.github/workflows/ci.yaml

---
name: CI

on:
  pull_request:
    types: [opened, reopened, synchronize]

permissions:
  contents: read

jobs:
  ci:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
          go-version: "1.22"
      - name: Unit Tests
        run: make test

  cli:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
          go-version: "1.22"
      - name: Check CLI
        run: make tnctl

  binaries:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
          go-version: "1.22"
      - name: Check Binaries
        run: |
          make preload
          make source
          make step
          make tnctl

  dependencies:
    runs-on: ubuntu-latest
    if: github.event_name == 'pull_request'
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Dependency Review
        uses: actions/dependency-review-action@v4

  linting:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
          go-version: "1.22"
      - name: Linting
        run: |
          make golangci-lint

  formating:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Setup Go
        uses: actions/setup-go@v5
        with:
          go-version: "1.22"
      - name: Format
        run: |
          make gofmt
          make shfmt

  helm:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - name: Set up Helm
        uses: azure/setup-helm@v4
        with:
          version: v3.8.1
      - uses: actions/setup-python@v5
        with:
          python-version: 3.7
      - name: Set up chart-testing
        uses: helm/chart-testing-action@v2.6.1
      - name: Run chart-testing (lint)
        if: github.ref == 'refs/heads/master'
        run: ct lint
      - name: Run chart-testing (lint)
        if: github.ref != 'refs/heads/master'
        run: ct lint --check-version-increment=false

  controller-image:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Build Image
        run: VERSION=${{ github.sha }} make controller-image
      - name: Verify Image
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: ghcr.io/appvia/terranetes-controller:${{ github.sha }}
          ignore-unfixed: true
          severity: "CRITICAL"
          exit-code: 1

  executor-image:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Build Image
        run: VERSION=${{ github.sha }} make executor-image
      - name: Verify Image
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: ghcr.io/appvia/terranetes-executor:${{ github.sha }}
          ignore-unfixed: true
          severity: "CRITICAL"
          exit-code: 1