Skip to content

v13.0.1

v13.0.1 #424

Workflow file for this run

name: Automated deploy
on:
release:
types: [ created ]
env:
VERSION: ${{ github.event.release.tag_name }}
TARGET_REF: ${{ github.event.release.target_commitish }}
ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION: true
jobs:
install-deps:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
with:
ref: ${{ env.TARGET_REF }}
token: ${{ secrets.GPR_TOKEN }}
- name: Install deps
uses: ./.github/workflows/composite/npm
build:
runs-on: ubuntu-latest
needs: install-deps
steps:
- uses: actions/checkout@v4
with:
ref: ${{ env.TARGET_REF }}
token: ${{ secrets.GPR_TOKEN }}
- name: Install deps
uses: ./.github/workflows/composite/npm
- name: Set default distribution
run: npm pkg set brightCli.distribution=package
- name: Build package
run: npm run build
env:
SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
- name: Pack artifacts
run: npm pack
- uses: svenstaro/upload-release-action@2.9.0
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ./brightsec-cli-*
tag: ${{ github.ref }}
file_glob: true
- uses: actions/upload-artifact@v4
with:
name: build
path: |
dist
Dockerfile
package.json
package-lock.json
README.md
LICENSE
tools
generate-binary:
needs: build
strategy:
fail-fast: false
matrix:
include:
- os: windows-2019
target: win
node: 20
- os: macos-12
target: macos
node: 20
- os: ubuntu-20.04
target: linux
node: 20
container:
image: redhat/ubi8
options: "--user root"
runs-on: ${{ matrix.os }}
container: ${{ matrix.container }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ env.TARGET_REF }}
token: ${{ secrets.GPR_TOKEN }}
- uses: actions/download-artifact@v4
with:
name: build
- name: Install dev-deps
if: startsWith(matrix.os, 'ubuntu')
run: |
dnf install -y dnf-utils \
&& dnf install -y python3 gcc gcc-c++ make \
&& rm -rf /var/cache/dnf
- name: Install deps
uses: ./.github/workflows/composite/npm
with:
version: ${{ matrix.node }}
- name: Set distribution
run: npx json -I -f package.json -e "this.brightCli.distribution='${{ matrix.target }}-executable'"
- name: Build executable file
run: npm run build:pkg -- -t node${{ matrix.node }}-${{ matrix.target }}-x64
- name: Build MSI
if: startsWith(matrix.os, 'win')
run: .\tools\scripts\build-msi.ps1
shell: pwsh
- uses: svenstaro/upload-release-action@2.9.0
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: ${{ startsWith(matrix.os, 'win') && '.\bin\cli.exe' || './bin/cli' }}
asset_name: ${{ format('bright-cli-{0}-x64{1}', matrix.target, startsWith(matrix.os, 'win') && '.exe' || '') }}
tag: ${{ github.ref }}
- uses: svenstaro/upload-release-action@2.9.0
if: startsWith(matrix.os, 'win')
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: .\bin\bright-cli.msi
asset_name: bright-cli.msi
tag: ${{ github.ref }}
publish:
runs-on: ubuntu-latest
needs: build
steps:
- uses: actions/checkout@v4
with:
ref: ${{ env.TARGET_REF }}
token: ${{ secrets.GPR_TOKEN }}
- uses: actions/download-artifact@v4
with:
name: build
- name: Setup node
uses: ./.github/workflows/composite/npm
- name: Set TAG based on target_commitish
run: |
if [ "${{ github.event.release.target_commitish }}" == "next" ]; then
echo "TAG=next" >> $GITHUB_ENV
elif [ "${{ github.event.release.target_commitish }}" == "alpha" ]; then
echo "TAG=alpha" >> $GITHUB_ENV
elif [ "${{ github.event.release.target_commitish }}" == "master" ]; then
echo "TAG=latest" >> $GITHUB_ENV
else
exit 1
fi
- name: Set NPM distribution
run: npm pkg set brightCli.distribution=npm
- run: npm publish --tag $TAG
env:
NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
# The scope does not align with the package name
# FIXME: once GitHub organization name has been changed, we should prevent this behavior
- name: Prepare GPR package
run: |
npm pkg set name='@neuralegion/bright-cli' \
&& npm pkg set brightCli.distribution=gpr
- name: Setup node
uses: ./.github/workflows/composite/npm
with:
registry: 'https://npm.pkg.github.com'
scope: '@NeuraLegion'
- run: npm publish --tag $TAG
env:
NODE_AUTH_TOKEN: ${{ secrets.GPR_TOKEN }}
- run: sleep 30
- name: Prepare Image Tags
run: |
echo "TAG_REPEATER=brightsec/cli" >> $GITHUB_ENV
- name: Build Images
run: |
docker build . --file Dockerfile --build-arg VERSION=$VERSION -t $TAG_REPEATER:$VERSION -t $TAG_REPEATER:$TAG
- name: Push Images
run: |
docker login --username=${{ secrets.DOCKERHUB_BRIGHT_USER }} --password=${{ secrets.DOCKERHUB_BRIGHT_TOKEN }}
docker push $TAG_REPEATER --all-tags