migrate to GHA pipeline (#176)

Signed-off-by: Alex Goodman <alex.goodman@anchore.com>

.circleci/config.yml

@@ -1,117 +0,0 @@
-version: 2.1
-
-jobs:
-  run-static-analysis:
-    parameters:
-      version:
-        type: string
-    docker:
-      - image: circleci/golang:<< parameters.version >>
-        environment:
-          GO111MODULE: "on"
-          # work around for recent circle CI breaking change
-          # Error: "Error response from daemon: client version 1.39 is too new. Maximum supported API version is 1.38"
-          DOCKER_API_VERSION: "1.38"
-    # 2CPU / 4GB RAM
-    resource_class: medium
-    steps:
-
-      - checkout
-
-      - restore_cache:
-          keys:
-            - go-<< parameters.version >>-{{ checksum "go.sum" }}-{{ checksum "Makefile" }}
-
-      - run: make ci-bootstrap
-
-      - save_cache:
-          key: go-<< parameters.version >>-{{ checksum "go.sum" }}-{{ checksum "Makefile" }}
-          paths:
-            - "/go/pkg/mod"
-            - ".tmp"
-
-      - run:
-          name: run static analysis
-          command: make static-analysis
-
-  run-tests:
-    parameters:
-      version:
-        type: string
-    docker:
-      - image: circleci/golang:<< parameters.version >>
-        environment:
-          GO111MODULE: "on"
-          # work around for recent circle CI breaking change
-          # Error: "Error response from daemon: client version 1.39 is too new. Maximum supported API version is 1.38"
-          DOCKER_API_VERSION: "1.38"
-    # 2CPU / 4GB RAM
-    resource_class: medium
-    steps:
-
-      - checkout
-
-      - restore_cache:
-          keys:
-            - go-<< parameters.version >>-{{ checksum "go.sum" }}-{{ checksum "Makefile" }}
-
-      - run: make ci-bootstrap
-
-      - save_cache:
-          key: go-<< parameters.version >>-{{ checksum "go.sum" }}-{{ checksum "Makefile" }}
-          paths:
-            - "/go/pkg/mod"
-            - ".tmp"
-
-      - setup_remote_docker:
-          version: 18.06.0-ce
-
-      - run:
-          name: enable docker client
-          command: |
-              # all of this to enable "circleci local execute ..." cli commands for /var/run/docker.sock
-              mkdir -p ${HOME}/.local/bin
-              cat \<< EOF > ${HOME}/.local/bin/docker
-              #!/bin/bash
-              set -xue
-              sudo -E ${HOME}/.local/bin/docker.bin \$@
-              EOF
-              sudo mv /usr/bin/docker ${HOME}/.local/bin/docker.bin
-              chmod 755 ${HOME}/.local/bin/docker
-
-      - run:
-          name: validate grype output against the CycloneDX schema
-          command: make validate-cyclonedx-schema
-
-      - run:
-          name: run unit tests
-          command: make unit
-
-      - run:
-          name: build hash key for integration test-fixtures blobs
-          command: make integration-fingerprint
-
-      - restore_cache:
-          keys:
-            - integration-test-cache-{{ checksum "test/integration/test-fixtures/cache.fingerprint" }}
-      - run:
-          name: run integration tests
-          command: make integration
-
-      - save_cache:
-          key: integration-test-cache-{{ checksum "test/integration/test-fixtures/cache.fingerprint" }}
-          paths:
-            - "test/integration/test-fixtures/cache"
-
-workflows:
-  "Static Analysis + Unit + Integration":
-    jobs:
-      - run-static-analysis:
-          name: "Static Analysis"
-          version: "latest"
-      - run-tests:
-          name: "Unit & Integration Tests (go-1.13)"
-          version: "1.13"
-      - run-tests:
-          name: "Unit & Integration Tests (go-latest)"
-          version: "latest"

.github/workflows/static-unit-integration.yaml

@@ -0,0 +1,93 @@
+name: 'Static Analysis + Unit + Integration'
+on:
+  workflow_dispatch:
+  push:
+jobs:
+
+  Static-Analysis:
+    strategy:
+      matrix:
+        go-version: [1.x]
+        platform: [ubuntu-latest]
+    runs-on: ${{ matrix.platform }}
+    steps:
+
+      - uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - uses: actions/checkout@v2
+
+      - name: Restore bootstrap cache
+        id: bootstrap-cache
+        uses: actions/cache@v2
+        with:
+          path: |
+            ~/go/pkg/mod
+            ${{ github.workspace }}/.tmp
+          key: ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('Makefile') }}
+          restore-keys: |
+            ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}-
+            ${{ runner.os }}-go-${{ matrix.go-version }}-
+
+      - name: Bootstrap project dependencies
+        if: steps.bootstrap-cache.outputs.cache-hit != 'true'
+        run: make bootstrap
+
+      - name: Bootstrap CI dependencies
+        run: make ci-bootstrap
+
+      - name: Run static analysis
+        run: make static-analysis
+
+  Tests:
+    strategy:
+      matrix:
+        # test the lower bounds of support, and the latest available
+        go-version: [1.13.x, 1.x]
+        platform: [ubuntu-latest]
+    runs-on: ${{ matrix.platform }}
+    steps:
+
+      - uses: actions/setup-go@v2
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - uses: actions/checkout@v2
+
+      - name: Restore bootstrap cache
+        id: bootstrap-cache
+        uses: actions/cache@v2
+        with:
+          path: |
+            ~/go/pkg/mod
+            ${{ github.workspace }}/.tmp
+          key: ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}-${{ hashFiles('Makefile') }}
+          restore-keys: |
+            ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}-
+            ${{ runner.os }}-go-${{ matrix.go-version }}-
+
+      - name: Bootstrap project dependencies
+        if: steps.bootstrap-cache.outputs.cache-hit != 'true'
+        run: make bootstrap
+
+      - name: Bootstrap CI dependencies
+        run: make ci-bootstrap
+
+      - name: Run unit tests
+        run: make unit
+
+      - name: Validate grype output against the CycloneDX schema
+        run: make validate-cyclonedx-schema
+
+      - name: Build key for tar cache
+        run: make integration-fingerprint
+
+      - name: Restore integration test cache
+        uses: actions/cache@v2
+        with:
+          path: ${{ github.workspace }}/integration/test-fixtures/cache
+          key: ${{ runner.os }}-integration-test-cache-${{ hashFiles('integration/test-fixtures/cache.fingerprint') }}
+
+      - name: Run integration tests
+        run: make integration

Makefile

@@ -138,16 +138,6 @@ integration-fingerprint:
 clear-test-cache: ## Delete all test cache (built docker image tars)
 	find . -type f -wholename "**/test-fixtures/cache/*.tar" -delete
 
-.PHONY: check-pipeline
-check-pipeline: ## Run local CircleCI pipeline locally (sanity check)
-	$(call title,Check pipeline)
-	# note: this is meant for local development & testing of the pipeline, NOT to be run in CI
-	mkdir -p $(TEMPDIR)
-	circleci config process .circleci/config.yml > .tmp/circleci.yml
-	circleci local execute -c .tmp/circleci.yml --job "Static Analysis"
-	circleci local execute -c .tmp/circleci.yml --job "Unit & Integration Tests (go-latest)"
-	@printf '$(SUCCESS)Pipeline checks pass!$(RESET)\n'
-
 .PHONY: build
 build: $(SNAPSHOTDIR) ## Build release snapshot binaries and packages