This repository has been archived by the owner on May 19, 2024. It is now read-only.
forked from chezmoi-sh/atlas
-
Notifications
You must be signed in to change notification settings - Fork 0
93 lines (83 loc) · 3.56 KB
/
merge_group,pull_request.apps.build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
# Copyright 2024
#
# Everyone is permitted to copy, distribute, modify, merge, sell, publish,
# sublicense or whatever the fuck they want with this software but at their
# OWN RISK.
# The author has absolutely no fucking clue what the code in this project
# does. It might just fucking work or not, there is no third option.
#
# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
# DEALINGS IN THE SOFTWARE.
---
name: 💚 Validate OCI Images
on:
merge_group: {}
pull_request: {}
env:
ASDF_DIR: /home/runner/.asdf
permissions: {}
jobs:
find_updated_apps:
name: 📄 List updated applications
runs-on: ubuntu-22.04
outputs:
updated_apps: ${{ steps.list_apps.outputs.updated }}
steps:
- name: ⬇️ Checkout repository
uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
with:
fetch-depth: 0
# Install all required tools or restore them if the cache already exists
- name: 🚧 Restore cached tools
uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
id: restore-asdf
with:
path: ${{ env.ASDF_DIR }}
key: asdf-vm-${{ hashFiles('.tool-versions') }}
- name: 📦️ Install required tools
uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 # v3.0.2
with:
skip_install: ${{ steps.restore-asdf.outputs.cache-hit == 'true' }}
# List all applications between two commits
- name: 📄 List updated applications
id: list_apps
run: |
(
echo -n 'updated='
task gh:helper:apps:updated FROM_SHA="${FROM}" TO_SHA="${TO}" \
| jq --slurp --raw-input '. | split("\n") | map(select(. != ""))' --compact-output
) >> "${GITHUB_OUTPUT}"
env:
FROM: ${{ github.event.pull_request.head.sha }}~${{ github.event.pull_request.commits }}
TO: ${{ github.event.pull_request.head.sha }}
validate_images:
name: ✅ Validate `${{ matrix.application }}`
needs: find_updated_apps
if: needs.find_updated_apps.outputs.updated_apps != '[]'
permissions:
checks: write
contents: read
strategy:
fail-fast: false
matrix:
application: ${{ fromJson(needs.find_updated_apps.outputs.updated_apps) }}
uses: ./.github/workflows/workflow_call.docker.validate.yaml
with:
application: ${{ matrix.application }}
validate_workflow:
name: ✅ Summary OCI images validation
runs-on: ubuntu-22.04
needs: [validate_images, find_updated_apps]
if: always()
steps:
- name: 🚫 No applications to validate
if: needs.find_updated_apps.outputs.updated_apps == '[]'
run: echo "::notice title=OCI image validation::No applications to validate... succeeding."
- name: ✅ All applications have been validated
if: needs.find_updated_apps.outputs.updated_apps != '[]' && needs.validate_images.result == 'success'
run: echo "::notice title=OCI image validation::All applications have been validated successfully."
- name: ❌ Some applications have not been validated
if: needs.find_updated_apps.outputs.updated_apps != '[]' && needs.validate_images.result != 'success'
run: echo "::error title=OCI image validation::Some applications have not been validated successfully... see the logs for more details." && exit 1 # trunk-ignore(yamllint/line-length)