Adding workflow to upload tagged guard image to ECR on release #478
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Rust | |
on: | |
push: | |
branches: [main, development, rogue_one] | |
pull_request: | |
branches: [main, development, rogue_one] | |
env: | |
CARGO_TERM_COLOR: always | |
jobs: | |
build: | |
name: Build all crates & run unit tests | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Build all crates | |
run: cargo build --release --verbose | |
- name: Run unit tests | |
run: cargo test --verbose | |
shellcheck: | |
name: Shellcheck | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v2 | |
- name: Shellcheck | |
run: shellcheck install-guard.sh | |
formatting: | |
name: Formatting check (cargo fmt) | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions-rust-lang/setup-rust-toolchain@v1 | |
with: | |
components: rustfmt | |
- name: Rustfmt Check | |
uses: actions-rust-lang/rustfmt@v1 | |
linting: | |
name: Linting check (clippy) | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- uses: actions-rs/toolchain@v1 | |
with: | |
toolchain: stable | |
override: true | |
components: clippy | |
- uses: actions-rs/clippy-check@v1 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
args: -- -D warnings | |
aws-guard-rules-registry-integration-tests-linux: | |
strategy: | |
matrix: | |
os: [ubuntu-latest, macos-latest] | |
runs-on: ${{ matrix.os }} | |
name: Integration tests against aws-guard-rules-registry | |
steps: | |
- uses: actions/checkout@v3 | |
name: Checkout cfn-guard | |
with: | |
path: cloudformation-guard | |
- name: Build binary | |
run: | | |
cd cloudformation-guard/guard/ | |
cargo build --release | |
- uses: actions/checkout@v3 | |
name: Checkout aws-guard-rules-registry | |
with: | |
repository: aws-cloudformation/aws-guard-rules-registry | |
path: aws-guard-rules-registry | |
ref: main | |
- name: Run integration tests using test command | |
run: | | |
if cloudformation-guard/target/release/cfn-guard test -d aws-guard-rules-registry/rules; then | |
echo "The integration tests for test command have passed." | |
else | |
echo "The integration tests for test command have failed." | |
exit 1 | |
fi | |
- name: Run integration tests using parse-tree command | |
run: | | |
cd aws-guard-rules-registry/rules | |
FAILED_RULES=() | |
SKIPPED_RULES=() | |
rules=( $(find . -type f -name "*.guard") ) | |
for rule in "${rules[@]}" | |
do | |
if [ $(sed -e '/^[ \s]*#.*$/d' $rule | sed -r '/^\s*$/d' | wc -l) -eq 0 ]; then | |
SKIPPED_RULES+=("$rule") | |
elif ../../cloudformation-guard/target/release/cfn-guard parse-tree --rules $rule; then | |
continue | |
else | |
FAILED_RULES+=("$rule") | |
fi | |
done | |
SKIPPED_RULE_COUNT=${#SKIPPED_RULES[@]} | |
if [ $SKIPPED_RULE_COUNT -gt 0 ]; then | |
echo "The following $SKIPPED_RULE_COUNT rule(s) were skipped because they contained only comments:" | |
for skipped_rule in "${SKIPPED_RULES[@]}" | |
do | |
echo "$skipped_rule" | |
done | |
fi | |
FAILED_RULE_COUNT=${#FAILED_RULES[@]} | |
if [ $FAILED_RULE_COUNT -gt 0 ]; then | |
echo "The following $FAILED_RULE_COUNT rule(s) have failed the parse-tree integration tests with a non-zero error code:" | |
for failed_rule in "${FAILED_RULES[@]}" | |
do | |
echo "$failed_rule" | |
done | |
exit 1 | |
else | |
echo "All the rules have succeeded the parse-tree integration tests." | |
fi | |
aws-guard-rules-registry-integration-tests-windows: | |
runs-on: windows-latest | |
name: Integration tests against aws-guard-rules-registry for Windows | |
steps: | |
- uses: actions/checkout@v3 | |
name: Checkout cfn-guard | |
with: | |
path: cloudformation-guard | |
- name: Build binary | |
run: | | |
cd cloudformation-guard/guard/ | |
cargo build --release | |
- uses: actions/checkout@v3 | |
name: Checkout aws-guard-rules-registry | |
with: | |
repository: aws-cloudformation/aws-guard-rules-registry | |
path: aws-guard-rules-registry | |
ref: main | |
- name: Run integration tests using test command | |
run: | | |
if (cloudformation-guard/target/release/cfn-guard test -d aws-guard-rules-registry/rules) { | |
echo "The integration tests for test command have passed." | |
} | |
else { | |
echo "The integration tests for test command have failed." | |
exit 1 | |
} | |
- name: Run integration tests using parse-tree command | |
run: | | |
cd aws-guard-rules-registry/rules | |
$FAILED_RULES = @() | |
$SKIPPED_RULES = @() | |
$rules = @(Get-ChildItem -Path .\ -Filter *.guard -Recurse -File) | |
Foreach ($rule in $rules) { | |
$rule_files_without_comments = (Get-Content $rule.FullName) -replace '^[ \s]*#.*$', '' | |
if ([String]::IsNullOrWhiteSpace($rule_files_without_comments)){ | |
$SKIPPED_RULES += "$rule" | |
} | |
elseif (../../cloudformation-guard/target/release/cfn-guard parse-tree --rules $rule.FullName) { | |
continue | |
} else { | |
$FAILED_RULES += "$rule" | |
} | |
} | |
$SKIPPED_RULE_COUNT = $SKIPPED_RULES.Length | |
if ($SKIPPED_RULE_COUNT -gt 0) { | |
echo "The following `$SKIPPED_RULE_COUNT.Length` rule(s) were skipped because they contained only comments:" | |
echo $SKIPPED_RULES | |
} | |
$FAILED_RULE_COUNT = $FAILED_RULES.Length | |
if ($FAILED_RULE_COUNT -gt 0) { | |
echo "The following $FAILED_RULE_COUNT rule(s) have failed the parse-tree integration tests with a non-zero error code:" | |
echo $FAILED_RULES | |
exit 1 | |
} else { | |
echo "All the rules have succeeded the parse-tree integration tests." | |
} |