From 6f850c4ad4367ef2e9763bcf001dbed5418ffd76 Mon Sep 17 00:00:00 2001 From: Quentin McGaw Date: Sun, 29 May 2022 17:00:15 +0000 Subject: [PATCH] chore(ci): merge dependabot and fork workflows in ci workflow --- .github/workflows/ci.yml | 43 ++++++++++++++++---------------- .github/workflows/dependabot.yml | 37 --------------------------- .github/workflows/fork.yml | 40 ----------------------------- 3 files changed, 21 insertions(+), 99 deletions(-) delete mode 100644 .github/workflows/dependabot.yml delete mode 100644 .github/workflows/fork.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ae594a7b..3463ffe3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -32,16 +32,25 @@ on: jobs: verify: - # Only run if it's a push event or if it's a PR from this repository, and it is not dependabot. - if: | - github.actor != 'dependabot[bot]' && - (github.event_name == 'push' || - github.event_name == 'release' || - (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository)) runs-on: ubuntu-latest env: DOCKER_BUILDKIT: "1" steps: + - name: Check for event validity + if: | + !(( + github.event_name == 'push' + ) || ( + github.event_name == 'release' + ) || ( + github.event.pull_request.head.repo.full_name != github.repository + ) ||( + github.actor == 'dependabot[bot]' && + github.event_name == 'pull_request' && + github.event.pull_request.head.repo.full_name == github.repository + )) + run: echo "Not a valid event!" && exit 1 + - uses: actions/checkout@v3 - uses: reviewdog/action-misspell@v1 @@ -62,27 +71,17 @@ jobs: -v "$(pwd)/coverage.txt:/tmp/gobuild/coverage.txt" \ test-container - - name: Code security analysis - uses: snyk/actions/golang@master - env: - SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - - name: Build final image run: docker build -t final-image . - # - name: Image security analysis - # uses: snyk/actions/docker@master - # env: - # SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }} - # with: - # image: final-image - publish: - # Only run if it's a push event or if it's a PR from this repository if: | - github.event_name == 'push' || - github.event_name == 'release' || - (github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.repository) + github.event.pull_request.head.repo.full_name == github.repository && + ( + github.event_name == 'push' || + github.event_name == 'release' || + (github.event_name == 'pull_request' && github.actor != 'dependabot[bot]') + ) needs: [verify] runs-on: ubuntu-latest steps: diff --git a/.github/workflows/dependabot.yml b/.github/workflows/dependabot.yml deleted file mode 100644 index 5988516a..00000000 --- a/.github/workflows/dependabot.yml +++ /dev/null @@ -1,37 +0,0 @@ -name: Dependabot -on: - pull_request: - branches: - - master - paths: - - .github/workflows/dependabot.yml - - cmd/** - - internal/** - - pkg/** - - .dockerignore - - .golangci.yml - - Dockerfile - - go.mod - - go.sum - -jobs: - verify: - if: ${{ github.actor == 'dependabot[bot]' }} - runs-on: ubuntu-latest - env: - DOCKER_BUILDKIT: "1" - steps: - - uses: actions/checkout@v3 - - - name: Build test image - run: docker build --target test -t test-container . - - - name: Run tests in test container - run: | - touch coverage.txt - docker run --rm \ - -v "$(pwd)/coverage.txt:/tmp/gobuild/coverage.txt" \ - test-container - - - name: Build final image - run: docker build -t final-image . diff --git a/.github/workflows/fork.yml b/.github/workflows/fork.yml deleted file mode 100644 index 047e3398..00000000 --- a/.github/workflows/fork.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Fork -on: - pull_request: - branches: - - master - paths: - - .github/workflows/fork.yml - - cmd/** - - internal/** - - pkg/** - - .dockerignore - - .golangci.yml - - Dockerfile - - go.mod - - go.sum - -jobs: - verify: - if: github.event.pull_request.head.repo.full_name != github.repository && github.actor != 'dependabot[bot]' - runs-on: ubuntu-latest - env: - DOCKER_BUILDKIT: "1" - steps: - - uses: actions/checkout@v3 - - - name: Linting - run: docker build --target lint . - - - name: Build test image - run: docker build --target test -t test-container . - - - name: Run tests in test container - run: | - touch coverage.txt - docker run --rm \ - -v "$(pwd)/coverage.txt:/tmp/gobuild/coverage.txt" \ - test-container - - - name: Build final image - run: docker build -t final-image .