fix(workflows): add runner OS guard to test and build workflows #24
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Shared Go Build | ||
|
Check failure on line 1 in .github/workflows/shared-go-build.yaml
|
||
| on: | ||
| workflow_call: | ||
| inputs: | ||
| runs-on: | ||
| description: "The runner to use for the job (must be a Linux or macOS runner; this workflow requires make)" | ||
| required: false | ||
| default: "ubuntu-latest" | ||
| type: string | ||
| working-directory: | ||
| description: "Working directory for the job" | ||
| required: false | ||
| default: "." | ||
| type: string | ||
| build-target: | ||
| description: "The make target to run for the build (e.g. build, build-all, docker-build)" | ||
| required: false | ||
| default: "build" | ||
| type: string | ||
| docker-build: | ||
| description: "Build and optionally push a Docker image after the Go build" | ||
| required: false | ||
| default: false | ||
| type: boolean | ||
| image-name: | ||
| description: "Full GHCR image name, e.g. ghcr.io/cloudoperators/myapp (must start with ghcr.io/ when push is true)" | ||
| required: false | ||
| default: "" | ||
| type: string | ||
| platforms: | ||
| description: "Comma-separated list of target platforms for the Docker image" | ||
| required: false | ||
| default: "linux/amd64,linux/arm64" | ||
| type: string | ||
| push: | ||
| description: "Push the built Docker image to the registry" | ||
| required: false | ||
| default: false | ||
| type: boolean | ||
| secrets: | ||
| registry-token: | ||
| description: "Token used to authenticate to the container registry when pushing" | ||
| required: false | ||
| jobs: | ||
| build: | ||
| runs-on: ${{ inputs.runs-on }} | ||
| permissions: | ||
| contents: read | ||
| packages: ${{ inputs.push == true && 'write' || 'read' }} | ||
| defaults: | ||
| run: | ||
| working-directory: ${{ inputs.working-directory }} | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 | ||
| - name: Validate inputs | ||
| env: | ||
| PUSH: ${{ inputs.push }} | ||
| DOCKER_BUILD: ${{ inputs.docker-build }} | ||
| run: | | ||
| case "$RUNNER_OS" in | ||
| Linux|macOS) ;; | ||
| *) echo "ERROR: this workflow requires a Linux or macOS runner (needs make); got: $RUNNER_OS"; exit 1 ;; | ||
| esac | ||
| if [ "$PUSH" = "true" ] && [ "$DOCKER_BUILD" != "true" ]; then | ||
| echo "ERROR: push=true requires docker-build=true" | ||
| exit 1 | ||
| fi | ||
| - name: Set up Go | ||
| uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5 | ||
| with: | ||
| go-version-file: ${{ format('{0}/go.mod', inputs.working-directory) }} | ||
| cache: true | ||
| cache-dependency-path: ${{ format('{0}/go.sum', inputs.working-directory) }} | ||
| - name: Build | ||
| env: | ||
| BUILD_TARGET: ${{ inputs.build-target }} | ||
| run: make "$BUILD_TARGET" | ||
| - name: Validate docker-build inputs | ||
| if: inputs.docker-build == true | ||
| env: | ||
| IMAGE_NAME: ${{ inputs.image-name }} | ||
| PUSH: ${{ inputs.push }} | ||
| run: | | ||
| if [ "$RUNNER_OS" != "Linux" ]; then | ||
| echo "ERROR: docker-build requires a Linux runner; got: $RUNNER_OS" | ||
| exit 1 | ||
| fi | ||
| if [ -z "$IMAGE_NAME" ]; then | ||
| echo "ERROR: image-name is required when docker-build is true" | ||
| exit 1 | ||
| fi | ||
| case "$IMAGE_NAME" in | ||
| ghcr.io/*) ;; | ||
| *) | ||
| if [ "$PUSH" = "true" ]; then | ||
| echo "ERROR: image-name must start with 'ghcr.io/' when push is true (got: '$IMAGE_NAME')" | ||
| exit 1 | ||
| fi | ||
| ;; | ||
| esac | ||
| - name: Set up QEMU | ||
| if: inputs.docker-build == true | ||
| uses: docker/setup-qemu-action@29109295f81e9208d7d86ff9c25c0e60b9eba63c # v3 | ||
| - name: Set up Docker Buildx | ||
| if: inputs.docker-build == true | ||
| uses: docker/setup-buildx-action@b5730b4fe97e6f9f14b9d7bb5f0f0b9f75a3b6ca # v3 | ||
| - name: Log in to container registry | ||
| if: inputs.docker-build == true && inputs.push == true | ||
| uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3 | ||
| with: | ||
| registry: ghcr.io | ||
| username: ${{ github.actor }} | ||
| password: ${{ secrets.registry-token != '' && secrets.registry-token || secrets.GITHUB_TOKEN }} | ||
| - name: Extract Docker metadata | ||
| if: inputs.docker-build == true | ||
| id: meta | ||
| uses: docker/metadata-action@902fa8ec7d6ecbea8a63d9c1064e4b9e02685b72 # v5 | ||
| with: | ||
| images: ${{ inputs.image-name }} | ||
| - name: Build and push Docker image | ||
| if: inputs.docker-build == true | ||
| uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6 | ||
| with: | ||
| context: ${{ inputs.working-directory }} | ||
| platforms: ${{ inputs.platforms }} | ||
| push: ${{ inputs.push }} | ||
| tags: ${{ steps.meta.outputs.tags }} | ||
| labels: ${{ steps.meta.outputs.labels }} | ||
