Merge branch 'main' into ryanwi/container-test-run-options #194
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a basic workflow to help you get started with Actions | ||
| name: Docker Build, Scan & Push | ||
| # Controls when the workflow will run | ||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| PROJECT_NAME: | ||
| required: true | ||
| type: string | ||
| LANGUAGE: | ||
| required: false | ||
| type: string | ||
| NODE_VERSION: | ||
| required: false | ||
| default: "19" | ||
| type: string | ||
| COVERAGE: | ||
| required: false | ||
| type: boolean | ||
| default: true | ||
| RUBY_VERSION: | ||
| required: false | ||
| type: string | ||
| default: "3.0.6" | ||
| PUSH: | ||
| required: false | ||
| type: boolean | ||
| default: false | ||
| FILE: | ||
| required: false | ||
| type: string | ||
| default: ./Dockerfile | ||
| CONTEXT: | ||
| required: false | ||
| type: string | ||
| default: . | ||
| PLATFORMS: | ||
| required: false | ||
| type: string | ||
| default: linux/amd64 | ||
| ENABLE_GPG: | ||
| required: false | ||
| type: boolean | ||
| default: false | ||
| GPG_FILE: | ||
| required: false | ||
| type: string | ||
| default: tls.zip.asc | ||
| SUBMODULES_RECURSIVE: | ||
| required: false | ||
| type: boolean | ||
| default: false | ||
| TEST_DEPENDENCIES: | ||
| required: false | ||
| type: boolean | ||
| default: false | ||
| TEST_DEPENDENCIES_PRIVATE: | ||
| required: false | ||
| type: boolean | ||
| default: false | ||
| DEPENDENCIES_FILE: | ||
| required: false | ||
| type: string | ||
| default: ./provisioning/docker-compose.yml | ||
| DOTNET_VERSION: | ||
| required: false | ||
| type: string | ||
| default: "6.0.403" | ||
| TAG: | ||
| required: false | ||
| type: string | ||
| default: | | ||
| type=schedule | ||
| type=ref,event=pr | ||
| type=semver,pattern={{version}} | ||
| type=semver,pattern={{major}}.{{minor}} | ||
| type=semver,pattern={{major}} | ||
| type=sha | ||
| SUBMODULES_PRIVATE: | ||
| required: false | ||
| type: boolean | ||
| default: true | ||
| CONTAINER_SCAN: | ||
| type: boolean | ||
| default: true | ||
| description: 'Whenever Trivy scan should run' | ||
| CONTAINER_TEST: | ||
| type: boolean | ||
| default: true | ||
| description: 'Whenever the container should be tested on pr.' | ||
| CONTAINER_TEST_RUN_OPTIONS: | ||
| type: string | ||
| default: '' | ||
| description: 'Custom options for the docker run command that executes the test' | ||
| CONTAINER_TEST_COMMAND: | ||
| type: string | ||
| default: '' | ||
| description: 'A custom command to test the docker container.' | ||
| RUNNER: | ||
| type: string | ||
| default: 'ubuntu-latest' | ||
| description: 'The default runner.' | ||
| ENVIRONMENT: | ||
| type: string | ||
| description: 'The environment related to an WF execution' | ||
| ENV_PATH: | ||
| type: string | ||
| description: 'The .env file for CI.' | ||
| TEST_CREATE_NETWORK: | ||
| type: boolean | ||
| description: 'Whenever you want to create a docker network for test dependencies.' | ||
| RUBY_RAKE_COMMANDS: | ||
| type: string | ||
| description: A comma-separated list of rake commands. | ||
| ZEITWERK: | ||
| type: boolean | ||
| description: Zeitwerk run. | ||
| default: true | ||
| BRAKEMAN: | ||
| type: boolean | ||
| default: true | ||
| description: Brakeman run. | ||
| RUBOCOP: | ||
| type: boolean | ||
| description: Rubocop run. | ||
| default: true | ||
| RUN_TESTS: | ||
| type: boolean | ||
| description: Whenever you wanna run tests. | ||
| default: true | ||
| DOTNET_INSTALL_DIR: | ||
| type: string | ||
| required: false | ||
| default: '/usr/share/dotnet' | ||
| description: Set a custom .NET install dir | ||
| BUILD_ARGS: | ||
| required: false | ||
| type: string | ||
| default: '' | ||
| description: Docker build args. | ||
| OUTPUT_TAG_INDEX: | ||
| type: number | ||
| default: 0 | ||
| description: 'Return a custom tag in case more than one is requested.' | ||
| required: false | ||
| REVISION_PATH: | ||
| type: string | ||
| default: . | ||
| description: Whenever the WF requires a different path than . for the revision file | ||
| required: false | ||
| ## Vault Secrets | ||
| VAULT_SECRETS: | ||
| type: string | ||
| default: '' | ||
| description: 'A comma separated list of secrets to fetch from Vault.' | ||
| required: false | ||
| TELEPORT_APP: | ||
| type: string | ||
| default: '' | ||
| description: 'The Teleport app to use.' | ||
| required: false | ||
| TELEPORT_PROXY_URL: | ||
| type: string | ||
| default: '' | ||
| description: 'The Teleport proxy URL to use.' | ||
| required: false | ||
| secrets: | ||
| SONAR_HOST_URL: | ||
| required: false | ||
| SONAR_TOKEN: | ||
| required: false | ||
| SONAR_PROJECT_KEY: | ||
| required: false | ||
| DOCKERHUB_USERNAME: | ||
| required: true | ||
| DOCKERHUB_TOKEN: | ||
| required: true | ||
| GPG_PASSPHRASE: | ||
| required: false | ||
| GH_BOT_DEPLOY_KEY: | ||
| required: false | ||
| CONTRIBSYS_CREDENTIALS: | ||
| required: false | ||
| description: Contribsys credentials used for ruby gems | ||
| DOCKER_SECRETS: | ||
| required: false | ||
| description: 'Docker internal secrets.' | ||
| BUILD_ARGS: | ||
| required: false | ||
| description: Whenever we wanna use secrets and mount them as env | ||
| # Vault Secrets | ||
| VAULT_TOKEN: | ||
| required: false | ||
| description: 'Vault token.' | ||
| TELEPORT_TOKEN: | ||
| required: false | ||
| description: 'Teleport token.' | ||
| outputs: | ||
| IMAGE_TAG: | ||
| value: ${{ jobs.BUILD.outputs.IMAGE_TAG }} | ||
| description: Container image tag from docker build | ||
| jobs: | ||
| CHECK: | ||
| name: CI | ||
| uses: signalwire/actions-template/.github/workflows/ci-check.yml@main | ||
| with: | ||
| ENVIRONMENT: ${{ inputs.ENVIRONMENT }} | ||
| PROJECT_NAME: ${{ inputs.PROJECT_NAME }} | ||
| LANGUAGE: ${{ inputs.LANGUAGE }} | ||
| COVERAGE: ${{ inputs.COVERAGE }} | ||
| NODE_VERSION: ${{ inputs.NODE_VERSION }} | ||
| RUBY_VERSION: ${{ inputs.RUBY_VERSION }} | ||
| DOTNET_VERSION: ${{ inputs.DOTNET_VERSION }} | ||
| TEST_DEPENDENCIES: ${{ inputs.TEST_DEPENDENCIES }} | ||
| TEST_DEPENDENCIES_PRIVATE: ${{ inputs.TEST_DEPENDENCIES_PRIVATE }} | ||
| DEPENDENCIES_FILE: ${{ inputs.DEPENDENCIES_FILE }} | ||
| SUBMODULES_RECURSIVE: ${{ inputs.SUBMODULES_RECURSIVE }} | ||
| RUNNER: ${{ inputs.RUNNER }} | ||
| ENV_PATH: ${{ inputs.ENV_PATH }} | ||
| TEST_CREATE_NETWORK: ${{ inputs.TEST_CREATE_NETWORK }} | ||
| RUBY_RAKE_COMMANDS: ${{ inputs.RUBY_RAKE_COMMANDS }} | ||
| ZEITWERK: ${{ inputs.ZEITWERK }} | ||
| BRAKEMAN: ${{ inputs.BRAKEMAN }} | ||
| RUBOCOP: ${{ inputs.RUBOCOP }} | ||
| RUN_TESTS: ${{ inputs.RUN_TESTS }} | ||
| DOTNET_INSTALL_DIR: ${{ inputs.DOTNET_INSTALL_DIR }} | ||
| VAULT_SECRETS: ${{ inputs.VAULT_SECRETS }} | ||
| TELEPORT_APP: ${{ inputs.TELEPORT_APP }} | ||
| TELEPORT_PROXY_URL: ${{ inputs.TELEPORT_PROXY_URL }} | ||
| secrets: | ||
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | ||
| SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} | ||
| SONAR_PROJECT_KEY: ${{ secrets.SONAR_PROJECT_KEY }} | ||
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | ||
| DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | ||
| GH_BOT_DEPLOY_KEY: ${{ secrets.GH_BOT_DEPLOY_KEY }} | ||
| VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} | ||
| TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} | ||
| BUILD: | ||
| name: BUILD | ||
| needs: CHECK | ||
| uses: signalwire/actions-template/.github/workflows/ci-build.yml@main | ||
| with: | ||
| ENVIRONMENT: ${{ inputs.ENVIRONMENT }} | ||
| PROJECT_NAME: ${{ inputs.PROJECT_NAME }} | ||
| SUBMODULES_RECURSIVE: ${{ inputs.SUBMODULES_RECURSIVE }} | ||
| SUBMODULES_PRIVATE: ${{ inputs.SUBMODULES_PRIVATE }} | ||
| ENABLE_GPG: ${{ inputs.ENABLE_GPG }} | ||
| GPG_FILE: ${{ inputs.GPG_FILE }} | ||
| PUSH: ${{ inputs.PUSH }} | ||
| FILE: ${{ inputs.FILE }} | ||
| CONTEXT: ${{ inputs.CONTEXT }} | ||
| PLATFORMS: ${{ inputs.PLATFORMS }} | ||
| CONTAINER_SCAN: ${{ inputs.CONTAINER_SCAN }} | ||
| CONTAINER_TEST: ${{ inputs.CONTAINER_TEST }} | ||
| <<<<<<< HEAD | ||
| CONTAINER_TEST_RUN_OPTIONS: ${{ inputs.CONTAINER_TEST_RUN_OPTIONS }} | ||
| ======= | ||
| >>>>>>> main | ||
| CONTAINER_TEST_COMMAND: ${{ inputs.CONTAINER_TEST_COMMAND }} | ||
| RUNNER: ${{ inputs.RUNNER }} | ||
| TAG: ${{ inputs.TAG }} | ||
| BUILD_ARGS: ${{ inputs.BUILD_ARGS }} | ||
| OUTPUT_TAG_INDEX: ${{ inputs.OUTPUT_TAG_INDEX }} | ||
| REVISION_PATH: ${{ inputs.REVISION_PATH }} | ||
| VAULT_SECRETS: ${{ inputs.VAULT_SECRETS }} | ||
| TELEPORT_APP: ${{ inputs.TELEPORT_APP }} | ||
| TELEPORT_PROXY_URL: ${{ inputs.TELEPORT_PROXY_URL }} | ||
| secrets: | ||
| GH_BOT_DEPLOY_KEY: ${{ secrets.GH_BOT_DEPLOY_KEY }} | ||
| DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} | ||
| DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }} | ||
| DOCKER_SECRETS: ${{ secrets.DOCKER_SECRETS }} | ||
| BUILD_ARGS: ${{ secrets.BUILD_ARGS }} | ||
| VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} | ||
| TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} | ||
