kylefang/stacks-puppet-node
1
0
Fork 0
mirror of https://github.com/alexgo-io/stacks-puppet-node.git synced 2026-05-14 22:53:46 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
167a8a7b2084dd6252bdebd709a048dfd7bad130
stacks-puppet-node/.github/workflows/ci.yml
Aaron Blankstein 113b8e2aed ci: use current branches workflow definition
2023-07-24 14:07:33 -05:00

181 lines
5.8 KiB
YAML
Raw Blame History

name: CI
## Only run when:
## - manually triggered
## - PR's are (re)opened
## - push to master (i.e. merge develop -> master)
on:
push:
branches:
- master
pull_request:
workflow_dispatch:
inputs:
tag:
description: "The tag to create (optional)"
required: false
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
## rust format: Execute on every run
rustfmt:
name: Rust Format
runs-on: ubuntu-latest
steps:
- name: Checkout the latest code
id: git_checkout
uses: actions/checkout@v3
- name: Define Rust Toolchain
id: define_rust_toolchain
run: echo "RUST_TOOLCHAIN=$(cat ./rust-toolchain)" >> $GITHUB_ENV
- name: Setup Rust Toolchain
id: setup_rust_toolchain
uses: actions-rust-lang/setup-rust-toolchain@v1
with:
toolchain: ${{ env.RUST_TOOLCHAIN }}
components: rustfmt
- name: Rustfmt
id: rustfmt
uses: actions-rust-lang/rustfmt@v1
## Release tests: Execute on every run
release-tests:
name: Release Tests
uses: ./.github/workflows/stacks-blockchain-tests.yml
## Checked for leaked credentials: Execute on every run
leaked-cred-test:
name: Leaked Credential Test
runs-on: ubuntu-latest
steps:
- name: Extract branch name
id: extract_branch
if: ${{ github.event_name != 'pull_request' }}
run: echo "BRANCH_NAME=$(echo ${GITHUB_REF#refs/heads/})" >> $GITHUB_ENV
- name: Extract branch name
id: extract_branch_pr
if: ${{ github.event_name == 'pull_request' }}
run: echo "BRANCH_NAME=$(echo ${GITHUB_HEAD_REF})" >> $GITHUB_ENV
- name: Branch name
run: echo running on branch ${{ env.BRANCH_NAME }}
- name: Checkout the latest code
id: git_checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: TruffleHog Scan
id: trufflehog_check
uses: trufflesecurity/trufflehog@main
with:
path: ./
base: ${{ env.BRANCH_NAME }}
head: HEAD
###############################################
## Build Tagged Release
###############################################
## Build source binaries
## Only run if:
## - Tag is provided
## - OR
## - Not the default branch
## - AND
## - Not a PR
build-source:
if: ${{ inputs.tag != '' || (github.ref != format('refs/heads/{0}', github.event.repository.default_branch) && !contains(github.ref, 'refs/pull')) }}
name: Build Binaries
uses: stacks-network/stacks-blockchain/.github/workflows/build-source-binary.yml@master
needs:
- rustfmt
- release-tests
- leaked-cred-test
with:
tag: ${{ inputs.tag }}
parallel_jobs: 4
arch: >-
["linux-glibc-x64", "linux-musl-x64", "linux-glibc-arm64", "linux-musl-arm64", "macos-x64", "macos-arm64", "windows-x64"]
## Create github release with binary archives
## Only run if:
## - Tag is provided
## - OR
## - Not the default branch
## - AND
## - Not a PR
github-release:
if: ${{ inputs.tag != '' || (github.ref != format('refs/heads/{0}', github.event.repository.default_branch) && !contains(github.ref, 'refs/pull')) }}
name: Github Release
uses: stacks-network/stacks-blockchain/.github/workflows/github-release.yml@master
needs: build-source
with:
tag: ${{ inputs.tag }}
arch: >-
["linux-glibc-x64", "linux-musl-x64", "linux-glibc-arm64", "linux-musl-arm64", "macos-x64", "macos-arm64", "windows-x64"]
secrets:
GH_TOKEN: ${{ secrets.GH_TOKEN }}
## Create docker alpine images
## Only run if:
## - Tag is provided
## - OR
## - Not the default branch
## - AND
## - Not a PR
docker-alpine:
if: ${{ inputs.tag != '' || (github.ref != format('refs/heads/{0}', github.event.repository.default_branch) && !contains(github.ref, 'refs/pull')) }}
name: Docker Alpine (Binary)
uses: stacks-network/stacks-blockchain/.github/workflows/image-build-alpine-binary.yml@master
needs: github-release
with:
tag: ${{ inputs.tag }}
docker_platforms: linux/arm64, linux/amd64, linux/amd64/v2, linux/amd64/v3
secrets:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
## Create docker debian images
## Only run if:
## - Tag is provided
## - OR
## - Not the default branch
## - AND
## - Not a PR
docker-debian:
if: ${{ inputs.tag != '' || (github.ref != format('refs/heads/{0}', github.event.repository.default_branch) && !contains(github.ref, 'refs/pull')) }}
name: Docker Debian (Binary)
uses: stacks-network/stacks-blockchain/.github/workflows/image-build-debian-binary.yml@master
needs: github-release
with:
tag: ${{ inputs.tag }}
docker_platforms: linux/amd64, linux/amd64/v2, linux/amd64/v3
linux_version: debian
build_type: binary
secrets:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
###############################################
## Build Branch/PR
###############################################
## Create docker debian images
## Only run if:
## - Tag is *not* provided
build-branch:
if: ${{ inputs.tag == '' }}
name: Docker Debian (Source)
uses: stacks-network/stacks-blockchain/.github/workflows/image-build-debian-source.yml@master
needs:
- rustfmt
- leaked-cred-test
with:
docker_platforms: linux/amd64
linux_version: debian
build_type: source
secrets:
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
Reference in New Issue View Git Blame Copy Permalink