--- ######################### ######################### ## Deploy Docker Image ## ######################### ######################### # # Documentation: # https://help.github.com/en/articles/workflow-syntax-for-github-actions # ##################################### # Start the job on all push to main # ##################################### ############################# # Start the job on all push # ############################# on: push: branches-ignore: [main] ############### # Set the Job # ############### jobs: build: # Name the Job name: Deploy Docker Image - DEV # Set the agent to run on runs-on: ubuntu-latest # Prevent duplicate run from happening when a forked push is committed if: ${{ github.event_name == 'push' || github.event.pull_request.head.repo.full_name != github.repository }} timeout-minutes: 60 ################## # Load all steps # ################## steps: ########################## # Checkout the code base # ########################## - name: Checkout Code uses: actions/checkout@v2.4.0 with: # Full git history is needed to get a proper list # of changed files within `super-linter` fetch-depth: 0 ######################## # Get the current date # ######################## - name: Get current date run: | echo "Appending the build date contents to GITHUB_ENV..." echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" ######################## # Setup Docker build X # ######################## - name: Setup BuildX uses: docker/setup-buildx-action@v1.6.0 ################ # Docker cache # ################ - name: Cache Docker layers uses: actions/cache@v2 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-single-buildx-standard restore-keys: | ${{ runner.os }}-single-buildx ########################################### # Build and Push containers to registries # ########################################### - name: Build Docker image - Standard uses: docker/build-push-action@v2.7.0 with: context: . file: ./Dockerfile build-args: | BUILD_DATE=${{ env.BUILD_DATE }} BUILD_REVISION=${{ github.sha }} BUILD_VERSION=${{ github.sha }} load: true push: false tags: | "ghcr.io/github/super-linter:${{ github.sha }}" ghcr.io/github/super-linter:test cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new # Temp fix # https://github.com/docker/build-push-action/issues/252 # https://github.com/moby/buildkit/issues/1896 ############# # Fix Cache # ############# - name: Move cache run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache ######################################## # Validates the metadata docker labels # ######################################## - name: Run Docker label test cases shell: bash run: .automation/validate-docker-labels.sh ######################################## # Edit action.yml for test local build # ######################################## - name: Edit an action.yml file for test local build run: | sed -i "s/super-linter:.*/super-linter:${GITHUB_SHA}'/g" action.yml ###################### # Gather information # ###################### - name: Gather information about the runtime environment shell: bash run: | make info ########################## # Test in action context # ########################## # Test the built image in the actions context. # Not the container directly, and not using RUN_LOCAL=true - name: Test the local action uses: ./ env: ACTIONS_RUNNER_DEBUG: true ERROR_ON_MISSING_EXEC_BIT: true VALIDATE_ALL_CODEBASE: false GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} DEFAULT_BRANCH: main ############################################################### # Fix file and dir ownership. # # Workaround for https://github.com/actions/runner/issues/434 # ############################################################### - name: Fix file and directory ownership shell: bash run: | sudo chown -R "$(id -u)":"$(id -g)" "$(pwd)" ################## # Run test cases # ################## - name: Run the test suite shell: bash run: | make test ########################## # Codacy Coverage Report # ########################## - name: Upload the code coverage report uses: codacy/codacy-coverage-reporter-action@v1.3 # Dependabot does not have priv to see the secret, so will # fail opn bump jobs... continue-on-error: true with: project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} coverage-reports: test/reports/cobertura/runTests.sh/cobertura.xml ##################################### # Run Linter against Test code base # ##################################### - name: Run Test Cases - standard shell: bash run: | docker run \ -e RUN_LOCAL=true \ -e TEST_CASE_RUN=true \ -e ANSIBLE_DIRECTORY=.automation/test/ansible \ -e ACTIONS_RUNNER_DEBUG=true \ -e ERROR_ON_MISSING_EXEC_BIT=true \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \ "ghcr.io/github/super-linter:${GITHUB_SHA}" ######################################### # Clean code base to run against it all # ######################################### - name: Clean Test code base for additional testing shell: bash run: .automation/clean-code-base-for-tests.sh ############################################ # Run Linter against ALL cleaned code base # ############################################ - name: Run against all code base shell: bash run: | docker run \ -e RUN_LOCAL=true \ -e OUTPUT_DETAILS=detailed \ -e ACTIONS_RUNNER_DEBUG=true \ -e ERROR_ON_MISSING_EXEC_BIT=true \ -e YAML_LINTER_RULES=.github/linters/.yaml-linter.yml \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \ "ghcr.io/github/super-linter:${GITHUB_SHA}"