Skip to content

update swagger info for SwaggerUI (#1009) #1337

update swagger info for SwaggerUI (#1009)

update swagger info for SwaggerUI (#1009) #1337

Workflow file for this run

name: Build
# Need GitHub secret: DOCKER_HUB_USER, DOCKER_HUB_SECRETS, GHCR_TOKEN
on:
push:
branches:
- master
tags:
- 'v*.*.*'
paths-ignore:
- "**.md"
- "LICENSE"
- "docs/**"
- ".devcontainer/**"
- "*.ya?ml" # ignore all yaml files(with suffix yaml or yml) in the root of the repository
- "!codecov.yml"
- "!.golangci.yml"
- "!config/**"
- "OWNERS"
- "PROJECT"
jobs:
BuildController:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Docker meta for kubesphere
id: meta
if: github.repository_owner == 'kubesphere'
uses: docker/metadata-action@v3
with:
images: |
kubespheredev/devops-controller
ghcr.io/${{ github.repository_owner }}/devops-controller
tags: |
type=schedule
type=ref,event=branch,suffix=-{{sha}}
type=ref,event=pr,suffix=-{{sha}}
type=semver,pattern={{version}},prefix=v
- name: Docker meta for Contributors
id: metaContributors
if: github.repository_owner != 'kubesphere'
uses: docker/metadata-action@v3
with:
images: |
ghcr.io/${{ github.repository_owner }}/devops-controller
tags: |
type=schedule
type=ref,event=branch,suffix=-{{sha}}
type=ref,event=pr,suffix=-{{sha}}
type=semver,pattern={{version}},prefix=v
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_SECRETS }}
- name: Login to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Build env
id: build_env
run: |
if [ "${{ github.event_name }}" == "pull_request" ]
then
echo "::set-output name=platforms::linux/amd64"
echo "::set-output name=push::false"
echo "::set-output name=load::true"
echo "::set-output name=ref::pr-$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")"
else
echo "::set-output name=platforms::linux/amd64,linux/arm64"
echo "::set-output name=push::true"
echo "::set-output name=load::false"
echo "::set-output name=ref::${{github.ref_name}}"
fi
echo "::set-output name=short_sha::${GITHUB_SHA::7}"
- name: Build and push Docker images
uses: docker/[email protected]
if: github.repository_owner == 'kubesphere'
with:
file: config/dockerfiles/controller-manager/Dockerfile
tags: ${{ steps.meta.outputs.tags }}
push: ${{ steps.build_env.outputs.push }}
load: ${{ steps.build_env.outputs.load }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ steps.build_env.outputs.platforms }}
provenance: false
sbom: false
- name: Build and push Docker images for Contributors
uses: docker/[email protected]
if: github.repository_owner != 'kubesphere'
with:
file: config/dockerfiles/controller-manager/Dockerfile
tags: ${{ steps.metaContributors.outputs.tags }}
push: ${{ steps.build_env.outputs.push }}
load: ${{ steps.build_env.outputs.load }}
labels: ${{ steps.metaContributors.outputs.labels }}
platforms: ${{ steps.build_env.outputs.platforms }}
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
if: github.event_name == 'pull_request'
with:
image-ref: 'ghcr.io/${{github.repository_owner}}/devops-controller:${{ steps.build_env.outputs.ref }}-${{ steps.build_env.outputs.short_sha }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
trivyignores: .github/workflows/.trivyignore
BuildAPIServer:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Docker meta for kubesphere
id: meta
if: github.repository_owner == 'kubesphere'
uses: docker/metadata-action@v3
with:
images: |
kubespheredev/devops-apiserver
ghcr.io/${{ github.repository_owner }}/devops-apiserver
tags: |
type=schedule
type=ref,event=branch,suffix=-{{sha}}
type=ref,event=pr,suffix=-{{sha}}
type=semver,pattern={{version}},prefix=v
- name: Docker meta for Contributors
id: metaContributors
if: github.repository_owner != 'kubesphere'
uses: docker/metadata-action@v3
with:
images: |
ghcr.io/${{ github.repository_owner }}/devops-apiserver
tags: |
type=schedule
type=ref,event=branch,suffix=-{{sha}}
type=ref,event=pr,suffix=-{{sha}}
type=semver,pattern={{version}},prefix=v
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_SECRETS }}
- name: Login to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Build env
id: build_env
run: |
if [ "${{ github.event_name }}" == "pull_request" ]
then
echo "::set-output name=platforms::linux/amd64"
echo "::set-output name=push::false"
echo "::set-output name=load::true"
echo "::set-output name=ref::pr-$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")"
else
echo "::set-output name=platforms::linux/amd64,linux/arm64"
echo "::set-output name=push::true"
echo "::set-output name=load::false"
echo "::set-output name=ref::${{github.ref_name}}"
fi
echo "::set-output name=short_sha::${GITHUB_SHA::7}"
- name: Build and push Docker images
uses: docker/[email protected]
if: github.repository_owner == 'kubesphere'
with:
file: config/dockerfiles/apiserver/Dockerfile
tags: ${{ steps.meta.outputs.tags }}
push: ${{ steps.build_env.outputs.push }}
load: ${{ steps.build_env.outputs.load }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ steps.build_env.outputs.platforms }}
provenance: false
sbom: false
- name: Build and push Docker images for Contributors
uses: docker/[email protected]
if: github.repository_owner != 'kubesphere'
with:
file: config/dockerfiles/apiserver/Dockerfile
tags: ${{ steps.metaContributors.outputs.tags }}
push: ${{ steps.build_env.outputs.push }}
load: ${{ steps.build_env.outputs.load }}
labels: ${{ steps.metaContributors.outputs.labels }}
platforms: ${{ steps.build_env.outputs.platforms }}
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
if: github.event_name == 'pull_request'
with:
image-ref: 'ghcr.io/${{github.repository_owner}}/devops-apiserver:${{ steps.build_env.outputs.ref }}-${{ steps.build_env.outputs.short_sha }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
trivyignores: .github/workflows/.trivyignore
BuildTools:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Docker meta for kubesphere
id: meta
if: github.repository_owner == 'kubesphere'
uses: docker/metadata-action@v3
with:
images: |
kubespheredev/devops-tools
ghcr.io/${{ github.repository_owner }}/devops-tools
tags: |
type=schedule
type=ref,event=branch,suffix=-{{sha}}
type=ref,event=pr,suffix=-{{sha}}
type=semver,pattern={{version}},prefix=v
- name: Docker meta for Contributors
id: metaContributors
if: github.repository_owner != 'kubesphere'
uses: docker/metadata-action@v3
with:
images: |
ghcr.io/${{ github.repository_owner }}/devops-tools
tags: |
type=schedule
type=ref,event=branch,suffix=-{{sha}}
type=ref,event=pr,suffix=-{{sha}}
type=semver,pattern={{version}},prefix=v
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_HUB_USER }}
password: ${{ secrets.DOCKER_HUB_SECRETS }}
- name: Login to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR_TOKEN }}
- name: Build env
id: build_env
run: |
if [ "${{ github.event_name }}" == "pull_request" ]
then
echo "::set-output name=platforms::linux/amd64"
echo "::set-output name=push::false"
echo "::set-output name=load::true"
echo "::set-output name=ref::pr-$(jq --raw-output .pull_request.number "$GITHUB_EVENT_PATH")"
else
echo "::set-output name=platforms::linux/amd64,linux/arm64"
echo "::set-output name=push::true"
echo "::set-output name=load::false"
echo "::set-output name=ref::${{github.ref_name}}"
fi
echo "::set-output name=short_sha::${GITHUB_SHA::7}"
- name: Build and push Docker images
uses: docker/[email protected]
if: github.repository_owner == 'kubesphere'
with:
file: config/dockerfiles/tools/Dockerfile
tags: ${{ steps.meta.outputs.tags }}
push: ${{ steps.build_env.outputs.push }}
load: ${{ steps.build_env.outputs.load }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ steps.build_env.outputs.platforms }}
provenance: false
sbom: false
- name: Build and push Docker images for Contributors
uses: docker/[email protected]
if: github.repository_owner != 'kubesphere'
with:
file: config/dockerfiles/tools/Dockerfile
tags: ${{ steps.metaContributors.outputs.tags }}
push: ${{ steps.build_env.outputs.push }}
load: ${{ steps.build_env.outputs.load }}
labels: ${{ steps.metaContributors.outputs.labels }}
platforms: ${{ steps.build_env.outputs.platforms }}
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
if: github.event_name == 'pull_request'
with:
image-ref: 'ghcr.io/${{github.repository_owner}}/devops-tools:${{ steps.build_env.outputs.ref }}-${{ steps.build_env.outputs.short_sha }}'
format: 'table'
exit-code: '1'
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
trivyignores: .github/workflows/.trivyignore
UnitTest:
name: Test
runs-on: ubuntu-20.04
steps:
- name: Set up Go 1.17
uses: actions/[email protected]
with:
go-version: 1.17
id: go
- name: Check out code into the Go module directory
uses: actions/[email protected]
- name: Test
run: |
make test
- name: Upload coverage to Codecov
uses: codecov/codecov-action@v1
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: coverage.out
flags: unittests
name: codecov-umbrella
fail_ci_if_error: true