Skip to content

ci

ci #185

Workflow file for this run

name: ci
concurrency:
cancel-in-progress: ${{ ! (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')) }}
group: ci-${{ github.ref_name }}-${{ github.event_name }}
on:
pull_request:
branches:
- main
push:
branches:
- main
tags:
- "*"
schedule:
- cron: 30 0 */1 * *
workflow_dispatch:
release:
types:
- published
jobs:
build-pr:
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: meysam81/build-docker@v1
with:
image-name: ghcr.io/${{ github.repository }}
platforms: linux/amd64,linux/arm64
kubescape: true
build-edge:
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
security-events: write
steps:
- uses: meysam81/build-docker@v1
with:
context: .
image-name: ghcr.io/${{ github.repository }}
image-extra-tags: |
ghcr.io/${{ github.repository }}:${{ github.run_id }}
platforms: linux/amd64,linux/arm64
kubescape: true
kubescape-upload-sarif: true
release-please:
if: github.event_name == 'push' && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
permissions:
contents: write
pull-requests: write
outputs:
releases_created: ${{ steps.release-please.outputs.releases_created }}
tag_name: ${{ steps.release-please.outputs.tag_name }}
steps:
- id: release-please
name: Release please
uses: googleapis/release-please-action@v4
with:
release-type: simple
build-tag:
needs:
- release-please
if: needs.release-please.outputs.releases_created == 'true'
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- uses: meysam81/build-docker@v1
with:
image-name: ghcr.io/${{ github.repository }}
image-extra-tags: |
ghcr.io/${{ github.repository }}:${{ needs.release-please.outputs.tag_name }}
platforms: linux/amd64,linux/arm64
kubescape: true
checks:
if: contains(fromJSON('["push", "pull_request", "schedule"]'), github.event_name)
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Run linters
run: |
pip install -U pip pre-commit
pre-commit run -a
- if: failure() && github.ref_name != 'refs/heads/main'
name: Commit linting changes
uses: EndBug/add-and-commit@v9
with:
message: "chore: lint 🚨"
new_branch: ${{ github.head_ref || github.ref_name }}