🤖 feat: add docs site, Pages deploy, and docs quality checks #71
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI | |
| on: | |
| pull_request: | |
| merge_group: | |
| types: [checks_requested] | |
| push: | |
| branches: | |
| - main | |
| permissions: | |
| contents: read | |
| jobs: | |
| changes: | |
| name: Detect changed paths | |
| runs-on: depot-ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| outputs: | |
| go: ${{ steps.merge_group_defaults.outputs.go || steps.filter.outputs.go }} | |
| workflows: ${{ steps.merge_group_defaults.outputs.workflows || steps.filter.outputs.workflows }} | |
| publish: ${{ steps.merge_group_defaults.outputs.publish || steps.filter.outputs.publish }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| # Required so paths-filter can diff push events using github.event.before without fetching. | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Set merge-group defaults | |
| if: github.event_name == 'merge_group' | |
| id: merge_group_defaults | |
| run: | | |
| { | |
| echo "go=true" | |
| echo "workflows=true" | |
| echo "publish=false" | |
| } >> "$GITHUB_OUTPUT" | |
| - name: Detect changed paths | |
| if: github.event_name != 'merge_group' | |
| id: filter | |
| uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
| with: | |
| filters: | | |
| go: | |
| - '**/*.go' | |
| - 'go.mod' | |
| - 'go.sum' | |
| - 'vendor/**' | |
| - 'Makefile' | |
| - '.golangci.yml' | |
| - '.golangci.yaml' | |
| workflows: | |
| - '.github/workflows/**' | |
| - '.github/actionlint.yaml' | |
| - '.github/actionlint.yml' | |
| publish: | |
| - '**/*.go' | |
| - 'go.mod' | |
| - 'go.sum' | |
| - 'vendor/**' | |
| - 'Dockerfile*' | |
| - 'Dockerfile.goreleaser' | |
| lint: | |
| needs: changes | |
| if: github.event_name == 'merge_group' || needs.changes.outputs.go == 'true' | |
| runs-on: depot-ubuntu-24.04-8 | |
| timeout-minutes: 20 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| persist-credentials: false | |
| - name: Set up Go | |
| uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.6.0 | |
| with: | |
| go-version-file: go.mod | |
| cache: true | |
| - name: Verify vendor is up to date | |
| run: | | |
| go mod tidy | |
| go mod vendor | |
| git diff --exit-code -- go.mod go.sum vendor/ | |
| - name: Run golangci-lint | |
| uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9 | |
| with: | |
| version: v2.8 | |
| args: --timeout=5m ./... | |
| - name: Run golangci-lint formatter checks | |
| run: go run github.com/golangci/golangci-lint/v2/cmd/golangci-lint@v2.8.0 fmt --diff | |
| - name: Run govulncheck | |
| uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1 | |
| with: | |
| go-version-file: go.mod | |
| go-package: ./... | |
| test: | |
| needs: changes | |
| if: github.event_name == 'merge_group' || needs.changes.outputs.go == 'true' | |
| runs-on: depot-ubuntu-24.04-8 | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| persist-credentials: false | |
| - name: Setup Go | |
| uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.6.0 | |
| with: | |
| go-version-file: go.mod | |
| cache: true | |
| - name: Verify vendor is up to date | |
| run: | | |
| go mod tidy | |
| go mod vendor | |
| git diff --exit-code -- go.mod go.sum vendor/ | |
| - name: Setup envtest assets | |
| env: | |
| GOFLAGS: -mod=vendor | |
| run: | | |
| KUBEBUILDER_ASSETS_PATH="$(go run ./vendor/sigs.k8s.io/controller-runtime/tools/setup-envtest use 1.35.x --bin-dir "${{ github.workspace }}/bin/envtest" -p path)" | |
| echo "KUBEBUILDER_ASSETS=${KUBEBUILDER_ASSETS_PATH}" >> "$GITHUB_ENV" | |
| - name: Run tests | |
| env: | |
| GOFLAGS: -mod=vendor | |
| KUBEBUILDER_ASSETS: ${{ env.KUBEBUILDER_ASSETS }} | |
| run: go test ./... -count=1 | |
| - name: Build | |
| env: | |
| GOFLAGS: -mod=vendor | |
| run: go build ./... | |
| e2e-kind: | |
| name: E2E Smoke (Kind) | |
| needs: [changes, test] | |
| if: needs.changes.outputs.go == 'true' | |
| runs-on: depot-ubuntu-24.04-8 | |
| timeout-minutes: 45 | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| persist-credentials: false | |
| - name: Setup Go | |
| uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.6.0 | |
| with: | |
| go-version-file: go.mod | |
| cache: true | |
| - name: Create Kind cluster | |
| uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0 | |
| with: | |
| cluster_name: e2e | |
| - name: Build binary | |
| env: | |
| GOFLAGS: -mod=vendor | |
| CGO_ENABLED: "0" | |
| GOOS: linux | |
| GOARCH: amd64 | |
| run: go build -o coder-k8s ./ | |
| - name: Build and load image | |
| run: | | |
| docker build -f Dockerfile.goreleaser -t ghcr.io/coder/coder-k8s:e2e . | |
| kind load docker-image ghcr.io/coder/coder-k8s:e2e --name e2e | |
| - name: Apply CRDs and RBAC | |
| run: | | |
| kubectl apply -f config/crd/bases/ | |
| kubectl apply -f config/rbac/ | |
| - name: Deploy controller | |
| run: | | |
| kubectl apply -f config/e2e/namespace.yaml | |
| kubectl apply -f config/e2e/ | |
| - name: Wait for controller | |
| run: kubectl wait --for=condition=Available deploy/coder-k8s -n coder-system --timeout=120s | |
| - name: Apply sample CR | |
| run: kubectl apply -f config/samples/coder_v1alpha1_codercontrolplane.yaml | |
| - name: Verify CR exists | |
| run: | | |
| kubectl get codercontrolplanes -A | |
| COUNT=$(kubectl get codercontrolplanes -A -o json | jq '.items | length') | |
| if [ "$COUNT" -lt 1 ]; then | |
| echo "assertion failed: expected at least 1 CoderControlPlane resource" >&2 | |
| exit 1 | |
| fi | |
| lint-actions: | |
| name: Lint GitHub Actions | |
| needs: changes | |
| if: github.event_name == 'merge_group' || needs.changes.outputs.workflows == 'true' | |
| runs-on: depot-ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| persist-credentials: false | |
| - name: Setup Go | |
| uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.6.0 | |
| with: | |
| go-version-file: go.mod | |
| cache: true | |
| - name: Run actionlint | |
| run: go run github.com/rhysd/actionlint/cmd/actionlint@v1.7.10 | |
| - name: Run zizmor | |
| uses: zizmorcore/zizmor-action@0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d # v0.5.0 | |
| with: | |
| advanced-security: false | |
| online-audits: false | |
| inputs: .github/workflows | |
| codex-comments: | |
| name: Codex Comments | |
| if: github.event_name == 'pull_request' | |
| runs-on: depot-ubuntu-24.04 | |
| permissions: | |
| contents: read | |
| pull-requests: read | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| fetch-depth: 0 | |
| persist-credentials: false | |
| - name: Check unresolved Codex comments | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: ./scripts/check_codex_comments.sh ${{ github.event.pull_request.number }} | |
| publish-main: | |
| name: Publish GHCR :main | |
| needs: [changes, test, lint, lint-actions, e2e-kind] | |
| if: | | |
| always() && | |
| github.event_name == 'push' && | |
| github.ref == 'refs/heads/main' && | |
| needs.changes.outputs.publish == 'true' && | |
| (needs.test.result == 'success' || needs.test.result == 'skipped') && | |
| (needs.lint.result == 'success' || needs.lint.result == 'skipped') && | |
| (needs.lint-actions.result == 'success' || needs.lint-actions.result == 'skipped') && | |
| (needs.e2e-kind.result == 'success' || needs.e2e-kind.result == 'skipped') | |
| runs-on: depot-ubuntu-24.04-8 | |
| timeout-minutes: 30 | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 | |
| with: | |
| persist-credentials: false | |
| - name: Setup Go | |
| uses: actions/setup-go@40f1582b2485089dde7abd97c1529aa768e1baff # v5.6.0 | |
| with: | |
| go-version-file: go.mod | |
| cache: false | |
| - name: Build linux/amd64 binary for image | |
| env: | |
| GOFLAGS: -mod=vendor | |
| CGO_ENABLED: "0" | |
| GOOS: linux | |
| GOARCH: amd64 | |
| run: go build -o coder-k8s ./ | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 | |
| - name: Log in to GitHub Container Registry | |
| uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and push :main | |
| uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 | |
| with: | |
| context: . | |
| file: Dockerfile.goreleaser | |
| push: true | |
| tags: ghcr.io/coder/coder-k8s:main |