Publish to Azure Pipeline Extension #28
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish to Azure Pipeline Extension | |
on: | |
workflow_dispatch: | |
inputs: | |
dry_run: | |
description: 'Run without publishing' | |
required: true | |
default: 'false' | |
type: boolean | |
jobs: | |
publish-az-pipeline-ext: | |
environment: prod | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./integration/keeper_secrets_manager_azure_pipeline_extension | |
steps: | |
- name: Get the source code | |
uses: actions/checkout@v3 | |
# - name: Set up Docker | |
# uses: docker/setup-buildx-action@v3 | |
# | |
# - name: Run tests in Docker | |
# run: | | |
# cd ksm-azure-devops-secrets-task | |
# docker build -t keeper-secrets-test . | |
# docker run --rm keeper-secrets-test ./tests/run-tests.sh | |
- name: Retrieve secrets from KSM | |
id: ksmsecrets | |
uses: Keeper-Security/ksm-action@master | |
with: | |
keeper-secret-config: ${{ secrets.KSM_AZ_PIPELINE_PUBSLISHER_CONFIG }} | |
secrets: | | |
DJz3ilHBHIbIZqkTClDV5Q/field/password > PAT | |
- name: Build | |
if: success() | |
run: | | |
cd ksm-azure-devops-secrets-task | |
npm install | |
npm run build | |
- name: Publish | |
if: success() && github.event.inputs.dry_run == 'false' | |
run: | | |
npm install -g tfx-cli | |
tfx extension publish --token ${{ steps.ksmsecrets.outputs.PAT }} | |
ls -lh *.vsix | |
# - name: Step To run on failure | |
# if: ${{ failure() }} | |
# run: | | |
# curl --request POST \ | |
# --url https://api.github.com/repos/${{ github.repository }}/issues \ | |
# --header 'authorization: Bearer ${{ secrets.GITHUB_TOKEN }}' \ | |
# --header 'content-type: application/json' \ | |
# --data '{"title": "Issue created due to failure in workflow ${{ github.workflow }}, run #: ${{ github.run_id }}","body": "This issue was automatically created by the GitHub Action workflow **${{ github.workflow }}**.\n\nDue to failure in run: [${{ github.run_id }}](https://github.com/Keeper-Security/secrets-manager/actions/runs/${{ github.run_id }}).\n\nIf error is related to access denied (expiration of Personal Access Token, aka PAT), here are the steps to generate a new one:\n\n-Steps to generate one documented [HERE](https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops&tabs=preview-page)\n- Update \"Password\" field in record UID `DJz3ilHBHIbIZqkTClDV5Q` (located in shared folder named \"Secrets Manager\")"}' |