Migrate from travis to gh actions (#766)

adevinta · Dec 18, 2024 · ee39da8 · ee39da8
1 parent f050dc3
commit ee39da8
Show file tree

Hide file tree

Showing 4 changed files with 80 additions and 70 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,73 @@
+name: Release
+
+on:
+  push:
+  pull_request:
+  workflow_dispatch:
+    inputs:
+      force_build:
+        description: Regex with the check name to force build (i.e. ".+" "vulcan-sleep")
+        default: "^$"
+        required: false
+        type: string
+
+jobs:
+
+  release:
+
+    runs-on: ubuntu-24.04
+
+    steps:
+
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '>=1.22.5'
+
+      - name: Go test
+        run: go test ./...
+
+      - name: Install deps
+        run: |
+          go install "github.com/adevinta/vulcan-check-catalog/cmd/vulcan-check-catalog@${VCC_VERSION:-main}"
+          go install github.com/adevinta/[email protected]
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DKR_USERNAME }}
+          password: ${{ secrets.DKR_PASSWORD }}
+
+      - uses: docker/setup-qemu-action@v3
+
+      - uses: docker/setup-buildx-action@v3
+        with:
+          platforms: linux/amd64,linux/arm64
+
+      - name: Release
+        env:
+          DKR_USERNAME: ${{ vars.DKR_USERNAME }}
+          PLATFORMS: "linux/amd64 linux/arm64"
+          ARM64_EXCLUDE: "(prowler|zap)"   # Regex with the check names to exclude from arm64 build
+          GIT_BRANCH: "${{ github.ref_name }}"
+          GIT_TAG: "${{ (github.ref_type == 'tag' && github.ref_name) || '' }}"
+          FORCE_BUILD: "${{ inputs.force_build || '' }}"
+        run: |
+          ./release.sh
+
+      - name: Generate gh pages
+        env:
+          DKR_USERNAME: ${{ vars.DKR_USERNAME }}
+        run: |
+          mkdir pages/checktypes
+          vulcan-check-catalog -registry-url "$DKR_USERNAME" -tag edge -output pages/checktypes/edge.json cmd/
+
+      - name: Deploy gh pages
+        uses: peaceiris/actions-gh-pages@v4
+        if: github.ref == 'refs/heads/master'
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          publish_dir: ./pages
diff --git a/.travis.yml b/.travis.yml
diff --git a/release-check-catalog.sh b/release-check-catalog.sh
diff --git a/release.sh b/release.sh
@@ -30,22 +30,22 @@ log_msg() {
 }
 
 PLATFORMS=${PLATFORMS:-"linux/arm64 linux/amd64"}
-BRANCH=${TRAVIS_BRANCH:-$(git_branch .)}
+BRANCH=${GIT_BRANCH:-$(git_branch .)}
 BRANCH=${BRANCH//\//-}   # Replace / with - for branch names such as dependabot generated ones
 
 IMAGE_TAGS=()
 CACHE_TAGS=(edge)
 if [[ $BRANCH == "master" ]]; then
     IMAGE_TAGS+=(latest edge)
-    FORCE_BUILD="${FORCE_BUILD:-true}"
+    FORCE_BUILD="${FORCE_BUILD:-".*"}"
     ADD_TAG_CHECK=true
-elif [[ $TRAVIS_TAG != "" ]]; then
-    IMAGE_TAGS+=("$TRAVIS_TAG")
-    FORCE_BUILD="${FORCE_BUILD:-true}"
+elif [[ $GIT_TAG != "" ]]; then
+    IMAGE_TAGS+=("$GIT_TAG")
+    FORCE_BUILD="${FORCE_BUILD:-".*"}"
     ADD_TAG_CHECK=false
 else
     IMAGE_TAGS+=("$BRANCH" "$BRANCH-$(git rev-parse --short HEAD)")
-    FORCE_BUILD="${FORCE_BUILD:-false}"
+    FORCE_BUILD="${FORCE_BUILD:-"^$"}"
     ADD_TAG_CHECK=true
     CACHE_TAGS+=("$BRANCH")  # First time will print a message => ERROR importing cache manifest from XXXX
 fi
@@ -55,7 +55,7 @@ log_msg "Starting FORCE_BUILD=$FORCE_BUILD"
 CHECKS=()
 for cf in cmd/*; do
     check=$(basename "$cf")
-    if [[ $FORCE_BUILD == "false" ]]; then
+    if [[ ! $check =~ $FORCE_BUILD ]]; then
         TAG_CHECK="$(get_tag_check "cmd/$check")"
         # Check if check version (code+dep) has been already pushed to Registry
         if [[ $(dkr_image_exists "$check" "$TAG_CHECK") == true ]]; then
@@ -76,16 +76,6 @@ fi
 go mod download
 log_msg "Downloaded go mod"
 
-# Login into registry (authenticated pulls)
-dkr_login > /dev/null
-
-if ! docker buildx inspect multiarch; then
-    # see https://github.com/docker/buildx/issues/495#issuecomment-761562905
-    docker run --rm -it --privileged multiarch/qemu-user-static --reset -p yes
-    docker buildx create --name multiarch --driver docker-container --use --bootstrap
-    log_msg "Created buildx"
-fi
-
 # Generate a checktypes for the current tag.
 TEST_TAG="${IMAGE_TAGS[0]}"
 
@@ -152,5 +142,3 @@ for check in "${CHECKS[@]}"; do
 
     log_msg "Pushed image $check:[${IMAGE_TAGS[*]}]"
 done
-
-docker buildx rm multiarch