Skip to content

Explain the implementation-specific validation nonsense #1047

Explain the implementation-specific validation nonsense

Explain the implementation-specific validation nonsense #1047

Workflow file for this run

name: Run tests and deploy
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on: [ push ]
env:
GOOGLE_REGISTRY: "europe-north1-docker.pkg.dev"
jobs:
test:
name: Run tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: "1.21"
- name: go test
run: go test ./...
documentation:
name: Update documentation
if: github.ref == 'refs/heads/main'
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
path: liberator
- uses: navikt/github-app-token-generator@v1
id: get-token
with:
private-key: ${{ secrets.NAIS_APP_PRIVATE_KEY }}
app-id: ${{ secrets.NAIS_APP_ID }}
repo: nais/doc
- uses: actions/checkout@v4
with:
repository: nais/doc
token: ${{ steps.get-token.outputs.token }}
path: naisdoc
- uses: actions/setup-go@v5
with:
go-version: "1.21"
- name: Generate documentation
run: |
cd liberator
make doc
- name: Commit documentation to nais/doc
run: |
cd naisdoc
cp -v ../liberator/doc/output/application/reference.md docs/workloads/application/reference/application-spec.md
cp -v ../liberator/doc/output/application/example.md docs/workloads/application/reference/application-example.md
cp -v ../liberator/doc/output/naisjob/reference.md docs/workloads/job/reference/naisjob-spec.md
cp -v ../liberator/doc/output/naisjob/example.md docs/workloads/job/reference/naisjob-example.md
cp -v ../liberator/doc/output/topic/reference.md docs/persistence/kafka/reference/kafka-topic-spec.md
cp -v ../liberator/doc/output/topic/example.md docs/persistence/kafka/reference/kafka-topic-example.md
git config user.name "$GITHUB_ACTOR"
git config user.email "[email protected]"
git add .
git --no-pager diff --cached
if [ ! -z "$(git diff --cached)" ]; then
git commit -a -m "Automatic update of nais application reference/example" -m "liberator commit sha: ${GITHUB_SHA}"
git push
else
echo "No changes; skip commit"
fi
json-spec:
name: Generate and upload json-spec
if: github.ref == 'refs/heads/main'
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: "1.21"
- id: 'auth'
uses: 'google-github-actions/auth@v2'
with:
credentials_json: ${{ secrets.NAIS_JSON_SCHEMA_BUCKET_SA }}
- name: 'Set up Cloud SDK'
uses: 'google-github-actions/setup-gcloud@v2'
- name: Generate json-spec
run: make doc && ./hack/build-json-spec.sh
- name: Upload spec
run: |
gsutil \
-qm \
-h 'Cache-Control:private, max-age=0, no-transform' \
cp -r \
doc/output/openapi/kubernetes \
doc/output/openapi/nais \
doc/output/openapi/nais-all.json \
doc/output/openapi/nais-k8s-all.json \
gs://nais-json-schema-2c91
build_and_push:
if: github.ref == 'refs/heads/main'
needs: test
permissions:
contents: "read"
id-token: "write"
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: azure/setup-helm@v4
with:
version: "v3.12.2"
- name: Package chart
id: package_chart
env:
CHART_PATH: ./charts
run: |
suffix="$(date +%Y%m%d%H%M%S)"
orig_version=$(yq '.version' < "${{ env.CHART_PATH}}/Chart.yaml")
chart_version="${orig_version}-$suffix"
yq eval \
'.version="'"$chart_version"'"' \
"${{ env.CHART_PATH }}/Chart.yaml" --inplace
# helm dependency update "${{ env.CHART_PATH }}"
helm package "${{ env.CHART_PATH }}" --destination .
name=$(yq '.name' < "${{ env.CHART_PATH }}/Chart.yaml")
echo "name=$name" >> $GITHUB_OUTPUT
echo "version=$chart_version" >> $GITHUB_OUTPUT
echo "archive=$name-$chart_version.tgz" >> $GITHUB_OUTPUT
- id: "auth"
name: "Authenticate to Google Cloud"
uses: "google-github-actions/auth@v2"
with:
workload_identity_provider: ${{ secrets.NAIS_IO_WORKLOAD_IDENTITY_PROVIDER }}
service_account: "[email protected]"
token_format: "access_token"
- name: "Log in to Google Artifact Registry"
run: |-
echo '${{ steps.auth.outputs.access_token }}' | docker login -u oauth2accesstoken --password-stdin https://${{ env.GOOGLE_REGISTRY }}
- name: Push Chart
run: |-
chart="${{ steps.package_chart.outputs.archive }}"
echo "Pushing: $chart"
helm push "$chart" oci://${{ env.GOOGLE_REGISTRY }}/nais-io/nais/feature
outputs:
chart_name: ${{ steps.package_chart.outputs.name }}
chart_version: ${{ steps.package_chart.outputs.version }}
chart_archive: ${{ steps.package_chart.outputs.archive }}
rollout:
if: github.ref == 'refs/heads/main'
runs-on: fasit-deploy
permissions:
id-token: write
needs:
- build_and_push
steps:
- uses: nais/fasit-deploy@v2
with:
chart: oci://${{ env.GOOGLE_REGISTRY }}/nais-io/nais/feature/${{ needs.build_and_push.outputs.chart_name }}
version: ${{ needs.build_and_push.outputs.chart_version }}