ci: Add continuous-integration workflow

This workflow first calculates the list of changed policies, and then uses that list as the value for a GH workflow matrix. This way we get 1 job per policy. Signed-off-by: Víctor Cuadrado Juan <vcuadradojuan@suse.de>
viccuad · Dec 17, 2024 · ddbde00 · ddbde00
1 parent 8a638a1
commit ddbde00
Showing 1 changed file with 33 additions and 0 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,33 @@
+name: CI
+
+on: [push, pull_request]
+jobs:
+  calculate-policy-matrix:
+    runs-on: ubuntu-latest
+    outputs:
+      policy-working-dirs: ${{ steps.calculate-policy-dirs.outputs.policy_working_dirs }}
+    steps:
+      - uses: actions/checkout@v4
+      - id: calculate-policy-dirs
+        shell: bash
+        run: |
+          # policy_working_dirs must be an array on the form: [ "policies/Foo", "policies/Bar" ]
+           
+          pushd policies
+          # list only changes of files in `policies/`:
+          git_files="$(git diff --no-color --find-renames --find-copies --name-only main ${{ github.sha }} -- .)"
+
+          # build policy_working_dirs:
+          dir_bash_array=($(echo "$git_files" | cut -d/ -f1,2 ))
+          declare -p dir_bash_array # for debug
+          policy_working_dirs=$(jq --compact-output --null-input '$ARGS.positional' --args -- "${dir_bash_array[@]}")
+          echo "policy_working_dirs=$policy_working_dirs" >> $GITHUB_OUTPUT
+
+  continuous-integration:
+    needs: calculate-policy-matrix
+    strategy:
+      matrix:
+        policy-working-dir: ${{ needs.calculate-policy-matrix.outputs.policy-working-dirs }}
+    uses: viccuad/github-actions/.github/workflows/reusable-test-policy-rego.yml@main
+    with:
+      policy-working-dir: ${{ matrix.policy-working-dir }}