-
Notifications
You must be signed in to change notification settings - Fork 42
140 lines (118 loc) · 3.85 KB
/
cloudbeat-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
name: Cloudbeat-CI
on:
pull_request:
branches:
- main
- "[0-9]+.[0-9]+"
types: [opened, synchronize, reopened]
env:
CONTAINER_SUFFIX: ${{ github.run_id }}
CI_ELASTIC_AGENT_DOCKER_TAG: "8.13.0-SNAPSHOT"
CI_ELASTIC_AGENT_DOCKER_IMAGE: "704479110758.dkr.ecr.eu-west-2.amazonaws.com/elastic-agent"
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
Lint:
# for more information see .pre-commit-config.yaml
name: Pre-commit Hooks
runs-on: ubuntu-latest
timeout-minutes: 40
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Set up GO (with caching)
uses: magnetikonline/action-golang-cache@v4
with:
go-version-file: .go-version
- name: Init Hermit
run: ./bin/hermit env -r >> $GITHUB_ENV
- name: Install poetry
run: |
pip3 install poetry
cd security-policies
poetry install
- name: Pre-commit Hooks
env:
# Skipping golangci-lint as it's tested by golangci/golangci-lint-action
SKIP: golangci-lint
run: |
pre-commit run --all-files
shell: bash
- name: Mage Check
run: mage check
- name: Mage checkLicenseHeaders
run: mage checkLicenseHeaders
- name: Validate mocks
run: just validate-mocks
Build:
name: Build
runs-on: ubuntu-20.04
timeout-minutes: 20
steps:
# Disk cleanup
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
tool-cache: false
android: true
dotnet: true
haskell: true
large-packages: false
docker-images: true
swap-storage: true
- name: Check out the repo
uses: actions/checkout@v4
- name: Setup GO (with caching)
uses: magnetikonline/action-golang-cache@v4
with:
go-version-file: .go-version
- name: build cloudbeat binary
uses: magefile/mage-action@v3
with:
version: latest
args: build
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Cache Build dependencies
uses: actions/cache@v4
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.workflow }}
restore-keys: |
${{ runner.os }}-buildx-
- name: Build cloudbeat-docker
uses: docker/build-push-action@v5
with:
context: .
file: ./deploy/Dockerfile
push: false
tags: cloudbeat:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new
outputs: type=docker,dest=/tmp/cloudbeat-${{ env.CONTAINER_SUFFIX }}.tar
- name: Build elastic-agent
env:
BASE_IMAGE: docker.elastic.co/beats/elastic-agent:${{ env.CI_ELASTIC_AGENT_DOCKER_TAG }}
GOOS: linux
GOARCH: amd64
run: ./scripts/packaging/docker/elastic-agent/build.sh -t ${{ env.CI_ELASTIC_AGENT_DOCKER_IMAGE }}:${{ env.CI_ELASTIC_AGENT_DOCKER_TAG }}
shell: bash
- name: Build pytest-docker
uses: docker/build-push-action@v5
with:
context: ./tests/.
push: false
tags: cloudbeat-test:latest
cache-from: type=local,mode=max,src=/tmp/.buildx-cache
cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new
outputs: type=docker,dest=/tmp/pytest-${{ env.CONTAINER_SUFFIX }}.tar
- name: Cache docker images
uses: actions/cache@v4
with:
path: /tmp/*.tar
key: ${{ runner.os }}-dockers-cache-${{ env.CONTAINER_SUFFIX }}
- name: Move cache
run: |
./.ci/scripts/gh-cache.sh
shell: bash