Migrate CI to runs-on #11361
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Validations" | |
| on: | |
| workflow_dispatch: | |
| pull_request: | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| jobs: | |
| Static-Analysis: | |
| # Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline | |
| name: "Static analysis" | |
| # Runner definition: workflows/.github/runs-on.yml | |
| runs-on: runs-on=${{ github.run_id }}/runner=small | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Bootstrap environment | |
| uses: ./.github/actions/bootstrap | |
| - name: Run static analysis | |
| run: make static-analysis | |
| Unit-Test: | |
| # Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline | |
| name: "Unit tests" | |
| # we need more storage than what's on the default runner | |
| # Runner definition: workflows/.github/runs-on.yml | |
| runs-on: runs-on=${{ github.run_id }}/runner=small | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Bootstrap environment | |
| uses: ./.github/actions/bootstrap | |
| with: | |
| download-test-fixture-cache: true | |
| - name: Run unit tests | |
| run: make unit | |
| Integration-Test: | |
| # Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline | |
| name: "Integration tests" | |
| # Runner definition: workflows/.github/runs-on.yml | |
| runs-on: runs-on=${{ github.run_id }}/runner=small | |
| steps: | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Bootstrap environment | |
| uses: ./.github/actions/bootstrap | |
| with: | |
| download-test-fixture-cache: true | |
| - name: Validate syft output against the CycloneDX schema | |
| run: make validate-cyclonedx-schema | |
| - name: Run integration tests | |
| run: make integration | |
| Build-Snapshot-Artifacts: | |
| name: "Build snapshot artifacts" | |
| # Runner definition: workflows/.github/runs-on.yml | |
| runs-on: runs-on=${{ github.run_id }}/runner=build | |
| steps: | |
| # required for magic-cache from runs-on to function with artifact upload/download (see https://runs-on.com/caching/magic-cache/#actionsupload-artifact-compatibility) | |
| - uses: runs-on/action@v2 | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Bootstrap environment | |
| uses: ./.github/actions/bootstrap | |
| with: | |
| bootstrap-apt-packages: "" | |
| - name: Build snapshot artifacts | |
| run: make snapshot | |
| - name: Smoke test snapshot build | |
| run: make snapshot-smoke-test | |
| - name: Upload snapshot artifacts | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 #v6.0.0 | |
| with: | |
| name: snapshot | |
| path: snapshot/ | |
| retention-days: 30 | |
| Acceptance-Linux: | |
| # Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline | |
| name: "Acceptance tests (Linux)" | |
| needs: [Build-Snapshot-Artifacts] | |
| # Runner definition: workflows/.github/runs-on.yml | |
| runs-on: runs-on=${{ github.run_id }}/runner=small | |
| steps: | |
| # required for magic-cache from runs-on to function with artifact upload/download (see https://runs-on.com/caching/magic-cache/#actionsupload-artifact-compatibility) | |
| - uses: runs-on/action@v2 | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Bootstrap environment | |
| uses: ./.github/actions/bootstrap | |
| with: | |
| download-test-fixture-cache: true | |
| - name: Download snapshot artifacts | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 #v6.0.0 | |
| with: | |
| name: snapshot | |
| path: snapshot | |
| - name: Run comparison tests (Linux) | |
| run: make compare-linux | |
| - name: Load test image cache | |
| if: steps.install-test-image-cache.outputs.cache-hit == 'true' | |
| run: make install-test-cache-load | |
| - name: Run install.sh tests (Linux) | |
| run: make install-test | |
| - name: (cache-miss) Create test image cache | |
| if: steps.install-test-image-cache.outputs.cache-hit != 'true' | |
| run: make install-test-cache-save | |
| Acceptance-Mac: | |
| # Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline | |
| name: "Acceptance tests (Mac)" | |
| needs: [Build-Snapshot-Artifacts] | |
| # note: macos runners aren't supported yet for runs-on managed runners. | |
| runs-on: macos-latest | |
| steps: | |
| - name: Install Cosign | |
| uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Bootstrap environment | |
| uses: ./.github/actions/bootstrap | |
| with: | |
| bootstrap-apt-packages: "" | |
| go-dependencies: false | |
| download-test-fixture-cache: true | |
| - name: Download snapshot artifacts | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 #v6.0.0 | |
| with: | |
| name: snapshot | |
| path: snapshot | |
| - name: Run comparison tests (Mac) | |
| run: make compare-mac | |
| - name: Run install.sh tests (Mac) | |
| run: make install-test-ci-mac | |
| Cli-Linux: | |
| # Note: changing this job name requires making the same update in the .github/workflows/release.yaml pipeline | |
| name: "CLI tests (Linux)" | |
| needs: [Build-Snapshot-Artifacts] | |
| # Runner definition: workflows/.github/runs-on.yml | |
| runs-on: runs-on=${{ github.run_id }}/runner=small | |
| steps: | |
| # required for magic-cache from runs-on to function with artifact upload/download (see https://runs-on.com/caching/magic-cache/#actionsupload-artifact-compatibility) | |
| - uses: runs-on/action@v2 | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 #v5.0.0 | |
| with: | |
| persist-credentials: false | |
| - name: Bootstrap environment | |
| uses: ./.github/actions/bootstrap | |
| with: | |
| download-test-fixture-cache: true | |
| - name: Download snapshot artifacts | |
| uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 #v6.0.0 | |
| with: | |
| name: snapshot | |
| path: snapshot | |
| - name: Run CLI Tests (Linux) | |
| run: make cli |