-
Notifications
You must be signed in to change notification settings - Fork 7
127 lines (114 loc) · 4.32 KB
/
callable-publish.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# Copyright 2024 Defense Unicorns
# SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
name: Callable-Publish
on:
workflow_call:
inputs:
runsOn:
default: ubuntu-latest
type: string
flavor:
required: true
type: string
options:
type: string
description: Additional options to set when running the test
default: ""
reports-path:
type: string
description: The path to test outputs to upload
reports-name:
type: string
description: The name prefix for upload test reports
default: playwright-report
timeout:
type: number
default: 40
uds-releaser:
type: boolean
default: false
# Permissions for the GITHUB_TOKEN used by the workflow.
permissions:
contents: read # Allows reading the content of the repository.
packages: read # Allows reading the content of the repository's packages.
id-token: write
jobs:
run:
runs-on: ${{ inputs.runsOn }}
timeout-minutes: ${{ inputs.timeout }}
permissions:
contents: write
packages: write
id-token: write
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Install UDS CLI
uses: defenseunicorns/setup-uds@ab842abcad1f7a3305c2538e3dd1950d0daacfa5 # v1.0.1
with:
# renovate: datasource=github-tags depName=defenseunicorns/uds-cli versioning=semver
version: v0.20.0
- name: Environment setup
run: |
uds run actions:setup-environment \
--set REGISTRY1_USERNAME="${{ secrets.IRON_BANK_ROBOT_USERNAME }}" \
--set REGISTRY1_PASSWORD="${{ secrets.IRON_BANK_ROBOT_PASSWORD }}" \
--set GH_TOKEN="${{ secrets.GITHUB_TOKEN }}" \
--set CHAINGUARD_IDENTITY="${{ secrets.CHAINGUARD_IDENTITY }}"
shell: bash
- name: Publish Packages/Bundles - release-please
if: ${{ inputs.uds-releaser == false }}
run: |
if uds run --list | grep -q 'publish-package'; then
uds run publish-package --set USE_CHECKPOINT=false --set FLAVOR=${{ inputs.flavor }} --no-progress ${{ inputs.options }}
else
uds run publish-release --set USE_CHECKPOINT=false --set FLAVOR=${{ inputs.flavor }} --no-progress ${{ inputs.options }}
fi
- name: Publish Packages/Bundles - uds-releaser
if: ${{ inputs.uds-releaser == true }}
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
if uds-releaser check "${{ inputs.flavor }}"; then
uds-releaser update-yaml ${{ inputs.flavor }}
if uds run --list | grep -q 'publish-package'; then
uds run publish-package \
--set USE_CHECKPOINT=false \
--set FLAVOR=${{ inputs.flavor }} \
--set ENABLE_UDS_RELEASER=true \
--no-progress ${{ inputs.options }}
else
uds run publish-release \
--set USE_CHECKPOINT=false \
--set FLAVOR=${{ inputs.flavor }} \
--set ENABLE_UDS_RELEASER=true \
--no-progress ${{ inputs.options }}
fi
fi
- name: Debug Output
if: ${{ always() }}
run: uds run actions:debug-output
shell: bash
- name: Save logs
if: ${{ always() }}
run: uds run actions:save-logs
shell: bash
- uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ always() }}
with:
name: debug-log-${{ inputs.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}-${{ runner.arch }}
path: |
/tmp/zarf-*.log
/tmp/uds-*.log
/tmp/maru-*.log
/tmp/debug-*.log
/tmp/uds-containerd-logs
/tmp/k3d-uds-*.log
oscal-assessment-results.yaml
- uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ always() && inputs.reports-path != '' }}
with:
name: ${{ inputs.reports-name }}-${{ inputs.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}-${{ runner.arch }}
path: ${{ inputs.reports-path }}
retention-days: 30