diff --git a/.github/actions/hermit/action.yml b/.github/actions/hermit/action.yml new file mode 100644 index 0000000000..f1a31326e3 --- /dev/null +++ b/.github/actions/hermit/action.yml @@ -0,0 +1,44 @@ +name: 'Hermit Environment' +description: 'Activate hermit environment' +inputs: + cache: + description: 'Cache hermit files' + required: false + default: 'true' +runs: + using: composite + steps: + - if: ${{ inputs.cache == 'true' }} + id: hermit-hash + shell: bash + run: | + bin_hashes="${{ hashFiles('./bin/*') }}" + poetry_security_polices="${{ hashFiles('./security-policies/poetry.lock', './security-policies/pyproject.toml') }}" + poetry_tests="${{ hashFiles('./tests/poetry.lock', './tests/pyproject.toml') }}" + pre_commit="${{ hashFiles('.pre-commit-config.yaml') }}" + hash="$(echo "${bin_hashes} ${poetry_security_polices} ${poetry_tests} ${pre_commit}" | sha256sum | cut -d' ' -f1)" + + echo "\$bin_hashes ${bin_hashes}" + echo "\$poetry_security_polices ${poetry_security_polices}" + echo "\$poetry_tests ${poetry_tests}" + echo "\$pre_commit ${pre_commit}" + + echo "hash=$hash" >> "$GITHUB_OUTPUT" + - if: ${{ inputs.cache == 'true' }} + uses: actions/cache@v4 + with: + path: | + ~/.cache/hermit/pkg + ./.hermit + ~/.cache/go-build + ~/go/pkg/ + ~/.cache/pre-commit + key: hermit-env-${{ runner.os }}-${{ steps.hermit-hash.outputs.hash }} + restore-keys: | + hermit-env-${{ runner.os }} + - shell: bash + run: ./bin/hermit env --raw >> "$GITHUB_ENV" + - shell: bash + run: hermit install + - shell: bash + run: go env diff --git a/.github/workflows/azure-ci.yml b/.github/workflows/azure-ci.yml index 9a0248d495..f937b84bfd 100644 --- a/.github/workflows/azure-ci.yml +++ b/.github/workflows/azure-ci.yml @@ -23,24 +23,18 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Init Hermit - run: ./bin/hermit env -r >> $GITHUB_ENV + - name: Hermit Environment + uses: ./.github/actions/hermit - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: "3.9" - - - name: Install Poetry + - name: Install poetry run: | - curl -sSL https://install.python-poetry.org | python3 - - poetry --version + pip3 install poetry + cd tests + poetry install - name: Build cloudbeat binary - uses: magefile/mage-action@v3 - with: - version: latest - args: build + shell: bash + run: mage build - name: Run Elasticsearch uses: elastic/elastic-github-actions/elasticsearch@master @@ -72,7 +66,6 @@ jobs: env: USE_K8S: false run: | - poetry install poetry run pytest -k "azure" --alluredir=./allure/results/ --clean-alluredir - name: Print cloudbeat logs diff --git a/.github/workflows/cloudbeat-ci.yml b/.github/workflows/cloudbeat-ci.yml index 3532c4e5da..356d827e1f 100644 --- a/.github/workflows/cloudbeat-ci.yml +++ b/.github/workflows/cloudbeat-ci.yml @@ -26,13 +26,8 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Set up GO (with caching) - uses: magnetikonline/action-golang-cache@v4 - with: - go-version-file: .go-version - - - name: Init Hermit - run: ./bin/hermit env -r >> $GITHUB_ENV + - name: Hermit Environment + uses: ./.github/actions/hermit - name: Install poetry run: | @@ -77,16 +72,12 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Setup GO (with caching) - uses: magnetikonline/action-golang-cache@v4 - with: - go-version-file: .go-version + - name: Hermit Environment + uses: ./.github/actions/hermit - name: build cloudbeat binary - uses: magefile/mage-action@v3 - with: - version: latest - args: build + shell: bash + run: mage build - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/eks-ci.yml b/.github/workflows/eks-ci.yml index 525a99d396..77b51bb763 100644 --- a/.github/workflows/eks-ci.yml +++ b/.github/workflows/eks-ci.yml @@ -72,16 +72,12 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Setup GO (with caching) - uses: magnetikonline/action-golang-cache@v4 - with: - go-version-file: .go-version + - name: Hermit Environment + uses: ./.github/actions/hermit - name: build cloudbeat binary - uses: magefile/mage-action@v3 - with: - version: latest - args: build + shell: bash + run: mage build - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 diff --git a/.github/workflows/k8s-ci.yml b/.github/workflows/k8s-ci.yml index b78b9bb8b7..ea82b41a77 100644 --- a/.github/workflows/k8s-ci.yml +++ b/.github/workflows/k8s-ci.yml @@ -42,16 +42,12 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Setup GO (with caching) - uses: magnetikonline/action-golang-cache@v4 - with: - go-version-file: .go-version + - name: Hermit Environment + uses: ./.github/actions/hermit - name: build cloudbeat binary - uses: magefile/mage-action@v3 - with: - version: latest - args: build + shell: bash + run: mage build - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 @@ -365,8 +361,8 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Init Hermit - run: ./bin/hermit env -r >> $GITHUB_ENV + - name: Hermit Environment + uses: ./.github/actions/hermit - name: Set Kind Configuration run: | diff --git a/.github/workflows/packaging.yml b/.github/workflows/packaging.yml index 3546c2ef9c..6427eec0ce 100644 --- a/.github/workflows/packaging.yml +++ b/.github/workflows/packaging.yml @@ -41,13 +41,8 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Setup GO (with caching) - uses: magnetikonline/action-golang-cache@v4 - with: - go-version-file: .go-version - - - name: Init Hermit - run: ./bin/hermit env -r >> $GITHUB_ENV + - name: Hermit Environment + uses: ./.github/actions/hermit - name: Packaging run: | diff --git a/.github/workflows/periodic-ci.yml b/.github/workflows/periodic-ci.yml index f0a1d7df61..f919174a5a 100644 --- a/.github/workflows/periodic-ci.yml +++ b/.github/workflows/periodic-ci.yml @@ -77,15 +77,8 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Set up GO (with caching) - uses: magnetikonline/action-golang-cache@v4 - with: - go-version-file: .go-version - - - name: Setup OPA - uses: open-policy-agent/setup-opa@v2 - with: - version: 0.44 # this should be aligned with the version in go.mod + - name: Hermit Environment + uses: ./.github/actions/hermit - name: build cloudbeat run: mage Build diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml index 6aa795fa3f..34d4b2b42c 100644 --- a/.github/workflows/unit-test.yml +++ b/.github/workflows/unit-test.yml @@ -26,15 +26,12 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Set up GO (with caching) - uses: magnetikonline/action-golang-cache@v4 - with: - go-version-file: .go-version + - name: Hermit Environment + uses: ./.github/actions/hermit - - name: Mage build bundle before unit tests - uses: magefile/mage-action@v3 - with: - args: buildOpaBundle + - name: build cloudbeat binary + shell: bash + run: mage buildOpaBundle - name: Unit-Test run: | @@ -57,8 +54,8 @@ jobs: - name: Check out the repo uses: actions/checkout@v4 - - name: Init Hermit - run: ./bin/hermit env -r >> $GITHUB_ENV + - name: Hermit Environment + uses: ./.github/actions/hermit - name: Install goveralls run: go install github.com/mattn/goveralls@latest @@ -107,14 +104,8 @@ jobs: repository: ${{ (github.event.pull_request_target || github.event.pull_request).head.repo.full_name }} ref: ${{ (github.event.pull_request_target || github.event.pull_request).head.sha }} - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version-file: .go-version - cache: false - - - name: Init Hermit - run: ./bin/hermit env -r >> $GITHUB_ENV + - name: Hermit Environment + uses: ./.github/actions/hermit - name: Go linter run: golangci-lint run --whole-files --out-format github-actions @@ -138,8 +129,8 @@ jobs: - name: Checkout Repository uses: actions/checkout@v4 - - name: Init Hermit - run: ./bin/hermit env -r >> $GITHUB_ENV + - name: Hermit Environment + uses: ./.github/actions/hermit - name: Terraform fmt run: terraform fmt -check -recursive