Skip to content

fix: Detect incorrectly indented YAML #3776

fix: Detect incorrectly indented YAML

fix: Detect incorrectly indented YAML #3776

Workflow file for this run

---
name: CI
on:
pull_request:
branches:
- main
- 'v*'
jobs:
changes:
runs-on: ubuntu-latest
timeout-minutes: 5
outputs:
code: ${{ steps.filter.outputs.code }}
docs: ${{ steps.filter.outputs.docs }}
npm: ${{ steps.filter.outputs.npm }}
protos: ${{ steps.filter.outputs.protos }}
steps:
- uses: dorny/paths-filter@v3
id: filter
with:
filters: |
code:
- '!(.node-version|{docs,npm}/**)'
docs:
- .github/workflows/pr-test.yaml
- 'docs/**'
npm:
- .github/workflows/pr-test.yaml
- 'npm/**'
- .node-version
protos:
- .github/workflows/pr-test.yaml
- '**/*.proto'
cache:
uses: ./.github/workflows/cache.yaml
generate:
needs: changes
if: ${{ needs.changes.outputs.code == 'true' }}
name: Generate
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go and restore cached dependencies
uses: ./.github/actions/setup-go
- name: Generate
run: make generate
- name: Check repo status
run: |-
REPO_STATUS="$(git status --porcelain)"
if [[ ! -z $REPO_STATUS ]]; then
echo "::error::Uncommitted changes detected"
echo "$REPO_STATUS"
exit 1
fi
download-test-times:
name: Download test times
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Download previous test times
continue-on-error: true
uses: dawidd6/action-download-artifact@v3
with:
workflow: pr-test.yaml
name: test-times
search_artifacts: true
- name: Upload previous test times
uses: actions/upload-artifact@v4
with:
name: previous-test-times
path: test-times.json
test:
needs:
- changes
- download-test-times
if: ${{ needs.changes.outputs.code == 'true' }}
name: Test
runs-on: ubuntu-latest
timeout-minutes: 15
strategy:
fail-fast: false
matrix:
split: [0, 1, 2, 3, 4, 5]
outputs:
job-total: ${{ strategy.job-total }}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
lfs: true
- name: Install Go and restore cached dependencies
uses: ./.github/actions/setup-go
- name: Download previous test times
uses: actions/download-artifact@v4
with:
name: previous-test-times
- name: Test
run: make test-all TESTSPLIT_INDEX=${{ strategy.job-index }} TESTSPLIT_TOTAL=${{ strategy.job-total }}
env:
GOEXPERIMENT: loopvar # https://github.com/golang/go/wiki/LoopvarExperiment
CERBOS_LOG_LEVEL: "debug"
CERBOS_TEST_LOG_LEVEL: "debug"
CERBOS_DEBUG_DB: "true"
CERBOS_DEBUG_ENGINE: "true"
CERBOS_DEBUG_KAFKA: "true"
- name: Upload JUnit reports
uses: actions/upload-artifact@v4
with:
name: junit-reports-${{ strategy.job-index }}
path: junit.*.xml
- name: Upload unit coverage to Coveralls
uses: shogo82148/actions-goveralls@v1
with:
path-to-profile: unit.cover
flag-name: unit-${{ strategy.job-index }}
parallel: true
- name: Upload integration coverage to Coveralls
uses: shogo82148/actions-goveralls@v1
with:
path-to-profile: integration.cover
flag-name: integration-${{ strategy.job-index }}
parallel: true
upload-test-times:
needs: test
if: ${{ always() && needs.test.result != 'skipped' }}
name: Upload test times
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Check test results
run: test "${{ needs.test.result }}" = "success"
- name: Checkout code
uses: actions/checkout@v4
- name: Install Go and restore cached dependencies
uses: ./.github/actions/setup-go
- name: Download JUnit reports
uses: actions/download-artifact@v4
- name: Combine JUnit reports
run: |-
mv junit-reports-*/junit.*.xml .
make test-times TESTSPLIT_TOTAL=${{ needs.test.outputs.job-total }}
- name: Upload new test times
uses: actions/upload-artifact@v4
with:
name: test-times
path: test-times.json
- name: Complete coveralls report
uses: shogo82148/actions-goveralls@v1
with:
parallel-finished: true
docs:
needs: changes
if: ${{ needs.changes.outputs.docs == 'true' }}
name: Build docs
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
lfs: true
- name: Generate docs
uses: ./.github/actions/antora-docs
id: docs
golangci:
needs: changes
if: ${{ needs.changes.outputs.code == 'true' }}
name: Lint
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Install Go
uses: actions/setup-go@v5
with:
go-version: 1.22.x
check-latest: true
cache: false
- name: golangci-lint
uses: golangci/golangci-lint-action@v5.3.0
with:
version: latest
args: '--config=.golangci.yaml -v'
buf:
needs: changes
if: ${{ needs.changes.outputs.protos == 'true' }}
name: Proto check
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Setup Buf
uses: bufbuild/buf-setup-action@v1.31.0
with:
github_token: ${{ github.token }}
- name: Lint protos
uses: bufbuild/buf-lint-action@v1.1.1
- name: Check formatting
run: buf format --diff --exit-code
- name: Find latest release
id: latest-release
run: gh release view --json tagName --jq '"tag=\(.tagName)"' >> $GITHUB_OUTPUT
env:
GH_TOKEN: ${{ github.token }}
- name: Check backwards compatibility
uses: cerbos/buf-breaking-action@since
with:
against: https://github.com/cerbos/cerbos.git#tag=${{ steps.latest-release.outputs.tag }}
since: https://github.com/cerbos/cerbos.git#branch=main
test-helm:
needs: changes
if: ${{ needs.changes.outputs.code == 'true' }}
name: Helm test
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: '1.22.x'
- name: Test Helm chart
run: ./deploy/charts/validate.sh
build-npm:
needs: changes
if: ${{ needs.changes.outputs.npm == 'true' }}
name: Build npm packages
runs-on: ubuntu-latest
timeout-minutes: 20
steps:
- name: Free disk space
uses: jlumbroso/free-disk-space@main
with:
tool-cache: false
android: true
dotnet: true
haskell: true
large-packages: true
docker-images: true
swap-storage: true
- name: Check out code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install Go and cache dependencies
uses: ./.github/actions/setup-go
with:
cross_compiling: true
- name: Build binaries
uses: goreleaser/goreleaser-action@v5
with:
version: latest
args: build --config=.goreleaser.yml --clean --snapshot
env:
TELEMETRY_WRITE_KEY: ${{ secrets.TELEMETRY_WRITE_KEY }}
TELEMETRY_URL: ${{ secrets.TELEMETRY_URL }}
- name: Collect npm packages
run: tar --create --verbose --file npm.tar npm
- name: Upload npm packages
uses: actions/upload-artifact@v4
with:
name: npm-packages
path: npm.tar
test-npm:
needs: build-npm
name: Test npm packages
strategy:
fail-fast: false
matrix:
runs-on:
- macos-latest
- ubuntu-latest
runs-on: ${{ matrix.runs-on }}
timeout-minutes: 10
steps:
- name: Check out .node-version file
uses: actions/checkout@v4
with:
sparse-checkout: .node-version
sparse-checkout-cone-mode: false
- name: Download npm packages
uses: actions/download-artifact@v4
with:
name: npm-packages
- name: Extract npm packages
run: tar --extract --verbose --file npm.tar
- name: Install Node.js
uses: actions/setup-node@v4
with:
cache: npm
cache-dependency-path: npm/test/registry/package-lock.json
node-version-file: .node-version
# https://github.com/actions/runner-images/issues/9626
- name: Don't force curl to use IPv4
run: rm -f ~/.curlrc
- name: Test npm packages
working-directory: npm
run: corepack npm test
test-npm-results:
name: Check results of npm package tests
runs-on: ubuntu-latest
if: always() && needs.test-npm.result != 'skipped'
needs:
- test-npm
steps:
- name: Check test results
run: test "${{ needs.test-npm.result }}" = "success"