v13.0.1 #424
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Automated deploy | |
on: | |
release: | |
types: [ created ] | |
env: | |
VERSION: ${{ github.event.release.tag_name }} | |
TARGET_REF: ${{ github.event.release.target_commitish }} | |
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true | |
jobs: | |
install-deps: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.TARGET_REF }} | |
token: ${{ secrets.GPR_TOKEN }} | |
- name: Install deps | |
uses: ./.github/workflows/composite/npm | |
build: | |
runs-on: ubuntu-latest | |
needs: install-deps | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.TARGET_REF }} | |
token: ${{ secrets.GPR_TOKEN }} | |
- name: Install deps | |
uses: ./.github/workflows/composite/npm | |
- name: Set default distribution | |
run: npm pkg set brightCli.distribution=package | |
- name: Build package | |
run: npm run build | |
env: | |
SENTRY_DSN: ${{ secrets.SENTRY_DSN }} | |
- name: Pack artifacts | |
run: npm pack | |
- uses: svenstaro/upload-release-action@2.9.0 | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: ./brightsec-cli-* | |
tag: ${{ github.ref }} | |
file_glob: true | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: build | |
path: | | |
dist | |
Dockerfile | |
package.json | |
package-lock.json | |
README.md | |
LICENSE | |
tools | |
generate-binary: | |
needs: build | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- os: windows-2019 | |
target: win | |
node: 20 | |
- os: macos-12 | |
target: macos | |
node: 20 | |
- os: ubuntu-20.04 | |
target: linux | |
node: 20 | |
container: | |
image: redhat/ubi8 | |
options: "--user root" | |
runs-on: ${{ matrix.os }} | |
container: ${{ matrix.container }} | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.TARGET_REF }} | |
token: ${{ secrets.GPR_TOKEN }} | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build | |
- name: Install dev-deps | |
if: startsWith(matrix.os, 'ubuntu') | |
run: | | |
dnf install -y dnf-utils \ | |
&& dnf install -y python3 gcc gcc-c++ make \ | |
&& rm -rf /var/cache/dnf | |
- name: Install deps | |
uses: ./.github/workflows/composite/npm | |
with: | |
version: ${{ matrix.node }} | |
- name: Set distribution | |
run: npx json -I -f package.json -e "this.brightCli.distribution='${{ matrix.target }}-executable'" | |
- name: Build executable file | |
run: npm run build:pkg -- -t node${{ matrix.node }}-${{ matrix.target }}-x64 | |
- name: Build MSI | |
if: startsWith(matrix.os, 'win') | |
run: .\tools\scripts\build-msi.ps1 | |
shell: pwsh | |
- uses: svenstaro/upload-release-action@2.9.0 | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: ${{ startsWith(matrix.os, 'win') && '.\bin\cli.exe' || './bin/cli' }} | |
asset_name: ${{ format('bright-cli-{0}-x64{1}', matrix.target, startsWith(matrix.os, 'win') && '.exe' || '') }} | |
tag: ${{ github.ref }} | |
- uses: svenstaro/upload-release-action@2.9.0 | |
if: startsWith(matrix.os, 'win') | |
with: | |
repo_token: ${{ secrets.GITHUB_TOKEN }} | |
file: .\bin\bright-cli.msi | |
asset_name: bright-cli.msi | |
tag: ${{ github.ref }} | |
publish: | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
ref: ${{ env.TARGET_REF }} | |
token: ${{ secrets.GPR_TOKEN }} | |
- uses: actions/download-artifact@v4 | |
with: | |
name: build | |
- name: Setup node | |
uses: ./.github/workflows/composite/npm | |
- name: Set TAG based on target_commitish | |
run: | | |
if [ "${{ github.event.release.target_commitish }}" == "next" ]; then | |
echo "TAG=next" >> $GITHUB_ENV | |
elif [ "${{ github.event.release.target_commitish }}" == "alpha" ]; then | |
echo "TAG=alpha" >> $GITHUB_ENV | |
elif [ "${{ github.event.release.target_commitish }}" == "master" ]; then | |
echo "TAG=latest" >> $GITHUB_ENV | |
else | |
exit 1 | |
fi | |
- name: Set NPM distribution | |
run: npm pkg set brightCli.distribution=npm | |
- run: npm publish --tag $TAG | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }} | |
# The scope does not align with the package name | |
# FIXME: once GitHub organization name has been changed, we should prevent this behavior | |
- name: Prepare GPR package | |
run: | | |
npm pkg set name='@neuralegion/bright-cli' \ | |
&& npm pkg set brightCli.distribution=gpr | |
- name: Setup node | |
uses: ./.github/workflows/composite/npm | |
with: | |
registry: 'https://npm.pkg.github.com' | |
scope: '@NeuraLegion' | |
- run: npm publish --tag $TAG | |
env: | |
NODE_AUTH_TOKEN: ${{ secrets.GPR_TOKEN }} | |
- run: sleep 30 | |
- name: Prepare Image Tags | |
run: | | |
echo "TAG_REPEATER=brightsec/cli" >> $GITHUB_ENV | |
- name: Build Images | |
run: | | |
docker build . --file Dockerfile --build-arg VERSION=$VERSION -t $TAG_REPEATER:$VERSION -t $TAG_REPEATER:$TAG | |
- name: Push Images | |
run: | | |
docker login --username=${{ secrets.DOCKERHUB_BRIGHT_USER }} --password=${{ secrets.DOCKERHUB_BRIGHT_TOKEN }} | |
docker push $TAG_REPEATER --all-tags |