forked from spiffe/spire
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.travis.yml
113 lines (103 loc) · 3.44 KB
/
.travis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
sudo: required
services:
- docker
language: go
go:
- 1.13.9
cache:
directories:
- .cache
- $HOME/.build
# cache the Go module cache
- $HOME/go/pkg/mod
# cache `go install`-ed binaries across stages. build.sh unsets GOPATH
# so this is hitting the default go env of $HOME/go
- $HOME/go/bin
# Only build for master and branches that look like versions. This also covers
# tags, which keeps us from building (and deploying) from the extra tags we set
# during a release for go multi-module repo support (i.e. proto/spire/v1.2.3).
branches:
only:
- master
- /^v\d+\.\d+(\.\d+)?$/
stages:
- lint and test
- build release
- publish images
- nightly integration tests
jobs:
include:
- stage: lint and test
name: lint
script:
- make lint
- make tidy-check
- make generate-check
- shellcheck script/*.sh
- shellcheck .travis/*.sh
# linting is OS agnostic but protobuf_verify needs utils to lets be explicit
# about its runtime environment
os: linux
dist: xenial
- stage: lint and test
name: macos tests
script:
- .travis/run-unit-tests.sh
os: macos
- stage: lint and test
name: linux tests
script:
- .travis/run-unit-tests.sh
os: linux
dist: xenial
- stage: build release
script:
- make artifact
- .travis/build-release.sh
os: linux
dist: xenial
deploy:
- provider: s3
access_key_id: $AWS_ACCESS_KEY_ID
secret_access_key: $AWS_SECRET_ACCESS_KEY
bucket: scytale-artifacts
local-dir: artifacts
upload-dir: spire
acl: public_read
skip_cleanup: true
region: us-east-2
on:
all_branches: true
condition: $AWS_SECRET_ACCESS_KEY != ""
- provider: releases
api_key: $GITHUB_TOKEN
file_glob: true
file: releases/*
skip_cleanup: true
on:
tags: true
condition: $GITHUB_TOKEN != ""
- stage: publish images
if: type = push AND (tag IS present OR branch = master)
os: linux
dist: xenial
before_script:
# Decrypt credentials needed to log into gcr registry
- openssl aes-256-cbc -K $encrypted_b48f9e852489_key -iv $encrypted_b48f9e852489_iv -in .travis/spire-travis-ci.json.enc -out .travis/spire-travis-ci.json -d
script:
- make images
- make integration
- .travis/publish-images.sh
- stage: nightly integration tests
if: type = cron
os: linux
dist: xenial
script:
- make images
- make integration
notifications:
email:
recipients:
slack:
secure: auV9VWkA50+tf4cKUUkMH/KqggKSJCBV9ruLSF1LVgqQYnK34rp/PPzx4gTiQYA07ltnu8Hi13XMoN5+OFsRfzVRCKP1tlGuTvVhpsoyMGiNxBY1Yw2OhZXRoSjCwJkuBsAkkaxAgsC58IEnxhKq+M83dDYx+WiybO+aQnQ6ExbGE4oUBhhBkYKrHy4Kt9/3yWLqicV/VXFtvwbXG5OG1zNNOYCUEud4Y8j6pcb0kyVqlHFjAjasLPsln0QSaTxOThLZCxMZD2zpbI1xxO5tBusqDe1QOMSgsyAbDaNk7wCb2kU+0hRKcfiuWShrswhECSJsYUImLq4c77WbdhrjRgscgY2779T/jaJHbG3Lx7GlDWYLSgFcM8VfZK+K5XPcm35F2qGPiEjtYEEAPS2qQM9PZyvTEVPxjNEc2PE3bINTjibcKbfATNa1ULQvJ6ixtSL9Ao8828iUfaR0mK4eaWnJckov5OaGvah+v6vh49JqZTEN3Or8XTUw0ra14euS6jR30XB2Y3S8/0NuvHY+ytJe36yQn9FdFM3asNpBuNP7F9v00WJr3+Lhg7KHMd0m19ulwtmXiWJYU25AVMk/oXp+aq+678AvhYkYZGaUzC3timsuTlAjH9DA9yxBW+8KE9y46Jq8vXHXhKTfdKDVVUyOFxKKGAjCA5QbeKx+5QU=