Update formatting for names and output in docs #2176
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration | |
on: | |
push: | |
branches: | |
- main | |
- release-* | |
tags: | |
- "v[0-9]+.[0-9]+.[0-9]+*" | |
pull_request: | |
branches: | |
- main | |
- release-* | |
types: | |
- opened | |
- reopened | |
- synchronize | |
defaults: | |
run: | |
shell: bash | |
concurrency: | |
group: ${{ github.ref_name }}-ci | |
cancel-in-progress: true | |
env: | |
platforms: "linux/arm64, linux/amd64" | |
jobs: | |
vars: | |
name: Checks and variables | |
runs-on: ubuntu-22.04 | |
outputs: | |
go_path: ${{ steps.vars.outputs.go_path }} | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Setup Golang Environment | |
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 | |
with: | |
go-version-file: go.mod | |
- name: Output Variables | |
id: vars | |
run: echo "go_path=$(go env GOPATH)" >> $GITHUB_OUTPUT | |
- name: Check if go.mod and go.sum are up to date | |
run: go mod tidy && git diff --exit-code -- go.mod go.sum | |
- name: Check if generated files are up to date | |
run: make generate && git diff --exit-code | |
unit-tests: | |
name: Unit Tests | |
runs-on: ubuntu-22.04 | |
needs: vars | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Setup Golang Environment | |
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 | |
with: | |
go-version-file: go.mod | |
- name: Run Tests | |
run: make unit-test | |
- name: Upload Coverage Report | |
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
with: | |
name: cover-${{ github.run_id }}.html | |
path: ${{ github.workspace }}/cover.html | |
if: always() | |
njs-unit-tests: | |
name: NJS Unit Tests | |
runs-on: ubuntu-22.04 | |
needs: vars | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Setup Node.js Environment | |
uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0 | |
with: | |
node-version: 18 | |
- run: npm --prefix ${{ github.workspace }}/internal/mode/static/nginx/modules install-ci-test | |
release: | |
name: Release | |
runs-on: ubuntu-22.04 | |
needs: [unit-tests, njs-unit-tests] | |
if: ${{ github.event_name == 'push' && github.ref != 'refs/heads/main' }} | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Create/Update Draft | |
uses: lucacome/draft-release@d13ccde6350706e32f451566ee5cd4bf5a27de3d # v0.2.1 | |
with: | |
minor-label: "enhancement" | |
major-label: "change" | |
publish: ${{ startsWith(github.ref, 'refs/tags/') }} | |
collapse-after: 20 | |
notes-header: | | |
*Below is the auto-generated changelog, which includes all PRs that went into the release. | |
For a shorter version that highlights only important changes, see [CHANGELOG.md](https://github.com/nginxinc/nginx-kubernetes-gateway/blob/{{version}}/CHANGELOG.md).* | |
binary: | |
name: Build Binary | |
runs-on: ubuntu-22.04 | |
needs: vars | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
with: | |
fetch-depth: 0 | |
- name: Setup Golang Environment | |
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 | |
with: | |
go-version-file: go.mod | |
- name: Download Syft | |
uses: anchore/sbom-action/download-syft@78fc58e266e87a38d4194b2137a3d4e9bcaf7ca1 # v0.14.3 | |
if: startsWith(github.ref, 'refs/tags/') | |
- name: Build binary | |
uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 | |
with: | |
version: latest | |
args: ${{ startsWith(github.ref, 'refs/tags/') && 'release' || 'build --snapshot' }} --clean | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
GOPATH: ${{ needs.vars.outputs.go_path }} | |
AZURE_STORAGE_ACCOUNT: ${{ secrets.AZURE_STORAGE_ACCOUNT }} | |
AZURE_STORAGE_KEY: ${{ secrets.AZURE_STORAGE_KEY }} | |
AZURE_BUCKET_NAME: ${{ secrets.AZURE_BUCKET_NAME }} | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_COMMUNITY }} | |
- name: Cache Artifacts | |
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 | |
with: | |
path: ${{ github.workspace }}/dist | |
key: nginx-kubernetes-gateway-${{ github.run_id }}-${{ github.run_number }} | |
conformance-tests: | |
name: Gateway Conformance Tests | |
runs-on: ubuntu-22.04 | |
needs: vars | |
if: ${{ github.ref_type != 'tag' }} | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Setup Golang Environment | |
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 | |
with: | |
go-version-file: go.mod | |
- name: Docker Buildx | |
uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@818d4b7b91585d195f67373fd9cb0332e31a7175 # v4.6.0 | |
with: | |
images: | | |
name=ghcr.io/nginxinc/nginx-kubernetes-gateway | |
tags: | | |
type=semver,pattern={{version}} | |
type=edge | |
type=ref,event=pr | |
type=ref,event=branch,suffix=-rc,enable=${{ startsWith(github.ref, 'refs/heads/release') }} | |
- name: Prepare NKG files | |
run: | | |
nkg_prefix=$(echo ${{ steps.meta.outputs.tags }} | cut -d ":" -f 1) | |
nkg_tag=$(echo ${{ steps.meta.outputs.tags }} | cut -d ":" -f 2) | |
make update-nkg-manifest NKG_PREFIX=${nkg_prefix} NKG_TAG=${nkg_tag} | |
working-directory: ./conformance | |
- name: Build binary | |
uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0 | |
with: | |
version: latest | |
args: ${{ startsWith(github.ref, 'refs/tags/') && 'release' || 'build --snapshot' }} --clean | |
env: | |
GOPATH: ${{ needs.vars.outputs.go_path }} | |
- name: Build Docker Image | |
uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 | |
with: | |
file: build/Dockerfile | |
tags: ${{ steps.meta.outputs.tags }} | |
context: "." | |
target: goreleaser | |
load: true | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
pull: true | |
- name: Build Test Docker Image | |
uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 | |
with: | |
file: conformance/tests/Dockerfile | |
tags: conformance-test-runner:${{ github.sha }} | |
context: "." | |
load: true | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
pull: true | |
- name: Deploy Kubernetes | |
id: k8s | |
run: | | |
make create-kind-cluster KIND_KUBE_CONFIG=kube-${{ github.run_id }} | |
echo "KUBECONFIG=kube-${{ github.run_id }}" >> "$GITHUB_ENV" | |
working-directory: ./conformance | |
- name: Setup conformance tests | |
run: | | |
nkg_prefix=$(echo ${{ steps.meta.outputs.tags }} | cut -d ":" -f 1) | |
nkg_tag=$(echo ${{ steps.meta.outputs.tags }} | cut -d ":" -f 2) | |
make install-nkg-local-no-build NKG_PREFIX=${nkg_prefix} NKG_TAG=${nkg_tag} | |
working-directory: ./conformance | |
- name: Run conformance tests | |
run: | | |
make run-conformance-tests TAG=${{ github.sha }} | |
working-directory: ./conformance | |
build: | |
name: Build Image | |
runs-on: ubuntu-22.04 | |
needs: [vars, binary] | |
steps: | |
- name: Checkout Repository | |
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 | |
- name: Fetch Cached Artifacts | |
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 | |
with: | |
path: ${{ github.workspace }}/dist | |
key: nginx-kubernetes-gateway-${{ github.run_id }}-${{ github.run_number }} | |
- name: Docker Buildx | |
uses: docker/setup-buildx-action@4c0219f9ac95b02789c1075625400b2acbff50b1 # v2.9.1 | |
- name: Setup QEMU | |
uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0 | |
with: | |
platforms: arm64 | |
- name: Login to GitHub Container Registry | |
uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0 | |
if: ${{ github.event_name != 'pull_request' }} | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Docker meta | |
id: meta | |
uses: docker/metadata-action@818d4b7b91585d195f67373fd9cb0332e31a7175 # v4.6.0 | |
with: | |
images: | | |
name=ghcr.io/nginxinc/nginx-kubernetes-gateway | |
tags: | | |
type=semver,pattern={{version}} | |
type=edge | |
type=ref,event=pr | |
type=ref,event=branch,suffix=-rc,enable=${{ startsWith(github.ref, 'refs/heads/release') }} | |
- name: Build Docker Image | |
uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 # v4.1.1 | |
with: | |
file: build/Dockerfile | |
context: "." | |
target: goreleaser | |
tags: ${{ steps.meta.outputs.tags }} | |
labels: ${{ steps.meta.outputs.labels }} | |
load: ${{ github.event_name == 'pull_request' }} | |
push: ${{ github.event_name != 'pull_request' }} | |
platforms: ${{ github.event_name != 'pull_request' && env.platforms || '' }} | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
pull: true | |
no-cache: ${{ github.event_name != 'pull_request' }} | |
sbom: ${{ github.event_name != 'pull_request' }} | |
provenance: false | |
- name: Run Trivy vulnerability scanner | |
uses: aquasecurity/trivy-action@41f05d9ecffa2ed3f1580af306000f734b733e54 # 0.11.2 | |
continue-on-error: true | |
with: | |
image-ref: ghcr.io/nginxinc/nginx-kubernetes-gateway:${{ steps.meta.outputs.version }} | |
format: "sarif" | |
output: "trivy-results-nginx-kubernetes-gateway.sarif" | |
ignore-unfixed: "true" | |
- name: Upload Trivy scan results to GitHub Security tab | |
uses: github/codeql-action/upload-sarif@46ed16ded91731b2df79a2893d3aea8e9f03b5c4 # v2.20.3 | |
continue-on-error: true | |
with: | |
sarif_file: "trivy-results-nginx-kubernetes-gateway.sarif" | |
- name: Upload Scan Results | |
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 | |
continue-on-error: true | |
with: | |
name: "trivy-results-nginx-kubernetes-gateway.sarif" | |
path: "trivy-results-nginx-kubernetes-gateway.sarif" | |
if: always() |