From 1d7be1d058d077fb5f2f6e25926f29b7046580ae Mon Sep 17 00:00:00 2001 From: Florian Forster Date: Wed, 26 Feb 2025 14:27:14 +0100 Subject: [PATCH] remove old ci --- .github/workflows/build.yml | 116 ------------- .github/workflows/{ffo-test.yml => ci.yml} | 2 +- .github/workflows/compile.yml | 99 ----------- .github/workflows/console.yml | 63 ------- .github/workflows/container.yml | 177 -------------------- .github/workflows/core-integration-test.yml | 172 ------------------- .github/workflows/core-unit-test.yml | 76 --------- .github/workflows/core.yml | 83 --------- .github/workflows/lint.yml | 102 ----------- .github/workflows/release.yml | 148 ---------------- .github/workflows/version.yml | 51 ------ 11 files changed, 1 insertion(+), 1088 deletions(-) delete mode 100644 .github/workflows/build.yml rename .github/workflows/{ffo-test.yml => ci.yml} (97%) delete mode 100644 .github/workflows/compile.yml delete mode 100644 .github/workflows/console.yml delete mode 100644 .github/workflows/container.yml delete mode 100644 .github/workflows/core-integration-test.yml delete mode 100644 .github/workflows/core-unit-test.yml delete mode 100644 .github/workflows/core.yml delete mode 100644 .github/workflows/lint.yml delete mode 100644 .github/workflows/release.yml delete mode 100644 .github/workflows/version.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index 1ab5e6bafd..0000000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,116 +0,0 @@ -name: ZITADEL CI/CD - -on: - push: - tags-ignore: - - "*" - branches: - - "main" - pull_request: - workflow_dispatch: - -concurrency: - group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} - cancel-in-progress: true - -permissions: - contents: write - packages: write - issues: write - pull-requests: write - -jobs: - core: - uses: ./.github/workflows/core.yml - with: - node_version: "20" - buf_version: "latest" - go_version: "1.23" - - console: - uses: ./.github/workflows/console.yml - with: - node_version: "20" - buf_version: "latest" - - version: - uses: ./.github/workflows/version.yml - with: - semantic_version: "23.0.7" - dry_run: true - - compile: - needs: [core, console, version] - uses: ./.github/workflows/compile.yml - with: - go_version: "1.23" - core_cache_key: ${{ needs.core.outputs.cache_key }} - console_cache_key: ${{ needs.console.outputs.cache_key }} - core_cache_path: ${{ needs.core.outputs.cache_path }} - console_cache_path: ${{ needs.console.outputs.cache_path }} - version: ${{ needs.version.outputs.version }} - - core-unit-test: - needs: core - uses: ./.github/workflows/core-unit-test.yml - with: - go_version: "1.23" - core_cache_key: ${{ needs.core.outputs.cache_key }} - core_cache_path: ${{ needs.core.outputs.cache_path }} - secrets: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - - core-integration-test: - needs: core - uses: ./.github/workflows/core-integration-test.yml - with: - go_version: "1.23" - core_cache_key: ${{ needs.core.outputs.cache_key }} - core_cache_path: ${{ needs.core.outputs.cache_path }} - secrets: - CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - - lint: - needs: [core, console] - uses: ./.github/workflows/lint.yml - with: - go_version: "1.23" - node_version: "18" - buf_version: "latest" - go_lint_version: "v1.62.2" - core_cache_key: ${{ needs.core.outputs.cache_key }} - core_cache_path: ${{ needs.core.outputs.cache_path }} - - container: - needs: [compile] - uses: ./.github/workflows/container.yml - secrets: inherit - permissions: - packages: write - if: ${{ github.event_name == 'workflow_dispatch' }} - with: - build_image_name: "ghcr.io/zitadel/zitadel-build" - - e2e: - uses: ./.github/workflows/e2e.yml - needs: [compile] - - release: - uses: ./.github/workflows/release.yml - permissions: - packages: write - contents: write - issues: write - pull-requests: write - needs: - [version, core-unit-test, core-integration-test, lint, container, e2e] - if: ${{ github.event_name == 'workflow_dispatch' }} - secrets: - GCR_JSON_KEY_BASE64: ${{ secrets.GCR_JSON_KEY_BASE64 }} - APP_ID: ${{ secrets.APP_ID }} - APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }} - with: - build_image_name: ${{ needs.container.outputs.build_image }} - semantic_version: "23.0.7" - image_name: "ghcr.io/zitadel/zitadel" - google_image_name: "europe-docker.pkg.dev/zitadel-common/zitadel-repo/zitadel" diff --git a/.github/workflows/ffo-test.yml b/.github/workflows/ci.yml similarity index 97% rename from .github/workflows/ffo-test.yml rename to .github/workflows/ci.yml index d9eddb3b58..bf9d6a16aa 100644 --- a/.github/workflows/ffo-test.yml +++ b/.github/workflows/ci.yml @@ -1,4 +1,4 @@ -name: "Docker Bake Test" +name: "name: ZITADEL CI" on: push: diff --git a/.github/workflows/compile.yml b/.github/workflows/compile.yml deleted file mode 100644 index 979f8b4bc1..0000000000 --- a/.github/workflows/compile.yml +++ /dev/null @@ -1,99 +0,0 @@ -name: Compile - -on: - workflow_call: - inputs: - go_version: - required: true - type: string - core_cache_key: - required: true - type: string - core_cache_path: - required: true - type: string - console_cache_key: - required: true - type: string - console_cache_path: - required: true - type: string - version: - required: true - type: string - -jobs: - executable: - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - goos: [linux, darwin, windows] - goarch: [amd64, arm64] - - steps: - - - uses: actions/checkout@v4 - - - uses: actions/cache/restore@v4 - timeout-minutes: 1 - name: restore console - with: - path: ${{ inputs.console_cache_path }} - key: ${{ inputs.console_cache_key }} - fail-on-cache-miss: true - - - uses: actions/cache/restore@v4 - timeout-minutes: 1 - name: restore core - with: - path: ${{ inputs.core_cache_path }} - key: ${{ inputs.core_cache_key }} - fail-on-cache-miss: true - - - uses: actions/setup-go@v5 - with: - go-version: ${{ inputs.go_version }} - - - name: compile - timeout-minutes: 5 - run: | - GOOS="${{matrix.goos}}" \ - GOARCH="${{matrix.goarch}}" \ - VERSION="${{ inputs.version }}" \ - COMMIT_SHA="${{ github.sha }}" \ - make compile_pipeline - - - name: create folder - run: | - mkdir zitadel-${{ matrix.goos }}-${{ matrix.goarch }} - mv zitadel zitadel-${{ matrix.goos }}-${{ matrix.goarch }}/ - cp LICENSE zitadel-${{ matrix.goos }}-${{ matrix.goarch }}/ - cp README.md zitadel-${{ matrix.goos }}-${{ matrix.goarch }}/ - tar -czvf zitadel-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz zitadel-${{ matrix.goos }}-${{ matrix.goarch }} - - - uses: actions/upload-artifact@v4 - with: - name: zitadel-${{ matrix.goos }}-${{ matrix.goarch }} - path: zitadel-${{ matrix.goos }}-${{ matrix.goarch }}.tar.gz - - checksums: - runs-on: ubuntu-latest - needs: executable - steps: - - - uses: actions/download-artifact@v4 - with: - path: executables - - - name: move files one folder up - run: mv */*.tar.gz . && find . -type d -empty -delete - working-directory: executables - - - run: sha256sum * > checksums.txt - working-directory: executables - - - uses: actions/upload-artifact@v4 - with: - name: checksums.txt - path: executables/checksums.txt diff --git a/.github/workflows/console.yml b/.github/workflows/console.yml deleted file mode 100644 index 38e75a069b..0000000000 --- a/.github/workflows/console.yml +++ /dev/null @@ -1,63 +0,0 @@ -name: Build console - -on: - workflow_call: - inputs: - node_version: - required: true - type: string - buf_version: - required: true - type: string - outputs: - cache_key: - value: ${{ jobs.build.outputs.cache_key }} - cache_path: - value: ${{ jobs.build.outputs.cache_path }} - -env: - cache_path: console/dist/console - -jobs: - build: - outputs: - cache_key: ${{ steps.cache.outputs.cache-primary-key }} - cache_path: ${{ env.cache_path }} - runs-on: - group: zitadel-public - steps: - - - uses: actions/checkout@v4 - - - uses: actions/cache/restore@v4 - timeout-minutes: 1 - continue-on-error: true - id: cache - with: - key: console-${{ hashFiles('console', 'proto', '!console/dist') }} - restore-keys: | - console- - path: ${{ env.cache_path }} - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: bufbuild/buf-setup-action@v1 - with: - github_token: ${{ github.token }} - version: ${{ inputs.buf_version }} - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: actions/setup-node@v4 - with: - node-version: ${{ inputs.node_version }} - cache: 'yarn' - cache-dependency-path: console/yarn.lock - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - run: make console_build - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: actions/cache/save@v4 - with: - path: ${{ env.cache_path }} - key: ${{ steps.cache.outputs.cache-primary-key }} - \ No newline at end of file diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml deleted file mode 100644 index 5e22a67413..0000000000 --- a/.github/workflows/container.yml +++ /dev/null @@ -1,177 +0,0 @@ -name: Container - -on: - workflow_call: - inputs: - build_image_name: - required: true - type: string - outputs: - build_image: - value: '${{ inputs.build_image_name }}:${{ github.sha }}' - -permissions: - packages: write - -env: - default_labels: | - org.opencontainers.image.documentation=https://zitadel.com/docs - org.opencontainers.image.vendor=CAOS AG - -jobs: - build: - name: zitadel - runs-on: ubuntu-latest - strategy: - fail-fast: false - matrix: - arch: [amd64,arm64] - steps: - - - uses: actions/checkout@v4 - - - name: Scratch meta - id: scratch-meta - uses: docker/metadata-action@v5 - with: - images: ${{ inputs.build_image_name }} - labels: ${{ env.default_labels}} - tags: | - type=sha,prefix=,suffix=,format=long - - - name: Debug meta - id: debug-meta - uses: docker/metadata-action@v5 - with: - images: ${{ inputs.build_image_name }} - labels: ${{ env.default_labels}} - tags: | - type=sha,prefix=,suffix=-debug,format=long - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - driver-opts: 'image=moby/buildkit:v0.11.6' - - - name: Login to Docker registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - uses: actions/download-artifact@v4 - with: - path: .artifacts - name: zitadel-linux-${{ matrix.arch }} - - - name: Unpack executable - run: | - tar -xvf .artifacts/zitadel-linux-${{ matrix.arch }}.tar.gz - mv zitadel-linux-${{ matrix.arch }}/zitadel ./zitadel - - - name: Debug - id: build-debug - uses: docker/build-push-action@v5 - timeout-minutes: 3 - with: - context: . - cache-from: type=gha - cache-to: type=gha,mode=max - file: build/Dockerfile - target: artifact - platforms: linux/${{ matrix.arch }} - push: true - labels: ${{ steps.debug-meta.outputs.labels }} - outputs: type=image,name=${{ inputs.build_image_name }},push-by-digest=true,name-canonical=true,push=true - - - name: Scratch - id: build-scratch - uses: docker/build-push-action@v5 - timeout-minutes: 3 - with: - context: . - cache-from: type=gha - cache-to: type=gha,mode=max - file: build/Dockerfile - target: final - platforms: linux/${{ matrix.arch }} - push: true - labels: ${{ steps.scratch-meta.outputs.labels }} - outputs: type=image,name=${{ inputs.build_image_name }},push-by-digest=true,name-canonical=true,push=true - - - name: Export debug digest - run: | - mkdir -p /tmp/digests/debug - digest="${{ steps.build-debug.outputs.digest }}" - touch "/tmp/digests/debug/${digest#sha256:}" - - - name: Export scratch digest - run: | - mkdir -p /tmp/digests/scratch - digest="${{ steps.build-scratch.outputs.digest }}" - touch "/tmp/digests/scratch/${digest#sha256:}" - - - name: Upload digest - uses: actions/upload-artifact@v4 - with: - name: digests-${{ matrix.arch }} - path: /tmp/digests - if-no-files-found: error - retention-days: 1 - - merge: - runs-on: ubuntu-latest - needs: - - build - strategy: - fail-fast: false - matrix: - image: [scratch, debug] - include: - - image: scratch - suffix: '' - - image: debug - suffix: '-debug' - steps: - - - name: Download digests - uses: actions/download-artifact@v4 - with: - pattern: digests-* - path: /tmp/digests - merge-multiple: true - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - with: - driver-opts: 'image=moby/buildkit:v0.11.6' - - - name: Login to Docker registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Docker meta - id: build-meta - uses: docker/metadata-action@v5 - with: - images: '${{ inputs.build_image_name }}' - tags: | - type=sha,prefix=,suffix=${{ matrix.suffix }},format=long - - - name: Create build manifest list and push - working-directory: /tmp/digests/${{ matrix.image }} - run: | - docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< '${{ steps.build-meta.outputs.json }}') \ - $(printf '${{ inputs.build_image_name }}@sha256:%s ' *) - - - name: Inspect build image - run: | - docker buildx imagetools inspect ${{ inputs.build_image_name }}:${{ github.sha }}${{ matrix.suffix }} - diff --git a/.github/workflows/core-integration-test.yml b/.github/workflows/core-integration-test.yml deleted file mode 100644 index cc9d898f5c..0000000000 --- a/.github/workflows/core-integration-test.yml +++ /dev/null @@ -1,172 +0,0 @@ -name: Integration test core - -on: - workflow_call: - inputs: - go_version: - required: true - type: string - core_cache_key: - required: true - type: string - core_cache_path: - required: true - type: string - secrets: - CODECOV_TOKEN: - required: true - -jobs: - postgres: - runs-on: - group: zitadel-public - services: - postgres: - image: postgres - ports: - - 5432:5432 - env: - POSTGRES_USER: zitadel - PGUSER: zitadel - POSTGRES_DB: zitadel - POSTGRES_HOST_AUTH_METHOD: trust - options: >- - --health-cmd pg_isready - --health-interval 10s - --health-timeout 5s - --health-retries 5 - --health-start-period 10s - cache: - image: redis:latest - ports: - - 6379:6379 - steps: - - - uses: actions/checkout@v4 - - - uses: actions/setup-go@v5 - with: - go-version: ${{ inputs.go_version }} - - - uses: actions/cache/restore@v4 - timeout-minutes: 1 - name: restore core - id: restore-core - with: - path: ${{ inputs.core_cache_path }} - key: ${{ inputs.core_cache_key }} - fail-on-cache-miss: true - - - id: go-cache-path - name: set cache path - run: echo "GO_CACHE_PATH=$(go env GOCACHE)" >> $GITHUB_OUTPUT - - - uses: actions/cache/restore@v4 - id: cache - timeout-minutes: 1 - continue-on-error: true - name: restore previous results - with: - key: integration-test-postgres-${{ inputs.core_cache_key }} - restore-keys: | - integration-test-postgres-core- - path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }} - - - name: test - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - env: - ZITADEL_MASTERKEY: MasterkeyNeedsToHave32Characters - INTEGRATION_DB_FLAVOR: postgres - run: make core_integration_test - - - name: upload server logs - if: always() - uses: actions/upload-artifact@v4 - with: - name: integration-test-server-logs - path: | - tmp/zitadel.log - tmp/race.log.* - - - name: publish coverage - uses: codecov/codecov-action@v4.3.0 - with: - file: profile.cov - name: core-integration-tests-postgres - flags: core-integration-tests-postgres - token: ${{ secrets.CODECOV_TOKEN }} - - - uses: actions/cache/save@v4 - name: cache results - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - with: - key: integration-test-postgres-${{ inputs.core_cache_key }} - path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }} - - # TODO: produces the following output: ERROR: unknown command "cockroach start-single-node --insecure" for "cockroach" - # cockroach: - # runs-on: ubuntu-latest - # services: - # cockroach: - # image: cockroachdb/cockroach:latest - # ports: - # - 26257:26257 - # - 8080:8080 - # env: - # COCKROACH_ARGS: "start-single-node --insecure" - # options: >- - # --health-cmd "curl http://localhost:8080/health?ready=1 || exit 1" - # --health-interval 10s - # --health-timeout 5s - # --health-retries 5 - # --health-start-period 10s - # steps: - # - - # uses: actions/checkout@v4 - # - - # uses: actions/setup-go@v5 - # with: - # go-version: ${{ inputs.go_version }} - # - - # uses: actions/cache/restore@v4 - # timeout-minutes: 1 - # name: restore core - # with: - # path: ${{ inputs.core_cache_path }} - # key: ${{ inputs.core_cache_key }} - # fail-on-cache-miss: true - # - - # id: go-cache-path - # name: set cache path - # run: echo "GO_CACHE_PATH=$(go env GOCACHE)" >> $GITHUB_OUTPUT - # - - # uses: actions/cache/restore@v4 - # id: cache - # timeout-minutes: 1 - # name: restore previous results - # with: - # key: integration-test-crdb-${{ inputs.core_cache_key }} - # restore-keys: | - # integration-test-crdb-core- - # path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }} - # - - # name: test - # if: ${{ steps.cache.outputs.cache-hit != 'true' }} - # env: - # ZITADEL_MASTERKEY: MasterkeyNeedsToHave32Characters - # INTEGRATION_DB_FLAVOR: cockroach - # run: make core_integration_test - # - - # name: publish coverage - # uses: codecov/codecov-action@v4.3.0 - # with: - # file: profile.cov - # name: core-integration-tests-cockroach - # flags: core-integration-tests-cockroach - # - - # uses: actions/cache/save@v4 - # name: cache results - # if: ${{ steps.cache.outputs.cache-hit != 'true' }} - # with: - # key: integration-test-crdb-${{ inputs.core_cache_key }} - # path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }} \ No newline at end of file diff --git a/.github/workflows/core-unit-test.yml b/.github/workflows/core-unit-test.yml deleted file mode 100644 index 0b1467ff5d..0000000000 --- a/.github/workflows/core-unit-test.yml +++ /dev/null @@ -1,76 +0,0 @@ -name: Unit test core - -on: - workflow_call: - inputs: - go_version: - required: true - type: string - core_cache_key: - required: true - type: string - core_cache_path: - required: true - type: string - crdb_version: - required: false - type: string - secrets: - CODECOV_TOKEN: - required: true - -jobs: - test: - runs-on: - group: zitadel-public - steps: - - - uses: actions/checkout@v3 - - - uses: actions/setup-go@v5 - with: - go-version: ${{ inputs.go_version }} - - - uses: actions/cache/restore@v4 - timeout-minutes: 1 - name: restore core - id: restore-core - with: - path: ${{ inputs.core_cache_path }} - key: ${{ inputs.core_cache_key }} - fail-on-cache-miss: true - - - id: go-cache-path - name: set cache path - run: echo "GO_CACHE_PATH=$(go env GOCACHE)" >> $GITHUB_OUTPUT - - - uses: actions/cache/restore@v4 - id: cache - timeout-minutes: 1 - continue-on-error: true - name: restore previous results - with: - key: unit-test-${{ inputs.core_cache_key }} - restore-keys: | - unit-test-core- - path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }} - - - name: test - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - run: make core_unit_test - - - name: publish coverage - uses: codecov/codecov-action@v4.3.0 - with: - file: profile.cov - name: core-unit-tests - flags: core-unit-tests - token: ${{ secrets.CODECOV_TOKEN }} - - - uses: actions/cache/save@v4 - name: cache results - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - with: - key: unit-test-${{ inputs.core_cache_key }} - path: ${{ steps.go-cache-path.outputs.GO_CACHE_PATH }} - \ No newline at end of file diff --git a/.github/workflows/core.yml b/.github/workflows/core.yml deleted file mode 100644 index 79aa6ddd1d..0000000000 --- a/.github/workflows/core.yml +++ /dev/null @@ -1,83 +0,0 @@ -name: Build core - -on: - workflow_call: - inputs: - go_version: - required: true - type: string - buf_version: - required: true - type: string - node_version: - required: true - type: string - outputs: - cache_key: - value: ${{ jobs.build.outputs.cache_key }} - cache_path: - value: ${{ jobs.build.outputs.cache_path }} - -env: - cache_path: | - internal/statik/statik.go - internal/notification/statik/statik.go - internal/api/ui/login/static/resources/themes/zitadel/css/zitadel.css* - internal/api/ui/login/statik/statik.go - internal/api/assets/authz.go - internal/api/assets/router.go - openapi/v2 - pkg/grpc/**/*.pb.* - -jobs: - build: - runs-on: - group: zitadel-public - outputs: - cache_key: ${{ steps.cache.outputs.cache-primary-key }} - cache_path: ${{ env.cache_path }} - steps: - - - uses: actions/checkout@v4 - - - uses: actions/cache/restore@v4 - timeout-minutes: 1 - continue-on-error: true - id: cache - with: - key: core-${{ hashFiles( 'go.*', 'openapi', 'cmd', 'pkg/grpc/**/*.go', 'proto', 'internal') }} - restore-keys: | - core- - path: ${{ env.cache_path }} - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: bufbuild/buf-setup-action@v1 - with: - github_token: ${{ github.token }} - version: ${{ inputs.buf_version }} - - - - # node to install sass - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: actions/setup-node@v4 - with: - node-version: ${{ inputs.node_version }} - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - run: npm install -g sass - - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: actions/setup-go@v5 - with: - go-version: ${{ inputs.go_version }} - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - run: make core_build - - - if: ${{ steps.cache.outputs.cache-hit != 'true' }} - uses: actions/cache/save@v4 - with: - key: ${{ steps.cache.outputs.cache-primary-key }} - path: ${{ env.cache_path }} - \ No newline at end of file diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml deleted file mode 100644 index 0aa3b81737..0000000000 --- a/.github/workflows/lint.yml +++ /dev/null @@ -1,102 +0,0 @@ -name: Lint - -on: - workflow_call: - inputs: - node_version: - required: true - type: string - go_version: - required: true - type: string - buf_version: - required: true - type: string - go_lint_version: - required: true - type: string - core_cache_key: - required: true - type: string - core_cache_path: - required: true - type: string - -jobs: - - lint-skip: - name: lint skip - runs-on: ubuntu-latest - if: ${{ github.event_name != 'pull_request' }} - steps: - - name: Lint skip - run: | - echo "Linting outside of pull requests is skipped" - - api: - name: api - runs-on: ubuntu-latest - continue-on-error: true - if: ${{ github.event_name == 'pull_request' }} - steps: - - - uses: actions/checkout@v4 - - - uses: bufbuild/buf-setup-action@v1 - with: - version: ${{ inputs.buf_version }} - github_token: ${{ secrets.GITHUB_TOKEN }} - - - name: lint - uses: bufbuild/buf-lint-action@v1 - - - uses: bufbuild/buf-breaking-action@v1 - with: - against: "https://github.com/${{ github.repository }}.git#branch=${{ github.base_ref }}" - - console: - if: ${{ github.event_name == 'pull_request' }} - name: console - runs-on: ubuntu-latest - steps: - - - name: Checkout - uses: actions/checkout@v4 - - - uses: actions/setup-node@v4 - with: - node-version: ${{ inputs.node_version }} - cache: 'yarn' - cache-dependency-path: console/yarn.lock - - - run: cd console && yarn install - - - name: lint - run: make console_lint - - core: - name: core - runs-on: ubuntu-latest - if: ${{ github.event_name == 'pull_request' }} - steps: - - - name: Checkout - uses: actions/checkout@v4 - - - uses: actions/setup-go@v5 - with: - go-version: ${{ inputs.go_version }} - - - uses: actions/cache/restore@v4 - timeout-minutes: 1 - name: restore core - with: - path: ${{ inputs.core_cache_path }} - key: ${{ inputs.core_cache_key }} - fail-on-cache-miss: true - - - uses: golangci/golangci-lint-action@v6 - with: - version: ${{ inputs.go_lint_version }} - github-token: ${{ github.token }} - only-new-issues: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml deleted file mode 100644 index 3e40ae8805..0000000000 --- a/.github/workflows/release.yml +++ /dev/null @@ -1,148 +0,0 @@ -name: Release - -on: - workflow_call: - inputs: - semantic_version: - required: true - type: string - build_image_name: - required: true - type: string - image_name: - required: true - type: string - google_image_name: - required: true - type: string - secrets: - GCR_JSON_KEY_BASE64: - description: 'base64 endcrypted key to connect to Google' - required: true - APP_ID: - description: 'GH App ID to request token for homebrew update' - required: true - APP_PRIVATE_KEY: - description: 'GH App Private Key to request token for homebrew update' - required: true - -jobs: - version: - uses: ./.github/workflows/version.yml - with: - semantic_version: ${{ inputs.semantic_version }} - dry_run: false - - # TODO: remove the publish job and publish releases directly with the @semantic-release/github plugin (remove draftRelease: true) - # as soon as it supports configuring the create release payload property make_latest to "legacy" - # https://docs.github.com/en/rest/releases/releases?apiVersion=2022-11-28#create-a-release--parameters - publish: - runs-on: ubuntu-22.04 - needs: [ version ] - steps: - - id: get_release - uses: cardinalby/git-get-release-action@v1 - with: - commitSha: ${{ github.sha }} - draft: true - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Publish Release - uses: actions/github-script@v7 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - github.rest.repos.updateRelease({ - owner: context.repo.owner, - repo: context.repo.repo, - release_id: ${{ steps.get_release.outputs.id }}, - draft: false, - make_latest: "legacy" - }); - - docker: - runs-on: ubuntu-22.04 - needs: [ version ] - steps: - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Login to Docker registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Login to Google Artifact Registry - uses: docker/login-action@v3 - with: - registry: europe-docker.pkg.dev - username: _json_key_base64 - password: ${{ secrets.GCR_JSON_KEY_BASE64 }} - - - name: Publish ${{ needs.version.outputs.version }} - run: | - docker buildx imagetools create \ - --tag ${{ inputs.image_name }}:${{ needs.version.outputs.version }} \ - ${{ inputs.build_image_name }} - docker buildx imagetools create \ - --tag ${{ inputs.image_name }}:${{ needs.version.outputs.version }}-debug \ - ${{ inputs.build_image_name }}-debug - docker buildx imagetools create \ - --tag ${{ inputs.google_image_name }}:${{ needs.version.outputs.version }} \ - ${{ inputs.build_image_name }} - - - name: Publish latest - if: ${{ github.ref_name == 'next' }} - run: | - docker buildx imagetools create \ - --tag ${{ inputs.image_name }}:latest \ - ${{ inputs.build_image_name }} - docker buildx imagetools create \ - --tag ${{ inputs.image_name }}:latest-debug \ - ${{ inputs.build_image_name }}-debug - - homebrew-tap: - runs-on: ubuntu-22.04 - needs: version - if: ${{ github.ref_name == 'next' }} - continue-on-error: true - steps: - - name: generate token - uses: tibdex/github-app-token@v2 - id: generate-token - with: - app_id: ${{ secrets.APP_ID }} - private_key: ${{ secrets.APP_PRIVATE_KEY }} - - name: Trigger Homebrew - env: - VERSION: ${{ needs.version.outputs.version }} - RUN_ID: ${{ github.run_id }} - GH_TOKEN: ${{ steps.generate-token.outputs.token }} - run: | - gh workflow -R zitadel/homebrew-tap run update.yml -f runId=${RUN_ID} -f version=${VERSION} - - helm-chart: - runs-on: ubuntu-22.04 - needs: version - if: ${{ github.ref_name == 'next' }} - continue-on-error: true - steps: - - name: generate token - uses: tibdex/github-app-token@v2 - id: generate-token - with: - app_id: ${{ secrets.APP_ID }} - private_key: ${{ secrets.APP_PRIVATE_KEY }} - - name: Trigger Chart Bump - env: - VERSION: ${{ needs.version.outputs.version }} - RUN_ID: ${{ github.run_id }} - GH_TOKEN: ${{ steps.generate-token.outputs.token }} - run: | - gh workflow -R zitadel/zitadel-charts run bump.yml diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml deleted file mode 100644 index cf11e944f8..0000000000 --- a/.github/workflows/version.yml +++ /dev/null @@ -1,51 +0,0 @@ -name: Version - -on: - workflow_call: - inputs: - semantic_version: - required: true - type: string - dry_run: - required: true - type: boolean - outputs: - version: - value: ${{ jobs.generate.outputs.version }} - published: - value: ${{jobs.generate.outputs.published }} - -jobs: - generate: - runs-on: ubuntu-22.04 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - outputs: - version: ${{ steps.output.outputs.VERSION }} - published: ${{ steps.semantic.outputs.new_release_published }} - steps: - - - name: Source checkout - uses: actions/checkout@v4 - - - uses: actions/download-artifact@v4 - if: ${{ !inputs.dry_run }} - with: - path: .artifacts - - - name: Semantic Release - uses: cycjimmy/semantic-release-action@v4 - id: semantic - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - with: - dry_run: ${{ inputs.dry_run }} - semantic_version: ${{ inputs.semantic_version }} - extra_plugins: | - @semantic-release/exec@6.0.3 - @semantic-release/github@10.0.2 - - - name: output - id: output - run: - if [[ ! -z "${{ steps.semantic.outputs.new_release_version }}" ]]; then echo "VERSION=v${{ steps.semantic.outputs.new_release_version }}" >> "$GITHUB_OUTPUT"; else echo "VERSION=${{ github.sha }}" >> "$GITHUB_OUTPUT";fi