-swarm:
|
|
# if: ${{ always() }}
|
|
# needs: [tests-swarm]
|
|
# uses: ./.github/workflows/staging-delete-infra.yml
|
|
# with:
|
|
# TYPE: swarm
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
# delete-infra-k8s:
|
|
# if: ${{ always() }}
|
|
# needs: [tests-k8s]
|
|
# uses: ./.github/workflows/staging-delete-infra.yml
|
|
# with:
|
|
# TYPE: k8s
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
|
# delete-infra-linux:
|
|
# if: ${{ always() }}
|
|
# needs: [tests-linux]
|
|
# uses: ./.github/workflows/staging-delete-infra.yml
|
|
# with:
|
|
# TYPE: linux
|
|
# secrets:
|
|
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }} |