librewolf/bunkerized-nginx
4
0
Fork 1
mirror of https://github.com/bunkerity/bunkerized-nginx synced 2023-12-13 21:30:18 +01:00
Code Issues Projects Releases Wiki Activity
bunkerized-nginx/.github/workflows/staging.yml

270 lines
8.1 KiB
YAML
Raw Blame History

name: Automatic tests (STAGING)
permissions: read-all
on:
push:
branches: [staging]
jobs:
# Containers
build-bw:
uses: ./.github/workflows/container-build.yml
with:
RELEASE: staging
ARCH: linux/amd64
IMAGE: bunkerweb
DOCKERFILE: src/bw/Dockerfile
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
build-scheduler:
uses: ./.github/workflows/container-build.yml
with:
RELEASE: staging
ARCH: linux/amd64
IMAGE: scheduler
DOCKERFILE: src/scheduler/Dockerfile
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# build-autoconf:
# uses: ./.github/workflows/container-build.yml
# with:
# RELEASE: staging
# ARCH: linux/amd64
# IMAGE: autoconf
# DOCKERFILE: src/autoconf/Dockerfile
# secrets:
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
build-ui:
uses: ./.github/workflows/container-build.yml
with:
RELEASE: staging
ARCH: linux/amd64
IMAGE: ui
DOCKERFILE: src/ui/Dockerfile
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# Linux
# build-ubuntu:
# uses: ./.github/workflows/linux-build.yml
# with:
# RELEASE: staging
# LINUX: ubuntu
# PACKAGE: deb
# secrets:
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# build-debian:
# uses: ./.github/workflows/linux-build.yml
# with:
# RELEASE: staging
# LINUX: debian
# PACKAGE: deb
# secrets:
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# build-centos:
# uses: ./.github/workflows/linux-build.yml
# with:
# RELEASE: staging
# LINUX: centos
# PACKAGE: rpm
# secrets:
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# build-fedora:
# uses: ./.github/workflows/linux-build.yml
# with:
# RELEASE: staging
# LINUX: fedora
# PACKAGE: rpm
# secrets:
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# build-rhel:
# uses: ./.github/workflows/linux-build.yml
# with:
# RELEASE: staging
# LINUX: rhel
# PACKAGE: rpm
# secrets:
# DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
# DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
# PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
# PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# Code security
code-security:
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: ["python"]
steps:
- name: Checkout repository
uses: actions/checkout@v3
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
config-file: ./.github/codeql.yml
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
with:
category: "/language:${{matrix.language}}"
# Create infrastructures
# create-infra-docker:
# needs: [code-security, build-bw, build-scheduler]
# uses: ./.github/workflows/staging-create-infra.yml
# with:
# TYPE: docker
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# create-infra-autoconf:
# needs: [code-security, build-bw, build-scheduler, build-autoconf]
# uses: ./.github/workflows/staging-create-infra.yml
# with:
# TYPE: autoconf
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# create-infra-swarm:
# needs: [code-security, build-bw, build-scheduler, build-autoconf]
# uses: ./.github/workflows/staging-create-infra.yml
# with:
# TYPE: swarm
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# create-infra-k8s:
# needs: [code-security, build-bw, build-scheduler, build-autoconf]
# uses: ./.github/workflows/staging-create-infra.yml
# with:
# TYPE: k8s
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# create-infra-linux:
# needs:
# [
# code-security,
# build-ubuntu,
# build-debian,
# build-fedora,
# build-rhel,
# ]
# uses: ./.github/workflows/staging-create-infra.yml
# with:
# TYPE: linux
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# Perform tests
# tests-docker:
# needs: [create-infra-docker]
# uses: ./.github/workflows/staging-tests.yml
# with:
# TYPE: docker
# RUNS_ON: "['self-hosted', 'bw-docker']"
# secrets: inherit
# tests-autoconf:
# needs: [create-infra-autoconf]
# uses: ./.github/workflows/staging-tests.yml
# with:
# TYPE: autoconf
# RUNS_ON: "['self-hosted', 'bw-autoconf']"
# secrets: inherit
# tests-swarm:
# needs: [create-infra-swarm]
# uses: ./.github/workflows/staging-tests.yml
# with:
# TYPE: swarm
# RUNS_ON: "['self-hosted', 'bw-swarm']"
# secrets: inherit
# tests-k8s:
# needs: [create-infra-k8s]
# uses: ./.github/workflows/staging-tests.yml
# with:
# TYPE: k8s
# RUNS_ON: "['ubuntu-latest']"
# secrets: inherit
# tests-linux:
# needs: [create-infra-linux]
# uses: ./.github/workflows/staging-tests.yml
# with:
# TYPE: linux
# RUNS_ON: "['self-hosted', 'bw-linux']"
# secrets: inherit
tests-ui:
needs: [code-security, build-bw, build-scheduler, build-ui]
uses: ./.github/workflows/tests-ui.yml
with:
RELEASE: staging
secrets:
PRIVATE_REGISTRY: ${{ secrets.PRIVATE_REGISTRY }}
PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
# Delete infrastructures
# delete-infra-docker:
# if: ${{ always() }}
# needs: [tests-docker]
# uses: ./.github/workflows/staging-delete-infra.yml
# with:
# TYPE: docker
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# delete-infra-autoconf:
# if: ${{ always() }}
# needs: [tests-autoconf]
# uses: ./.github/workflows/staging-delete-infra.yml
# with:
# TYPE: autoconf
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# delete-infra-swarm:
# if: ${{ always() }}
# needs: [tests-swarm]
# uses: ./.github/workflows/staging-delete-infra.yml
# with:
# TYPE: swarm
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# delete-infra-k8s:
# if: ${{ always() }}
# needs: [tests-k8s]
# uses: ./.github/workflows/staging-delete-infra.yml
# with:
# TYPE: k8s
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
# delete-infra-linux:
# if: ${{ always() }}
# needs: [tests-linux]
# uses: ./.github/workflows/staging-delete-infra.yml
# with:
# TYPE: linux
# secrets:
# CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
Reference in a new issue View git blame Copy permalink