--- name: Build, test, and eventually deploy super-linter container images on: pull_request: push: jobs: build: name: Build, test, and eventually push the container image runs-on: ubuntu-latest permissions: contents: read deployments: write issues: write packages: write strategy: fail-fast: false matrix: images: - container-build-target: final_slim container-image-id-prefix: slim- deployment-environment-identifier: Production-SLIM image-id: slim - container-build-target: final_standard container-image-id-prefix: "" deployment-environment-identifier: Production image-id: standard timeout-minutes: 60 steps: - name: Checkout Code uses: actions/checkout@v3 with: # Full git history is needed to get a proper list # of changed files within `super-linter` fetch-depth: 0 - name: Get current date and make it available as an environment variable run: | echo "Appending the build date contents to GITHUB_ENV..." echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" - name: Setup Docker BuildX uses: docker/setup-buildx-action@v2.2.1 - name: Build Docker image - ${{ matrix.images.image-id }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} uses: docker/build-push-action@v3.1.1 with: context: . file: ./Dockerfile build-args: | BUILD_DATE=${{ env.BUILD_DATE }} BUILD_REVISION=${{ github.sha }} BUILD_VERSION=${{ github.sha }} load: true push: false secrets: | GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} tags: | ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${{ github.sha }} ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}test target: "${{ matrix.images.container-build-target }}" - name: Run container image label test cases if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} shell: bash run: .automation/validate-docker-labels.sh "${{ matrix.images.image-id }}" - name: Edit an action.yml file for test local build if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} run: | sed -i "s/super-linter:.*/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}'/g" action.yml - name: Gather information about the runtime environment if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} shell: bash run: | make info ############################################################ # Test the built image in the actions context. # # Not the container directly, and not using RUN_LOCAL=true # ############################################################ - name: Test the local action if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} uses: ./ env: ACTIONS_RUNNER_DEBUG: true ERROR_ON_MISSING_EXEC_BIT: true VALIDATE_ALL_CODEBASE: false GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} DEFAULT_BRANCH: main LOCAL_UPDATES: true # Workaround for https://github.com/actions/runner/issues/434 - name: Fix file and directory ownership if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} shell: bash run: | sudo chown -R "$(id -u)":"$(id -g)" "$(pwd)" - name: Run the test suite if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} shell: bash run: | make IMAGE=${{ matrix.images.image-id }} test - name: Upload the code coverage report if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} uses: codacy/codacy-coverage-reporter-action@v1.1 # Sometimes this fails when user does not have permissions to secrets continue-on-error: true with: project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} coverage-reports: test/reports/cobertura/runTests.sh/cobertura.xml - name: Run test cases - ${{ matrix.images.image-id }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} shell: bash run: | docker run \ -e RUN_LOCAL=true \ -e TEST_CASE_RUN=true \ -e ANSIBLE_DIRECTORY=.automation/test/ansible \ -e ACTIONS_RUNNER_DEBUG=true \ -e ERROR_ON_MISSING_EXEC_BIT=true \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \ "ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}" - name: Clean the working directory for additional testing if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} shell: bash run: .automation/clean-code-base-for-tests.sh - name: Run against all code base - ${{ matrix.images.image-id }} if: ${{ github.repository == 'github/super-linter' && github.ref != 'refs/heads/main' }} shell: bash run: | docker run \ -e RUN_LOCAL=true \ -e OUTPUT_DETAILS=detailed \ -e ACTIONS_RUNNER_DEBUG=true \ -e ERROR_ON_MISSING_EXEC_BIT=true \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \ "ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}${GITHUB_SHA}" - name: Login to Docker Hub if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} uses: docker/login-action@v2.0.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} uses: docker/login-action@v2.0.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Start the deployment for the ${{ matrix.images.deployment-environment-identifier }} environment if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} uses: bobheadxi/deployments@v1.3.0 id: deployment with: step: start token: ${{ secrets.GITHUB_TOKEN }} env: ${{ matrix.images.deployment-environment-identifier }} - name: Build the container image and push it - ${{ matrix.images.image-id }} if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} uses: docker/build-push-action@v3.1.1 with: context: . file: ./Dockerfile build-args: | BUILD_DATE=${{ env.BUILD_DATE }} BUILD_REVISION=${{ github.sha }} BUILD_VERSION=${{ github.sha }} load: false push: true secrets: | GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} tags: | github/super-linter:${{ matrix.images.container-image-id-prefix }}latest ghcr.io/github/super-linter:${{ matrix.images.container-image-id-prefix }}latest target: "${{ matrix.images.container-build-target }}" - name: Update the deployment status for the ${{ matrix.images.deployment-environment-identifier }} environment if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' }} uses: bobheadxi/deployments@v1.3.0 with: step: finish token: ${{ secrets.GITHUB_TOKEN }} status: ${{ job.status }} deployment_id: ${{ steps.deployment.outputs.deployment_id }} env: ${{ steps.deployment.outputs.env }} env_url: https://github.com/github/super-linter - name: Create a GitHub issue on failure if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' && failure() }} uses: actions/github-script@v6 id: create-issue with: # https://octokit.github.io/rest.js/v18#issues-create github-token: ${{secrets.GITHUB_TOKEN}} script: | const create = await github.rest.issues.create({ owner: context.repo.owner, repo: context.repo.repo, title: "Failed to deploy to production", body: "Automation has failed us!\nMore information can be found at:\n - ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" }) console.log('create', create) return create.data.number - name: Assign admins to the issue created on failure uses: actions/github-script@v6 if: ${{ github.repository == 'github/super-linter' && github.ref == 'refs/heads/main' && failure() }} with: github-token: ${{secrets.GITHUB_TOKEN}} script: | github.rest.issues.addAssignees({ owner: context.repo.owner, repo: context.repo.repo, issue_number: "${{ steps.create-issue.outputs.result }}", assignees: [ 'lindluni' ] })