fix: install setfacl #5050
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow will build a golang project | |
| # For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go | |
| name: Go | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| servicesList: | |
| type: string | |
| description: "List of services to build" | |
| required: false | |
| default: "all" | |
| deployTo: | |
| type: choice | |
| description: "Environment to deploy to" | |
| options: | |
| - "dev" | |
| - "prod" | |
| default: "dev" | |
| push: | |
| branches: ["main"] | |
| pull_request: | |
| branches: ["main"] | |
| jobs: | |
| tag: | |
| runs-on: ubuntu-latest | |
| environment: golang | |
| outputs: | |
| latest_tag: ${{ steps.set_latest_tag.outputs.latest_tag }} | |
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Tag version | |
| id: tag_version | |
| uses: mathieudutour/[email protected] | |
| with: | |
| github_token: ${{ secrets.GH_ACCESS_TOKEN }} | |
| release_branches: main | |
| tag_prefix: v | |
| - name: Set latest tag output | |
| id: set_latest_tag | |
| run: | | |
| if [[ -z "${{ steps.tag_version.outputs.new_tag }}" ]]; then | |
| echo "latest_tag=${{ steps.tag_version.outputs.previous_tag }}" >> "$GITHUB_OUTPUT" | |
| else | |
| echo "latest_tag=${{ steps.tag_version.outputs.new_tag }}" >> "$GITHUB_OUTPUT" | |
| fi | |
| build: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - tag | |
| environment: golang | |
| outputs: | |
| steampipe: ${{ steps.build_services.outputs.steampipe }} | |
| auth-service: ${{ steps.build_services.outputs.auth-service }} | |
| checkup-worker: ${{ steps.build_services.outputs.checkup-worker }} | |
| compliance-report-worker: ${{ steps.build_services.outputs.compliance-report-worker }} | |
| compliance-service: ${{ steps.build_services.outputs.compliance-service }} | |
| compliance-summarizer: ${{ steps.build_services.outputs.compliance-summarizer }} | |
| describe-scheduler: ${{ steps.build_services.outputs.describe-scheduler }} | |
| reporter: ${{ steps.build_services.outputs.reporter }} | |
| insight-worker: ${{ steps.build_services.outputs.insight-worker }} | |
| inventory-service: ${{ steps.build_services.outputs.inventory-service }} | |
| metadata-service: ${{ steps.build_services.outputs.metadata-service }} | |
| migrator-worker: ${{ steps.build_services.outputs.migrator-worker }} | |
| onboard-service: ${{ steps.build_services.outputs.onboard-service }} | |
| subscription-service: ${{ steps.build_services.outputs.subscription-service }} | |
| swagger-ui: ${{ steps.build_services.outputs.swagger-ui }} | |
| workspace-service: ${{ steps.build_services.outputs.workspace-service }} | |
| analytics-worker: ${{ steps.build_services.outputs.analytics-worker }} | |
| alerting-service: ${{ steps.build_services.outputs.alerting-service }} | |
| cost-estimator-service: ${{ steps.build_services.outputs.cost-estimator-service }} | |
| steampipe-plugin-kaytu: ${{ steps.build_services.outputs.steampipe-plugin-kaytu }} | |
| integration-service: ${{ steps.build_services.outputs.integration-service }} | |
| assistant-service: ${{ steps.build_services.outputs.assistant-service }} | |
| es-sink-service: ${{ steps.build_services.outputs.es-sink-service }} | |
| wastage-service: ${{ steps.build_services.outputs.wastage-service }} | |
| information-service: ${{ steps.build_services.outputs.information-service }} | |
| env: | |
| SERVICE_LIST: ${{ github.event.inputs.servicesList }} | |
| GH_ACCESS_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }} | |
| steps: | |
| - name: Free Disk Space (Ubuntu) | |
| uses: jlumbroso/free-disk-space@main | |
| with: | |
| # this might remove tools that are actually needed, | |
| # if set to "true" but frees about 6 GB | |
| tool-cache: false | |
| # all of these default to true, but feel free to set to | |
| # "false" if necessary for your workflow | |
| android: true | |
| dotnet: true | |
| haskell: true | |
| large-packages: false | |
| docker-images: true | |
| swap-storage: true | |
| - name: Install musl cc | |
| uses: awalsh128/cache-apt-pkgs-action@v1 | |
| with: | |
| packages: musl-tools musl-dev musl | |
| - uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 5 | |
| - name: Set up Go | |
| uses: actions/setup-go@v4 | |
| with: | |
| go-version-file: "./go.mod" | |
| cache: false | |
| - name: Go Cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| ~/go/pkg/mod | |
| ~/.cache/go-build | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - run: git config --global url.https://[email protected]/kaytu-io.insteadOf https://github.com/kaytu-io | |
| - name: Build services | |
| id: build_services | |
| run: | | |
| set -x | |
| ./scripts/list_services > ./service-list | |
| cat ./service-list | |
| cat ./service-list | sed 's/\s\+/\n/g' | sed 's/^\<steampipe\>$//g' | sed 's/^\<redoc\>$//g' | sed '/^$/d' > ./build_services | |
| cat ./build_services | |
| mkdir -p ./build | |
| if [ ! -z "$(cat ./build_services)" ]; then | |
| for f in $(cat ./build_services); do | |
| CC=/usr/bin/musl-gcc GOPRIVATE="github.com/kaytu-io" GOOS=linux GOARCH=amd64 go build -v -ldflags "-linkmode external -extldflags '-static' -s -w" -tags musl -o ./build/ ./cmd/$f; | |
| done | |
| chmod +x ./build/* | |
| fi | |
| for f in $(cat ./service-list); do echo "$f=true" >> "$GITHUB_OUTPUT"; done | |
| - name: Pack build | |
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| run: | | |
| tar -czvf build.tar.gz build | |
| - name: Upload artifact | |
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: build | |
| path: build.tar.gz | |
| retention-days: 1 | |
| deploy-steampipe: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| - deploy-steampipe-plugin-kaytu | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.steampipe == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/SteampipeServiceDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/SteampipeServiceDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | |
| context: . | |
| deploy-auth-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.auth-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/auth-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/AuthServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/auth-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/AuthServiceDockerfile | |
| context: . | |
| deploy-checkup-worker: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.checkup-worker == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/checkup-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/CheckupWorkerDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/checkup-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/CheckupWorkerDockerfile | |
| context: . | |
| deploy-compliance-report-worker: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| - deploy-steampipe-plugin-kaytu | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.compliance-report-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/compliance-report-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/ComplianceReportWorkerDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-report-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/ComplianceReportWorkerDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | |
| context: . | |
| deploy-compliance-summarizer: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.compliance-summarizer == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/compliance-summarizer:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/ComplianceSummarizerDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-summarizer:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/ComplianceSummarizerDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | |
| context: . | |
| deploy-compliance-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.compliance-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/compliance-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/ComplianceServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/compliance-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/ComplianceServiceDockerfile | |
| context: . | |
| deploy-describe-scheduler: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.describe-scheduler == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/describe-scheduler:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/DescribeSchedulerDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/describe-scheduler:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/DescribeSchedulerDockerfile | |
| context: . | |
| deploy-integration-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.integration-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/integration:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/IntegrationServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/integration:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/IntegrationServiceDockerfile | |
| context: . | |
| deploy-assistant-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.assistant-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/assistant:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/AssistantServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/assistant:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/AssistantServiceDockerfile | |
| context: . | |
| deploy-es-sink-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.es-sink-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/es-sink:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/EsSinkServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/es-sink:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/EsSinkServiceDockerfile | |
| context: . | |
| deploy-reporter: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.reporter == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/reporter:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/ReporterDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/reporter:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/ReporterDockerfile | |
| context: . | |
| deploy-insight-worker: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| - deploy-steampipe-plugin-kaytu | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.insight-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/insight-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/InsightWorkerDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/insight-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/InsightWorkerDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | |
| context: . | |
| deploy-inventory-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.inventory-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/inventory-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/InventoryServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/inventory-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/InventoryServiceDockerfile | |
| context: . | |
| deploy-metadata-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.metadata-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/metadata-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/MetadataServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/metadata-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/MetadataServiceDockerfile | |
| context: . | |
| deploy-migrator-worker: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.migrator-worker == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/migrator:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/MigratorDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/migrator:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/MigratorDockerfile | |
| context: . | |
| deploy-onboard-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.onboard-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/onboard-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/OnboardServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/onboard-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/OnboardServiceDockerfile | |
| context: . | |
| deploy-subscription-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.subscription-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/subscription-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/SubscriptionServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/subscription-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/SubscriptionServiceDockerfile | |
| context: . | |
| deploy-swagger-ui-and-redoc: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.swagger-ui == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images - swagger-ui | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/swagger-ui:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/SwaggerUIDockerfile | |
| context: . | |
| - name: Build and push Docker images - redoc | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/redoc:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/RedocDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR - swagger-ui | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/swagger-ui:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/SwaggerUIDockerfile | |
| context: . | |
| - name: Build and Push to ACR - redoc | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/redoc:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/RedocDockerfile | |
| context: . | |
| deploy-workspace-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.workspace-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/workspace-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/WorkspaceServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/workspace-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/WorkspaceServiceDockerfile | |
| context: . | |
| deploy-analytics-worker: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| - deploy-steampipe-plugin-kaytu | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || needs.build.outputs.analytics-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/analytics-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/AnalyticsWorkerDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AWS_DOCKER_REGISTRY }} | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/analytics-worker:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/AnalyticsWorkerDockerfile | |
| build-args: | | |
| PLUGIN_REGISTRY=${{ vars.AZURE_DOCKER_REGISTRY }} | |
| context: . | |
| deploy-alerting-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.alerting-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/alerting-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/AlertingServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/alerting-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/AlertingServiceDockerfile | |
| context: . | |
| deploy-cost-estimator-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.cost-estimator-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/cost-estimator-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/CostEstimatorServiceDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/cost-estimator-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/CostEstimatorServiceDockerfile | |
| context: . | |
| deploy-steampipe-plugin-kaytu: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: (needs.build.outputs.steampipe-plugin-kaytu == 'true' || | |
| needs.build.outputs.steampipe == 'true' || | |
| needs.build.outputs.compliance-report-worker == 'true' || | |
| needs.build.outputs.insight-worker == 'true' || | |
| needs.build.outputs.analytics-worker == 'true') && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Check if we need to actually push | |
| id: check_if_push | |
| run: | | |
| if [[ -z "${{ needs.build.outputs.steampipe-plugin-kaytu }}" ]]; then | |
| echo "do_build=false" >> $GITHUB_OUTPUT | |
| else | |
| echo "do_build=true" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Checkout code | |
| if: steps.check_if_push.outputs.do_build == 'true' | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| if: steps.check_if_push.outputs.do_build == 'true' | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| if: steps.check_if_push.outputs.do_build == 'true' | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Configure AWS credentials | |
| if: steps.check_if_push.outputs.do_build == 'true' | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| aws-region: ${{ vars.AWS_REGION }} | |
| role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | |
| - name: Login to Docker | |
| if: steps.check_if_push.outputs.do_build == 'true' | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ vars.AWS_DOCKER_REGISTRY }} | |
| - name: Build and push Docker images | |
| if: steps.check_if_push.outputs.do_build == 'true' | |
| uses: docker/build-push-action@v4 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:0.0.1 | |
| ${{ vars.AWS_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/SteampipePluginKaytuDockerfile | |
| context: . | |
| - name: Azure Docker Login | |
| if: steps.check_if_push.outputs.do_build == 'true' | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_USERNAME }} | |
| password: ${{ secrets.ACR_PASSWORD }} | |
| - name: Build and Push to ACR | |
| if: steps.check_if_push.outputs.do_build == 'true' | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:0.0.1 | |
| ${{ vars.AZURE_DOCKER_REGISTRY }}/steampipe-plugin-kaytu:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/SteampipePluginKaytuDockerfile | |
| context: . | |
| deploy-wastage-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.wastage-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_PRIVATE_USERNAME }} | |
| password: ${{ secrets.ACR_PRIVATE_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }}/wastage-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/WastageServiceDockerfile | |
| context: . | |
| deploy-information-service: | |
| runs-on: ubuntu-latest | |
| needs: | |
| - build | |
| - tag | |
| permissions: | |
| id-token: write | |
| contents: read | |
| environment: docker | |
| if: needs.build.outputs.information-service == 'true' && github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Download artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: build | |
| path: . | |
| - name: Unpack artifact | |
| run: | | |
| tar -xvf build.tar.gz | |
| - name: Azure Docker Login | |
| uses: azure/docker-login@v1 | |
| with: | |
| login-server: ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }} | |
| username: ${{ secrets.ACR_PRIVATE_USERNAME }} | |
| password: ${{ secrets.ACR_PRIVATE_PASSWORD }} | |
| - name: Build and Push to ACR | |
| uses: docker/build-push-action@v2 | |
| with: | |
| push: true | |
| tags: | | |
| ${{ vars.AZURE_PRIVATE_DOCKER_REGISTRY }}/information-service:${{ needs.tag.outputs.latest_tag }}-${{ github.event.inputs.deployTo == '' && 'dev' || github.event.inputs.deployTo }} | |
| file: docker/InformationServiceDockerfile | |
| context: . |