Skip to content

chore: Update templated files (26d779f) #354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: Update templated files (26d779f) #354

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
213 changes: 1 addition & 212 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,223 +97,12 @@ jobs:
echo "skip_helm=true" >> "$GITHUB_OUTPUT"
fi

run_cargodeny:
name: Run Cargo Deny
runs-on: ubuntu-latest
strategy:
matrix:
checks:
- advisories
- bans licenses sources

# Prevent sudden announcement of a new advisory from failing ci:
continue-on-error: ${{ matrix.checks == 'advisories' }}

steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
submodules: recursive
- uses: EmbarkStudios/cargo-deny-action@f2ba7abc2abebaf185c833c3961145a3c275caad # v2.0.13
with:
command: check ${{ matrix.checks }}

run_rustfmt:
name: Run Rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
submodules: recursive
- uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921
with:
toolchain: ${{ env.RUST_NIGHTLY_TOOLCHAIN_VERSION }}
components: rustfmt
- env:
RUST_TOOLCHAIN_VERSION: ${{ env.RUST_NIGHTLY_TOOLCHAIN_VERSION }}
run: cargo "+$RUST_TOOLCHAIN_VERSION" fmt --all -- --check

run_clippy:
name: Run Clippy
runs-on: ubuntu-latest
steps:
- name: Install host dependencies
uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # v1.6.0
with:
packages: protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config apt-transport-https
version: ubuntu-latest
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
submodules: recursive
- uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921
with:
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
components: clippy
- uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
with:
key: clippy
cache-all-crates: "true"
# TODO (@Techassi): Remove this step (unmaintained action, kinda useless step anyway)
- name: Run clippy action to produce annotations
uses: giraffate/clippy-action@13b9d32482f25d29ead141b79e7e04e7900281e0 # v1.0.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: env.GITHUB_TOKEN != null
with:
clippy_flags: --all-targets -- -D warnings
reporter: 'github-pr-review'
github_token: ${{ secrets.GITHUB_TOKEN }}
# TODO (@Techassi): Remove, done by pre-commit
- name: Run clippy manually without annotations
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
if: env.GITHUB_TOKEN == null
run: cargo clippy --color never -q --all-targets -- -D warnings

# TODO (@Techassi): Can be done by pre-commit
run_rustdoc:
name: Run RustDoc
runs-on: ubuntu-latest
steps:
- name: Install host dependencies
uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # v1.6.0
with:
packages: protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config apt-transport-https
version: ubuntu-latest
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
submodules: recursive
- uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921
with:
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
components: rustfmt
- uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
with:
key: doc
cache-all-crates: "true"
- run: cargo doc --document-private-items

# TODO (@Techassi): Remove, done by pre-commit
run_tests:
name: Run Cargo Tests
runs-on: ubuntu-latest
steps:
- name: Install host dependencies
uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # v1.6.0
with:
packages: protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config apt-transport-https
version: ubuntu-latest
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
submodules: recursive
- uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921
with:
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
- uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
with:
key: test
cache-all-crates: "true"
- run: cargo test


# Similar to check_charts, this tries to render the README, and see if there are unintended changes.
# This will save us from merging changes to the wrong file (instead of the templated source), and from
# forgetting to render out modifications to the README.
check_readme:
name: Check if committed README is the one we would render from the available parts
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
submodules: recursive
- uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0
with:
python-version: ${{ env.PYTHON_VERSION }}
- name: Install jinja2-cli
run: pip install jinja2-cli==0.8.2
- name: Regenerate charts
run: make render-readme
- name: Check if committed README were up to date
run: git diff --exit-code
- name: Git Diff showed uncommitted changes
if: ${{ failure() }}
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
with:
script: |
core.setFailed('Committed README are not up to date, please make sure to apply them to the templated partials, and re-commit!')

# This job cleans up the CRDs and Helm charts, followed by rebuilding them
# It then runs a `git diff` and fails the entire workflow, if any difference is encountered.
#
# Since CRD files are generated during the 'cargo build' process we need to run this once after
# removing the CRD files to ensure that the checked in versions match what the code expects.
#
# The reason for this step is, that developers are expected to check in up-to-date versions of charts
# as we'd otherwise have to build these in CI and commit them back to the PR, which
# creates all kinds of problems.
# This failsafe simply aborts anything that has not had charts rebuilt before pushing.
check_charts:
name: Check if committed Helm charts are up to date
runs-on: ubuntu-latest
steps:
- name: Install host dependencies
uses: awalsh128/cache-apt-pkgs-action@acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 # v1.6.0
with:
packages: protobuf-compiler krb5-user libkrb5-dev libclang-dev liblzma-dev libssl-dev pkg-config apt-transport-https
version: ubuntu-latest
- uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
with:
persist-credentials: false
submodules: recursive
- name: Set up Helm
uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1
with:
version: v3.16.1
- name: Set up cargo
uses: dtolnay/rust-toolchain@6d653acede28d24f02e3cd41383119e8b1b35921
with:
toolchain: ${{ env.RUST_TOOLCHAIN_VERSION }}
- uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1
with:
key: charts
cache-all-crates: "true"
- name: Regenerate charts
run: make regenerate-charts
- name: Check if committed charts were up to date
run: git diff --exit-code
- name: Git Diff showed uncommitted changes
if: ${{ failure() }}
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
with:
script: |
core.setFailed('Committed charts were not up to date, please regenerate and re-commit!')

tests_passed:
name: All tests passed
needs:
- run_udeps
- run_cargodeny
- run_clippy
- run_rustfmt
- run_rustdoc
- run_tests
- check_charts
- check_readme
runs-on: ubuntu-latest
steps:
- name: log
run: echo All tests have passed!

# TODO (@Techassi): Most of these publishing and signing tasks can be done by our own actions.
# Make use of them just like we do in docker-images.
package_and_publish:
name: Package Charts, Build Docker Image and publish them - ${{ matrix.runner }}
needs:
- tests_passed
- run_udeps
- check_helm_publish
strategy:
matrix:
Expand Down
23 changes: 23 additions & 0 deletions .pre-commit-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,13 @@ repos:
args: ["--allow-missing-credentials"]
- id: detect-private-key

- repo: https://github.com/EmbarkStudios/cargo-deny
# Failing to compile cargo-deny with version >0.18.3, needs rust 1.88.0
rev: baa02b0a0c54e0578aae6bb7c7181ad00dc290af # 0.18.3
hooks:
- id: cargo-deny
args: ["--all-features", "check", "advisories", "bans", "licenses", "sources"]

- repo: https://github.com/adrienverge/yamllint
rev: 79a6b2b1392eaf49cdd32ac4f14be1a809bbd8f7 # 1.37.1
hooks:
Expand Down Expand Up @@ -72,6 +79,22 @@ repos:
pass_filenames: false
files: Cargo\.lock

- id: check-readme
name: check-readme
language: system
entry: make render-readme
stages: [pre-commit, pre-merge-commit]
pass_filenames: false
files: .readme

- id: cargo-doc
name: cargo-doc
language: system
entry: cargo doc --document-private-items
stages: [pre-commit, pre-merge-commit]
pass_filenames: false
files: \.rs$|Cargo\.(toml|lock)

- id: cargo-test
name: cargo-test
language: system
Expand Down
Loading