From d3e1e516c896e1b46c8423b29ade1c1ce00adbed Mon Sep 17 00:00:00 2001 From: Denis Gukov Date: Tue, 12 Apr 2022 20:19:26 +0500 Subject: [PATCH] feat: add reusable workflows --- .circleci/config.yml | 8 ------ .github/workflows/common.yml | 10 ++++++++ .github/workflows/main.yml | 30 ++++++++++++++++++++++ .github/workflows/test-compile-changes.yml | 5 ++++ .github/workflows/unlock-gpg.yml | 15 +++++++++++ 5 files changed, 60 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/common.yml create mode 100644 .github/workflows/main.yml create mode 100644 .github/workflows/test-compile-changes.yml create mode 100644 .github/workflows/unlock-gpg.yml diff --git a/.circleci/config.yml b/.circleci/config.yml index 755a8909..bfd33f74 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -257,8 +257,6 @@ workflows: - test:db:migration: requires: - build:local - -# Don't build on master because build is just a gorelease without the release - build: requires: - test:golang @@ -267,8 +265,6 @@ workflows: filters: branches: ignore: master - -# Dev deploys require all tests to pass and app builds - deploy:dev: requires: - build @@ -276,16 +272,12 @@ workflows: filters: branches: only: develop - -# Production deploys only happen if everything passes -# and we have a tag starting with v - release: filters: branches: ignore: /.*/ tags: only: /^v.*/ - - deploy:prod: filters: branches: diff --git a/.github/workflows/common.yml b/.github/workflows/common.yml new file mode 100644 index 00000000..d85e7d9f --- /dev/null +++ b/.github/workflows/common.yml @@ -0,0 +1,10 @@ +on: + workflow_call: +jobs: + - uses: actions/checkout@v3 + - uses: actions/setup-go@v3 + with: { go-version: 1.17 } + - uses: actions/setup-node@v3 + with: { node-version: '14' } + - name: Install task binary + run: go get github.com/go-task/task/v3/cmd/task \ No newline at end of file diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..79b641ea --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,30 @@ +name: Main +on: + push: + branches: + - develop +jobs: + build-local: + runs-on: [ubuntu-latest] + steps: + - uses: ./.github/workflows/common.yml + - run: task deps + - run: task compile + - uses: ./.github/workflows/test-compile-changes.yml + - run: task build:local + + build: + runs-on: [ubuntu-latest] + steps: + - uses: ./.github/workflows/common.yml + - run: sudo apt update && sudo apt-get install rpm + - run: task deps + - run: task compile + - uses: ./.github/workflows/test-compile-changes.yml + - uses: ./.github/workflows/unlock-gpg.yml + - run: task build + + release: + runs-on: [ubuntu-latest] + steps: + - uses: ./.github/workflows/unlock-gpg.yml \ No newline at end of file diff --git a/.github/workflows/test-compile-changes.yml b/.github/workflows/test-compile-changes.yml new file mode 100644 index 00000000..065376b7 --- /dev/null +++ b/.github/workflows/test-compile-changes.yml @@ -0,0 +1,5 @@ +on: + workflow_call: +jobs: + - name: Test that compile did not create/modify untracked files + run: git diff --exit-code --stat -- . ':(exclude)web2/package.json' ':(exclude)web2/package-lock.json' ':(exclude)go.mod' ':(exclude)go.sum' \ No newline at end of file diff --git a/.github/workflows/unlock-gpg.yml b/.github/workflows/unlock-gpg.yml new file mode 100644 index 00000000..8d5673b4 --- /dev/null +++ b/.github/workflows/unlock-gpg.yml @@ -0,0 +1,15 @@ +on: + workflow_call: + secrets: + gpg_key: { required: true } + gpg_pass: { required: true } +jobs: + unlock_gpg: + runs-on: [ubuntu-latest] + steps: + - name: Unlock + run: | + echo ${{ ${{ secrets.gpg_key }} }} | tr " " "\n" | base64 -d | gpg --import --batch + gpg --sign -u "8CDE D132 5E96 F1D9 EABF 17D4 2C96 CF7D D27F AB82" --pinentry-mode loopback --yes --batch --passphrase "${{ secrets.gpg_pass }}" --output unlock.sig --detach-sign README.md + rm -f unlock.sig +