Commit graph

425 commits

Author SHA1 Message Date
Marco Ferrari
1d104357a5
ci: fetch the whole repo when setting build meta (#6017)
We need the whole repository history to get information about specific
commits to set some build metadata, such as BUILD_VERSION.
2024-08-13 15:36:55 +02:00
Marco Ferrari
82094c879b
build: fix build metadata (#6015)
- Don't set BUILD_VERSION in CI/CD workflows otherwise the
  build-metadata script will always fall back to those values instead of
  computing new ones.
- When calculating BUILD_REVISION, check if BUILD_REVISION is set before
  falling back.
2024-08-13 14:26:26 +02:00
Marco Ferrari
bde3b9368e
build: set build_version dynamically (#6013)
Set BUILD_VERSION to the content of the version descriptor (version.txt)
if it changed in the last commit, assuming that the last commit was a
release preparation commit that updated the version descriptor.

Close #4928
2024-08-13 12:10:31 +02:00
Marco Ferrari
0c6e9a5778
chore: remove test leftovers before running fix test (#5995)
- Remove test leftovers before initializing the workspace
  against which fix mode tests run. This prevents ownership issues.
- Pass container image build metadata as outputs of the container image
  build job so we can include the validate-container-image-labels target
  as other test target when we build the test matrix.
- Manually include the 'test' target when building the test suite matrix
  so we run it as part of the test suite to ensure that tests don't
  pollute each other's working directory.

Fix #5994
2024-08-12 18:01:40 +02:00
Marco Ferrari
2ecf945339
ci: update release-please to the new workspace (#5901)
- Update release-please namespace because it  moved from
  google-github-actions to googleapis.
- Switch to a complete release identifier.
2024-07-18 11:46:32 +02:00
dependabot[bot]
27170b8e92
deps(github-actions): bump docker/build-push-action from 5 to 6 (#5770)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5...v6)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-17 06:51:21 +00:00
dependabot[bot]
dd4313c9b3
deps(github-actions): bump actions/upload-artifact from 4.3.3 to 4.3.4 (#5860)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4.3.3...v4.3.4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-11 06:59:24 +00:00
dependabot[bot]
ed72e66416
deps(github-actions): bump actions/download-artifact from 4.1.7 to 4.1.8 (#5861)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.7 to 4.1.8.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4.1.7...v4.1.8)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-11 06:27:27 +00:00
Marco Ferrari
c770a8d253
feat: enable dotenv-linter for slim images (#5868)
Set up dotenv-linter for the slim image, and not only for the standard
image because it doesn't have dependencies on the Rust SDK, and weights
less than 10MB.
2024-07-10 15:50:15 +02:00
Marco Ferrari
bcf8ca82ad
ci: print info about the environment, image size (#5869)
- Add information about container image layers size when printing info
  about the environment.
- Print info about the environment during the CI job.
2024-07-10 14:45:32 +02:00
Marco Ferrari
32a200b72a
ci: check for skipped and cancelled matrix jobs (#5840)
- Always run the job to check if any job of the test matrix failed.
- Check if any job of the test matrix was skipped or cancelled, and not
  just failed.
2024-07-04 22:24:12 +02:00
dependabot[bot]
a6a338bcc0
deps(github-actions): bump docker/login-action from 3.1.0 to 3.2.0 (#5714)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.1.0...v3.2.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 14:02:34 +00:00
Marco Ferrari
a86fbaf65e
ci: run a job on test suite success (#5687)
- Run a job after all the jobs in the dynamically built test matrix run
  to completion. This job is useful for branch protection rules that
  that need the whole test suite to run successfully.
- Fix linting issues.

Fix #5686
2024-05-24 23:09:39 +02:00
Marco Ferrari
90f3fef29d
ci: move local action test to a dedicated job (#5629) 2024-05-17 10:39:22 +02:00
Marco Ferrari
e0c8376c3a
ci: remove deployment configuration from ci (#5628)
Simplify the CI workflows by skipping GitHub deployments configuration.
We don't use deployments in any other place at the moment.
2024-05-08 07:52:30 +00:00
dependabot[bot]
2b7fe0e1c7
deps(github-actions): bump actions/upload-artifact from 4.3.2 to 4.3.3 (#5586)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-02 11:45:28 +00:00
dependabot[bot]
5d2a841f25
deps(github-actions): bump actions/download-artifact from 4.1.5 to 4.1.7 (#5587)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.5 to 4.1.7.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4.1.5...v4.1.7)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-02 11:45:14 +00:00
dependabot[bot]
90554b436d
deps(github-actions): bump actions/download-artifact from 4.1.4 to 4.1.5 (#5553)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4.1.4...v4.1.5)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-23 14:02:30 +00:00
dependabot[bot]
46a0678d46
deps(github-actions): bump actions/upload-artifact from 4.3.1 to 4.3.2 (#5554)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-23 14:02:20 +00:00
Masaya Suzuki
95fbd33daf
ci: fix a run condition in CI preview-release-notes (#5532) 2024-04-16 07:06:47 +00:00
Masaya Suzuki
a1c890c1f2
ci: do not run by pull request from fork (#5506) 2024-04-15 11:50:35 +00:00
Marco Ferrari
80bb077cfd
ci: free more space on workers (#5481)
- Delete Haskell stuff

Close #5477
2024-04-05 14:12:35 +02:00
dependabot[bot]
fd2c7cc16e
deps(github-actions): bump bobheadxi/deployments from 1.4.0 to 1.5.0 (#5460)
Bumps [bobheadxi/deployments](https://github.com/bobheadxi/deployments) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/bobheadxi/deployments/releases)
- [Commits](https://github.com/bobheadxi/deployments/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: bobheadxi/deployments
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-04 11:40:29 +00:00
dependabot[bot]
b1e59ed1d4
deps(github-actions): bump dependabot/fetch-metadata from 1 to 2 (#5449)
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 1 to 2.
- [Release notes](https://github.com/dependabot/fetch-metadata/releases)
- [Commits](https://github.com/dependabot/fetch-metadata/compare/v1...v2)

---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-04 11:39:14 +00:00
dependabot[bot]
9ad7a43a7d
deps(github-actions): bump docker/login-action from 3.0.0 to 3.1.0 (#5391)
Bumps [docker/login-action](https://github.com/docker/login-action) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3.0.0...v3.1.0)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-21 09:56:30 +00:00
dependabot[bot]
156d0463d7
deps(github-actions): bump akhilerm/tag-push-action from 2.1.0 to 2.2.0 (#5392)
Bumps [akhilerm/tag-push-action](https://github.com/akhilerm/tag-push-action) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/akhilerm/tag-push-action/releases)
- [Commits](https://github.com/akhilerm/tag-push-action/compare/v2.1.0...v2.2.0)

---
updated-dependencies:
- dependency-name: akhilerm/tag-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-21 09:56:14 +00:00
dependabot[bot]
af522a60bb
deps(github-actions): bump actions/download-artifact from 4.1.2 to 4.1.4 (#5361)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.2 to 4.1.4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4.1.2...v4.1.4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-04 17:48:52 +00:00
Marco Ferrari
0938895582
ci: dynamically build the test matrix (#5307)
Dynamically build the matrix of tests to run so we can have each test in
its own step without having to manually maintain the test matrix.
2024-02-20 17:36:35 +00:00
Marco Ferrari
ed27c0146d
fix: github actions debug logging (#5288)
Enable debug logging when one (or more) of the following conditions is
true:

- ACTIONS_RUNNER_DEBUG is set to true
- ACTIONS_STEPS_DEBUG is set to true
- RUNNER_DEBUG is set to 1
2024-02-20 17:27:06 +00:00
Marco Ferrari
54514126f2
ci: configure git user and email (#5284)
Set Git user and email in the CD workflow to correctly push new tags.

Fix #5283
2024-02-15 11:14:55 +01:00
Marco Ferrari
6fd6830fb4
fix: initialize GitHub domain variable (#5216)
- Initialize GITHUB_DOMAIN as documented in the README
- Configure other URLs according to GITHUB_DOMAIN
- Automatically fetch SSH key fingerprints for GITHUB_DOMAINS
2024-02-09 18:45:44 +00:00
Marco Ferrari
fe6e29b685
feat: automatically set the default branch (#5242)
Get the default branch from the GitHub Actions event payload when
running on GitHub Actions. Default to 'master', as before, otherwise.
2024-02-08 08:41:07 +00:00
Marco Ferrari
20ded7178b
fix: don't print empty lines with default logging (#5238)
- Check if Stdout and Stderr have elements before printing them.
- Run the super-linter action in a dedicated step using default logging to
  inspect how the output looks during CI.
2024-02-05 18:24:07 +01:00
Marco Ferrari
5c67776f9d
ci: clone the repository before tagging (#5208)
Clone the repository in the release workflow otherwise we cannot create
tags.
2024-01-31 12:28:15 +01:00
Marco Ferrari
bcbc45aa63
ci: ignore changelog and tests when testing action (#5206)
Align FILTER_REGEX_IGNORE configuration when testing the local action to
the one we use in Makefile
2024-01-31 11:26:01 +01:00
Marco Ferrari
99e41ce451
feat: run linters in parallel (#5177) 2024-01-30 19:24:55 +00:00
dependabot[bot]
a090a4cf0e
deps(github-actions): bump peter-evans/create-issue-from-file (#5180)
Bumps [peter-evans/create-issue-from-file](https://github.com/peter-evans/create-issue-from-file) from 4 to 5.
- [Release notes](https://github.com/peter-evans/create-issue-from-file/releases)
- [Commits](https://github.com/peter-evans/create-issue-from-file/compare/v4...v5)

---
updated-dependencies:
- dependency-name: peter-evans/create-issue-from-file
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-29 20:47:29 +00:00
Marco Ferrari
3a5617235c
feat!: deprecate error_on_missing_exec_bit (#5120)
Deprecate the ERROR_ON_MISSING_EXEC_BIT variable to remove a confusing
corner case, and to align the BASH_EXEC check to how super-linter
handles other linters.
2024-01-10 22:54:13 +00:00
Marco Ferrari
2d79d17e6e
ci: fix concurrency group name (#5121)
- Add missing '$' to github.event_name
- Default to github.head_ref (pull_request event) and fall back to github.ref
  (merge_group and push events)
2024-01-10 10:05:41 +01:00
Marco Ferrari
f6bc05453b
ci: add event name to concurrency group (#5097)
In order to avoid unexpected workflow cancellations due to concurrency
configuration, add the event name to the concurrency group.`
2024-01-05 23:39:54 +01:00
Marco Ferrari
1d5ed2c386
fix: fix GITHUB_BEFORE_SHA diff on push events (#5096)
- Fix GITHUB_BEFORE_SHA initialization on push events by setting the
  correct key.
- Add an additional check against setting GITHUB_BEFORE_SHA to null.
- Run the CI workflow on push events to trigger required status checks
  when using the merge queue.
2024-01-04 22:54:47 +01:00
Marco Ferrari
3847309eca
build: remove unneeded Node dependencies (#5093)
- Remove axios, immer, ini, lodash, node-fetch that were installed to
  run Trivy reports. We can remove them because we use the Trivy action.
- Remove the Trivy workflow that was disabled anyway.
2024-01-03 16:54:06 +01:00
Marco Ferrari
59154bf97f
ci: enable auto-merge for dependabot pull requests (#5063)
Enabling auto-merge doesn't actually merge these PRs because we still
require approvals.
2023-12-24 17:20:13 +01:00
Marco Ferrari
9d7268fb99
feat: add support for checkov to lint iac files (#4925)
- Add support to run Checkov against infrastructure as code descriptors
  that are in a given (configurable) directory. Defaults to lint the
  whole workspace.
- Establish a baseline for our own codebase so we don't have to fix
  issues right away with this change.
2023-12-22 13:22:15 +01:00
Marco Ferrari
641c65a8c4
ci: configure release-please dry-run and changelog (#5039)
- Implement a job to preview the release notes
- Include build, ci, and dependency updates
- Add emoji to section headings to match the existing release notes
- Add documentation about how to run release-please from the CLI
2023-12-21 15:03:14 +01:00
Marco Ferrari
d8ca23519b
build: use a base image (#5033)
- Refactor Dockerfile to use a base image so that we can reuse the cache
  for the standard image and not just the base image.
- Simplify the cd workflow to take into account the Production
  environment only for latest images.
2023-12-20 17:45:35 +01:00
Marco Ferrari
43dc36860c
ci: fix build cache in the cd workflow (#5032) 2023-12-20 16:39:19 +01:00
Marco Ferrari
238caec66e
ci: set current version to 5.7.2 (#5031)
- Set the current version to 5.7.2 in release-please manifest
- Enable cache load in cd workflow
2023-12-20 16:33:53 +01:00
Marco Ferrari
9c7046864f
ci: fix release workflow (#5030)
- Don't run the Release job with a matrix because we don't want to run
  release-please and the git tag steps more than once.
- Don't get release metadata if release-please didn't create the release
  yet.
- Populate the container image build cache.
- Set the starting version and commit for release-please.
2023-12-20 15:55:53 +01:00
Marco Ferrari
93b5ede1e8
ci: configure release-please (#5016)
- Configure release-please to automatically create pull requests and
  releases.
- Run release-please and tag update in the CD workflow.
- Update Git tags pointing to latest, major.minor, and major versions as
  part of the CD workflow.
- Remove workflows (draft-release, release) that are not necessary
  anymore, and related configuration files.
- Handle automatic updates to README.md, action.yml, and action.yaml
- Mount .github to /tmp/lint/.github so super-linter finds config files,
  and the GitHub Actions to lint.
2023-12-20 14:58:25 +01:00