From fe1bae465f492c1579f3c5b11b15d6c5fa439e2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Charles-Edouard=20Br=C3=A9t=C3=A9ch=C3=A9?=
 <charles.edouard@nirmata.com>
Date: Wed, 10 Jan 2024 23:34:00 +0100
Subject: [PATCH] chore: add ci (#3)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
---
 .github/workflows/action.yml         | 219 +++++++++++++++++++++++++++
 .github/workflows/check-actions.yaml |  20 +++
 2 files changed, 239 insertions(+)
 create mode 100644 .github/workflows/action.yml
 create mode 100644 .github/workflows/check-actions.yaml

diff --git a/.github/workflows/action.yml b/.github/workflows/action.yml
new file mode 100644
index 0000000..2f631f1
--- /dev/null
+++ b/.github/workflows/action.yml
@@ -0,0 +1,219 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
+name: Action
+
+permissions: {}
+
+on:
+  pull_request:
+    branches:
+    - main
+  push:
+    branches:
+    - main
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  default:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [macos-latest, ubuntu-latest, windows-latest]
+    permissions: {}
+    name: Install kyverno-json and test presence in path
+    steps:
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: Install kyverno-json
+      uses: ./
+    - name: Check install
+      run: kyverno-json version
+    - name: Check root directory
+      shell: bash
+      run: |
+        if [[ $(git diff --stat) != '' ]]; then
+          echo 'should be clean'
+          exit 1
+        else
+          exit 0
+        fi
+
+  verify:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [macos-latest, ubuntu-latest, windows-latest]
+    permissions: {}
+    name: Install kyverno-json with cosign verification and test presence in path
+    steps:
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: Install Cosign
+      uses: sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3.0
+    - name: Install kyverno-json
+      uses: ./
+      with:
+        verify: true
+    - name: Check install
+      run: kyverno-json version
+    - name: Check root directory
+      shell: bash
+      run: |
+        if [[ $(git diff --stat) != '' ]]; then
+          echo 'should be clean'
+          exit 1
+        else
+          exit 0
+        fi
+
+  release:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [macos-latest, ubuntu-latest, windows-latest]
+    permissions: {}
+    name: Install kyverno-json and test presence in path from GitHub
+    steps:
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: Install kyverno-json
+      uses: kyverno/action-install-kyverno-json@main
+    - name: Check install
+      run: kyverno-json version
+    - name: Check root directory
+      shell: bash
+      run: |
+        if [[ $(git diff --stat) != '' ]]; then
+          echo 'should be clean'
+          exit 1
+        else
+          exit 0
+        fi
+
+  custom:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [macos-latest, ubuntu-latest, windows-latest]
+    permissions: {}
+    name: Install kyverno-json and test presence in path
+    steps:
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: Install kyverno-json
+      uses: ./
+      with:
+        release: v0.0.1
+    - name: Check install
+      run: kyverno-json version
+    - name: Check root directory
+      shell: bash
+      run: |
+        if [[ $(git diff --stat) != '' ]]; then
+          echo 'should be clean'
+          exit 1
+        else
+          exit 0
+        fi
+
+  wrong_version:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [macos-latest, ubuntu-latest, windows-latest]
+    permissions: {}
+    name: Try to install a wrong version
+    steps:
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: Install kyverno-json
+      uses: ./
+      with:
+        release: honk
+      continue-on-error: true
+
+  custom_dir:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [macos-latest, ubuntu-latest, windows-latest]
+    permissions: {}
+    name: Install kyverno-json and test presence in path
+    steps:
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: Install kyverno-json
+      uses: ./
+      with:
+        install-dir: "$HOME/.kyverno-jsontest"
+    - name: Check install
+      run: kyverno-json version
+    - name: Check install dir
+      shell: bash
+      run: |
+        [[ $(dirname "$(which kyverno-json)") == "$HOME/.kyverno-jsontest" ]]
+    - name: Check root directory
+      shell: bash
+      run: |
+        [[ -z $(git diff --stat) ]]
+
+  custom_dir_root:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest]
+    permissions: {}
+    name: Install kyverno-json and test presence in path with custom root dir
+    steps:
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: Install kyverno-json
+      uses: ./
+      with:
+        install-dir: /usr/bin
+        use-sudo: true
+    - name: Check install
+      run: kyverno-json version
+    - name: Check install dir
+      shell: bash
+      run: |
+        [[ $(dirname "$(which kyverno-json)") == /usr/bin ]]
+    - name: Check root directory
+      shell: bash
+      run: |
+        [[ -z $(git diff --stat) ]]
+
+  main:
+    permissions: {}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os:
+          - macos-latest
+          - ubuntu-latest
+          - windows-latest
+        go_version:
+          - '1.21'
+    name: Try to install with go ${{ matrix.go_version }}
+    steps:
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+      with:
+        go-version: ${{ matrix.go_version }}
+        check-latest: true
+    - name: Install kyverno-json
+      uses: ./
+      with:
+        release: main
+    - name: Check install
+      run: kyverno-json version
+
+  # required:
+  #   needs:
+  #   - default
+  #   - verify
+  #   - release
+  #   - custom
+  #   - wrong_version
+  #   - custom_dir
+  #   - custom_dir_root
+  #   - main
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #   - run: echo "Required jobs success!"
diff --git a/.github/workflows/check-actions.yaml b/.github/workflows/check-actions.yaml
new file mode 100644
index 0000000..c576ac1
--- /dev/null
+++ b/.github/workflows/check-actions.yaml
@@ -0,0 +1,20 @@
+# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
+
+name: Check actions
+
+permissions: {}
+
+on:
+  pull_request:
+    branches:
+    - 'main'
+    - 'release*'
+
+jobs:
+  required:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout
+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - name: Ensure SHA pinned actions
+      uses: zgosalvez/github-actions-ensure-sha-pinned-actions@ba37328d4ea95eaf8b3bd6c6cef308f709a5f2ec # v3.0.3