-
Notifications
You must be signed in to change notification settings - Fork 26
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a6c3512
commit 7087166
Showing
2 changed files
with
128 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,119 @@ | ||
name: Continuous Integration (Debian11) | ||
|
||
on: | ||
push: | ||
branches: [master] | ||
tags: | ||
- '*' | ||
pull_request: | ||
|
||
env: | ||
SBX_ECR_REGISTRY: "769000229800.dkr.ecr.eu-west-1.amazonaws.com" | ||
PRD_ECR_REGISTRY: "162230498103.dkr.ecr.eu-west-1.amazonaws.com" | ||
REGION: eu-west-1 | ||
ECR_IMAGE: datahub-common-transit_model | ||
DEBIAN_TAG_SUFFIX: deb11 | ||
|
||
jobs: | ||
aws_creds: | ||
name: Get ECR Access | ||
runs-on: [self-hosted, dataeng, sandbox] | ||
outputs: | ||
token: ${{ steps.ecr_token.outputs.token }} | ||
steps: | ||
- id: ecr_token | ||
name: Get ECR Token | ||
run: | | ||
echo token=$(aws ecr get-login-password --region $REGION) >> $GITHUB_OUTPUT | ||
rustfmt: | ||
name: Rust fmt check | ||
needs: aws_creds | ||
runs-on: [self-hosted, dataeng, sandbox] | ||
container: | ||
image: 162230498103.dkr.ecr.eu-west-1.amazonaws.com/mutable-rust-ci:latest-deb11 | ||
credentials: | ||
username: AWS | ||
password: ${{ needs.aws_creds.outputs.token }} | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- name: Format | ||
run: make format | ||
clippy: | ||
name: Clippy check | ||
needs: aws_creds | ||
runs-on: [self-hosted, dataeng, sandbox] | ||
container: | ||
image: 162230498103.dkr.ecr.eu-west-1.amazonaws.com/mutable-rust-ci:latest-proj8.1.1-deb11 | ||
credentials: | ||
username: AWS | ||
password: ${{ needs.aws_creds.outputs.token }} | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- name: Lint | ||
run: make lint | ||
audit: | ||
name: Security audit | ||
needs: aws_creds | ||
runs-on: [self-hosted, dataeng, sandbox] | ||
container: | ||
image: 162230498103.dkr.ecr.eu-west-1.amazonaws.com/mutable-rust-ci:latest-proj8.1.1-deb11 | ||
credentials: | ||
username: AWS | ||
password: ${{ needs.aws_creds.outputs.token }} | ||
continue-on-error: true | ||
steps: | ||
- uses: actions/checkout@v3 | ||
- name: Audit | ||
run: | | ||
cargo audit | ||
tests: | ||
name: Tests | ||
needs: aws_creds | ||
runs-on: [self-hosted, dataeng, sandbox] | ||
container: | ||
image: 162230498103.dkr.ecr.eu-west-1.amazonaws.com/mutable-rust-ci:latest-proj8.1.1-deb11 | ||
credentials: | ||
username: AWS | ||
password: ${{ needs.aws_creds.outputs.token }} | ||
steps: | ||
- name: Checkout repository and submodules | ||
uses: actions/checkout@v3 | ||
with: | ||
submodules: recursive # for tests/NeTEx | ||
- name: Install xmllint | ||
run: apt update && apt install --yes libxml2-utils | ||
- name: Run tests with and without features | ||
run: make test | ||
build-n-push: | ||
needs: [rustfmt, clippy, audit, tests] | ||
if: github.event_name == 'push' | ||
runs-on: [self-hosted, dataeng, sandbox] | ||
steps: | ||
- name: CleanUp | ||
run: | | ||
sudo chown -R $USER . | ||
- uses: actions/checkout@v3 | ||
with: | ||
fetch-depth: 0 | ||
clean: false | ||
- name: Login to Amazon ECR sandbox | ||
env: | ||
AWS_REGION: eu-west-1 | ||
uses: aws-actions/amazon-ecr-login@v1 | ||
- name: Login to Amazon ECR shared | ||
env: | ||
AWS_REGION: eu-west-1 | ||
uses: aws-actions/amazon-ecr-login@v1 | ||
with: | ||
registries: 162230498103 | ||
- name: Build and Push to SBX ECR | ||
if: success() | ||
run: | | ||
docker build -t ${SBX_ECR_REGISTRY}/${ECR_IMAGE}:latest-${DEBIAN_TAG_SUFFIX} . -f Dockerfile_deb11 | ||
docker push ${SBX_ECR_REGISTRY}/${ECR_IMAGE}:latest-${DEBIAN_TAG_SUFFIX} | ||
- name: Push release to Prod ECR | ||
if: success() && startsWith(github.ref, 'refs/tags/') | ||
run: | | ||
TAG=${GITHUB_REF_NAME} | ||
docker tag ${SBX_ECR_REGISTRY}/${ECR_IMAGE}:latest-${DEBIAN_TAG_SUFFIX} ${PRD_ECR_REGISTRY}/${ECR_IMAGE}:${TAG}-${DEBIAN_TAG_SUFFIX} | ||
docker push ${PRD_ECR_REGISTRY}/${ECR_IMAGE}:${TAG}-${DEBIAN_TAG_SUFFIX} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
FROM 162230498103.dkr.ecr.eu-west-1.amazonaws.com/mutable-rust-ci:latest-proj8.1.1-deb11 as builder | ||
WORKDIR /usr/src/app | ||
COPY . ./ | ||
RUN git describe --tags --always && git status | ||
RUN cargo build --workspace --release | ||
RUN mkdir /usr/src/bin && for file in ls ${CARGO_TARGET_DIR:-./target}/release/*; do if test -f $file -a -x $file; then cp $file /usr/src/bin; fi; done | ||
|
||
FROM 162230498103.dkr.ecr.eu-west-1.amazonaws.com/mutable-proj-ci:8.1.1-deb11 | ||
COPY --from=builder /usr/src/bin/* /usr/local/bin/ |