diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index c83ce2b0..54ef3a69 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -8,4 +8,4 @@ on: jobs: validate: name: Validate - uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@417b9c2bc088f664c616c9929a2b3ce448d251f7 + uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@442bae718050ea9a47254851a45632aabeb13b17 diff --git a/.github/workflows/pull-requests.yaml b/.github/workflows/pull-requests.yaml deleted file mode 100644 index d7b1507d..00000000 --- a/.github/workflows/pull-requests.yaml +++ /dev/null @@ -1,66 +0,0 @@ -name: Test - -# This workflow is triggered on pull requests to the main branch. -on: - pull_request: - paths: - - ".github/**" - - "bundle/**" - - "values/**" - - "tasks/**" - - "src/**" - - "chart/**" - - "tasks.yaml" - - "zarf.yaml" - - # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow). - types: [milestoned, opened, reopened, synchronize] - -# Permissions for the GITHUB_TOKEN used by the workflow. -permissions: - id-token: write # Needed for OIDC-related operations. - contents: read # Allows reading the content of the repository. - pull-requests: read # Allows reading pull request metadata. - -# Default settings for all run commands in the workflow jobs. -defaults: - run: - shell: bash -e -o pipefail {0} # Ensures that scripts fail on error and pipefail is set. - -jobs: - deploy: - runs-on: "ubuntu-latest" - timeout-minutes: 20 - strategy: - matrix: - flavor: [upstream, registry1] - name: Deploy ${{ matrix.flavor }} - - steps: - - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@417b9c2bc088f664c616c9929a2b3ce448d251f7 - - - name: Iron Bank Login - if: ${{ matrix.flavor == 'registry1' }} - run: uds zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil - - - name: Create test bundle - run: uds run create-test-bundle --set FLAVOR=${{ matrix.flavor }} - - - name: Setup cluster - run: uds run setup-cluster - - - name: Deploy test bundle - run: uds run deploy-test-bundle - - - name: Test package - run: uds run test-package - - - name: Save logs - if: always() - uses: defenseunicorns/uds-common/.github/actions/save-logs@417b9c2bc088f664c616c9929a2b3ce448d251f7 - with: - suffix: '${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}' diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml index 02fe692b..1cbe6f62 100644 --- a/.github/workflows/tag-and-release.yaml +++ b/.github/workflows/tag-and-release.yaml @@ -36,13 +36,13 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Environment setup - uses: defenseunicorns/uds-common/.github/actions/setup@417b9c2bc088f664c616c9929a2b3ce448d251f7 - - - name: Iron Bank Login - run: uds zarf tools registry login -u "${{secrets.IRON_BANK_ROBOT_USERNAME}}" -p "${{secrets.IRON_BANK_ROBOT_PASSWORD}}" registry1.dso.mil + uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17 + with: + username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} + password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} - name: Login to GHCR - uses: docker/login-action@v3 + uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3 with: registry: ghcr.io username: dummy diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml new file mode 100644 index 00000000..1bd9c2b7 --- /dev/null +++ b/.github/workflows/test.yaml @@ -0,0 +1,56 @@ +name: Test + +# This workflow is triggered on pull requests to the main branch. +on: + pull_request: + paths: + - ".github/**" + - "bundle/**" + - "values/**" + - "tasks/**" + - "src/**" + - "chart/**" + - "tasks.yaml" + - "zarf.yaml" + + # milestoned is added here as a workaround for release-please not triggering PR workflows (PRs should be added to a milestone to trigger the workflow). + types: [milestoned, opened, reopened, synchronize] + +# Abort prior jobs in the same workflow / PR +concurrency: + group: test-${{ github.ref }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + run-test: + name: Create and Deploy Flavor ${{ matrix.flavor }} + runs-on: ubuntu-latest + timeout-minutes: 20 + strategy: + matrix: + flavor: [upstream, registry1] + + steps: + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Environment setup + uses: defenseunicorns/uds-common/.github/actions/setup@442bae718050ea9a47254851a45632aabeb13b17 + with: + username: ${{secrets.IRON_BANK_ROBOT_USERNAME}} + password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}} + + - name: Test + uses: defenseunicorns/uds-common/.github/actions/test@442bae718050ea9a47254851a45632aabeb13b17 + with: + flavor: ${{ matrix.flavor }} + + - name: Save logs + if: always() + uses: defenseunicorns/uds-common/.github/actions/save-logs@442bae718050ea9a47254851a45632aabeb13b17 + with: + suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }} +