221 lines
5.7 KiB
YAML
221 lines
5.7 KiB
YAML
version: 2.1
|
|
orbs:
|
|
aws-cli: circleci/aws-cli@1.3.0
|
|
go: circleci/go@1.5.0
|
|
jobs:
|
|
build:
|
|
docker:
|
|
- image: golang:1.16
|
|
steps:
|
|
- checkout
|
|
- run: make release
|
|
- persist_to_workspace:
|
|
root: ~/project
|
|
paths:
|
|
- bin/
|
|
test_acc:
|
|
parameters:
|
|
pattern:
|
|
type: string
|
|
machine:
|
|
image: ubuntu-2004:202010-01
|
|
environment:
|
|
ACC_PATTERN: << parameters.pattern >>
|
|
AWS_DEFAULT_REGION: us-east-1
|
|
CHECKPOINT_DISABLE: true # Disable terraform version check
|
|
steps:
|
|
- checkout
|
|
- go/install:
|
|
version: "1.16"
|
|
# Disable cache at it seem to broke go 1.16 installation
|
|
cache: false
|
|
- run:
|
|
name: install dependencies
|
|
command: |
|
|
sudo apt-get -qq update && sudo apt-get -qq -y install unzip
|
|
curl "https://releases.hashicorp.com/terraform/0.14.5/terraform_0.14.5_linux_amd64.zip" --output terraform.zip
|
|
unzip terraform.zip
|
|
sudo mv terraform /usr/local/bin && sudo chmod +x /usr/local/bin
|
|
terraform version
|
|
- run: make install-tools
|
|
- run:
|
|
name: Run acceptance tests
|
|
command: make acc
|
|
- run:
|
|
name: Discord notification
|
|
when: on_fail
|
|
command: |
|
|
curl -X POST \
|
|
-H "Content-Type: application/json" \
|
|
-d "{\"content\": \"❌ Acceptance tests failed\nSuite: ${ACC_PATTERN}\n<${CIRCLE_BUILD_URL}>\" }"\
|
|
${DISCORD_WEBHOOK}
|
|
- store_test_results:
|
|
path: ./
|
|
lint:
|
|
docker:
|
|
- image: golang:1.16
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Enforce Go Formatted Code
|
|
command: |
|
|
go fmt ./...
|
|
if [[ -z $(git status --porcelain) ]]; then
|
|
echo "Git directory is clean."
|
|
else
|
|
echo "Git directory is dirty. Run make fmt locally and commit any formatting fixes or generated code."
|
|
git status --porcelain
|
|
exit 1
|
|
fi
|
|
- run: make install-tools
|
|
- run: make lint
|
|
test:
|
|
docker:
|
|
- image: golang:1.16
|
|
steps:
|
|
- checkout
|
|
- run: make install-tools
|
|
- run: make test
|
|
- run:
|
|
name: Codecov upload
|
|
command: |
|
|
bash <(curl -s https://codecov.io/bash)
|
|
- store_test_results:
|
|
path: ./
|
|
sign_release:
|
|
docker:
|
|
- image: cimg/base:2020.01
|
|
steps:
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- run:
|
|
name: "Ensure GnuPG is available"
|
|
command: gpg --version
|
|
- run:
|
|
name: "Import cloudskiff signing key"
|
|
command: |
|
|
echo ${SIGNINGKEY} | base64 -d > signingkey
|
|
gpg --import signingkey
|
|
- run:
|
|
name: "Sign release"
|
|
command: |
|
|
gpg --sign -u security@cloudskiff.com bin/driftctl_SHA256SUMS
|
|
- run:
|
|
name: "Verify signature"
|
|
command: |
|
|
gpg --verify bin/driftctl_SHA256SUMS.gpg
|
|
- persist_to_workspace:
|
|
root: ~/project
|
|
paths:
|
|
- bin/
|
|
release:
|
|
environment:
|
|
CIRCLE_PROJECT_USERNAME: cloudskiff
|
|
CIRCLE_PROJECT_REPONAME: driftctl
|
|
docker:
|
|
- image: cibuilds/github:0.13
|
|
steps:
|
|
- attach_workspace:
|
|
at: ~/project
|
|
- run:
|
|
name: "Publish Release on GitHub"
|
|
command: |
|
|
VERSION=$(./bin/driftctl_linux_amd64 version)
|
|
ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -n ${VERSION} ${VERSION} ./bin/
|
|
update-lambda:
|
|
executor: aws-cli/default
|
|
environment:
|
|
FUNCTION_NAME: driftctl-version
|
|
steps:
|
|
- aws-cli/install
|
|
- run:
|
|
name: "Update Lambda version"
|
|
command: |
|
|
aws lambda update-function-configuration --function-name $FUNCTION_NAME --environment "{\"Variables\":{\"LATEST_VERSION\":\"$CIRCLE_TAG\"}}"
|
|
workflows:
|
|
nightly:
|
|
jobs:
|
|
- test_acc:
|
|
name: "Acceptance tests: << matrix.pattern >>"
|
|
matrix:
|
|
parameters:
|
|
pattern:
|
|
- TestAcc_Aws
|
|
- TestAcc_Github_
|
|
context: driftctl-acc
|
|
triggers:
|
|
- schedule:
|
|
cron: "0 3 * * *"
|
|
filters:
|
|
branches:
|
|
only:
|
|
- main
|
|
pullrequest:
|
|
jobs:
|
|
- lint:
|
|
filters:
|
|
branches:
|
|
ignore:
|
|
- main
|
|
- test:
|
|
filters:
|
|
branches:
|
|
ignore:
|
|
- main
|
|
push:
|
|
jobs:
|
|
- test:
|
|
filters:
|
|
branches:
|
|
only:
|
|
- main
|
|
release:
|
|
jobs:
|
|
- build:
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|
|
- lint:
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|
|
- test:
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|
|
- sign_release:
|
|
context: cloudskiff-signing
|
|
requires:
|
|
- build
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|
|
- release:
|
|
context: driftctl
|
|
requires:
|
|
- lint
|
|
- test
|
|
- sign_release
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|
|
- update-lambda:
|
|
context: driftctl-version-lambda
|
|
requires:
|
|
- release
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|