Skip to content
Build, Test, and Lint

fix(release-v0.6): set predictable and proper server IP addresses order #828

Sign in to view logs

fix(release-v0.6): set predictable and proper server IP addresses order

fix(release-v0.6): set predictable and proper server IP addresses order #828

Workflow file for this run

.github/workflows/build-dev.yaml at c6e63a4
name: Build, Test, and Lint
on:
push:
branches:
- main
- 'release-*'
pull_request:
types: [opened, synchronize, reopened, labeled]
pull_request_target:
types: [opened, synchronize, reopened, labeled]
branches:
- main
- 'release-*'
jobs:
check_approvals:
runs-on: ubuntu-latest
# Run this job only if the following conditions are met:
# 1. The pull request has the 'integration-test' label.
# 2. The event is either:
# a. A 'pull_request' event where the base and head repositories are the same (internal PR).
# b. A 'pull_request_target' event where the base and head repositories are different (external PR).
if: ${{ contains(github.event.pull_request.labels.*.name, 'integration-test') &&
(( github.event_name == 'pull_request' && github.event.pull_request.base.repo.clone_url == github.event.pull_request.head.repo.clone_url) ||
(github.event_name == 'pull_request_target' && github.event.pull_request.base.repo.clone_url != github.event.pull_request.head.repo.clone_url )) }}
outputs:
# Output the approval status for pull_request_target events, otherwise default to 'true'
check_approvals: ${{ github.event_name == 'pull_request_target' && steps.check_approvals.outputs.check_approvals || 'true' }}
# Output whether the PR is external
external_pr: ${{ github.event.pull_request.base.repo.clone_url != github.event.pull_request.head.repo.clone_url }}
steps:
- name: Check integration test allowance status
# Only run this step for pull_request_target events
if: ${{ github.event_name == 'pull_request_target' }}
id: check_approvals
# Use an external action to check if the PR has the necessary approvals
uses: nutanix-cloud-native/action-check-approvals@v1
build-container:
if: ${{ (github.event_name == 'pull_request' && needs.check_approvals.outputs.external_pr == 'false') || (github.event_name == 'pull_request_target' && needs.check_approvals.outputs.external_pr == 'true' && needs.check_approvals.outputs.check_approvals == 'true') }}
needs: check_approvals
runs-on: ubuntu-latest
env:
EXPORT_RESULT: true
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: "${{ github.event.pull_request.head.sha }}"
- name: Install devbox
uses: jetify-com/[email protected]
with:
enable-cache: "true"
- uses: actions/cache@v4
with:
path: |
~/.cache/golangci-lint
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Test build
run: devbox run -- make build
- name: Run unit tests
run: devbox run -- make unit-test
# gocov-xml expects things to be properly placed under go path.
# GHA clones into /home/runner/work/repository so we create
# the directory under the right path and link it
- run: mkdir -p /home/runner/go/src/github.com/nutanix-cloud-native/ && ln -s /home/runner/work/cloud-provider-nutanix/cloud-provider-nutanix /home/runner/go/src/github.com/nutanix-cloud-native
- name: Run coverage report
run: devbox run -- make coverage
- name: Codecov
uses: codecov/[email protected]
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
with:
file: ./coverage.xml # Replace with the path to your coverage report
fail_ci_if_error: true
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
env:
TRIVY_DB_REPOSITORY: "ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db"
with:
scan-type: "fs"
ignore-unfixed: true
format: "table"
exit-code: "1"
vuln-type: "os,library"
severity: "CRITICAL,HIGH"
e2e:
strategy:
matrix:
e2e-labels:
- "capx"
fail-fast: false
needs: check_approvals
uses: ./.github/workflows/e2e.yaml
with:
e2e-labels: ${{ matrix.e2e-labels }}
secrets: inherit
permissions:
contents: read
checks: write