From c0bc9d6e3854ee032e0262982ff76ce0becab11c Mon Sep 17 00:00:00 2001 From: Steven Kreitzer Date: Wed, 20 Dec 2023 18:29:57 -0600 Subject: [PATCH] chore(github): update workflows --- .github/workflows/flux-diff.yaml | 53 +++++++++++++++++++---- .github/workflows/flux-hr-image-test.yaml | 6 +-- .github/workflows/flux-hr-sync.yaml | 4 +- .github/workflows/publish-terraform.yaml | 7 +-- 4 files changed, 54 insertions(+), 16 deletions(-) diff --git a/.github/workflows/flux-diff.yaml b/.github/workflows/flux-diff.yaml index 4692b00cb2..38ec454bd4 100644 --- a/.github/workflows/flux-diff.yaml +++ b/.github/workflows/flux-diff.yaml @@ -7,18 +7,54 @@ on: paths: ["kubernetes/**.yaml"] env: - AQUA_GLOBAL_CONFIG: ./.github/aqua.yaml + AQUA_GLOBAL_CONFIG: .github/aqua.yaml jobs: + changed-files: + name: Get Changed Files + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.changed-files.outputs.all_changed_and_modified_files }} + steps: + - name: Generate Token + uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 + id: app-token + with: + app-id: "${{ secrets.BOT_APP_ID }}" + private-key: "${{ secrets.BOT_APP_PRIVATE_KEY }}" + + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + token: "${{ steps.app-token.outputs.token }}" + fetch-depth: 0 + + - name: Get changed files + id: changed-files + uses: tj-actions/changed-files@56284d80811fb5963a972b438f2870f175e5b7c8 # v40.2.3 + with: + files: kubernetes/**.yaml + dir_names: true + dir_names_max_depth: 2 + json: true + quotepath: false + escape_json: false + + - name: List all changed files + run: echo "${{ steps.changed-files.outputs.all_changed_and_modified_files }}" + flux-diff: name: Flux Diff runs-on: ubuntu-latest + needs: ["changed-files"] permissions: pull-requests: write strategy: matrix: - path: ["kubernetes"] - resource: ["helmrelease", "kustomization"] + paths: ${{ fromJSON(needs.changed-files.outputs.matrix) }} + resources: ["helmrelease", "kustomization"] + max-parallel: 4 + fail-fast: false steps: - name: Generate Token uses: actions/create-github-app-token@2986852ad836768dfea7781f31828eb3e17990fa # v1.6.2 @@ -31,6 +67,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: token: "${{ steps.app-token.outputs.token }}" + fetch-depth: 0 - name: Install System Tools shell: bash @@ -40,7 +77,7 @@ jobs: uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: path: ~/.local/share/aquaproj-aqua - key: aqua-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('./.github/aqua.yaml') }} + key: aqua-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.github/aqua.yaml') }} restore-keys: aqua-${{ runner.os }}-${{ runner.arch }}- - name: Install Aqua and CLI Tools @@ -59,20 +96,20 @@ jobs: password: "${{ steps.app-token.outputs.token }}" - name: Diff Resources - uses: allenporter/flux-local/action/diff@flux-build + uses: allenporter/flux-local/action/diff@e3e84e4fcdab2191de8e65acfe62b7aedd933be4 # 4.0.0 id: diff with: live-branch: master sources: "${{ github.event.repository.name }}" - path: "${{ matrix.path }}" - resource: "${{ matrix.resource }}" + path: "${{ matrix.paths }}" + resource: "${{ matrix.resources }}" - if: ${{ steps.diff.outputs.diff != '' }} name: Add comment uses: mshick/add-pr-comment@7c0890544fb33b0bdd2e59467fbacb62e028a096 # v2.8.1 with: repo-token: "${{ steps.app-token.outputs.token }}" - message-id: "${{ github.event.pull_request.number }}/${{ matrix.path }}/${{ matrix.resource }}" + message-id: "${{ github.event.pull_request.number }}/${{ matrix.paths }}/${{ matrix.resources }}" message-failure: Diff was not successful message: | ```diff diff --git a/.github/workflows/flux-hr-image-test.yaml b/.github/workflows/flux-hr-image-test.yaml index cbec74272f..94500f3675 100644 --- a/.github/workflows/flux-hr-image-test.yaml +++ b/.github/workflows/flux-hr-image-test.yaml @@ -7,7 +7,7 @@ on: paths: ["kubernetes/**/helmrelease.yaml"] env: - AQUA_GLOBAL_CONFIG: ./.github/aqua.yaml + AQUA_GLOBAL_CONFIG: .github/aqua.yaml KUBERNETES_DIR: ./kubernetes jobs: @@ -75,7 +75,7 @@ jobs: uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: path: ~/.local/share/aquaproj-aqua - key: aqua-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('./.github/aqua.yaml') }} + key: aqua-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.github/aqua.yaml') }} restore-keys: aqua-${{ runner.os }}-${{ runner.arch }}- - name: Install Aqua and CLI Tools @@ -90,7 +90,7 @@ jobs: id: extract-images run: | images=$( - npx zx ./.github/workflows/scripts/extract-images.mjs \ + npx zx .github/workflows/scripts/extract-images.mjs \ --kubernetes-dir "${{ env.KUBERNETES_DIR }}" \ --helmrelease "${{ matrix.files }}" ) diff --git a/.github/workflows/flux-hr-sync.yaml b/.github/workflows/flux-hr-sync.yaml index d7f8dd6bd5..7cdd702882 100644 --- a/.github/workflows/flux-hr-sync.yaml +++ b/.github/workflows/flux-hr-sync.yaml @@ -16,7 +16,7 @@ on: paths: ["kubernetes/**/helmrelease.yaml"] env: - AQUA_GLOBAL_CONFIG: ./.github/aqua.yaml + AQUA_GLOBAL_CONFIG: .github/aqua.yaml jobs: sync: @@ -44,7 +44,7 @@ jobs: uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: path: ~/.local/share/aquaproj-aqua - key: aqua-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('./.github/aqua.yaml') }} + key: aqua-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.github/aqua.yaml') }} restore-keys: aqua-${{ runner.os }}-${{ runner.arch }}- - name: Install Aqua and CLI Tools diff --git a/.github/workflows/publish-terraform.yaml b/.github/workflows/publish-terraform.yaml index 521fc48ada..c4a3cf927e 100644 --- a/.github/workflows/publish-terraform.yaml +++ b/.github/workflows/publish-terraform.yaml @@ -8,7 +8,8 @@ on: paths: ["terraform/**"] env: - AQUA_GLOBAL_CONFIG: ./.github/aqua.yaml + AQUA_GLOBAL_CONFIG: .github/aqua.yaml + TERRAFORM_DIR: ./terraform jobs: publish-terraform: @@ -38,7 +39,7 @@ jobs: uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 with: path: ~/.local/share/aquaproj-aqua - key: aqua-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('./.github/aqua.yaml') }} + key: aqua-${{ runner.os }}-${{ runner.arch }}-${{ hashFiles('.github/aqua.yaml') }} restore-keys: aqua-${{ runner.os }}-${{ runner.arch }}- - name: Install Aqua and CLI Tools @@ -68,7 +69,7 @@ jobs: shell: bash run: | flux push artifact oci://${{ steps.generate-tag.outputs.tag }} \ - --path="./terraform" \ + --path="${{ env.TERRAFORM_DIR }}" \ --source="$(git config --get remote.origin.url)" \ --revision="$(git branch --show-current)/$(git rev-parse HEAD)"