Skip to content

feat(cert): add cryostat CA cert to target namespaces #114

feat(cert): add cryostat CA cert to target namespaces

feat(cert): add cryostat CA cert to target namespaces #114

name: test-CI-on-PR-command
concurrency:
group: ci-${{ github.run_id }}
cancel-in-progress: true
on:
issue_comment:
types:
- created
jobs:
check-before-test:
runs-on: ubuntu-latest
permissions:
pull-requests: write
if: github.repository_owner == 'cryostatio' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/build_test')
steps:
- name: Fail if needs-triage label applied
if: ${{ contains(github.event.issue.labels.*.name, 'needs-triage') }}
run: exit 1
- name: Show warning if permission is denied
if: |
!(github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER')
&& (!contains(github.event.issue.labels.*.name, 'safe-to-test') || github.event.issue.user.name != github.event.comment.user.name)
uses: thollander/actions-comment-pull-request@v2
with:
message: |-
You do not have permission to run the /build_test command. Please ask @cryostatio/reviewers
to resolve the issue.
- name: Fail if command permission is denied
if: |
!(github.event.comment.author_association == 'MEMBER' || github.event.comment.author_association == 'OWNER')
&& (!contains(github.event.issue.labels.*.name, 'safe-to-test') || github.event.issue.user.name != github.event.comment.user.name)
run: exit 1
- name: React to comment
uses: actions/github-script@v6
with:
script: |
const {owner, repo} = context.issue
github.rest.reactions.createForIssueComment({
owner,
repo,
comment_id: context.payload.comment.id,
content: "+1",
});
checkout-branch:
runs-on: ubuntu-latest
needs: [check-before-test]
permissions:
pull-requests: read
outputs:
PR_head_ref: ${{ fromJSON(steps.comment-branch.outputs.result).ref }}
PR_num: ${{ fromJSON(steps.comment-branch.outputs.result).num }}
PR_repo: ${{ fromJSON(steps.comment-branch.outputs.result).repo }}
steps:
- uses: actions/github-script@v6
id: comment-branch
with:
script: |
const result = await github.rest.pulls.get ({
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: context.issue.number
})
return { repo: result.data.head.repo.full_name, num: result.data.number, ref: result.data.head.ref }
get-test-image-tag:
runs-on: ubuntu-latest
needs: [checkout-branch]
env:
num: ${{ needs.checkout-branch.outputs.PR_num }}
outputs:
tag: ${{ steps.compute-tag.outputs.tag }}
steps:
- name: Compute test image tag
id: compute-tag
run: |
prefix="ci"
if [ -n "${{ env.num }}" ]; then
prefix="pr-${{ env.num }}"
fi
echo "tag=${prefix}-$GITHUB_SHA" >> $GITHUB_OUTPUT
run-test-jobs:
uses: ./.github/workflows/test-ci-reusable.yml
needs: [get-test-image-tag, checkout-branch]
permissions:
packages: write
with:
repository: ${{ needs.checkout-branch.outputs.PR_repo }}
ref: ${{ needs.checkout-branch.outputs.PR_head_ref }}
tag: ${{ needs.get-test-image-tag.outputs.tag }}