forked from opengovern/og-describer-template
-
Notifications
You must be signed in to change notification settings - Fork 0
148 lines (146 loc) · 4.82 KB
/
build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
name: Build and Deploy
on:
workflow_dispatch:
push:
branches: ["main", "dev"]
jobs:
build:
environment: main
env:
GH_ACCESS_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }}
runs-on: ubuntu-latest
outputs:
latest_tag: ${{ steps.set_latest_tag.outputs.latest_tag }}
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Install musl cc
uses: awalsh128/cache-apt-pkgs-action@v1
with:
packages: musl-tools musl-dev musl
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version-file: './go.mod'
cache: false # Disable built-in caching to use custom caching
- name: Tag Version
id: tag_version
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GH_ACCESS_TOKEN }}
release_branches: main
tag_prefix: v
- name: Cache Go Modules and Build Cache
uses: actions/cache@v4
with:
path: |
~/go/pkg/mod
~/.cache/go-build
key: ${{ runner.os }}-go-${{ hashFiles('**/go.mod') }}-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-${{ hashFiles('**/go.mod') }}-
${{ runner.os }}-go-
- name: Configure Git for Private Repos
run: |
git config --global url.https://[email protected]/opengovern.insteadOf https://github.com/opengovern
- name: Build Github Plugin App
working-directory: ./steampipe-plugin-github
run: make build
- name: Pack Github Plugin Build
working-directory: ./steampipe-plugin-github
run: |
tar -cvf build.tar build
- name: Upload Github Plugin Artifact
uses: actions/upload-artifact@v3
with:
name: steampipe-plugin-github
path: ./steampipe-plugin-github/build.tar
retention-days: 1
- name: Build Local Describer App
working-directory: .
run: make local-build
- name: Pack Local Describer Build
working-directory: .
run: |
tar -cvf local.tar local
- name: Upload Local Artifact
uses: actions/upload-artifact@v3
with:
name: local-og-describer-github
path: ./local.tar
retention-days: 1
- name: Set Latest Tag Output
id: set_latest_tag
run: |
if [[ -z "${{ steps.tag_version.outputs.new_tag }}" ]]; then
echo "latest_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT"
else
echo "latest_tag=${{ steps.tag_version.outputs.new_tag }}" >> "$GITHUB_OUTPUT"
fi
deploy-github-plugin:
needs: build
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
environment: main
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Download Github Plugin Artifact
uses: actions/download-artifact@v3
with:
name: steampipe-plugin-github
path: .
- name: Unpack Github Plugin Artifact
run: |
tar -xvf build.tar
- name: Log in to Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Build and Push Docker Image for Github Plugin
uses: docker/build-push-action@v4
with:
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/steampipe-plugin-github:0.0.1
ghcr.io/${{ github.repository_owner }}/steampipe-plugin-github:${{ needs.build.outputs.latest_tag }}
file: steampipe-plugin-github/docker/Dockerfile
context: .
deploy-local-describer:
needs:
- build
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
environment: main
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Download Local Describer Artifact
uses: actions/download-artifact@v3
with:
name: local-og-describer-github
path: .
- name: Unpack Local Describer Artifact
run: |
tar -xvf local.tar
- name: Log in to Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Build and Push Docker Image for Local Describer
uses: docker/build-push-action@v4
with:
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/og-describer-github:local-latest
ghcr.io/${{ github.repository_owner }}/og-describer-github:local-${{ needs.build.outputs.latest_tag }}
file: DockerFileLocal
context: .