-
Notifications
You must be signed in to change notification settings - Fork 114
62 lines (47 loc) · 1.75 KB
/
push.yml
File metadata and controls
62 lines (47 loc) · 1.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
name: Plugins - CI
on:
# Run CI on all PRs
pull_request:
# Also run on pushes to main (used for publish + downstream automation)
push:
branches: [main]
# Allow manual re-runs from the Actions UI (useful for debugging failures)
workflow_dispatch:
# Minimal top-level permissions; jobs can extend as needed
permissions:
contents: read
id-token: write # Required for OIDC (Vault / shared workflows)
# Prevent duplicate runs on the same ref.
# For PRs: cancel older in-progress runs when new commits are pushed.
# For main: do NOT cancel (publishing should complete once started).
concurrency:
group: plugins-ci-${{ github.ref }}
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }}
jobs:
ci:
name: CI
uses: grafana/plugin-ci-workflows/.github/workflows/ci.yml@ci-cd-workflows/v7.3.1
# Only run CI job for PRs / non-main refs.
# Main publishing is handled by the CD workflow below.
if: github.ref != 'refs/heads/main'
# Required for checkout + OIDC in shared workflows
permissions:
contents: read
id-token: write
with:
# Ensure PR builds produce unique plugin versions.
# For PR events, suffix with the head SHA; otherwise leave empty.
plugin-version-suffix: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || '' }}
publish-and-deploy:
name: Publish to Dev Catalog and Deploy
# Main-only: publish the latest build and trigger Argo deployment
if: github.ref == 'refs/heads/main'
uses: grafana/data-sources-ci-workflows/.github/workflows/cd-dev.yml@main
permissions:
attestations: write
contents: write
id-token: write
pull-requests: read
with:
go-version: "1.26.0"
golangci-lint-version: "2.10.1"