feat: support SSO (Single Sign-On) #2957
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: pull_request | |
name: Test | |
# Stop any in-flight CI jobs when a new commit is pushed. | |
concurrency: | |
group: ${{ github.ref_name }} | |
cancel-in-progress: true | |
jobs: | |
config: | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Checkout code" | |
uses: actions/checkout@v4 | |
- name: "Install Rust" | |
uses: dtolnay/rust-toolchain@stable # to install tomlq via `make config` | |
- name: "Generate static app config" | |
run: make config | |
- name: "Config Artifact" | |
uses: actions/upload-artifact@v3 | |
with: | |
name: config-artifact-${{ github.sha }} | |
path: pkg/config/config.toml | |
lint: | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Checkout code" | |
uses: actions/checkout@v4 | |
- name: "Install Rust" | |
uses: dtolnay/rust-toolchain@stable # to install tomlq via `make config` | |
- name: Install Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: 1.21.x | |
# NOTE: Manage GitHub Actions cache via https://github.com/fastly/cli/actions/caches | |
# This is useful if you need to clear the cache when a dependency doesn't update correctly. | |
# | |
# REFERENCES: | |
# https://www.airplane.dev/blog/caching-golang-tests-in-ci | |
# https://markphelps.me/posts/speed-up-your-go-builds-with-actions-cache/ | |
# | |
- id: go-cache-paths | |
name: Retrieve Go Paths | |
run: | | |
echo "gobin=$(go env GOPATH)/bin" >> $GITHUB_OUTPUT # speed up dependency installs | |
echo "gobuild=$(go env GOCACHE)" >> $GITHUB_OUTPUT # speed up `go test` runs | |
echo "gomod=$(go env GOMODCACHE)" >> $GITHUB_OUTPUT # speed up use of third-party modules | |
- name: Go Bin Cache | |
id: go-bin-deps | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.gobin }} | |
key: ${{ runner.os }}-lint-go-bin-${{ hashFiles('.github/dependencies.txt') }} | |
- name: Go Build Cache | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.gobuild }} | |
key: ${{ runner.os }}-lint-go-build-${{ hashFiles('**/go.sum') }} | |
- name: Go Mod Cache | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.gomod }} | |
key: ${{ runner.os }}-lint-go-mod-${{ hashFiles('**/go.sum') }} | |
- name: "Install dependencies" | |
if: steps.go-bin-deps.outputs.cache-hit != 'true' | |
run: make dependencies | |
shell: bash | |
- name: "Run go mod tidy" | |
run: make tidy | |
- name: "Run go fmt" | |
run: make fmt | |
# NOTE: We don't download the config artifact in this job. | |
# This is because we know Linux is able to generate the configuration file. | |
# Which is triggered by the `make vet` pre-requisite target `config`. | |
- name: "Run go vet" | |
run: make vet | |
shell: bash | |
- name: "Run revive" | |
run: make revive | |
shell: bash | |
- name: "Static analysis check" | |
run: make staticcheck | |
shell: bash | |
- name: "Security audit" | |
run: make gosec | |
shell: bash | |
test: | |
needs: [config] | |
strategy: | |
matrix: | |
tinygo-version: [0.27.0] | |
go-version: [1.21.x] | |
node-version: [18] | |
platform: [ubuntu-latest, macos-latest, windows-latest] | |
runs-on: ${{ matrix.platform }} | |
steps: | |
- name: "Checkout code" | |
uses: actions/checkout@v4 | |
- name: "Install Go" | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ matrix.go-version }} | |
# IMPORTANT: Disable caching to prevent cache restore errors later. | |
cache: false | |
- uses: Integralist/setup-tinygo@v1.0.0 | |
with: | |
tinygo-version: ${{ matrix.tinygo-version }} | |
- name: Retrieve Go Paths | |
# Needed because we can't execute subshell with a third-party action. | |
id: go-cache-paths | |
shell: bash # IMPORTANT: without this Windows OS will not work. | |
run: | | |
echo "gobuild=$(go env GOCACHE)" >> $GITHUB_OUTPUT # speed up `go test` runs | |
echo "gomod=$(go env GOMODCACHE)" >> $GITHUB_OUTPUT # speed up use of third-party modules | |
- name: Go Build Cache | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.gobuild }} | |
key: ${{ runner.os }}-test-go-build-${{ hashFiles('**/go.sum') }} | |
- name: Go Mod Cache | |
uses: actions/cache@v3 | |
with: | |
path: ${{ steps.go-cache-paths.outputs.gomod }} | |
key: ${{ runner.os }}-test-go-mod-${{ hashFiles('**/go.sum') }} | |
- name: "Install Rust" | |
uses: dtolnay/rust-toolchain@stable | |
- name: "Add wasm32-wasi Rust target" | |
run: rustup target add wasm32-wasi --toolchain stable | |
- name: "Validate Rust toolchain" | |
run: rustup show && rustup target list --installed --toolchain stable | |
shell: bash | |
- name: "Install Node" | |
uses: actions/setup-node@v3 | |
with: | |
node-version: ${{ matrix.node-version }} | |
- name: "Config Artifact" | |
uses: actions/download-artifact@v3 | |
with: | |
name: config-artifact-${{ github.sha }} | |
- name: "Move Config" | |
run: mv config.toml pkg/config/config.toml | |
- name: "Modify git cloned repo files 'modified' times" | |
run: go run ./scripts/go-test-cache/main.go | |
# NOTE: Windows should fail quietly running pre-requisite target of `test`. | |
# | |
# On Windows, executing `make config` directly works fine. | |
# But when `config` is a pre-requisite to running `test`, it fails. | |
# But only when run via GitHub Actions. | |
# The ../../scripts/config.sh isn't run because you can't nest PowerShell instances. | |
# Each GitHub Action 'run' step is a PowerShell instance. | |
# And each instance is run as: powershell.exe -command ". '...'" | |
- name: "Test suite" | |
run: make test | |
shell: bash | |
env: | |
# NOTE: The following lets us focus the test run while debugging. | |
# TEST_ARGS: "-run TestDeploy ./pkg/commands/compute/..." | |
TEST_COMPUTE_INIT: true | |
TEST_COMPUTE_BUILD: true | |
TEST_COMPUTE_DEPLOY: true | |
docker-builds: | |
runs-on: ubuntu-latest | |
steps: | |
- name: "Checkout code" | |
uses: actions/checkout@v4 | |
- name: Build docker images | |
run: | | |
for dockerFile in Dockerfile*; do docker build -f $dockerFile . ; done |