feat: add information service #4928
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a golang project | ||
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go | ||
| name: Go | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| servicesList: | ||
| type: string | ||
| description: "List of services to build" | ||
| required: false | ||
| default: "all" | ||
| deployTo: | ||
| type: choice | ||
| description: "Environment to deploy to" | ||
| options: | ||
| - "dev" | ||
| - "prod" | ||
| default: "dev" | ||
| push: | ||
| branches: ["main"] | ||
| pull_request: | ||
| branches: ["main"] | ||
| jobs: | ||
| tag: | ||
| runs-on: ubuntu-latest | ||
| environment: golang | ||
| outputs: | ||
| latest_tag: ${{ steps.set_latest_tag.outputs.latest_tag }} | ||
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Tag version | ||
| id: tag_version | ||
| uses: mathieudutour/[email protected] | ||
| with: | ||
| github_token: ${{ secrets.GH_ACCESS_TOKEN }} | ||
| release_branches: main | ||
| tag_prefix: v | ||
| - name: Set latest tag output | ||
| id: set_latest_tag | ||
| run: | | ||
| if [[ -z "${{ steps.tag_version.outputs.new_tag }}" ]]; then | ||
| echo "latest_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT" | ||
| else | ||
| echo "latest_tag=${{ steps.tag_version.outputs.new_tag }}" >> "$GITHUB_OUTPUT" | ||
| fi | ||
| build: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - tag | ||
| environment: golang | ||
| outputs: | ||
| steampipe: ${{ steps.build_services.outputs.steampipe }} | ||
| auth-service: ${{ steps.build_services.outputs.auth-service }} | ||
| checkup-worker: ${{ steps.build_services.outputs.checkup-worker }} | ||
| compliance-report-worker: ${{ steps.build_services.outputs.compliance-report-worker }} | ||
| compliance-service: ${{ steps.build_services.outputs.compliance-service }} | ||
| compliance-summarizer: ${{ steps.build_services.outputs.compliance-summarizer }} | ||
| describe-scheduler: ${{ steps.build_services.outputs.describe-scheduler }} | ||
| reporter: ${{ steps.build_services.outputs.reporter }} | ||
| insight-worker: ${{ steps.build_services.outputs.insight-worker }} | ||
| inventory-service: ${{ steps.build_services.outputs.inventory-service }} | ||
| metadata-service: ${{ steps.build_services.outputs.metadata-service }} | ||
| migrator-worker: ${{ steps.build_services.outputs.migrator-worker }} | ||
| onboard-service: ${{ steps.build_services.outputs.onboard-service }} | ||
| subscription-service: ${{ steps.build_services.outputs.subscription-service }} | ||
| swagger-ui: ${{ steps.build_services.outputs.swagger-ui }} | ||
| workspace-service: ${{ steps.build_services.outputs.workspace-service }} | ||
| analytics-worker: ${{ steps.build_services.outputs.analytics-worker }} | ||
| alerting-service: ${{ steps.build_services.outputs.alerting-service }} | ||
| cost-estimator-service: ${{ steps.build_services.outputs.cost-estimator-service }} | ||
| steampipe-plugin-kaytu: ${{ steps.build_services.outputs.steampipe-plugin-kaytu }} | ||
| integration-service: ${{ steps.build_services.outputs.integration-service }} | ||
| assistant-service: ${{ steps.build_services.outputs.assistant-service }} | ||
| es-sink-service: ${{ steps.build_services.outputs.es-sink-service }} | ||
| wastage-service: ${{ steps.build_services.outputs.wastage-service }} | ||
| information-service: ${{ steps.build_services.outputs.information-service }} | ||
| env: | ||
| SERVICE_LIST: ${{ github.event.inputs.servicesList }} | ||
| GH_ACCESS_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }} | ||
| steps: | ||
| - name: Free Disk Space (Ubuntu) | ||
| uses: jlumbroso/free-disk-space@main | ||
| with: | ||
| # this might remove tools that are actually needed, | ||
| # if set to "true" but frees about 6 GB | ||
| tool-cache: false | ||
| # all of these default to true, but feel free to set to | ||
| # "false" if necessary for your workflow | ||
| android: true | ||
| dotnet: true | ||
| haskell: true | ||
| large-packages: false | ||
| docker-images: true | ||
| swap-storage: true | ||
| - name: Install musl cc | ||
| uses: awalsh128/cache-apt-pkgs-action@v1 | ||
| with: | ||
| packages: musl-tools musl-dev musl | ||
| - uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 5 | ||
| - name: Set up Go | ||
| uses: actions/setup-go@v4 | ||
| with: | ||
| go-version-file: "./go.mod" | ||
| cache: false | ||
| - name: Go Cache | ||
| uses: actions/cache@v3 | ||
| with: | ||
| path: | | ||
| ~/go/pkg/mod | ||
| ~/.cache/go-build | ||
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-go- | ||
| - run: git config --global url.https://[email protected]/kaytu-io.insteadOf https://github.com/kaytu-io | ||
| - name: Build services | ||
| id: build_services | ||
| run: | | ||
| set -x | ||
| ./scripts/list_services > ./service-list | ||
| cat ./service-list | ||
| cat ./service-list | sed 's/\s\+/\n/g' | sed 's/^\<steampipe\>$//g' | sed 's/^\<redoc\>$//g' | sed '/^$/d' > ./build_services | ||
| cat ./build_services | ||
| mkdir -p ./build | ||
| if [ ! -z "$(cat ./build_services)" ]; then | ||
| for f in $(cat ./build_services); do | ||
| CC=/usr/bin/musl-gcc GOPRIVATE="github.com/kaytu-io" GOOS=linux GOARCH=amd64 go build -v -ldflags "-linkmode external -extldflags '-static' -s -w" -tags musl -o ./build/ ./cmd/$f; | ||
| done | ||
| chmod +x ./build/* | ||
| fi | ||
| for f in $(cat ./service-list); do echo "$f=true" >> "$GITHUB_OUTPUT"; done | ||
| - name: Pack build | ||
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| run: | | ||
| tar -czvf build.tar.gz build | ||
| - name: Upload artifact | ||
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| uses: actions/upload-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: build.tar.gz | ||
| retention-days: 1 | ||
| deploy-steampipe: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| - deploy-steampipe-plugin-kaytu | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.steampipe == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/SteampipeServiceDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/SteampipeServiceDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| context: . | ||
| deploy-auth-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.auth-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/auth-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/AuthServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/auth-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/AuthServiceDockerfile | ||
| context: . | ||
| deploy-checkup-worker: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.checkup-worker == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/checkup-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/CheckupWorkerDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/checkup-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/CheckupWorkerDockerfile | ||
| context: . | ||
| deploy-compliance-report-worker: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| - deploy-steampipe-plugin-kaytu | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.compliance-report-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/compliance-report-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/ComplianceReportWorkerDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-report-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/ComplianceReportWorkerDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| context: . | ||
| deploy-compliance-summarizer: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.compliance-summarizer == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/compliance-summarizer:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/ComplianceSummarizerDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-summarizer:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/ComplianceSummarizerDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| context: . | ||
| deploy-compliance-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.compliance-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/compliance-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/ComplianceServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/ComplianceServiceDockerfile | ||
| context: . | ||
| deploy-describe-scheduler: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.describe-scheduler == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/describe-scheduler:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/DescribeSchedulerDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/describe-scheduler:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/DescribeSchedulerDockerfile | ||
| context: . | ||
| deploy-integration-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.integration-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/integration:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/IntegrationServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/integration:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/IntegrationServiceDockerfile | ||
| context: . | ||
| deploy-assistant-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.assistant-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/assistant:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/AssistantServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/assistant:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/AssistantServiceDockerfile | ||
| context: . | ||
| deploy-es-sink-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.es-sink-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/es-sink:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/EsSinkServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/es-sink:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/EsSinkServiceDockerfile | ||
| context: . | ||
| deploy-reporter: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.reporter == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/reporter:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/ReporterDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/reporter:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/ReporterDockerfile | ||
| context: . | ||
| deploy-insight-worker: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| - deploy-steampipe-plugin-kaytu | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.insight-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/insight-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/InsightWorkerDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/insight-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/InsightWorkerDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| context: . | ||
| deploy-inventory-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.inventory-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/inventory-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/InventoryServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/inventory-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/InventoryServiceDockerfile | ||
| context: . | ||
| deploy-metadata-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.metadata-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/metadata-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/MetadataServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/metadata-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/MetadataServiceDockerfile | ||
| context: . | ||
| deploy-migrator-worker: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.migrator-worker == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/migrator:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/MigratorDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/migrator:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/MigratorDockerfile | ||
| context: . | ||
| deploy-onboard-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.onboard-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/onboard-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/OnboardServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/onboard-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/OnboardServiceDockerfile | ||
| context: . | ||
| deploy-subscription-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.subscription-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/subscription-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/SubscriptionServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/subscription-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/SubscriptionServiceDockerfile | ||
| context: . | ||
| deploy-swagger-ui-and-redoc: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.swagger-ui == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images - swagger-ui | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/swagger-ui:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/SwaggerUIDockerfile | ||
| context: . | ||
| - name: Build and push Docker images - redoc | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/redoc:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/RedocDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR - swagger-ui | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/swagger-ui:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/SwaggerUIDockerfile | ||
| context: . | ||
| - name: Build and Push to ACR - redoc | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/redoc:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/RedocDockerfile | ||
| context: . | ||
| deploy-workspace-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.workspace-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/workspace-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/WorkspaceServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/workspace-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/WorkspaceServiceDockerfile | ||
| context: . | ||
| deploy-analytics-worker: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| - deploy-steampipe-plugin-kaytu | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.analytics-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/analytics-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/AnalyticsWorkerDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/analytics-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/AnalyticsWorkerDockerfile | ||
| build-args: | | ||
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| context: . | ||
| deploy-alerting-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.alerting-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/alerting-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/AlertingServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/alerting-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/AlertingServiceDockerfile | ||
| context: . | ||
| deploy-cost-estimator-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.cost-estimator-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/cost-estimator-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/CostEstimatorServiceDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/cost-estimator-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/CostEstimatorServiceDockerfile | ||
| context: . | ||
| deploy-steampipe-plugin-kaytu: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || | ||
| needs.build.outputs.steampipe == 'true' || | ||
| needs.build.outputs.compliance-report-worker == 'true' || | ||
| needs.build.outputs.insight-worker == 'true' || | ||
| needs.build.outputs.analytics-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Check if we need to actually push | ||
| id: check_if_push | ||
| run: | | ||
| if [[ -z "${{ needs.build.outputs.steampipe-plugin-kaytu }}" ]]; then | ||
| echo "do_build=false" >> $GITHUB_OUTPUT | ||
| else | ||
| echo "do_build=true" >> $GITHUB_OUTPUT | ||
| fi | ||
| - name: Checkout code | ||
| if: steps.check_if_push.outputs.do_build == 'true' | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| if: steps.check_if_push.outputs.do_build == 'true' | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| if: steps.check_if_push.outputs.do_build == 'true' | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Configure AWS credentials | ||
| if: steps.check_if_push.outputs.do_build == 'true' | ||
| uses: aws-actions/configure-aws-credentials@v2 | ||
| with: | ||
| aws-region: ${{ vars.AWS_REGION }} | ||
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
| - name: Login to Docker | ||
| if: steps.check_if_push.outputs.do_build == 'true' | ||
| uses: docker/login-action@v2 | ||
| with: | ||
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | ||
| - name: Build and push Docker images | ||
| if: steps.check_if_push.outputs.do_build == 'true' | ||
| uses: docker/build-push-action@v4 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:0.0.1 | ||
| ${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/SteampipePluginKaytuDockerfile | ||
| context: . | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_USERNAME }} | ||
| password: ${{ secrets.ACR_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:0.0.1 | ||
| ${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/SteampipePluginKaytuDockerfile | ||
| context: . | ||
| deploy-wastage-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.wastage-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_PRIVATE_USERNAME }} | ||
| password: ${{ secrets.ACR_PRIVATE_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }}/wastage-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/WastageServiceDockerfile | ||
| context: . | ||
| deploy-information-service: | ||
| runs-on: ubuntu-latest | ||
| needs: | ||
| - build | ||
| - tag | ||
| permissions: | ||
| id-token: write | ||
| contents: read | ||
| environment: docker | ||
| if: needs.build.outputs.information-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | ||
| steps: | ||
| - name: Checkout code | ||
| uses: actions/checkout@v3 | ||
| - name: Download artifact | ||
| uses: actions/download-artifact@v3 | ||
| with: | ||
| name: build | ||
| path: . | ||
| - name: Unpack artifact | ||
| run: | | ||
| tar -xvf build.tar.gz | ||
| - name: Azure Docker Login | ||
| uses: azure/docker-login@v1 | ||
| with: | ||
| login-server: ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }} | ||
| username: ${{ secrets.ACR_PRIVATE_USERNAME }} | ||
| password: ${{ secrets.ACR_PRIVATE_PASSWORD }} | ||
| - name: Build and Push to ACR | ||
| uses: docker/build-push-action@v2 | ||
| with: | ||
| push: true | ||
| tags: | | ||
| ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }}/information-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | ||
| file: docker/InformationServiceDockerfile | ||
| context: . | ||
