ci: consolidate nix setup and drop nix develop --command wrappers (#795) #2689
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| merge_group: | |
| types: [checks_requested] | |
| env: | |
| DOCKER_BUILDX_PLATFORMS: linux/amd64,linux/arm64 | |
| jobs: | |
| changes: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| outputs: | |
| actions: ${{ steps.changes.outputs.actions }} | |
| charts: ${{ steps.changes.outputs.charts }} | |
| chartyaml: ${{ steps.changes.outputs.chartyaml }} | |
| go: ${{ steps.changes.outputs.go }} | |
| tag: ${{ steps.changes.outputs.tag }} | |
| tests: ${{ steps.changes.outputs.tests }} | |
| make: ${{ steps.changes.outputs.make }} | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: "./.github/actions/changes" | |
| id: changes | |
| # Make sure that Kubebuilder autogenerated files are up to date. | |
| kubebuilder-diff: | |
| name: Kubebuilder Diff | |
| runs-on: ubuntu-latest | |
| needs: [changes] | |
| if: | | |
| (needs.changes.outputs.go == 'true') || | |
| (needs.changes.outputs.make == 'true') | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - name: Generate manifests | |
| run: make manifests | |
| - name: Fail if there are uncommited manifest changes | |
| run: | | |
| git diff --exit-code | |
| git diff --cached --exit-code | |
| lint: | |
| name: Lint | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 10 | |
| needs: [changes] | |
| if: | | |
| (needs.changes.outputs.go == 'true') || | |
| (needs.changes.outputs.make == 'true') | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - name: Lint | |
| run: make lint | |
| go-mod-tidy: | |
| name: Go Mod Tidy Check | |
| runs-on: ubuntu-latest | |
| needs: | |
| - changes | |
| if: | | |
| (needs.changes.outputs.go == 'true') | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - run: go mod tidy | |
| - run: git diff --exit-code go.mod | |
| - run: git diff --exit-code go.sum | |
| go-fix: | |
| name: Go Fix Check | |
| runs-on: ubuntu-latest | |
| needs: | |
| - changes | |
| if: | | |
| (needs.changes.outputs.go == 'true') | |
| permissions: | |
| contents: read | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - name: Run go fix | |
| run: make go-fix | |
| - name: Fail if there are uncommitted changes | |
| run: git diff --exit-code | |
| build-images: | |
| name: Build Images | |
| needs: | |
| - changes | |
| - kubebuilder-diff | |
| - lint | |
| - go-mod-tidy | |
| - go-fix | |
| if: needs.changes.outputs.go == 'true' | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Set up QEMU | |
| uses: docker/setup-qemu-action@v2 | |
| - id: buildx-setup | |
| name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| with: | |
| platforms: ${{ env.DOCKER_BUILDX_PLATFORMS }} | |
| - name: Build | |
| uses: docker/build-push-action@v3 | |
| with: | |
| context: . | |
| platforms: ${{ steps.buildx-setup.outputs.platforms }} | |
| push: false | |
| tags: ngrok/ngrok-operator:latest | |
| build-and-test: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - changes | |
| - kubebuilder-diff | |
| - lint | |
| - go-mod-tidy | |
| - go-fix | |
| if: | | |
| always() && !failure() && !cancelled() && | |
| ( | |
| (github.event_name == 'push' && github.ref_name == 'main') | |
| || | |
| ( | |
| (needs.changes.outputs.actions == 'true') || | |
| (needs.changes.outputs.go == 'true') || | |
| (needs.changes.outputs.charts == 'true') || | |
| (needs.changes.outputs.chartyaml == 'true') || | |
| (needs.changes.outputs.tests == 'true') || | |
| (needs.changes.outputs.make == 'true') | |
| ) | |
| ) | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - uses: "./.github/actions/build-and-test" | |
| with: | |
| # this workflow is for incoming PRs, so we want to skip e2e tests | |
| # and deploy the demo mode because our api keys are not available | |
| # on contributor's forks | |
| run-e2e: false | |
| - if: github.repository == 'ngrok/ngrok-operator' | |
| name: Upload coverage reports to Codecov | |
| uses: codecov/codecov-action@v5 | |
| with: | |
| token: ${{ secrets.CODECOV_TOKEN }} | |
| helm: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 15 | |
| needs: [changes] | |
| if: needs.changes.outputs.charts == 'true' | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - name: Lint Helm Chart | |
| run: make helm-lint | |
| - name: Helm Unit Tests | |
| run: make helm-test | |
| e2e: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - changes | |
| - kubebuilder-diff | |
| - lint | |
| - go-mod-tidy | |
| - go-fix | |
| - helm | |
| # Only run one e2e test at a time to avoid stomping on each other | |
| concurrency: | |
| group: e2e | |
| cancel-in-progress: false | |
| timeout-minutes: 20 | |
| # Only run the e2e tests if on the main branch or in a merge queue and | |
| # files have changed that require e2e tests | |
| if: | | |
| always() && !failure() && !cancelled() && | |
| (github.repository == 'ngrok/ngrok-operator') && | |
| ( | |
| (github.event_name == 'push' && github.ref_name == 'main') || | |
| (github.event_name == 'merge_group') | |
| ) && | |
| ( | |
| (needs.changes.outputs.go == 'true') || | |
| (needs.changes.outputs.charts == 'true') || | |
| (needs.changes.outputs.chartyaml == 'true') || | |
| (needs.changes.outputs.tests == 'true') || | |
| (needs.changes.outputs.make == 'true') | |
| ) | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - uses: "./.github/actions/build-and-test" | |
| with: | |
| run-e2e: true | |
| ngrok-api-key: ${{ secrets.NGROK_CI_API_KEY }} | |
| ngrok-authtoken: ${{ secrets.NGROK_CI_AUTHTOKEN }} | |
| e2e-multi-namespace: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - changes | |
| - kubebuilder-diff | |
| - lint | |
| - go-fix | |
| - e2e | |
| concurrency: | |
| group: e2e | |
| cancel-in-progress: false | |
| timeout-minutes: 30 | |
| if: | | |
| always() && !failure() && !cancelled() && | |
| (github.repository == 'ngrok/ngrok-operator') && | |
| ( | |
| (github.event_name == 'push' && github.ref_name == 'main') || | |
| (github.event_name == 'merge_group') | |
| ) && | |
| ( | |
| (needs.changes.outputs.go == 'true') || | |
| (needs.changes.outputs.charts == 'true') || | |
| (needs.changes.outputs.chartyaml == 'true') || | |
| (needs.changes.outputs.tests == 'true') || | |
| (needs.changes.outputs.make == 'true') | |
| ) | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - name: Create Kind Cluster | |
| run: make kind-create | |
| - name: Deploy | |
| run: make deploy_multi_namespace | |
| env: | |
| NGROK_API_KEY: ${{ secrets.NGROK_CI_API_KEY }} | |
| NGROK_AUTHTOKEN: ${{ secrets.NGROK_CI_AUTHTOKEN }} | |
| - name: Test | |
| run: make e2e-tests-multi-ns | |
| - name: Cleanup | |
| if: always() | |
| run: | | |
| echo "Deleting kubernetesoperators..." | |
| kubectl -n namespace-a delete kubernetesoperator ngrok-operator-a || true | |
| kubectl -n namespace-b delete kubernetesoperator ngrok-operator-b || true | |
| echo "Uninstalling the operators..." | |
| helm uninstall ngrok-operator-a -n namespace-a || true | |
| helm uninstall ngrok-operator-b -n namespace-b || true | |
| e2e-uninstall: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - changes | |
| - kubebuilder-diff | |
| - lint | |
| - go-fix | |
| - e2e-multi-namespace | |
| concurrency: | |
| group: e2e | |
| cancel-in-progress: false | |
| timeout-minutes: 60 | |
| if: | | |
| always() && !failure() && !cancelled() && | |
| (github.repository == 'ngrok/ngrok-operator') && | |
| ( | |
| (github.event_name == 'push' && github.ref_name == 'main') || | |
| (github.event_name == 'merge_group') | |
| ) && | |
| ( | |
| (needs.changes.outputs.go == 'true') || | |
| (needs.changes.outputs.charts == 'true') || | |
| (needs.changes.outputs.chartyaml == 'true') || | |
| (needs.changes.outputs.tests == 'true') || | |
| (needs.changes.outputs.make == 'true') | |
| ) | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - name: Setup Nix | |
| uses: ./.github/actions/nix-setup | |
| - name: Create Kind Cluster | |
| run: make kind-create | |
| - name: Run Uninstall E2E Tests | |
| env: | |
| NGROK_API_KEY: ${{ secrets.NGROK_CI_API_KEY }} | |
| NGROK_AUTHTOKEN: ${{ secrets.NGROK_CI_AUTHTOKEN }} | |
| run: make e2e-uninstall-all | |
| - name: Cleanup | |
| if: always() | |
| run: make e2e-clean-uninstall |