-
Notifications
You must be signed in to change notification settings - Fork 41
83 lines (77 loc) · 2.84 KB
/
00-cicd.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
name: 00-CICD-helm-chart
on:
workflow_dispatch:
inputs:
CHANGE_TAG:
required: true
default: true
type: boolean
IMAGE_TAG:
# required: true
type: string
COMPONENT_NAME:
# required: true
type: string
HELM_E2E_TEST:
required: true
default: true
type: boolean
# secrets: inherit
jobs:
input-validator:
runs-on: ubuntu-latest
steps:
- name: input validator
run: |
if [ ${{ inputs.CHANGE_TAG }} = true ]; then
echo "CHANGE_TAG = true, checking if inputs COMPONENT_NAME and IMAGE_TAG are not null"
echo "COMPONENT_NAME = ${{ inputs.COMPONENT_NAME }}"
echo "IMAGE_TAG = ${{ inputs.IMAGE_TAG }}"
if [[ "${{ inputs.COMPONENT_NAME }}" = "" ]] || [[ "${{ inputs.IMAGE_TAG }}" = "" ]]; then
echo "One or more inputs are undefined"
exit 1
fi
echo "We are good to go"
elif [ ${{ inputs.CHANGE_TAG }} = false ]; then
echo "CHANGE_TAG = false, the workflow will not change any component image tag"
fi
helm-chart-update:
needs: input-validator
uses: ./.github/workflows/01-update_tag.yaml
with:
CHANGE_TAG: ${{ inputs.CHANGE_TAG }}
IMAGE_TAG: ${{ inputs.IMAGE_TAG }}
COMPONENT_NAME: ${{ inputs.COMPONENT_NAME }}
MODE: patch
CHART_FILE: charts/kubescape-operator/Chart.yaml
secrets: inherit
e2e-test:
needs: helm-chart-update
if: ${{ inputs.HELM_E2E_TEST == true }}
uses: ./.github/workflows/02-e2e-test.yaml
with:
HELM_E2E_TEST: ${{ inputs.HELM_E2E_TEST }}
secrets: inherit
merge-to-main:
needs: [helm-chart-update, e2e-test]
if: ${{ (always() && (contains(needs.*.result, 'success') || contains(needs.*.result, 'skipped')) && !(contains(needs.*.result, 'failure')) && !(contains(needs.*.result, 'cancelled'))) }}
runs-on: ubuntu-latest
steps:
- name: merge-to-main
uses: "pascalgn/automerge-action@v0.15.5"
env:
GITHUB_TOKEN: "${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}"
MERGE_COMMIT_MESSAGE: "Merge to main - PR number: ${{ needs.helm-chart-update.outputs.PR_NUMBER }}"
MERGE_ERROR_FAIL: "true"
MERGE_METHOD: "merge"
MERGE_LABELS: ""
UPDATE_LABELS: ""
PULL_REQUEST: ${{ needs.helm-chart-update.outputs.PR_NUMBER }}
helm-release:
needs: [helm-chart-update, merge-to-main]
if: ${{ (always() && (contains(needs.*.result, 'success') || contains(needs.*.result, 'skipped')) && !(contains(needs.*.result, 'failure')) && !(contains(needs.*.result, 'cancelled'))) }}
with:
COMMIT_REF: ${{ needs.helm-chart-update.outputs.COMMIT_REF }}
CHARTS_NAME: kubescape-operator
uses: ./.github/workflows/03-helm-release.yaml
secrets: inherit