Merge pull request #1874 from bunkerity/dev #532
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Automatic tests (STAGING) | |
| permissions: read-all | |
| on: | |
| push: | |
| branches: [staging] | |
| jobs: | |
| # Build Docker images | |
| build-containers: | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| matrix: | |
| image: [bunkerweb, scheduler, autoconf, ui] | |
| include: | |
| - image: bunkerweb | |
| dockerfile: src/bw/Dockerfile | |
| - image: scheduler | |
| dockerfile: src/scheduler/Dockerfile | |
| - image: autoconf | |
| dockerfile: src/autoconf/Dockerfile | |
| - image: ui | |
| dockerfile: src/ui/Dockerfile | |
| uses: ./.github/workflows/container-build.yml | |
| with: | |
| RELEASE: testing | |
| ARCH: linux/amd64 | |
| CACHE: true | |
| PUSH: true | |
| IMAGE: ${{ matrix.image }} | |
| DOCKERFILE: ${{ matrix.dockerfile }} | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
| # Build Linux packages | |
| build-packages: | |
| permissions: | |
| contents: read | |
| packages: write | |
| strategy: | |
| matrix: | |
| linux: [ubuntu, debian, fedora, rhel, rhel9, ubuntu-jammy] | |
| include: | |
| - linux: ubuntu | |
| package: deb | |
| - linux: debian | |
| package: deb | |
| - linux: fedora | |
| package: rpm | |
| - linux: rhel | |
| package: rpm | |
| - linux: rhel9 | |
| package: rpm | |
| - linux: ubuntu-jammy | |
| package: deb | |
| uses: ./.github/workflows/linux-build.yml | |
| with: | |
| RELEASE: testing | |
| LINUX: ${{ matrix.linux }} | |
| PACKAGE: ${{ matrix.package }} | |
| TEST: true | |
| PLATFORMS: linux/amd64 | |
| secrets: | |
| DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} | |
| DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }} | |
| codeql: | |
| uses: ./.github/workflows/codeql.yml | |
| permissions: | |
| actions: read | |
| contents: read | |
| security-events: write | |
| # Create infrastructures and prepare tests | |
| create-infras: | |
| needs: [codeql, build-containers, build-packages] | |
| strategy: | |
| matrix: | |
| type: [docker, autoconf, swarm, k8s, linux] | |
| uses: ./.github/workflows/staging-create-infra.yml | |
| with: | |
| TYPE: ${{ matrix.type }} | |
| secrets: | |
| CICD_SECRETS: ${{ secrets.CICD_SECRETS }} | |
| SECRET_KEY: ${{ secrets.SECRET_KEY }} | |
| staging-tests: | |
| needs: [create-infras] | |
| strategy: | |
| matrix: | |
| type: [docker, autoconf, swarm, k8s, linux] | |
| include: | |
| - type: docker | |
| runs_on: "['self-hosted', 'bw-docker']" | |
| - type: autoconf | |
| runs_on: "['self-hosted', 'bw-autoconf']" | |
| - type: swarm | |
| runs_on: "['self-hosted', 'bw-swarm']" | |
| - type: k8s | |
| runs_on: "['ubuntu-latest']" | |
| - type: linux | |
| runs_on: "['self-hosted', 'bw-linux']" | |
| uses: ./.github/workflows/staging-tests.yml | |
| with: | |
| TYPE: ${{ matrix.type }} | |
| RUNS_ON: ${{ matrix.runs_on }} | |
| secrets: inherit | |
| # Delete infrastructures | |
| delete-infras: | |
| if: ${{ always() }} | |
| needs: [staging-tests] | |
| strategy: | |
| matrix: | |
| type: [docker, autoconf, swarm, k8s, linux] | |
| uses: ./.github/workflows/staging-delete-infra.yml | |
| with: | |
| TYPE: ${{ matrix.type }} | |
| secrets: | |
| CICD_SECRETS: ${{ secrets.CICD_SECRETS }} | |
| SECRET_KEY: ${{ secrets.SECRET_KEY }} | |
| # Push Docker images | |
| push-images: | |
| needs: [staging-tests] | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: Login to ghcr | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Push BW image | |
| run: docker pull ghcr.io/bunkerity/bunkerweb-tests:testing && docker tag ghcr.io/bunkerity/bunkerweb-tests:testing bunkerity/bunkerweb:testing && docker push bunkerity/bunkerweb:testing && docker tag bunkerity/bunkerweb:testing ghcr.io/bunkerity/bunkerweb:testing && docker push ghcr.io/bunkerity/bunkerweb:testing | |
| - name: Push scheduler image | |
| run: docker pull ghcr.io/bunkerity/scheduler-tests:testing && docker tag ghcr.io/bunkerity/scheduler-tests:testing bunkerity/bunkerweb-scheduler:testing && docker push bunkerity/bunkerweb-scheduler:testing && docker tag bunkerity/bunkerweb-scheduler:testing ghcr.io/bunkerity/bunkerweb-scheduler:testing && docker push ghcr.io/bunkerity/bunkerweb-scheduler:testing | |
| - name: Push UI image | |
| run: docker pull ghcr.io/bunkerity/ui-tests:testing && docker tag ghcr.io/bunkerity/ui-tests:testing bunkerity/bunkerweb-ui:testing && docker push bunkerity/bunkerweb-ui:testing && docker tag bunkerity/bunkerweb-ui:testing ghcr.io/bunkerity/bunkerweb-ui:testing && docker push ghcr.io/bunkerity/bunkerweb-ui:testing | |
| - name: Push autoconf image | |
| run: docker pull ghcr.io/bunkerity/autoconf-tests:testing && docker tag ghcr.io/bunkerity/autoconf-tests:testing bunkerity/bunkerweb-autoconf:testing && docker push bunkerity/bunkerweb-autoconf:testing && docker tag bunkerity/bunkerweb-autoconf:testing ghcr.io/bunkerity/bunkerweb-autoconf:testing && docker push ghcr.io/bunkerity/bunkerweb-autoconf:testing | |
| # Push Linux packages | |
| push-packages: | |
| needs: [staging-tests] | |
| strategy: | |
| matrix: | |
| linux: [ubuntu, debian, fedora, el, el9, ubuntu-jammy] | |
| arch: [amd64] | |
| include: | |
| - release: testing | |
| repo: bunkerweb | |
| - linux: ubuntu | |
| package_arch: amd64 | |
| separator: _ | |
| suffix: "" | |
| version: noble | |
| package: deb | |
| - linux: debian | |
| package_arch: amd64 | |
| separator: _ | |
| suffix: "" | |
| version: bookworm | |
| package: deb | |
| - linux: fedora | |
| package_arch: x86_64 | |
| separator: "-" | |
| suffix: "1." | |
| version: 40 | |
| package: rpm | |
| - linux: el | |
| package_arch: x86_64 | |
| separator: "-" | |
| suffix: "1." | |
| version: 8 | |
| package: rpm | |
| - linux: el9 | |
| package_arch: x86_64 | |
| separator: "-" | |
| suffix: "1." | |
| version: 9 | |
| package: rpm | |
| - linux: ubuntu-jammy | |
| package_arch: amd64 | |
| separator: _ | |
| suffix: "" | |
| version: jammy | |
| package: deb | |
| uses: ./.github/workflows/push-packagecloud.yml | |
| with: | |
| SEPARATOR: ${{ matrix.separator }} | |
| SUFFIX: ${{ matrix.suffix }} | |
| REPO: ${{ matrix.repo }} | |
| LINUX: ${{ matrix.linux }} | |
| VERSION: ${{ matrix.version }} | |
| PACKAGE: ${{ matrix.package }} | |
| BW_VERSION: ${{ matrix.release }} | |
| PACKAGE_ARCH: ${{ matrix.package_arch }} | |
| ARCH: ${{ matrix.arch }} | |
| secrets: | |
| PACKAGECLOUD_TOKEN: ${{ secrets.PACKAGECLOUD_TOKEN }} | |
| # Push doc | |
| push-doc: | |
| needs: [push-images, push-packages] | |
| permissions: | |
| contents: write | |
| uses: ./.github/workflows/push-doc.yml | |
| with: | |
| VERSION: testing | |
| ALIAS: unstable | |
| secrets: | |
| BUNKERBOT_TOKEN: ${{ secrets.BUNKERBOT_TOKEN }} | |
| # Push on GH | |
| push-gh: | |
| needs: [push-doc] | |
| permissions: | |
| contents: write | |
| discussions: write | |
| uses: ./.github/workflows/push-github.yml | |
| with: | |
| VERSION: testing | |
| PRERELEASE: true |