version: 2.1 orbs: aws-cli: circleci/aws-cli@1.3.0 go: circleci/go@1.5.0 jobs: build: docker: - image: golang:1.16 steps: - checkout - run: make release - persist_to_workspace: root: ~/project paths: - bin/ test_acc: parameters: pattern: type: string machine: image: ubuntu-2004:202010-01 environment: ACC_PATTERN: << parameters.pattern >> AWS_DEFAULT_REGION: us-east-1 CHECKPOINT_DISABLE: true # Disable terraform version check steps: - checkout - go/install: version: "1.16" # Disable cache at it seem to broke go 1.16 installation cache: false - run: name: install dependencies command: | sudo apt-get -qq update && sudo apt-get -qq -y install unzip curl "https://releases.hashicorp.com/terraform/0.14.5/terraform_0.14.5_linux_amd64.zip" --output terraform.zip unzip terraform.zip sudo mv terraform /usr/local/bin && sudo chmod +x /usr/local/bin terraform version - run: make install-tools - run: name: Run acceptance tests command: make acc no_output_timeout: 30m - run: name: Discord notification when: on_fail command: | curl -X POST \ -H "Content-Type: application/json" \ -d "{\"content\": \"❌ Acceptance tests failed\nSuite: ${ACC_PATTERN}\n<${CIRCLE_BUILD_URL}>\" }"\ ${DISCORD_WEBHOOK} - store_test_results: path: ./ lint: docker: - image: golang:1.16 steps: - checkout - run: name: Enforce Go Formatted Code command: | go fmt ./... if [[ -z $(git status --porcelain) ]]; then echo "Git directory is clean." else echo "Git directory is dirty. Run make fmt locally and commit any formatting fixes or generated code." git status --porcelain exit 1 fi - run: make install-tools - run: make lint test: docker: - image: golang:1.16 steps: - checkout - run: make install-tools - run: make test - run: name: Codecov upload command: | bash <(curl -s https://codecov.io/bash) - store_test_results: path: ./ sign_release: docker: - image: cimg/base:2020.01 steps: - attach_workspace: at: ~/project - run: name: "Ensure GnuPG is available" command: gpg --version - run: name: "Import cloudskiff signing key" command: | echo ${SIGNINGKEY} | base64 -d > signingkey gpg --import signingkey - run: name: "Sign release" command: | gpg --sign -u security@cloudskiff.com bin/driftctl_SHA256SUMS - run: name: "Verify signature" command: | gpg --verify bin/driftctl_SHA256SUMS.gpg - persist_to_workspace: root: ~/project paths: - bin/ release: environment: CIRCLE_PROJECT_USERNAME: cloudskiff CIRCLE_PROJECT_REPONAME: driftctl docker: - image: cibuilds/github:0.13 steps: - attach_workspace: at: ~/project - run: name: "Publish Release on GitHub" command: | VERSION=$(./bin/driftctl_linux_amd64 version) ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -n ${VERSION} ${VERSION} ./bin/ update-lambda: executor: aws-cli/default environment: FUNCTION_NAME: driftctl-version steps: - aws-cli/install - run: name: "Update Lambda version" command: | aws lambda update-function-configuration --function-name $FUNCTION_NAME --environment "{\"Variables\":{\"LATEST_VERSION\":\"$CIRCLE_TAG\"}}" workflows: nightly: jobs: - test_acc: name: "Acceptance tests: << matrix.pattern >>" matrix: parameters: pattern: - TestAcc_Aws - TestAcc_Github_ context: driftctl-acc triggers: - schedule: cron: "0 3 * * *" filters: branches: only: - main pullrequest: jobs: - lint: filters: branches: ignore: - main - test: filters: branches: ignore: - main push: jobs: - test: filters: branches: only: - main release: jobs: - build: filters: tags: only: /^v.*/ branches: ignore: /.*/ - lint: filters: tags: only: /^v.*/ branches: ignore: /.*/ - test: filters: tags: only: /^v.*/ branches: ignore: /.*/ - sign_release: context: cloudskiff-signing requires: - build filters: tags: only: /^v.*/ branches: ignore: /.*/ - release: context: driftctl requires: - lint - test - sign_release filters: tags: only: /^v.*/ branches: ignore: /.*/ - update-lambda: context: driftctl-version-lambda requires: - release filters: tags: only: /^v.*/ branches: ignore: /.*/