Merge pull request #6 from kubewarden/renovate/kubewarden-github-acti… #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| jobs: | |
| calculate-policy-matrix: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| policy-working-dirs: ${{ steps.calculate-policy-dirs.outputs.policy_working_dirs }} | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 # checkout all history to do git diff | |
| - name: calculate which policies need a CI job | |
| id: calculate-policy-dirs | |
| shell: bash | |
| run: | | |
| # policy_working_dirs must be a string on the form of '[ "policies/Foo", "policies/Bar" ]' or '[]' | |
| # list only changes of files in `policies/`: | |
| pushd policies | |
| git_files="$(git diff --no-color --find-renames --find-copies --name-only origin/main ${{ github.sha }} -- .)" | |
| # build policy_working_dirs: | |
| dir_bash_array=($(echo "$git_files" | cut -d/ -f1,2 )) | |
| declare -p dir_bash_array # for debug | |
| policy_working_dirs=$(jq --compact-output --null-input '$ARGS.positional' --args -- "${dir_bash_array[@]}") | |
| echo "policy_working_dirs=$policy_working_dirs" >> $GITHUB_OUTPUT | |
| continuous-integration: | |
| if: ${{ needs.calculate-policy-matrix.outputs.policy-working-dirs != '[]' }} | |
| needs: calculate-policy-matrix | |
| strategy: | |
| matrix: | |
| policy-working-dir: ${{ fromJSON(needs.calculate-policy-matrix.outputs.policy-working-dirs) }} | |
| uses: kubewarden/github-actions/.github/workflows/[email protected] | |
| with: | |
| policy-working-dir: ${{ matrix.policy-working-dir }} | |
| # hardcode a bogus but semver valid version for `make check-artifacthub.yml`. | |
| # This is needed because there's no easy way inside of | |
| # reusable-test-policy-rego to differentiate between a monorepo (with | |
| # tags like `PolicyFoo/v0.1.0`) and a normal repo (with tags like | |
| # `v0.1.0`), and check-artifacthub uses `git describe tags` to create a | |
| # bogus but semver valid version. | |
| policy-version: 0.0.0 |