ci: fix path filter #29
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ============= | |
| # This file is automatically generated from the templates in stackabletech/operator-templating | |
| # DON'T MANUALLY EDIT THIS FILE | |
| # ============= | |
| --- | |
| name: Build hive-operator Artifacts | |
| permissions: {} | |
| on: | |
| push: | |
| branches: | |
| - main | |
| tags: | |
| - "[0-9][0-9].[0-9]+.[0-9]+-rc[0-9]+" | |
| - "[0-9][0-9].[0-9]+.[0-9]+" | |
| schedule: | |
| # Run every Saturday morning: https://crontab.guru/#15_3_*_*_6 | |
| - cron: "15 3 * * 6" | |
| pull_request: | |
| # paths: | |
| # - '.github/workflows/build.yaml' | |
| # - 'rust-toolchain.toml' | |
| # - '.dockerignore' | |
| # - 'deploy/**' | |
| # - '.cargo/**' | |
| # - 'docker/**' | |
| # - 'Cargo.*' | |
| # - '*.rs' | |
| merge_group: | |
| env: | |
| OPERATOR_NAME: "hive-operator" | |
| RUST_NIGHTLY_TOOLCHAIN_VERSION: "nightly-2025-10-23" | |
| NIX_PKG_MANAGER_VERSION: "2.30.0" | |
| RUST_TOOLCHAIN_VERSION: "1.89.0" | |
| HADOLINT_VERSION: "v2.14.0" | |
| PYTHON_VERSION: "3.14" | |
| CARGO_TERM_COLOR: always | |
| BASE_SHA: ${{ github.event.pull_request.base.sha }} | |
| jobs: | |
| # This workflow contains a "required job", and GitHub Actions isn't clever | |
| # enough to detect that it should be skipped, and therefore pass (like they | |
| # allow for skipping jobs in a workflow). | |
| # Therefore, we have to move path filters/globs down to an actual job, and | |
| # emit an output that can be used to skip irrelevant jobs. | |
| path-filter: | |
| name: Testing path filters | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| persist-credentials: false | |
| submodules: recursive | |
| fetch-depth: 0 | |
| - name: Check for changed files | |
| id: check | |
| uses: stackabletech/actions/detect-changes@9584f617fe2a114a789f90281fe0abd73f3c91b5 # vx.x.x | |
| outputs: | |
| matched: ${{ steps.check.outputs.detected }} | |
| cargo-udeps: | |
| name: Run cargo-udeps | |
| needs: [path-filter] | |
| if: needs.path-filter.outputs.matched == 'true' | |
| runs-on: ubuntu-latest | |
| env: | |
| RUSTC_BOOTSTRAP: 1 | |
| steps: | |
| - name: Install host dependencies | |
| uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # v1.5.3 | |
| with: | |
| packages: protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config apt-transport-https | |
| version: ubuntu-latest | |
| - name: Checkout Repository | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| persist-credentials: false | |
| submodules: recursive | |
| - name: Install Rust ${{ env.RUST_TOOLCHAIN_VERSION }} toolchain | |
| uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b | |
| with: | |
| toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} | |
| - name: Setup Rust Cache | |
| uses: Swatinem/rust-cache@98c8021b550208e191a6a3145459bfc9fb29c4c0 # v2.8.0 | |
| with: | |
| cache-all-crates: "true" | |
| key: udeps | |
| - name: Install cargo-udeps | |
| uses: stackabletech/cargo-install-action@8f7dbbcd2ebe22717efc132d0dd61e80841994b9 # cargo-udeps | |
| - name: Run cargo-udeps | |
| run: cargo udeps --workspace --all-targets | |
| # build-container-image: | |
| # name: Build/Publish ${{ matrix.runner.arch }} Image | |
| # needs: [path-filter] | |
| # if: github.event_name != 'merge_group' | |
| # permissions: | |
| # id-token: write | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # runner: | |
| # - { name: "ubuntu-latest", arch: "amd64" } | |
| # - { name: "ubicloud-standard-8-arm", arch: "arm64" } | |
| # runs-on: ${{ matrix.runner.name }} | |
| # outputs: | |
| # operator-version: ${{ steps.version.outputs.OPERATOR_VERSION }} | |
| # steps: | |
| # - name: Install host dependencies | |
| # uses: awalsh128/cache-apt-pkgs-action@2c09a5e66da6c8016428a2172bd76e5e4f14bb17 # v1.5.3 | |
| # with: | |
| # packages: protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config apt-transport-https | |
| # version: ${{ matrix.runner.name }} | |
| # - name: Checkout Repository | |
| # uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| # with: | |
| # persist-credentials: false | |
| # submodules: recursive | |
| # - name: Update/Extract Operator Version | |
| # id: version | |
| # env: | |
| # PR_BASE_REF: ${{ github.event.pull_request.base.ref }} | |
| # PR_NUMBER: ${{ github.event.pull_request.number }} | |
| # GITHUB_EVENT_NAME: ${{ github.event_name }} | |
| # GITHUB_DEBUG: ${{ runner.debug }} | |
| # shell: bash | |
| # run: | | |
| # set -euo pipefail | |
| # [ -n "$GITHUB_DEBUG" ] && set -x | |
| # CURRENT_VERSION=$(cargo metadata --format-version 1 --no-deps | jq -r '.packages[0].version') | |
| # if [ "$GITHUB_EVENT_NAME" == 'pull_request' ]; then | |
| # # Include a PR suffix if this workflow is triggered by a PR | |
| # if [ "$PR_BASE_REF" == 'main' ]; then | |
| # NEW_VERSION="0.0.0-pr$PR_NUMBER" | |
| # else | |
| # NEW_VERSION="$CURRENT_VERSION-pr$PR_NUMBER" | |
| # fi | |
| # else | |
| # # Just use the current version if this workflow is run on push, schedule, etc... | |
| # NEW_VERSION="$CURRENT_VERSION" | |
| # fi | |
| # sed -i "s/version = \"${CURRENT_VERSION}\"/version = \"${NEW_VERSION}\"/" Cargo.toml | |
| # echo "OPERATOR_VERSION=$NEW_VERSION" | tee -a "$GITHUB_OUTPUT" | |
| # - name: Install Nix | |
| # uses: cachix/install-nix-action@fc6e360bedc9ee72d75e701397f0bb30dce77568 # v31.5.2 | |
| # - name: Install Rust ${{ env.RUST_TOOLCHAIN_VERSION }} Toolchain | |
| # uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b | |
| # with: | |
| # toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }} | |
| # - name: Build Container Image | |
| # id: build | |
| # uses: stackabletech/actions/build-container-image@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 | |
| # with: | |
| # image-name: ${{ env.OPERATOR_NAME }} | |
| # image-index-manifest-tag: ${{ steps.version.outputs.OPERATOR_VERSION }} | |
| # build-arguments: VERSION=${{ steps.version.outputs.OPERATOR_VERSION }} | |
| # container-file: docker/Dockerfile | |
| # - name: Publish Container Image | |
| # uses: stackabletech/actions/publish-image@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 | |
| # with: | |
| # image-registry-uri: oci.stackable.tech | |
| # image-registry-username: robot$sdp+github-action-build | |
| # image-registry-password: ${{ secrets.HARBOR_ROBOT_SDP_GITHUB_ACTION_BUILD_SECRET }} | |
| # image-repository: sdp/${{ env.OPERATOR_NAME }} | |
| # image-manifest-tag: ${{ steps.build.outputs.image-manifest-tag }} | |
| # source-image-uri: ${{ steps.build.outputs.image-manifest-uri }} | |
| # publish-index-manifest: | |
| # name: Publish/Sign ${{ needs.build-container-image.outputs.operator-version }} Index | |
| # if: github.event_name != 'merge_group' | |
| # needs: | |
| # - path-filter | |
| # - build-container-image | |
| # permissions: | |
| # id-token: write | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout Repository | |
| # uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| # with: | |
| # persist-credentials: false | |
| # - name: Publish and Sign Image Index | |
| # uses: stackabletech/actions/publish-image-index-manifest@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 | |
| # with: | |
| # image-registry-uri: oci.stackable.tech | |
| # image-registry-username: robot$sdp+github-action-build | |
| # image-registry-password: ${{ secrets.HARBOR_ROBOT_SDP_GITHUB_ACTION_BUILD_SECRET }} | |
| # image-repository: sdp/${{ env.OPERATOR_NAME }} | |
| # image-index-manifest-tag: ${{ needs.build-container-image.outputs.operator-version }} | |
| # publish-helm-chart: | |
| # name: Package/Publish ${{ needs.build-container-image.outputs.operator-version }} Helm Chart | |
| # if: github.event_name != 'merge_group' | |
| # needs: | |
| # - path-filter | |
| # - build-container-image | |
| # permissions: | |
| # id-token: write | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout Repository | |
| # uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| # with: | |
| # persist-credentials: false | |
| # submodules: recursive | |
| # - name: Package, Publish, and Sign Helm Chart | |
| # uses: stackabletech/actions/publish-helm-chart@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 | |
| # with: | |
| # chart-registry-uri: oci.stackable.tech | |
| # chart-registry-username: robot$sdp-charts+github-action-build | |
| # chart-registry-password: ${{ secrets.HARBOR_ROBOT_SDP_CHARTS_GITHUB_ACTION_BUILD_SECRET }} | |
| # chart-repository: sdp-charts | |
| # chart-directory: deploy/helm/${{ env.OPERATOR_NAME }} | |
| # chart-version: ${{ needs.build-container-image.outputs.operator-version }} | |
| # app-version: ${{ needs.build-container-image.outputs.operator-version }} | |
| # openshift-preflight-check: | |
| # name: Run OpenShift Preflight Check for ${{ needs.build-container-image.outputs.operator-version }}-${{ matrix.arch }} | |
| # if: github.event_name != 'merge_group' | |
| # needs: | |
| # - path-filter | |
| # - build-container-image | |
| # - publish-index-manifest | |
| # strategy: | |
| # fail-fast: false | |
| # matrix: | |
| # arch: | |
| # - amd64 | |
| # - arm64 | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Run OpenShift Preflight Check | |
| # uses: stackabletech/actions/run-openshift-preflight@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 | |
| # with: | |
| # image-index-uri: oci.stackable.tech/sdp/${{ env.OPERATOR_NAME }}:${{ needs.build-container-image.outputs.operator-version }} | |
| # image-architecture: ${{ matrix.arch }} | |
| # # This job is a required check in GitHub Settings for this repository. | |
| # # It saves us having to list many required jobs, or work around dynamically | |
| # # named jobs (since there is no concept of required settings). | |
| # finished: | |
| # # WARNING: Do not change the name unless you will also be changing the | |
| # # Required Checks (in branch protections) in GitHub settings. | |
| # name: Finished Build and Publish | |
| # needs: | |
| # - path-filter | |
| # - cargo-udeps | |
| # - openshift-preflight-check | |
| # - publish-helm-chart | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - run: echo "We are done here" | |
| # notify: | |
| # name: Failure Notification | |
| # if: (failure() || github.run_attempt > 1) && github.event_name != 'merge_group' | |
| # needs: | |
| # - path-filter | |
| # - build-container-image | |
| # - publish-index-manifest | |
| # - publish-helm-chart | |
| # runs-on: ubuntu-latest | |
| # steps: | |
| # - name: Checkout Repository | |
| # uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| # with: | |
| # persist-credentials: false | |
| # - name: Send Notification | |
| # uses: stackabletech/actions/send-slack-notification@29bea1b451c0c2e994bd495969286f95bf49ed6a # v0.11.0 | |
| # with: | |
| # publish-helm-chart-result: ${{ needs.publish-helm-chart.result }} | |
| # publish-manifests-result: ${{ needs.publish-index-manifest.result }} | |
| # build-result: ${{ needs.build-container-image.result }} | |
| # slack-token: ${{ secrets.SLACK_CONTAINER_IMAGE_TOKEN }} | |
| # channel-id: C07UG6JH44F # notifications-container-images | |
| # type: container-image-build |