Skip to content

ci: fix the CI for PRs from forked projects #5

ci: fix the CI for PRs from forked projects

ci: fix the CI for PRs from forked projects #5

Workflow file for this run

name: CI
on:
push:
branches:
- main
pull_request: {}
env:
GOLANGCI_VERSION: 'v1.60.1'
KUBERNETES_VERSION: '1.29.x'
IS_FORK: ${{ secrets.GHCR_USERNAME == '' && 'true' || 'false' }}
permissions:
contents: read
jobs:
detect-noop:
runs-on: ubuntu-latest
outputs:
noop: ${{ steps.noop.outputs.should_skip }}
permissions:
actions: write
contents: read
steps:
- name: Detect No-op Changes
id: noop
uses: fkirc/skip-duplicate-actions@f75f66ce1886f00957d99748a42c724f4330bdcf # v5.3.1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
paths_ignore: '["**.md", "**.png", "**.jpg"]'
do_not_skip: '["workflow_dispatch", "schedule", "push"]'
concurrent_skipping: false
lint:
runs-on: ubuntu-latest
needs: detect-noop
if: needs.detect-noop.outputs.noop != 'true' && github.ref != 'refs/heads/main'
permissions:
contents: read
pull-requests: read
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
id: setup-go
with:
go-version-file: "go.mod"
- name: Lint
uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0
with:
version: ${{ env.GOLANGCI_VERSION }}
skip-cache: true
skip-save-cache: true
check-diff:
runs-on: ubuntu-latest
needs: detect-noop
if: needs.detect-noop.outputs.noop != 'true' && github.ref != 'refs/heads/main'
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
id: setup-go
with:
go-version-file: "go.mod"
- name: Download Go modules
if: ${{ steps.setup-go.outputs.cache-hit != 'true' }}
run: go mod download
- name: Configure Git
run: |
git config user.name "$GITHUB_ACTOR"
git config user.email "$GITHUB_ACTOR@users.noreply.github.com"
- name: Check Diff
run: |
make check-diff
unit-tests:
runs-on: ubuntu-latest
needs: detect-noop
if: needs.detect-noop.outputs.noop != 'true'
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Fetch History
run: git fetch --prune --unshallow
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
id: setup-go
with:
go-version-file: "go.mod"
- name: Download Go modules
if: ${{ steps.setup-go.outputs.cache-hit != 'true' }}
run: go mod download
- name: Cache envtest binaries
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: bin/k8s
key: ${{ runner.os }}-envtest-${{env.KUBERNETES_VERSION}}
- name: Run Unit Tests
run: |
make test
sonarqube:
name: SonarQube Trigger
runs-on: ubuntu-latest
needs: detect-noop
if: needs.detect-noop.outputs.noop != 'true' && env.IS_FORK == 'false'

Check failure on line 127 in .github/workflows/ci.yml

View workflow run for this annotation

GitHub Actions / CI

Invalid workflow file

The workflow is not valid. .github/workflows/ci.yml (Line: 127, Col: 9): Unrecognized named-value: 'env'. Located at position 45 within expression: needs.detect-noop.outputs.noop != 'true' && env.IS_FORK == 'false'
continue-on-error: true
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
# Disabling shallow clone is recommended for improving relevancy of reporting
fetch-depth: 0
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@aecaf43ae57e412bd97d70ef9ce6076e672fe0a9
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST }}
with:
args: >
-Dsonar.projectKey=${{ secrets.SONAR_PROJECT_KEY }}
repo-slug:
runs-on: ubuntu-latest
outputs:
repo_slug: ${{ steps.repo_slug.outputs.result }}
if: needs.detect-noop.outputs.noop != 'true'
steps:
- name: Sanitize repo slug
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
id: repo_slug
with:
result-encoding: string
script: return 'ghcr.io/${{ github.repository }}'.toLowerCase()
publish-artifacts:
needs:
- detect-noop
- repo-slug
if: needs.detect-noop.outputs.noop != 'true'
uses: ./.github/workflows/build.yml
permissions:
contents: read
packages: write
with:
image-name: ${{ needs.repo-slug.outputs.repo_slug }}
build-platform: "linux/amd64,linux/arm64,linux/s390x,linux/ppc64le"
secrets:
GHCR_USERNAME: ${{ github.actor }}
GHCR_TOKEN: ${{ secrets.GITHUB_TOKEN }}