feat: add diff and get command for the registry #5493
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build and test | |
| on: | |
| push: | |
| branches: | |
| - "main" | |
| paths-ignore: | |
| - "release-index.yaml" | |
| - "replica-releases/**" | |
| - "hostos-releases/**" | |
| - "release-controller/**" | |
| - "node-labels/**" | |
| - "facts-db/**" | |
| pull_request: | |
| paths-ignore: | |
| - "release-index.yaml" | |
| - "replica-releases/**" | |
| - "hostos-releases/**" | |
| - "release-controller/**" | |
| - "trusted-neurons-alerts/**" | |
| - "node-labels/**" | |
| - "facts-db/**" | |
| workflow_dispatch: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| bazel: | |
| name: Build and test pipeline | |
| runs-on: | |
| labels: dre-runner-custom | |
| # This image is based on ubuntu:20.04 | |
| container: ghcr.io/dfinity/dre/actions-runner:6413f2909a49329ecbf5371ee7ddf07a9799b625 | |
| permissions: | |
| contents: write | |
| packages: write | |
| pages: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 2 | |
| # The GitHub App token is necessary for pushing changed files back to the repository | |
| # If regular secrets.GITHUB_TOKEN is used instead, the push will not trigger any actions | |
| # https://github.com/orgs/community/discussions/25702 | |
| - name: Create GitHub App Token | |
| uses: actions/create-github-app-token@v2 | |
| id: app-token | |
| with: | |
| app-id: ${{ vars.PR_AUTOMATION_BOT_PUBLIC_APP_ID }} | |
| private-key: ${{ secrets.PR_AUTOMATION_BOT_PUBLIC_PRIVATE_KEY }} | |
| - name: "☁️ Setup runner" | |
| uses: ./.github/workflows/manage-runner-pre | |
| ######################################## | |
| # Build and test | |
| # Will run test as a local subprocess because for some tests | |
| # create status files on certain locations (like $HOME) | |
| ######################################## | |
| - name: "🚀 Building" | |
| uses: ./.github/workflows/build | |
| with: | |
| # See above where the token is generated: we can't use regular secrets.GITHUB_TOKEN | |
| # since the push needs to trigger actions again | |
| GITHUB_TOKEN: "${{ steps.app-token.outputs.token }}" | |
| spec: ... except //release-controller/... except //trusted-neurons-alerts/... except attr(name, '.*oci_image.*', //...) | |
| - name: "🚀 Testing" | |
| env: | |
| STAGING_PRIVATE_KEY_PEM: "${{ secrets.STAGING_PRIVATE_KEY_PEM }}" | |
| run: | | |
| set -e | |
| mkdir -p ~/.config/dfx/identity/bootstrap-super-leader/ | |
| echo $STAGING_PRIVATE_KEY_PEM > ~/.config/dfx/identity/bootstrap-super-leader/identity.pem | |
| t=$(mktemp) ; trap 'rm -f "$t"' EXIT | |
| bazel query "tests(...) except //release-controller/... except //trusted-neurons-alerts/... except attr(tags, 'manual', //...) except attr(name, '.*oci_image.*', //...)" > "$t" | |
| if [ "$(stat -c %s "$t")" = "0" ] ; then echo No testing targets found >&2 ; exit 0 ; fi | |
| set -x | |
| bazel test --target_pattern_file="$t" --config=ci --test_env=HOME=/home/runner | |
| ######################################## | |
| # Upload test artifacts | |
| ######################################## | |
| - name: "🧪 Upload test artifacts" | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: test-artifacts | |
| path: bazel-out/k8-opt/bin/rs/ic-observability/multiservice-discovery/multiservice-discovery | |
| ######################################## | |
| # Upload container images | |
| ######################################## | |
| - name: "📦 Push images to GitHub Container Registry" | |
| id: push-images | |
| uses: ./.github/workflows/push | |
| if: ${{ github.ref == 'refs/heads/main' || github.event_name == 'workflow_dispatch' }} | |
| with: | |
| spec: kind("oci_push", ...) except //release-controller/... | |
| push-token: ${{ secrets.GITHUB_TOKEN }} | |
| ######################################## | |
| # Deploy to github pages | |
| ######################################## | |
| - name: "🚢 Deploy to GitHub Pages" | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| run: | | |
| git config --global user.email "actions@github.com" | |
| git config --global user.name "GitHub Actions" | |
| bazel run "//:mkdocs" -- gh-deploy --force | |
| ######################################## | |
| # Update k8s deployments | |
| ######################################## | |
| - name: "🤖 Update k8s deployments" | |
| if: ${{ github.ref == 'refs/heads/main' }} | |
| uses: ./.github/workflows/update-k8s-deployments | |
| with: | |
| files-to-update: bases/apps/mainnet-dashboard/backend/base/deployment.yaml bases/apps/mainnet-dashboard/statefulset-slack.yaml bases/apps/service-discovery/service-discovery.yaml .github/workflows/dre-vector-configs.yaml | |
| push-token: ${{ secrets.K8S_API_TOKEN }} | |
| component: containers | |
| ######################################## | |
| # Clean up runner | |
| ######################################## | |
| - uses: ./.github/workflows/manage-runner-post | |
| name: "🪓 Tear down runner" | |
| if: ${{ !startsWith(runner.name, 'dre-runner-custom') }} | |
| with: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |