Skip to content

Commit 35ab7cc

Browse files
ariansviariansvi
committed
Refactor CI workflow to use local action scripts
Replaces usage of remote descope/common GitHub actions with local scripts checked out from the common repository. This change improves reliability and flexibility by running build, lint, test, and security steps directly from the checked-out scripts, passing required environment variables as inputs.
1 parent fdc8db0 commit 35ab7cc

File tree

1 file changed

+93
-23
lines changed

1 file changed

+93
-23
lines changed

.github/workflows/ci.yml

Lines changed: 93 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -17,14 +17,31 @@ jobs:
1717
- name: Checkout code
1818
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
1919

20-
21-
- name: Build
22-
uses: descope/common/.github/actions/build@main
20+
- name: Checkout common scripts
21+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2322
with:
24-
go_version: ${{ env.GO_VERSION }}
23+
repository: descope/common
24+
token: ${{ secrets.AUTHZCACHE_TO_COMMON }}
25+
path: .github/actions-common
2526

26-
APP_PEM: ${{ secrets.APP_PEM }}
27-
APP_ID: ${{ secrets.APP_ID }}
27+
- name: Build
28+
run: |
29+
cd .github/actions-common/.github/actions/build
30+
chmod +x action.sh 2>/dev/null || chmod +x *.sh 2>/dev/null || true
31+
if [ -f "action.sh" ]; then
32+
./action.sh
33+
elif [ -f "build.sh" ]; then
34+
./build.sh
35+
else
36+
echo "No build script found, checking action.yml"
37+
if [ -f "action.yml" ] || [ -f "action.yaml" ]; then
38+
echo "Found action definition but no script - this may be a composite action"
39+
fi
40+
fi
41+
env:
42+
INPUT_GO_VERSION: ${{ env.GO_VERSION }}
43+
INPUT_APP_PEM: ${{ secrets.APP_PEM }}
44+
INPUT_APP_ID: ${{ secrets.APP_ID }}
2845

2946
lint:
3047
name: Lint and more checks
@@ -35,13 +52,31 @@ jobs:
3552
- name: Checkout code
3653
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
3754

38-
- name: Lint and more checks
39-
uses: descope/common/.github/actions/lint@main
55+
- name: Checkout common scripts
56+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
4057
with:
41-
go_version: ${{ env.GO_VERSION }}
58+
repository: descope/common
59+
token: ${{ secrets.AUTHZCACHE_TO_COMMON }}
60+
path: .github/actions-common
4261

43-
APP_PEM: ${{ secrets.APP_PEM }}
44-
APP_ID: ${{ secrets.APP_ID }}
62+
- name: Lint and more checks
63+
run: |
64+
cd .github/actions-common/.github/actions/lint
65+
chmod +x action.sh 2>/dev/null || chmod +x *.sh 2>/dev/null || true
66+
if [ -f "action.sh" ]; then
67+
./action.sh
68+
elif [ -f "lint.sh" ]; then
69+
./lint.sh
70+
else
71+
echo "No lint script found, checking action.yml"
72+
if [ -f "action.yml" ] || [ -f "action.yaml" ]; then
73+
echo "Found action definition but no script - this may be a composite action"
74+
fi
75+
fi
76+
env:
77+
INPUT_GO_VERSION: ${{ env.GO_VERSION }}
78+
INPUT_APP_PEM: ${{ secrets.APP_PEM }}
79+
INPUT_APP_ID: ${{ secrets.APP_ID }}
4580

4681
test:
4782
name: Run Tests
@@ -52,16 +87,33 @@ jobs:
5287
- name: Checkout code
5388
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
5489

90+
- name: Checkout common scripts
91+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
92+
with:
93+
repository: descope/common
94+
token: ${{ secrets.AUTHZCACHE_TO_COMMON }}
95+
path: .github/actions-common
96+
5597
- name: Run Tests
56-
uses: descope/common/.github/actions/tests@main
98+
run: |
99+
cd .github/actions-common/.github/actions/tests
100+
chmod +x action.sh 2>/dev/null || chmod +x *.sh 2>/dev/null || true
101+
if [ -f "action.sh" ]; then
102+
./action.sh
103+
elif [ -f "tests.sh" ]; then
104+
./tests.sh
105+
else
106+
echo "No test script found, checking action.yml"
107+
if [ -f "action.yml" ] || [ -f "action.yaml" ]; then
108+
echo "Found action definition but no script - this may be a composite action"
109+
fi
110+
fi
57111
env:
58112
DATABASE_PASSWORD: ${{ env.DATABASE_PASSWORD }}
59-
with:
60-
go_version: ${{ env.GO_VERSION }}
61-
62-
APP_PEM: ${{ secrets.APP_PEM }}
63-
APP_ID: ${{ secrets.APP_ID }}
64-
min_coverage: 100
113+
INPUT_GO_VERSION: ${{ env.GO_VERSION }}
114+
INPUT_APP_PEM: ${{ secrets.APP_PEM }}
115+
INPUT_APP_ID: ${{ secrets.APP_ID }}
116+
INPUT_MIN_COVERAGE: 100
65117

66118
security:
67119
name: Run Security checks
@@ -72,13 +124,31 @@ jobs:
72124
- name: Checkout code
73125
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
74126

75-
- name: Run Security checks
76-
uses: descope/common/.github/actions/security@main
127+
- name: Checkout common scripts
128+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
77129
with:
78-
go_version: ${{ env.GO_VERSION }}
130+
repository: descope/common
131+
token: ${{ secrets.AUTHZCACHE_TO_COMMON }}
132+
path: .github/actions-common
79133

80-
APP_PEM: ${{ secrets.APP_PEM }}
81-
APP_ID: ${{ secrets.APP_ID }}
134+
- name: Run Security checks
135+
run: |
136+
cd .github/actions-common/.github/actions/security
137+
chmod +x action.sh 2>/dev/null || chmod +x *.sh 2>/dev/null || true
138+
if [ -f "action.sh" ]; then
139+
./action.sh
140+
elif [ -f "security.sh" ]; then
141+
./security.sh
142+
else
143+
echo "No security script found, checking action.yml"
144+
if [ -f "action.yml" ] || [ -f "action.yaml" ]; then
145+
echo "Found action definition but no script - this may be a composite action"
146+
fi
147+
fi
148+
env:
149+
INPUT_GO_VERSION: ${{ env.GO_VERSION }}
150+
INPUT_APP_PEM: ${{ secrets.APP_PEM }}
151+
INPUT_APP_ID: ${{ secrets.APP_ID }}
82152

83153
pack:
84154
name: Pack and Upload

0 commit comments

Comments
 (0)