name: LNM Migration CI on: workflow_dispatch: inputs: run_staging: description: 'Run staging backfill (1=yes)' required: false default: '0' push: branches: [main] paths: - 'src/Concelier/__Libraries/StellaOps.Concelier.Migrations/**' - 'ops/devops/lnm/**' jobs: build-runner: runs-on: ubuntu-22.04 steps: - name: Checkout uses: actions/checkout@v4 - name: Setup .NET uses: actions/setup-dotnet@v4 with: dotnet-version: 10.0.100 include-prerelease: true - name: Setup cosign uses: sigstore/cosign-installer@v3 - name: Configure signing run: | if [ -z "${{ secrets.COSIGN_PRIVATE_KEY_B64 }}" ]; then echo "COSIGN_ALLOW_DEV_KEY=1" >> $GITHUB_ENV echo "COSIGN_PASSWORD=stellaops-dev" >> $GITHUB_ENV fi env: COSIGN_PRIVATE_KEY_B64: ${{ secrets.COSIGN_PRIVATE_KEY_B64 }} - name: Build and package runner run: | chmod +x ops/devops/lnm/package-runner.sh ops/devops/lnm/package-runner.sh - name: Verify checksums run: | cd out/lnm sha256sum -c SHA256SUMS - name: Upload artifacts uses: actions/upload-artifact@v4 with: name: lnm-migration-runner-${{ github.run_number }} path: | out/lnm/lnm-migration-runner.tar.gz out/lnm/lnm-migration-runner.manifest.json out/lnm/lnm-migration-runner.dsse.json out/lnm/SHA256SUMS if-no-files-found: warn validate-metrics: runs-on: ubuntu-22.04 needs: build-runner steps: - name: Checkout uses: actions/checkout@v4 - name: Validate monitoring config run: | # Validate alert rules syntax if [ -f "ops/devops/lnm/alerts/lnm-alerts.yaml" ]; then echo "Validating alert rules..." python3 -c "import yaml; yaml.safe_load(open('ops/devops/lnm/alerts/lnm-alerts.yaml'))" fi # Validate dashboard JSON if [ -f "ops/devops/lnm/dashboards/lnm-migration.json" ]; then echo "Validating dashboard..." python3 -c "import json; json.load(open('ops/devops/lnm/dashboards/lnm-migration.json'))" fi echo "Monitoring config validation complete"