actions/superlint
1
0
Fork 0
mirror of https://github.com/super-linter/super-linter.git synced 2024-11-22 00:31:07 -05:00
Code Issues Projects Releases Packages Wiki Activity

Use the same image tags in CI and CD (#4778)

Browse source 
* Use the same image tags in CI and CD

* Define image tag once per workflow

* Fix yq tag

* Don't quote yq to avoid literal interpretation

* yq version

* Fix yq tag

* Reduce duplication

* Fix workflow env var

* Don't remove an already removed container
This commit is contained in:
Marco Ferrari 2023-10-20 00:03:14 +03:00 committed by GitHub
parent fb9b3e2d04
commit dfedd306f3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 76 additions and 75 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
.github/workflows/cd.yml vendored
View file

@ -28,6 +28,9 @@ jobs:
prefix: "" prefix: ""
image-id: standard image-id: standard
timeout-minutes: 60 timeout-minutes: 60
env:
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
steps: steps:
- name: Free Disk space - name: Free Disk space
shell: bash shell: bash
@ -55,11 +58,11 @@ jobs:
secrets: | secrets: |
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
tags: | tags: |
ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest ${{ env.CONTAINER_IMAGE_ID }}
target: "${{ matrix.images.target }}" target: "${{ matrix.images.target }}"
- name: Run Test Suite - name: Run Test Suite
run: make IMAGE=${{ matrix.images.target }} test run: make test
- name: Run Super-Linter Tests - name: Run Super-Linter Tests
run: | run: |
@ -71,9 +74,7 @@ jobs:
-e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \ -e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \
-e ERROR_ON_MISSING_EXEC_BIT=true \ -e ERROR_ON_MISSING_EXEC_BIT=true \
-v "${GITHUB_WORKSPACE}:/tmp/lint" \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \
"ghcr.io/super-linter/super-linter:${tag}" "${CONTAINER_IMAGE_ID}"
env:
tag: ${{ matrix.images.target }}
- name: Lint Entire Codebase - name: Lint Entire Codebase
run: | run: |
@ -84,9 +85,7 @@ jobs:
-e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \ -e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \
-e ERROR_ON_MISSING_EXEC_BIT=true \ -e ERROR_ON_MISSING_EXEC_BIT=true \
-v "${GITHUB_WORKSPACE}:/tmp/lint" \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \
"ghcr.io/super-linter/super-linter:${tag}" "${CONTAINER_IMAGE_ID}"
env:
tag: ${{ matrix.images.target }}
- name: Login to GHCR - name: Login to GHCR
uses: docker/login-action@v3.0.0 uses: docker/login-action@v3.0.0
@ -117,7 +116,7 @@ jobs:
secrets: | secrets: |
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
tags: | tags: |
ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest ${{ env.CONTAINER_IMAGE_ID }}
target: "${{ matrix.images.target }}" target: "${{ matrix.images.target }}"
- name: Update ${{ matrix.images.environment }} Deployment - name: Update ${{ matrix.images.environment }} Deployment

28
.github/workflows/ci.yml vendored
View file

@ -18,9 +18,14 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
images: images:
- target: slim - prefix: slim-
- target: standard target: slim
- prefix: ""
target: standard
timeout-minutes: 60 timeout-minutes: 60
env:
CONTAINER_IMAGE_ID: "ghcr.io/super-linter/super-linter:${{ matrix.images.prefix }}latest"
CONTAINER_IMAGE_TARGET: "${{ matrix.images.target }}"
steps: steps:
- name: Free Disk space - name: Free Disk space
shell: bash shell: bash
@ -34,7 +39,11 @@ jobs:
fetch-depth: 0 fetch-depth: 0
- name: Update action.yml - name: Update action.yml
run: yq '.runs.image = "docker://ghcr.io/super-linter/super-linter:${{ matrix.images.target }}"' -i action.yml run: |
echo "yq version: $(yq --version)"
yq '.runs.image = env(CONTAINER_IMAGE_ID)' -i action.yml
echo "Action file contents:"
cat action.yml
- name: Retrieve Datetime - name: Retrieve Datetime
run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}" run: echo "BUILD_DATE=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> "${GITHUB_ENV}"
@ -52,7 +61,8 @@ jobs:
push: false push: false
secrets: | secrets: |
GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }}
tags: ghcr.io/super-linter/super-linter:${{ matrix.images.target }} tags: |
${{ env.CONTAINER_IMAGE_ID }}
target: "${{ matrix.images.target }}" target: "${{ matrix.images.target }}"
- name: Test Local Action - name: Test Local Action
@ -67,7 +77,7 @@ jobs:
RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES: "default.json,hoge.json" RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES: "default.json,hoge.json"
- name: Run Test Suite - name: Run Test Suite
run: make IMAGE=${{ matrix.images.target }} test run: make test
- name: Run Super-Linter Tests - name: Run Super-Linter Tests
run: | run: |
@ -79,9 +89,7 @@ jobs:
-e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \ -e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \
-e ERROR_ON_MISSING_EXEC_BIT=true \ -e ERROR_ON_MISSING_EXEC_BIT=true \
-v "${GITHUB_WORKSPACE}:/tmp/lint" \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \
"ghcr.io/super-linter/super-linter:${tag}" "${CONTAINER_IMAGE_ID}"
env:
tag: ${{ matrix.images.target }}
- name: Lint Entire Codebase - name: Lint Entire Codebase
run: | run: |
@ -92,6 +100,4 @@ jobs:
-e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \ -e RENOVATE_SHAREABLE_CONFIG_PRESET_FILE_NAMES="default.json,hoge.json" \
-e ERROR_ON_MISSING_EXEC_BIT=true \ -e ERROR_ON_MISSING_EXEC_BIT=true \
-v "${GITHUB_WORKSPACE}:/tmp/lint" \ -v "${GITHUB_WORKSPACE}:/tmp/lint" \
"ghcr.io/super-linter/super-linter:${tag}" "${CONTAINER_IMAGE_ID}"
env:
tag: ${{ matrix.images.target }}

77
Makefile
View file

@ -1,10 +1,10 @@
# Inspired by https://github.com/jessfraz/dotfiles # Inspired by https://github.com/jessfraz/dotfiles
.PHONY: all .PHONY: all
all: info test ## Run all targets. all: info docker test ## Run all targets.
.PHONY: test .PHONY: test
test: info clean inspec kcov prepare-test-reports ## Run tests test: inspec ## Run tests
# if this session isn't interactive, then we don't want to allocate a # if this session isn't interactive, then we don't want to allocate a
# TTY, which would fail, but if it is interactive, we do want to attach # TTY, which would fail, but if it is interactive, we do want to attach
@ -22,40 +22,6 @@ info: ## Gather information about the runtime environment
docker images; \ docker images; \
docker ps docker ps
.PHONY: kcov
kcov: ## Run kcov
docker run --rm $(DOCKER_FLAGS) \
--user "$$(id -u)":"$$(id -g)" \
-v "$(CURDIR)":/workspace \
-w="/workspace" \
kcov/kcov \
kcov \
--bash-parse-files-in-dir=/workspace \
--clean \
--exclude-pattern=.coverage,.git \
--include-pattern=.sh \
/workspace/test/.coverage \
/workspace/test/runTests.sh
COBERTURA_REPORTS_DESTINATION_DIRECTORY := "$(CURDIR)/test/reports/cobertura"
.PHONY: prepare-test-reports
prepare-test-reports: ## Prepare the test reports for consumption
mkdir -p $(COBERTURA_REPORTS_DESTINATION_DIRECTORY); \
COBERTURA_REPORTS="$$(find "$$(pwd)" -name 'cobertura.xml')"; \
for COBERTURA_REPORT_FILE_PATH in $$COBERTURA_REPORTS ; do \
COBERTURA_REPORT_DIRECTORY_PATH="$$(dirname "$$COBERTURA_REPORT_FILE_PATH")"; \
COBERTURA_REPORT_DIRECTORY_NAME="$$(basename "$$COBERTURA_REPORT_DIRECTORY_PATH")"; \
COBERTURA_REPORT_DIRECTORY_NAME_NO_SUFFIX="$${COBERTURA_REPORT_DIRECTORY_NAME%.*}"; \
mkdir -p "$(COBERTURA_REPORTS_DESTINATION_DIRECTORY)"/"$$COBERTURA_REPORT_DIRECTORY_NAME_NO_SUFFIX"; \
cp "$$COBERTURA_REPORT_FILE_PATH" "$(COBERTURA_REPORTS_DESTINATION_DIRECTORY)"/"$$COBERTURA_REPORT_DIRECTORY_NAME_NO_SUFFIX"/cobertura.xml; \
done
.PHONY: clean
clean: ## Clean the workspace
rm -rf $(CURDIR)/test/.coverage; \
rm -rf $(CURDIR)/test/reports
.PHONY: help .PHONY: help
help: ## Show help help: ## Show help
@grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' @grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
@ -71,25 +37,26 @@ inspec-check: ## Validate inspec profiles
test/inspec/super-linter test/inspec/super-linter
SUPER_LINTER_TEST_CONTAINER_NAME := "super-linter-test" SUPER_LINTER_TEST_CONTAINER_NAME := "super-linter-test"
SUPER_LINTER_TEST_CONTINER_URL := '' SUPER_LINTER_TEST_CONTAINER_URL := $(CONTAINER_IMAGE_ID)
DOCKERFILE := '' DOCKERFILE := ''
IMAGE := '' IMAGE := $(CONTAINER_IMAGE_TARGET)
ifeq ($(IMAGE),slim)
SUPER_LINTER_TEST_CONTINER_URL := "ghcr.io/super-linter/super-linter:slim" # Default to stadard
IMAGE := "slim" ifeq ($(IMAGE),)
else IMAGE := "standard"
SUPER_LINTER_TEST_CONTINER_URL := "ghcr.io/super-linter/super-linter:standard" endif
IMAGE := "standard"
# Default to latest
ifeq ($(SUPER_LINTER_TEST_CONTAINER_URL),)
SUPER_LINTER_TEST_CONTAINER_URL := "ghcr.io/super-linter/super-linter:latest"
endif endif
.PHONY: inspec .PHONY: inspec
inspec: inspec-check ## Run InSpec tests inspec: inspec-check ## Run InSpec tests
LOCAL_IMAGE="$$(docker images $(SUPER_LINTER_TEST_CONTINER_URL) |grep 'ghcr.io/super-linter/super-linter')"; \ DOCKER_CONTAINER_STATE="$$(docker inspect --format "{{.State.Running}}" $(SUPER_LINTER_TEST_CONTAINER_NAME) 2>/dev/null || echo "")"; \
if [ "$$?" -ne 0 ]; then docker build -t $(SUPER_LINTER_TEST_CONTINER_URL) -f Dockerfile .; fi && \ if [ "$$DOCKER_CONTAINER_STATE" = "true" ]; then docker kill $(SUPER_LINTER_TEST_CONTAINER_NAME); fi && \
DOCKER_CONTAINER_STATE="$$(docker inspect --format "{{.State.Running}}" "$(SUPER_LINTER_TEST_CONTAINER_NAME)" 2>/dev/null || echo "")"; \ docker tag $(SUPER_LINTER_TEST_CONTAINER_URL) $(SUPER_LINTER_TEST_CONTAINER_NAME) && \
if [ "$$DOCKER_CONTAINER_STATE" = "true" ]; then docker kill "$(SUPER_LINTER_TEST_CONTAINER_NAME)"; fi && \ SUPER_LINTER_TEST_CONTAINER_ID="$$(docker run -d --name $(SUPER_LINTER_TEST_CONTAINER_NAME) --rm -it --entrypoint /bin/ash $(SUPER_LINTER_TEST_CONTAINER_NAME) -c "while true; do sleep 1; done")" \
docker tag $(SUPER_LINTER_TEST_CONTINER_URL) $(SUPER_LINTER_TEST_CONTAINER_NAME) && \
SUPER_LINTER_TEST_CONTAINER_ID="$$(docker run -d --name "$(SUPER_LINTER_TEST_CONTAINER_NAME)" --rm -it --entrypoint /bin/ash "$(SUPER_LINTER_TEST_CONTAINER_NAME)" -c "while true; do sleep 1; done")" \
&& docker run $(DOCKER_FLAGS) \ && docker run $(DOCKER_FLAGS) \
--rm \ --rm \
-v "$(CURDIR)":/workspace \ -v "$(CURDIR)":/workspace \
@ -102,14 +69,18 @@ inspec: inspec-check ## Run InSpec tests
--log-level=debug \ --log-level=debug \
-t "docker://$${SUPER_LINTER_TEST_CONTAINER_ID}" \ -t "docker://$${SUPER_LINTER_TEST_CONTAINER_ID}" \
&& docker ps \ && docker ps \
&& docker kill "$(SUPER_LINTER_TEST_CONTAINER_NAME)" && docker kill $(SUPER_LINTER_TEST_CONTAINER_NAME)
.phony: docker .phony: docker
docker: docker: ## Build the container image
@if [ -z "${GITHUB_TOKEN}" ]; then echo "GITHUB_TOKEN environment variable not set. Please set your GitHub Personal Access Token."; exit 1; fi @if [ -z "${GITHUB_TOKEN}" ]; then echo "GITHUB_TOKEN environment variable not set. Please set your GitHub Personal Access Token."; exit 1; fi
DOCKER_BUILDKIT=1 docker buildx build --load \ DOCKER_BUILDKIT=1 docker buildx build --load \
--build-arg BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ') \ --build-arg BUILD_DATE=$(shell date -u +'%Y-%m-%dT%H:%M:%SZ') \
--build-arg BUILD_REVISION=$(shell git rev-parse --short HEAD) \ --build-arg BUILD_REVISION=$(shell git rev-parse --short HEAD) \
--build-arg BUILD_VERSION=$(shell git rev-parse --short HEAD) \ --build-arg BUILD_VERSION=$(shell git rev-parse --short HEAD) \
--secret id=GITHUB_TOKEN,env=GITHUB_TOKEN \ --secret id=GITHUB_TOKEN,env=GITHUB_TOKEN \
-t ghcr.io/super-linter/super-linter . -t $(SUPER_LINTER_TEST_CONTAINER_URL) .
.phony: docker-pull
docker-pull: ## Pull the container image from registry
docker pull $(SUPER_LINTER_TEST_CONTAINER_URL)

29
docs/run-linter-locally.md
View file

@ -5,8 +5,9 @@ If you want to test locally against the **Super-Linter** to test your branch of
- Clone your testing source code to your local environment - Clone your testing source code to your local environment
- Install Docker to your local environment - Install Docker to your local environment
- Pull the container down - Pull the container down
- Run the container - Run the container locally
- Debug/Troubleshoot - Run the test suite locally
- Troubleshoot
## Install Docker to your local machine ## Install Docker to your local machine
@ -97,6 +98,30 @@ jobs:
DEFAULT_BRANCH: develop DEFAULT_BRANCH: develop
``` ```
## Build the container image and run the test suite locally
You can run the test suite locally with the following command:
```shell
make
```
The test suite will build the container image and run the test suite against a
a container that is an instance of that container image.
### Run the test suite against an arbitrary super-linter container image
You can run the test suite against an arbitrary super-linter container image.
Here is an example that runs the test suite against the `standard` flavor of the
`v5.4.3` image.
```shell
CONTAINER_IMAGE_ID="ghcr.io/super-linter/super-linter:v5.4.3" \
CONTAINER_IMAGE_TARGET="standard" \
make docker-pull test
```
## Troubleshooting ## Troubleshooting
### Run container and gain access to the command-line ### Run container and gain access to the command-line