This section describes how you can use GitHub Actions to automate tasks.
The project scaffolding already includes all the GitHub actions you need.
You can find the Actions in the
You can adapt these principles to use a different CI system.
Automation of the unit tests and of the end-to-end tests works out of the box.
It uses the jobs defined in
The project scaffolding has a
release job in
This job performs the following steps:
- Checkout code
- Build the WebAssembly policy
- Push the policy to an Open Container Initiative (OCI) registry
- Create a new GitHub Release
To enable the job, adjust the
oci-target action input for the reusable workflow (
reusable-release-policy-go.yml) called in the
The job acts differently based on the commit that triggered its execution.
Regular commits lead to the creation of an OCI artifact called
A GitHub release isn't created for these commits.
Creating a tag that matches the
v* pattern leads to:
- Creation of an OCI artifact called
- Creation of a GitHub release named
Release <full tag name>. The release includes the assets, the source code of the policy, and the WebAssembly binary.
Assume a policy named
safe-labels and that it needs
The contents of the
jobs.push-to-oci-registry.env section of
Pushing a tag named
v0.1.0 leads to the creation and publishing of the
OCI artifact called
It creates a GitHub release named
The release includes the following assets:
- Source code compressed as
- A file named
policy.wasm; this is the actual WebAssembly policy