Merge pull request #573 from grisu48/riscy-docker-business #1653
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
on: [push, pull_request_target] | |
# Note how this runs on:pull_request_target and not on:pull_request! | |
# The difference is that this runs always with the ci.yaml, tool.py and context | |
# of the master branch. This is necessary to allow accessing the API credential secrets | |
# which shouldn't be used with an untrusted tool.py. | |
# The PR code is checked out into a subdirectory (opensuse-jobgroups-pr) and checked with | |
# the tool.py from the master branch. | |
jobs: | |
static-check: | |
runs-on: ubuntu-latest | |
container: | |
image: docker://registry.opensuse.org/devel/openqa/ci/tw/containers/tumbleweed:o3-jobgroups | |
steps: | |
- name: Git Checkout | |
uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- name: Git Checkout PR | |
uses: actions/checkout@v3 | |
with: | |
ref: ${{github.event.pull_request.head.ref}} | |
repository: ${{github.event.pull_request.head.repo.full_name}} | |
path: opensuse-jobgroups-pr | |
fetch-depth: 0 | |
- name: Get modified job group yaml files | |
id: changed-files | |
run: | | |
git config --global --add safe.directory '*' | |
git config --global user.email "[email protected]" | |
git config --global user.name "CI Workflow" | |
real_origin_url=$(git remote get-url origin) | |
cd opensuse-jobgroups-pr | |
git remote set-url origin $real_origin_url | |
git fetch origin master:omaster | |
git rebase omaster | |
git diff --diff-filter="ACMRTUXD" omaster job_groups/ | |
CHANGED_FILES=$(git diff --diff-filter="ACMRTUX" --name-only origin/master job_groups/ | tr '\n' ' ') | |
echo $CHANGED_FILES | |
echo "files=${CHANGED_FILES}" >> $GITHUB_OUTPUT | |
- name: Run yamllint for modified job group schedules | |
run: | | |
cd opensuse-jobgroups-pr | |
yamllint -f github job_groups.yaml ${{ steps.changed-files.outputs.files }} | |
- name: Check for orphaned yaml files | |
env: | |
APIKEY: "${{ secrets.APIKEY }}" | |
APISECRET: "${{ secrets.APISECRET }}" | |
run: | | |
cd opensuse-jobgroups-pr | |
../tool.py --orphans --github | |
- name: Check for correct yaml headers | |
env: | |
APIKEY: "${{ secrets.APIKEY }}" | |
APISECRET: "${{ secrets.APISECRET }}" | |
run: | | |
cd opensuse-jobgroups-pr | |
../tool.py --headers --github | |
- name: Run serverside checks | |
env: | |
APIKEY: "${{ secrets.APIKEY }}" | |
APISECRET: "${{ secrets.APISECRET }}" | |
run: | | |
cd opensuse-jobgroups-pr | |
../tool.py --dry-run --push --github | |
- name: Clone os-autoinst-distri-opensuse repository | |
uses: actions/checkout@v3 | |
with: | |
repository: os-autoinst/os-autoinst-distri-opensuse | |
ref: refs/heads/master | |
path: os-autoinst-distri-opensuse | |
clean: false | |
fetch-depth: 1 | |
- name: Check if YAML_SCHEDULE and YAML_TEST_DATA exist in os-autoinst-distri-opensuse | |
run: | | |
for file in ${{ steps.changed-files.outputs.files }}; do | |
echo "Checking references in '${file}'" | |
for file_ref in $(grep -oP '^[^#]*(YAML_SCHEDULE|YAML_TEST_DATA):\s\K.*' opensuse-jobgroups-pr/$file | tr -d "'" | tr -d '"' | sort -u | grep -v "^$" | awk "{print \"os-autoinst-distri-opensuse/\" \$0}") ; do | |
echo "Checking reference from '${file}' to '${file_ref}'" | |
if ! test -f "$file_ref" ; then | |
echo "::error file=${file}::Reference to non existing '${file_ref}'" | |
echo "Error: Reference from '${file}' to non existing '${file_ref}'" | |
exit 1 | |
fi | |
done | |
done |