Skip to content

fix: install setfacl #5047

fix: install setfacl

fix: install setfacl #5047

Workflow file for this run

# This workflow will build a golang project
# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
name: Go
on:
workflow_dispatch:
inputs:
servicesList:
type: string
description: "List of services to build"
required: false
default: "all"
deployTo:
type: choice
description: "Environment to deploy to"
options:
- "dev"
- "prod"
default: "dev"
push:
branches: ["main"]
pull_request:
branches: ["main"]
jobs:
tag:
runs-on: ubuntu-latest
environment: golang
outputs:
latest_tag: ${{ steps.set_latest_tag.outputs.latest_tag }}
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Tag version
id: tag_version
uses: mathieudutour/[email protected]
with:
github_token: ${{ secrets.GH_ACCESS_TOKEN }}
release_branches: main
tag_prefix: v
- name: Set latest tag output
id: set_latest_tag
run: |
if [[ -z "${{ steps.tag_version.outputs.new_tag }}" ]]; then
echo "latest_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT"
else
echo "latest_tag=${{ steps.tag_version.outputs.new_tag }}" >> "$GITHUB_OUTPUT"
fi
build:
runs-on: ubuntu-latest
needs:
- tag
environment: golang
outputs:
steampipe: ${{ steps.build_services.outputs.steampipe }}
auth-service: ${{ steps.build_services.outputs.auth-service }}
checkup-worker: ${{ steps.build_services.outputs.checkup-worker }}
compliance-report-worker: ${{ steps.build_services.outputs.compliance-report-worker }}
compliance-service: ${{ steps.build_services.outputs.compliance-service }}
compliance-summarizer: ${{ steps.build_services.outputs.compliance-summarizer }}
describe-scheduler: ${{ steps.build_services.outputs.describe-scheduler }}
reporter: ${{ steps.build_services.outputs.reporter }}
insight-worker: ${{ steps.build_services.outputs.insight-worker }}
inventory-service: ${{ steps.build_services.outputs.inventory-service }}
metadata-service: ${{ steps.build_services.outputs.metadata-service }}
migrator-worker: ${{ steps.build_services.outputs.migrator-worker }}
onboard-service: ${{ steps.build_services.outputs.onboard-service }}
subscription-service: ${{ steps.build_services.outputs.subscription-service }}
swagger-ui: ${{ steps.build_services.outputs.swagger-ui }}
workspace-service: ${{ steps.build_services.outputs.workspace-service }}
analytics-worker: ${{ steps.build_services.outputs.analytics-worker }}
alerting-service: ${{ steps.build_services.outputs.alerting-service }}
cost-estimator-service: ${{ steps.build_services.outputs.cost-estimator-service }}
steampipe-plugin-kaytu: ${{ steps.build_services.outputs.steampipe-plugin-kaytu }}
integration-service: ${{ steps.build_services.outputs.integration-service }}
assistant-service: ${{ steps.build_services.outputs.assistant-service }}
es-sink-service: ${{ steps.build_services.outputs.es-sink-service }}
wastage-service: ${{ steps.build_services.outputs.wastage-service }}
information-service: ${{ steps.build_services.outputs.information-service }}
env:
SERVICE_LIST: ${{ github.event.inputs.servicesList }}
GH_ACCESS_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }}
steps:
- name: Free Disk Space (Ubuntu)
uses: jlumbroso/free-disk-space@main
with:
# this might remove tools that are actually needed,
# if set to "true" but frees about 6 GB
tool-cache: false
# all of these default to true, but feel free to set to
# "false" if necessary for your workflow
android: true
dotnet: true
haskell: true
large-packages: false
docker-images: true
swap-storage: true
- name: Install musl cc
uses: awalsh128/cache-apt-pkgs-action@v1
with:
packages: musl-tools musl-dev musl
- uses: actions/checkout@v3
with:
fetch-depth: 5
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version-file: "./go.mod"
cache: false
- name: Go Cache
uses: actions/cache@v3
with:
path: |
~/go/pkg/mod
~/.cache/go-build
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- run: git config --global url.https://[email protected]/kaytu-io.insteadOf https://github.com/kaytu-io
- name: Build services
id: build_services
run: |
set -x
./scripts/list_services > ./service-list
cat ./service-list
cat ./service-list | sed 's/\s\+/\n/g' | sed 's/^\<steampipe\>$//g' | sed 's/^\<redoc\>$//g' | sed '/^$/d' > ./build_services
cat ./build_services
mkdir -p ./build
if [ ! -z "$(cat ./build_services)" ]; then
for f in $(cat ./build_services); do
CC=/usr/bin/musl-gcc GOPRIVATE="github.com/kaytu-io" GOOS=linux GOARCH=amd64 go build -v -ldflags "-linkmode external -extldflags '-static' -s -w" -tags musl -o ./build/ ./cmd/$f;
done
chmod +x ./build/*
fi
for f in $(cat ./service-list); do echo "$f=true" >> "$GITHUB_OUTPUT"; done
- name: Pack build
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
run: |
tar -czvf build.tar.gz build
- name: Upload artifact
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
uses: actions/upload-artifact@v3
with:
name: build
path: build.tar.gz
retention-days: 1
deploy-steampipe:
runs-on: ubuntu-latest
needs:
- build
- tag
- deploy-steampipe-plugin-kaytu
permissions:
id-token: write
contents: read
environment: docker
if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.steampipe == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/SteampipeServiceDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }}
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/SteampipeServiceDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }}
context: .
deploy-auth-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.auth-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/auth-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/AuthServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/auth-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/AuthServiceDockerfile
context: .
deploy-checkup-worker:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.checkup-worker == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/checkup-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/CheckupWorkerDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/checkup-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/CheckupWorkerDockerfile
context: .
deploy-compliance-report-worker:
runs-on: ubuntu-latest
needs:
- build
- tag
- deploy-steampipe-plugin-kaytu
permissions:
id-token: write
contents: read
environment: docker
if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.compliance-report-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/compliance-report-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/ComplianceReportWorkerDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }}
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-report-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/ComplianceReportWorkerDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }}
context: .
deploy-compliance-summarizer:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.compliance-summarizer == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/compliance-summarizer:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/ComplianceSummarizerDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }}
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-summarizer:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/ComplianceSummarizerDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }}
context: .
deploy-compliance-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.compliance-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/compliance-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/ComplianceServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/ComplianceServiceDockerfile
context: .
deploy-describe-scheduler:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.describe-scheduler == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/describe-scheduler:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/DescribeSchedulerDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/describe-scheduler:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/DescribeSchedulerDockerfile
context: .
deploy-integration-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.integration-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/integration:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/IntegrationServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/integration:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/IntegrationServiceDockerfile
context: .
deploy-assistant-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.assistant-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/assistant:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/AssistantServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/assistant:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/AssistantServiceDockerfile
context: .
deploy-es-sink-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.es-sink-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/es-sink:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/EsSinkServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/es-sink:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/EsSinkServiceDockerfile
context: .
deploy-reporter:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.reporter == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/reporter:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/ReporterDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/reporter:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/ReporterDockerfile
context: .
deploy-insight-worker:
runs-on: ubuntu-latest
needs:
- build
- tag
- deploy-steampipe-plugin-kaytu
permissions:
id-token: write
contents: read
environment: docker
if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.insight-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/insight-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/InsightWorkerDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }}
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/insight-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/InsightWorkerDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }}
context: .
deploy-inventory-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.inventory-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/inventory-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/InventoryServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/inventory-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/InventoryServiceDockerfile
context: .
deploy-metadata-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.metadata-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/metadata-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/MetadataServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/metadata-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/MetadataServiceDockerfile
context: .
deploy-migrator-worker:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.migrator-worker == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/migrator:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/MigratorDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/migrator:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/MigratorDockerfile
context: .
deploy-onboard-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.onboard-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/onboard-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/OnboardServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/onboard-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/OnboardServiceDockerfile
context: .
deploy-subscription-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.subscription-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/subscription-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/SubscriptionServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/subscription-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/SubscriptionServiceDockerfile
context: .
deploy-swagger-ui-and-redoc:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.swagger-ui == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images - swagger-ui
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/swagger-ui:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/SwaggerUIDockerfile
context: .
- name: Build and push Docker images - redoc
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/redoc:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/RedocDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR - swagger-ui
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/swagger-ui:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/SwaggerUIDockerfile
context: .
- name: Build and Push to ACR - redoc
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/redoc:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/RedocDockerfile
context: .
deploy-workspace-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.workspace-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/workspace-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/WorkspaceServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/workspace-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/WorkspaceServiceDockerfile
context: .
deploy-analytics-worker:
runs-on: ubuntu-latest
needs:
- build
- tag
- deploy-steampipe-plugin-kaytu
permissions:
id-token: write
contents: read
environment: docker
if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.analytics-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/analytics-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/AnalyticsWorkerDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }}
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/analytics-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/AnalyticsWorkerDockerfile
build-args: |
PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }}
context: .
deploy-alerting-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.alerting-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/alerting-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/AlertingServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/alerting-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/AlertingServiceDockerfile
context: .
deploy-cost-estimator-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.cost-estimator-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/cost-estimator-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/CostEstimatorServiceDockerfile
context: .
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/cost-estimator-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/CostEstimatorServiceDockerfile
context: .
deploy-steampipe-plugin-kaytu:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' ||
needs.build.outputs.steampipe == 'true' ||
needs.build.outputs.compliance-report-worker == 'true' ||
needs.build.outputs.insight-worker == 'true' ||
needs.build.outputs.analytics-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Check if we need to actually push
id: check_if_push
run: |
if [[ -z "${{ needs.build.outputs.steampipe-plugin-kaytu }}" ]]; then
echo "do_build=false" >> $GITHUB_OUTPUT
else
echo "do_build=true" >> $GITHUB_OUTPUT
fi
- name: Checkout code
if: steps.check_if_push.outputs.do_build == 'true'
uses: actions/checkout@v3
- name: Download artifact
if: steps.check_if_push.outputs.do_build == 'true'
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
if: steps.check_if_push.outputs.do_build == 'true'
run: |
tar -xvf build.tar.gz
- name: Configure AWS credentials
if: steps.check_if_push.outputs.do_build == 'true'
uses: aws-actions/configure-aws-credentials@v2
with:
aws-region: ${{ vars.AWS_REGION }}
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
- name: Login to Docker
if: steps.check_if_push.outputs.do_build == 'true'
uses: docker/login-action@v2
with:
registry: ${{ vars.AWS_DOCKER_REGISTRY }}
- name: Build and push Docker images
if: steps.check_if_push.outputs.do_build == 'true'
uses: docker/build-push-action@v4
with:
push: true
tags: |
${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:0.0.1
${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/SteampipePluginKaytuDockerfile
context: .
- name: Azure Docker Login
if: steps.check_if_push.outputs.do_build == 'true'
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_USERNAME }}
password: ${{ secrets.ACR_PASSWORD }}
- name: Build and Push to ACR
if: steps.check_if_push.outputs.do_build == 'true'
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:0.0.1
${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/SteampipePluginKaytuDockerfile
context: .
deploy-wastage-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.wastage-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_PRIVATE_USERNAME }}
password: ${{ secrets.ACR_PRIVATE_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }}/wastage-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/WastageServiceDockerfile
context: .
deploy-information-service:
runs-on: ubuntu-latest
needs:
- build
- tag
permissions:
id-token: write
contents: read
environment: docker
if: needs.build.outputs.information-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Download artifact
uses: actions/download-artifact@v3
with:
name: build
path: .
- name: Unpack artifact
run: |
tar -xvf build.tar.gz
- name: Azure Docker Login
uses: azure/docker-login@v1
with:
login-server: ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }}
username: ${{ secrets.ACR_PRIVATE_USERNAME }}
password: ${{ secrets.ACR_PRIVATE_PASSWORD }}
- name: Build and Push to ACR
uses: docker/build-push-action@v2
with:
push: true
tags: |
${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }}/information-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }}
file: docker/InformationServiceDockerfile
context: .