mirror of
https://github.com/aljazceru/kata-containers.git
synced 2026-01-27 18:24:26 +01:00
3215860a47
This is less secure than running the PR on `pull_request`, and will require using an additional `ok-to-test` label to make sure someone deliverately ran the actions coming from a forked repo. Signed-off-by: Fabiano Fidêncio <fabiano.fidencio@intel.com>
38 lines
1.3 KiB
YAML
38 lines
1.3 KiB
YAML
name: Kata Containers CI
|
|
on:
|
|
pull_request_target:
|
|
types:
|
|
- opened
|
|
- reopened
|
|
- labeled
|
|
- synchronize
|
|
|
|
jobs:
|
|
build-kata-static-tarball-amd64:
|
|
if: contains(github.event.pull_request.labels.*.name, 'ok-to-test')
|
|
uses: ./.github/workflows/build-kata-static-tarball-amd64.yaml
|
|
with:
|
|
tarball-suffix: -${{ github.event.pull_request.number}}-${{ github.sha }}
|
|
|
|
publish-kata-deploy-payload-amd64:
|
|
if: contains(github.event.pull_request.labels.*.name, 'ok-to-test')
|
|
needs: build-kata-static-tarball-amd64
|
|
uses: ./.github/workflows/publish-kata-deploy-payload-amd64.yaml
|
|
with:
|
|
tarball-suffix: -${{ github.event.pull_request.number}}-${{ github.sha }}
|
|
registry: ghcr.io
|
|
repo: ${{ github.repository_owner }}/kata-deploy-ci
|
|
tag: ${{ github.event.pull_request.number }}-${{ github.sha }}-amd64
|
|
quay-io-login-continue-on-error: true
|
|
secrets: inherit
|
|
|
|
run-k8s-tests-on-aks:
|
|
if: contains(github.event.pull_request.labels.*.name, 'ok-to-test')
|
|
needs: publish-kata-deploy-payload-amd64
|
|
uses: ./.github/workflows/run-k8s-tests-on-aks.yaml
|
|
with:
|
|
registry: ghcr.io
|
|
repo: ${{ github.repository_owner }}/kata-deploy-ci
|
|
tag: ${{ github.event.pull_request.number }}-${{ github.sha }}-amd64
|
|
secrets: inherit
|