ci(buildkite): update buildkite deployment steps (#1678)

This PR modifies the Buildkite CI pipeline with the following changes:

* Add `SECURITY.md` to CI_BYPASS
* Skip Docker {amd64,arm32v7,arm64v8} builds for renovate PRs
* Ensure Deploy Manifest step only is assigned to deployment nodes
pull/1659/head
Amir Zarrinkafsh 2021-01-31 11:49:36 +11:00 committed by GitHub
parent ea913d2992
commit d71dbd4858
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 10 additions and 4 deletions

View File

@ -6,9 +6,9 @@ DIVERGED=$(git merge-base --fork-point origin/master > /dev/null; echo $?)
if [[ $DIVERGED == 0 ]]; then if [[ $DIVERGED == 0 ]]; then
if [[ $BUILDKITE_TAG == "" ]]; then if [[ $BUILDKITE_TAG == "" ]]; then
if [[ $BUILDKITE_BRANCH == "master" ]]; then if [[ $BUILDKITE_BRANCH == "master" ]]; then
CI_BYPASS=$(git diff --name-only HEAD~1 | sed -rn '/^(BREAKING.md|CONTRIBUTING.md|README.md|docs\/.*)/!{q1}' && echo true || echo false) CI_BYPASS=$(git diff --name-only HEAD~1 | sed -rn '/^(BREAKING.md|CONTRIBUTING.md|README.md|SECURITY.md|docs\/.*)/!{q1}' && echo true || echo false)
else else
CI_BYPASS=$(git diff --name-only `git merge-base --fork-point origin/master` | sed -rn '/^(BREAKING.md|CONTRIBUTING.md|README.md|docs\/.*)/!{q1}' && echo true || echo false) CI_BYPASS=$(git diff --name-only `git merge-base --fork-point origin/master` | sed -rn '/^(BREAKING.md|CONTRIBUTING.md|README.md|SECURITY.md|docs\/.*)/!{q1}' && echo true || echo false)
fi fi
else else
CI_BYPASS="false" CI_BYPASS="false"
@ -33,6 +33,8 @@ steps:
command: "authelia-scripts docker push-manifest" command: "authelia-scripts docker push-manifest"
env: env:
DOCKER_CLI_EXPERIMENTAL: "enabled" DOCKER_CLI_EXPERIMENTAL: "enabled"
agents:
upload: "fast"
if: build.env("CI_BYPASS") != "true" if: build.env("CI_BYPASS") != "true"
- label: ":github: Deploy Artifacts" - label: ":github: Deploy Artifacts"

View File

@ -6,9 +6,9 @@ DIVERGED=$(git merge-base --fork-point origin/master > /dev/null; echo $?)
if [[ $DIVERGED == 0 ]]; then if [[ $DIVERGED == 0 ]]; then
if [[ $BUILDKITE_TAG == "" ]]; then if [[ $BUILDKITE_TAG == "" ]]; then
if [[ $BUILDKITE_BRANCH == "master" ]]; then if [[ $BUILDKITE_BRANCH == "master" ]]; then
CI_BYPASS=$(git diff --name-only HEAD~1 | sed -rn '/^(BREAKING.md|CONTRIBUTING.md|README.md|docs\/.*)/!{q1}' && echo true || echo false) CI_BYPASS=$(git diff --name-only HEAD~1 | sed -rn '/^(BREAKING.md|CONTRIBUTING.md|README.md|SECURITY.md|docs\/.*)/!{q1}' && echo true || echo false)
else else
CI_BYPASS=$(git diff --name-only `git merge-base --fork-point origin/master` | sed -rn '/^(BREAKING.md|CONTRIBUTING.md|README.md|docs\/.*)/!{q1}' && echo true || echo false) CI_BYPASS=$(git diff --name-only `git merge-base --fork-point origin/master` | sed -rn '/^(BREAKING.md|CONTRIBUTING.md|README.md|SECURITY.md|docs\/.*)/!{q1}' && echo true || echo false)
fi fi
if [[ $CI_BYPASS == "true" ]]; then if [[ $CI_BYPASS == "true" ]]; then

View File

@ -31,6 +31,10 @@ if [[ "${BUILD_ARCH}" == "coverage" ]]; then
cat << EOF cat << EOF
if: build.branch !~ /^(v[0-9]+\.[0-9]+\.[0-9]+)$\$/ if: build.branch !~ /^(v[0-9]+\.[0-9]+\.[0-9]+)$\$/
EOF EOF
else
cat << EOF
if: build.branch !~ /^(dependabot|renovate)\/.*/
EOF
fi fi
done done
done done