fix: update GitHub Actions workflows

.github/workflows/build-publish-mcr.yml

@@ -19,11 +19,6 @@ env:
 
   GO_VERSION: '1.18'
 
-  # TODO: once fleet repo is public, we could remove these env variables.
-  GOPROXY: ${{ secrets.GOPROXY }}
-  GOPRIVATE: ${{ secrets.GOPRIVATE }}
-  GONOPROXY: none
-
 jobs:
   prepare-variables:
     runs-on: ubuntu-latest

.github/workflows/workflow.yml → .github/workflows/e2e-tests.yml

@@ -1,118 +1,86 @@
-name: fleet-networking-ci
-
-on:
-  push:
-    branches:
-      - main
-  workflow_dispatch: {}
-  pull_request:
-    branches:
-      - main
-      - release-*
-    paths-ignore: [docs/**, "**.md", "**.mdx", "**.png", "**.jpg"]
-
-permissions:
-      id-token: write
-      contents: read
-
-env:
-  GO_VERSION: '1.18'
-
-  # TODO: once fleet repo is public, we could remove these env variables.
-  GOPROXY: ${{ secrets.GOPROXY }}
-  GOPRIVATE: ${{ secrets.GOPRIVATE }}
-  GONOPROXY: none
-
-jobs:
-
-  detect-noop:
-    runs-on: ubuntu-latest
-    outputs:
-      noop: ${{ steps.noop.outputs.should_skip }}
-    steps:
-      - name: Detect No-op Changes
-        id: noop
-        uses: fkirc/[email protected]
-        with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          do_not_skip: '["workflow_dispatch", "schedule", "push"]'
-          concurrent_skipping: false
-
-  unit-tests:
-    runs-on: ubuntu-latest
-    needs: detect-noop
-    if: needs.detect-noop.outputs.noop != 'true'
-    steps:
-      - name: Set up Go
-        uses: actions/setup-go@v3
-        with:
-          go-version: ${{ env.GO_VERSION }}
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v3
-
-      - name: Run unit tests & Generate coverage
-        run: make test
-
-      - name: Upload Codecov report
-        uses: codecov/codecov-action@v3
-        with:
-          ## Repository upload token - get it from codecov.io. Required only for private repositories
-          token: ${{ secrets.CODECOV_TOKEN }}
-          ## Comma-separated list of files to upload
-          files: ./coverage.xml
-
-  e2e-tests:
-    strategy:
-      # disable fail-fast to continue the in-progress pipeline when one failed job is detected to
-      # get test results for all scenarios.
-      fail-fast: false
-      matrix:
-        network-setting: [shared-vnet, peered-vnet,  dynamic-ip-allocation]
-    runs-on: ubuntu-latest
-    needs: [
-      detect-noop,
-    ]
-    if: needs.detect-noop.outputs.noop != 'true'
-    steps:
-      - name: Set up Go
-        uses: actions/setup-go@v3
-        with:
-          go-version: ${{ env.GO_VERSION }}
-
-      - name: Check out code into the Go module directory
-        uses: actions/checkout@v3
-
-      - name: Prepare e2e variables
-        run: |
-          echo "AZURE_RESOURCE_GROUP="fleet-networking-e2e-$RANDOM"" >> $GITHUB_ENV
-      # reference: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure
-      - name: 'OIDC Login to Azure Public Cloud'
-        uses: azure/login@v1
-        with:
-          client-id: ${{ secrets.E2E_AZURE_CLIENT_ID }}
-          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
-          subscription-id: ${{ secrets.E2E_AZURE_SUBSCRIPTION_ID }}
-      - name: Setup e2e Environment
-        run: |
-          make e2e-setup
-        env:
-          AZURE_SUBSCRIPTION_ID: ${{ secrets.E2E_AZURE_SUBSCRIPTION_ID }}
-          AZURE_NETWORK_SETTING: ${{ matrix.network-setting }}
-          AZURE_RESOURCE_GROUP: ${{ env.AZURE_RESOURCE_GROUP }}
-      - name: Run e2e tests
-        run: |
-          make e2e-tests
-        env:
-          AZURE_SUBSCRIPTION_ID: ${{ secrets.E2E_AZURE_SUBSCRIPTION_ID }}
-          AZURE_NETWORK_SETTING: ${{ matrix.network-setting }}
-          AZURE_RESOURCE_GROUP: ${{ env.AZURE_RESOURCE_GROUP }}
-      - name: Cleanup e2e
-        if: always()
-        run: |
-          make e2e-cleanup
-        env:
-          AZURE_CLIENT_ID: ${{ secrets.E2E_AZURE_CLIENT_ID}}
-          AZURE_CLIENT_SECRET: ${{ secrets.E2E_AZURE_CLIENT_SECRET }}
-          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
-          AZURE_RESOURCE_GROUP: ${{ env.AZURE_RESOURCE_GROUP }}
+name: E2E Tests
+
+on:
+  push:
+    branches:
+      - main
+  create:
+    # Publish semver tags as releases.
+    tags: [ 'v*.*.*' ]
+  workflow_dispatch: {}
+
+permissions:
+  id-token: write
+  contents: read
+
+env:
+  GO_VERSION: '1.18'
+
+jobs:
+  detect-noop:
+    runs-on: ubuntu-latest
+    outputs:
+      noop: ${{ steps.noop.outputs.should_skip }}
+    steps:
+      - name: Detect No-op Changes
+        id: noop
+        uses: fkirc/[email protected]
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          do_not_skip: '["workflow_dispatch", "schedule", "push"]'
+          concurrent_skipping: false
+
+  e2e-tests:
+    strategy:
+      # disable fail-fast to continue the in-progress pipeline when one failed job is detected to
+      # get test results for all scenarios.
+      fail-fast: false
+      matrix:
+        network-setting: [shared-vnet, peered-vnet,  dynamic-ip-allocation]
+    runs-on: ubuntu-latest
+    needs: [
+      detect-noop,
+    ]
+    if: needs.detect-noop.outputs.noop != 'true'
+    steps:
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v3
+
+      - name: Prepare e2e variables
+        run: |
+          echo "AZURE_RESOURCE_GROUP="fleet-networking-e2e-$RANDOM"" >> $GITHUB_ENV
+      # reference: https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/configuring-openid-connect-in-azure
+      - name: 'OIDC Login to Azure Public Cloud'
+        uses: azure/login@v1
+        with:
+          client-id: ${{ secrets.E2E_AZURE_CLIENT_ID }}
+          tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          subscription-id: ${{ secrets.E2E_AZURE_SUBSCRIPTION_ID }}
+      - name: Setup e2e Environment
+        run: |
+          make e2e-setup
+        env:
+          AZURE_SUBSCRIPTION_ID: ${{ secrets.E2E_AZURE_SUBSCRIPTION_ID }}
+          AZURE_NETWORK_SETTING: ${{ matrix.network-setting }}
+          AZURE_RESOURCE_GROUP: ${{ env.AZURE_RESOURCE_GROUP }}
+      - name: Run e2e tests
+        run: |
+          make e2e-tests
+        env:
+          AZURE_SUBSCRIPTION_ID: ${{ secrets.E2E_AZURE_SUBSCRIPTION_ID }}
+          AZURE_NETWORK_SETTING: ${{ matrix.network-setting }}
+          AZURE_RESOURCE_GROUP: ${{ env.AZURE_RESOURCE_GROUP }}
+      - name: Cleanup e2e
+        if: always()
+        run: |
+          make e2e-cleanup
+        env:
+          AZURE_CLIENT_ID: ${{ secrets.E2E_AZURE_CLIENT_ID}}
+          AZURE_CLIENT_SECRET: ${{ secrets.E2E_AZURE_CLIENT_SECRET }}
+          AZURE_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
+          AZURE_RESOURCE_GROUP: ${{ env.AZURE_RESOURCE_GROUP }}

.github/workflows/go.yml

@@ -1,4 +1,4 @@
-name: Go-Lint
+name: Linting
 
 on:
   push:
@@ -16,11 +16,6 @@ env:
   # Common versions
   GO_VERSION: '1.18'
 
-  # TODO: once fleet repo is public, we could remove these env variables.
-  GOPROXY: ${{ secrets.GOPROXY }}
-  GOPRIVATE: ${{ secrets.GOPRIVATE }}
-  GONOPROXY: none
-
 jobs:
 
   detect-noop:

.github/workflows/markdown-lint.yml

@@ -1,4 +1,4 @@
-name: Check Markdown
+name: Markdown Checker
 
 on:
   pull_request:

.github/workflows/publish-image.yml

@@ -1,7 +1,7 @@
 # This Github Action will build and publish images to github registry automatically.
 # The image version can be either `latest` from the main branch or a tag whenever a tag is created.
 
-name: publish_images
+name: Building and Publishing to GitHub
 
 on:
   push:
@@ -21,11 +21,6 @@ env:
 
   GO_VERSION: '1.18'
 
-  # TODO: once fleet repo is public, we could remove these env variables.
-  GOPROXY: ${{ secrets.GOPROXY }}
-  GOPRIVATE: ${{ secrets.GOPRIVATE }}
-  GONOPROXY: none
-
 jobs:
   export-registry:
     runs-on: ubuntu-20.04

.github/workflows/trivy.yml

@@ -1,13 +1,11 @@
-name: Trivy vulnerability scanner
+name: Trivy Vulnerability Scanner
 on:
   push:
     branches:
       - main
-  pull_request:
-    branches:
-      - main
-      - release-*
-    paths-ignore: [docs/**, "**.md", "**.mdx", "**.png", "**.jpg"]
+  create:
+    # Publish semver tags as releases.
+    tags: [ 'v*.*.*' ]
 
 permissions:
   contents: read
@@ -21,11 +19,6 @@ env:
 
   GO_VERSION: '1.18'
 
-  # TODO: once fleet repo is public, we could remove these env variables.
-  GOPROXY: ${{ secrets.GOPROXY }}
-  GOPRIVATE: ${{ secrets.GOPRIVATE }}
-  GONOPROXY: none
-
 jobs:
   export-registry:
     runs-on: ubuntu-20.04

.github/workflows/unit-integration-tests.yml

@@ -0,0 +1,57 @@
+name: Unit and Integration Tests
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch: {}
+  pull_request:
+    branches:
+      - main
+      - release-*
+    paths-ignore: [docs/**, "**.md", "**.mdx", "**.png", "**.jpg"]
+
+permissions:
+  id-token: write
+  contents: read
+
+env:
+  GO_VERSION: '1.18'
+
+jobs:
+  detect-noop:
+    runs-on: ubuntu-latest
+    outputs:
+      noop: ${{ steps.noop.outputs.should_skip }}
+    steps:
+      - name: Detect No-op Changes
+        id: noop
+        uses: fkirc/[email protected]
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          do_not_skip: '["workflow_dispatch", "schedule", "push"]'
+          concurrent_skipping: false
+
+  unit-integration-tests:
+    runs-on: ubuntu-latest
+    needs: detect-noop
+    if: needs.detect-noop.outputs.noop != 'true'
+    steps:
+      - name: Set up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ env.GO_VERSION }}
+
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v3
+
+      - name: Run unit + integration tests & Generate coverage
+        run: make test
+
+      - name: Upload Codecov report
+        uses: codecov/codecov-action@v3
+        with:
+          ## Repository upload token - get it from codecov.io. Required only for private repositories
+          token: ${{ secrets.CODECOV_TOKEN }}
+          ## Comma-separated list of files to upload
+          files: ./coverage.xml