This repository has been archived by the owner on Nov 29, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 9
142 lines (129 loc) · 3.97 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: CI Pipeline
on:
pull_request:
branches:
- 'main'
- 'release/[0-9]+.[0-9]+'
push:
branches:
- 'main'
- 'release/[0-9]+.[0-9]+'
tags: [ 'v[0-9]+.[0-9]+.[0-9]+' ]
jobs:
changed_files:
runs-on: ubuntu-latest
outputs:
modified: ${{ steps.changes.outputs.src }}
steps:
- name: Checkout
uses: actions/checkout@v4
- uses: dorny/paths-filter@v3
id: changes
with:
filters: |
src:
- .github/workflows/**
- aws-lambda-scorer/**
- aws-sagemaker-hosted-scorer/**
- aws-sagemaker-hosted-scorer-cpp/**
- common/**
- config/**
- gcp-cloud-run/**
- gcp-vertex-ai-mojo-scorer/**
- gradle/**
- hive-mojo-scorer/**
- kdb-mojo-scorer/**
- local-rest-scorer/**
- sql-jdbc-scorer/**
- build.gradle
- gradlew
- gradle.properties
setup_env:
uses: ./.github/workflows/setup-environment.yml
code_quality_check:
needs:
- changed_files
- setup_env
uses: ./.github/workflows/code-quality-check.yml
secrets: inherit
with:
if: ${{ needs.setup_env.outputs.bypass_changed_files == 'true' || needs.changed_files.outputs.modified == 'true' }}
build_image:
uses: ./.github/workflows/image-build.yml
needs:
- changed_files
- setup_env
- code_quality_check
secrets: inherit
with:
component_version: ${{ needs.setup_env.outputs.component_version }}
if: ${{ needs.setup_env.outputs.bypass_changed_files == 'true' || needs.changed_files.outputs.modified == 'true' }}
# The `! failure()` condition runs when the parent jobs completed successfully or were skipped.
if: ${{ ! failure() }}
security_scan:
name: Security Scan
uses: ./.github/workflows/component-scan.yml
needs: build_image
secrets: inherit
publish_latest_from_dev_branch:
if: ${{ startsWith(github.ref, 'refs/heads/main') }}
uses: ./.github/workflows/image-publish.yml
needs:
- setup_env
- build_image
secrets: inherit
with:
ecr_mlops_push_enabled: true
ecr_h2o_push_enabled: false
ecr_mc_push_enabled: false
image_tags: "sha-${{ needs.setup_env.outputs.commit_hash }},latest"
publish_latest_from_release_branch:
if: startsWith(github.ref, 'refs/heads/release/')
uses: ./.github/workflows/image-publish.yml
needs:
- setup_env
- build_image
secrets: inherit
with:
ecr_mlops_push_enabled: true
ecr_h2o_push_enabled: false
ecr_mc_push_enabled: false
image_tags: "sha-${{ needs.setup_env.outputs.commit_hash }},latest-${{ needs.setup_env.outputs.release_base_version }}"
publish_release:
if: startsWith(github.ref, 'refs/tags/v')
uses: ./.github/workflows/image-publish.yml
needs:
- setup_env
- build_image
secrets: inherit
with:
ecr_mlops_push_enabled: false
ecr_h2o_push_enabled: true
ecr_mc_push_enabled: true
image_tags: "v${{ needs.setup_env.outputs.release_version }}"
release:
needs:
- setup_env
- publish_release
name: Prepare Release
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Generate changelogs
id: changelog
uses: requarks/[email protected]
with:
token: ${{ github.token }}
tag: "v${{ needs.setup_env.outputs.release_version }}"
writeToFile: false
- name: Release action
uses: ncipollo/[email protected]
with:
allowUpdates: false
draft: false
tag: "v${{ needs.setup_env.outputs.release_version }}"
body: ${{ steps.changelog.outputs.changes }}
prerelease: false