refactor CI folders structure and support daily build (#924)

Signed-off-by: Sam Yuan <[email protected]>
sustainable-computing-io · Sep 17, 2023 · e75ba5d · e75ba5d
1 parent c519bcf
commit e75ba5d
Show file tree

Hide file tree

Showing 22 changed files with 190 additions and 215 deletions.
diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml
@@ -0,0 +1,16 @@
+name: Scheduled build
+on:
+  branch_protection_rule:
+  schedule:
+    - cron: "12 9 * * *"
+
+jobs:
+  # daily go security
+  gosec:
+    uses: ./.github/workflows/gosec.yml
+  # daily image build    
+  image:
+    uses: ./.github/workflows/image.yml
+  # daily openSSF scan
+  scorecard:
+    uses: ./.github/workflows/scorecard.yml
diff --git a/.github/workflows/developer_local.yml b/.github/workflows/developer_local.yml
@@ -0,0 +1,33 @@
+name: local dev env validation
+# for developer local environment script or test usage
+on:
+  workflow_call:
+
+jobs:
+  unit_test_mac:
+    runs-on: macos-latest
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        persist-credentials: false
+        fetch-depth: 0
+    - uses: actions/setup-go@v3
+      with:
+        go-version-file: go.mod
+    - name: Prepare environment 
+      run: |
+          brew install cpuid
+          cd doc/ && sudo ./dev/prepare_dev_env.sh && cd - 
+          git config --global --add safe.directory /kepler
+    - name: Run 
+      run: make test-mac-verbose
+
+  local_env:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        kube_provider: [kind]
+    steps:
+      - uses: actions/checkout@v4
+      - name: local cluster set up
+        run: make cluster-up
diff --git a/.github/workflows/gofmt.yml b/.github/workflows/gofmt.yml
diff --git a/.github/workflows/gogc.yml b/.github/workflows/gogc.yml
diff --git a/.github/workflows/golang.yml b/.github/workflows/golang.yml
@@ -0,0 +1,61 @@
+name: golang
+# for golang basic checks with go command line tool
+on:
+  workflow_call:
+
+permissions:
+  contents: read
+
+jobs:
+  gofmt_test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: go.mod
+      - name: run gofmt test
+        run: ./automation/presubmit-tests/gofmt.sh
+
+  escapes_detect:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: go.mod
+      - name: run escapes detect
+        run: make escapes_detect
+
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: go.mod
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          version: v1.52.2
+
+  govet_test:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v2
+        with:
+          go-version-file: go.mod
+      - name: Run go vet
+        run: go vet ./...
+
+  vulnerability_detect:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v3
+        with:
+          go-version-file: go.mod
+      - name: run vulnerability detect
+        run: make govulncheck
diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml
diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml
@@ -3,9 +3,7 @@ name: Security Scan
 # Run workflow each time code is pushed to your repository and on a schedule.
 # The scheduled workflow runs every at 00:00 on Sunday UTC time.
 on:
-  push:
-  schedule:
-    - cron: '0 0 * * 0'
+  workflow_call:
 
 jobs:
   tests:
@@ -14,7 +12,7 @@ jobs:
       GO111MODULE: on
     steps:
       - name: Checkout Source
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
 
       - name: Run Gosec Security Scanner
         uses: securego/gosec@master

diff --git a/.github/workflows/govet.yml b/.github/workflows/govet.yml
diff --git a/.github/workflows/govulnerability.yml b/.github/workflows/govulnerability.yml
diff --git a/.github/workflows/image.yml b/.github/workflows/image.yml
@@ -1,19 +1,14 @@
 name: image
 
 on:
-  push:
-    branches: [ main ]
-    paths-ignore:
-      - 'doc/**'
-      - 'enhancements/**'
-      - '*.md'
+  workflow_call:
 
 jobs:
   image_build:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
     - name: Set up QEMU
       uses: docker/setup-qemu-action@v2
     - name: Set up Docker Buildx

diff --git a/.github/workflows/image-base.yml → .github/workflows/image_base.yml b/.github/workflows/image-base.yml → .github/workflows/image_base.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v2
       - name: Set up Docker Buildx

diff --git a/.github/workflows/image_pr.yml b/.github/workflows/image_pr.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
       with:
         ref: ${{ github.event.inputs.commitSHA }}
     - name: Set up QEMU

diff --git a/.github/workflows/integration_test.yml b/.github/workflows/integration_test.yml
@@ -1,29 +1,24 @@
 name: Integration test
 
 on:
-  pull_request:
-    paths-ignore:
-      - 'doc/**'
-      - 'enhancements/**'
-      - '*.md'
+  workflow_call:
 
 env:
-  GO_VERSION: "1.18"
   OUTPUT_DIR: "_output/"
   FILE_NAME: "kepler.tar.gz"
   ARTIFACT_DIR: "/tmp/artifacts"
 
 jobs:
   build-kepler:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - name: checkout source
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: install Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{env.GO_VERSION}}
+          go-version-file: go.mod
 
       - name: build and export Kepler image
         run: |
@@ -47,13 +42,13 @@ jobs:
 
   integration_test:
     needs: [build-kepler]
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     strategy:
       matrix:
         cluster_provider: [kind,microshift]
     steps:
       - name: checkout source
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: download Kepler image artifact
         uses: actions/download-artifact@v3

diff --git a/.github/workflows/integration_test_libbpf.yml b/.github/workflows/integration_test_libbpf.yml
@@ -1,29 +1,24 @@
 name: Integration test with libbpf
 
 on:
-  pull_request:
-    paths-ignore:
-      - 'doc/**'
-      - 'enhancements/**'
-      - '*.md'
+  workflow_call:
 
 env:
-  GO_VERSION: "1.18"
   OUTPUT_DIR: "_output/"
   FILE_NAME: "kepler_libbpf.tar.gz"
   ARTIFACT_DIR: "/tmp/artifacts"
 
 jobs:
   build-kepler_with_libbpf:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - name: checkout source
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: install Go
         uses: actions/setup-go@v3
         with:
-          go-version: ${{env.GO_VERSION}}
+          go-version-file: go.mod
 
       - name: build and export Kepler image
         run: |
@@ -48,13 +43,13 @@ jobs:
 
   integration_test_with_libbpf:
     needs: [build-kepler_with_libbpf]
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     strategy:
       matrix:
         cluster_provider: [kind,microshift]
     steps:
       - name: checkout source
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: download Kepler image artifact
         uses: actions/download-artifact@v3