forked from opengovern/og-describer-template
-
Notifications
You must be signed in to change notification settings - Fork 0
141 lines (137 loc) · 4.64 KB
/
build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
name: Build and Deploy
on:
workflow_dispatch:
push:
branches: ["main", "dev"]
jobs:
build:
environment: main
env:
GH_ACCESS_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }}
runs-on: ubuntu-latest
outputs:
latest_tag: ${{ steps.set_latest_tag.outputs.latest_tag }}
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Install musl cc
uses: awalsh128/cache-apt-pkgs-action@v1
with:
packages: musl-tools musl-dev musl
- name: Setup Go
uses: actions/setup-go@v4
with:
go-version-file: './go.mod'
# cache: false # Disable Go modules caching
- name: Tag Version
id: tag_version
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GH_ACCESS_TOKEN }}
release_branches: main
tag_prefix: v
# Removed Go modules cache step
- name: Configure Git for Private Repos
run: |
git config --global url.https://[email protected]/opengovern.insteadOf https://github.com/opengovern
- name: Build Google Workspace Plugin App
working-directory: ./steampipe-plugin-googleworkspace
run: make build
- name: Pack Google Workspace Plugin Build
working-directory: ./steampipe-plugin-googleworkspace
run: |
tar -cvf build.tar build
- name: Upload Google Workspace Plugin Artifact
uses: actions/upload-artifact@v3
with:
name: steampipe-plugin-googleworkspace
path: ./steampipe-plugin-googleworkspace/build.tar
retention-days: 1
- name: Build Local Describer App
working-directory: .
run: make local-build
- name: Pack Local Describer Build
working-directory: .
run: |
tar -cvf local.tar local
- name: Upload Local Artifact
uses: actions/upload-artifact@v3
with:
name: local-og-describer-googleworkspace
path: ./local.tar
retention-days: 1
- name: Set Latest Tag Output
id: set_latest_tag
run: |
if [[ -z "${{ steps.tag_version.outputs.new_tag }}" ]]; then
echo "latest_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT"
else
echo "latest_tag=${{ steps.tag_version.outputs.new_tag }}" >> "$GITHUB_OUTPUT"
fi
deploy-googleworkspace-plugin:
needs: build
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
environment: main
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Download Google Workspace Plugin Artifact
uses: actions/download-artifact@v3
with:
name: steampipe-plugin-googleworkspace
path: .
- name: Unpack Google Workspace Plugin Artifact
run: |
tar -xvf build.tar
- name: Log in to Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Build and Push Docker Image for Google Workspace Plugin
uses: docker/build-push-action@v4
with:
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/steampipe-plugin-googleworkspace:0.0.1
ghcr.io/${{ github.repository_owner }}/steampipe-plugin-googleworkspace:${{ needs.build.outputs.latest_tag }}
file: steampipe-plugin-googleworkspace/docker/Dockerfile
context: .
deploy-local-describer:
needs:
- build
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
environment: main
steps:
- name: Checkout Code
uses: actions/checkout@v3
- name: Download Local Describer Artifact
uses: actions/download-artifact@v3
with:
name: local-og-describer-googleworkspace
path: .
- name: Unpack Local Describer Artifact
run: |
tar -xvf local.tar
- name: Log in to Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GHCR_PAT }}
- name: Build and Push Docker Image for Local Describer
uses: docker/build-push-action@v4
with:
push: true
tags: |
ghcr.io/${{ github.repository_owner }}/og-describer-googleworkspace:local-latest
ghcr.io/${{ github.repository_owner }}/og-describer-googleworkspace:local-${{ needs.build.outputs.latest_tag }}
file: DockerFileLocal
context: .