driftctl/.circleci/config.yml

221 lines
5.7 KiB
YAML

version: 2.1
orbs:
aws-cli: circleci/aws-cli@1.3.0
go: circleci/go@1.5.0
jobs:
build:
docker:
- image: golang:1.16
steps:
- checkout
- run: make release
- persist_to_workspace:
root: ~/project
paths:
- bin/
test_acc:
parameters:
pattern:
type: string
machine:
image: ubuntu-2004:202010-01
environment:
ACC_PATTERN: << parameters.pattern >>
AWS_DEFAULT_REGION: us-east-1
CHECKPOINT_DISABLE: true # Disable terraform version check
steps:
- checkout
- go/install:
version: "1.16"
# Disable cache at it seem to broke go 1.16 installation
cache: false
- run:
name: install dependencies
command: |
sudo apt-get -qq update && sudo apt-get -qq -y install unzip
curl "https://releases.hashicorp.com/terraform/0.14.5/terraform_0.14.5_linux_amd64.zip" --output terraform.zip
unzip terraform.zip
sudo mv terraform /usr/local/bin && sudo chmod +x /usr/local/bin
terraform version
- run: make install-tools
- run:
name: Run acceptance tests
command: make acc
- run:
name: Discord notification
when: on_fail
command: |
curl -X POST \
-H "Content-Type: application/json" \
-d "{\"content\": \"❌ Acceptance tests failed\nSuite: ${ACC_PATTERN}\n<${CIRCLE_BUILD_URL}>\" }"\
${DISCORD_WEBHOOK}
- store_test_results:
path: ./
lint:
docker:
- image: golang:1.16
steps:
- checkout
- run:
name: Enforce Go Formatted Code
command: |
go fmt ./...
if [[ -z $(git status --porcelain) ]]; then
echo "Git directory is clean."
else
echo "Git directory is dirty. Run make fmt locally and commit any formatting fixes or generated code."
git status --porcelain
exit 1
fi
- run: make install-tools
- run: make lint
test:
docker:
- image: golang:1.16
steps:
- checkout
- run: make install-tools
- run: make test
- run:
name: Codecov upload
command: |
bash <(curl -s https://codecov.io/bash)
- store_test_results:
path: ./
sign_release:
docker:
- image: cimg/base:2020.01
steps:
- attach_workspace:
at: ~/project
- run:
name: "Ensure GnuPG is available"
command: gpg --version
- run:
name: "Import cloudskiff signing key"
command: |
echo ${SIGNINGKEY} | base64 -d > signingkey
gpg --import signingkey
- run:
name: "Sign release"
command: |
gpg --sign -u security@cloudskiff.com bin/driftctl_SHA256SUMS
- run:
name: "Verify signature"
command: |
gpg --verify bin/driftctl_SHA256SUMS.gpg
- persist_to_workspace:
root: ~/project
paths:
- bin/
release:
environment:
CIRCLE_PROJECT_USERNAME: cloudskiff
CIRCLE_PROJECT_REPONAME: driftctl
docker:
- image: cibuilds/github:0.13
steps:
- attach_workspace:
at: ~/project
- run:
name: "Publish Release on GitHub"
command: |
VERSION=$(./bin/driftctl_linux_amd64 version)
ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -n ${VERSION} ${VERSION} ./bin/
update-lambda:
executor: aws-cli/default
environment:
FUNCTION_NAME: driftctl-version
steps:
- aws-cli/install
- run:
name: "Update Lambda version"
command: |
aws lambda update-function-configuration --function-name $FUNCTION_NAME --environment "{\"Variables\":{\"LATEST_VERSION\":\"$CIRCLE_TAG\"}}"
workflows:
nightly:
jobs:
- test_acc:
name: "Acceptance tests: << matrix.pattern >>"
matrix:
parameters:
pattern:
- TestAcc_Aws
- TestAcc_Github_
context: driftctl-acc
triggers:
- schedule:
cron: "0 3 * * *"
filters:
branches:
only:
- main
pullrequest:
jobs:
- lint:
filters:
branches:
ignore:
- main
- test:
filters:
branches:
ignore:
- main
push:
jobs:
- test:
filters:
branches:
only:
- main
release:
jobs:
- build:
filters:
tags:
only: /^v.*/
branches:
ignore: /.*/
- lint:
filters:
tags:
only: /^v.*/
branches:
ignore: /.*/
- test:
filters:
tags:
only: /^v.*/
branches:
ignore: /.*/
- sign_release:
context: cloudskiff-signing
requires:
- build
filters:
tags:
only: /^v.*/
branches:
ignore: /.*/
- release:
context: driftctl
requires:
- lint
- test
- sign_release
filters:
tags:
only: /^v.*/
branches:
ignore: /.*/
- update-lambda:
context: driftctl-version-lambda
requires:
- release
filters:
tags:
only: /^v.*/
branches:
ignore: /.*/