handle auth in qp #3891
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Staging | |
# Controls when the workflow will run | |
on: | |
push: | |
branches: [ master ] | |
pull_request: | |
workflow_dispatch: | |
jobs: | |
build: | |
runs-on: ubuntu-latest | |
outputs: | |
IMAGE_TAG: ${{ steps.docker_tag.outputs.IMAGE_TAG }} | |
steps: | |
- uses: actions/checkout@v2 | |
- uses: actions/setup-java@v2 | |
with: | |
distribution: 'adopt' | |
java-version: '8' | |
architecture: x64 | |
- uses: actions/setup-node@v2 | |
with: | |
node-version: '17' | |
- name: Convert github branch name to be compatible with docker tag name convention and generate tag name | |
id: docker_tag | |
run: echo "IMAGE_TAG=a-$(echo ${{ github.ref_name }} | sed 's/[^a-zA-Z0-9]/-/g')" >> $GITHUB_OUTPUT | |
- name: Download Akto templates zip and PII files | |
working-directory: ./apps/dashboard/src/main/resources | |
run: | | |
wget -O tests-library-master.zip https://github.com/akto-api-security/tests-library/archive/refs/heads/master.zip | |
wget -O general.json https://raw.githubusercontent.com/akto-api-security/pii-types/master/general.json | |
wget -O fintech.json https://raw.githubusercontent.com/akto-api-security/akto/master/pii-types/fintech.json | |
wget -O filetypes.json https://raw.githubusercontent.com/akto-api-security/akto/master/pii-types/filetypes.json | |
- name: Prepare Dashboard polaris UI | |
working-directory: ./apps/dashboard/web/polaris_web | |
run: npm install && export RELEASE_VERSION=${{steps.docker_tag.outputs.IMAGE_TAG}} && npm run build | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v1 | |
with: | |
aws-access-key-id: ${{secrets.AWS_ACCESS_KEY_ID}} | |
aws-secret-access-key: ${{secrets.AWS_SECRET_ACCESS_KEY}} | |
aws-region: ap-south-1 | |
- name: Deploy polaris site to S3 bucket | |
run: aws s3 sync ./apps/dashboard/web/polaris_web/web/dist s3://dashboard-on-cdn/polaris_web/${{steps.docker_tag.outputs.IMAGE_TAG}}/dist --delete | |
- run: mvn package -Dakto-image-tag=${{ github.event.inputs.Tag }} -Dakto-build-time=$(eval "date +%s") -Dakto-release-version=${{steps.docker_tag.outputs.IMAGE_TAG}} | |
- name: DockerHub login | |
env: | |
DOCKER_USERNAME: ${{secrets.DOCKER_USERNAME}} | |
DOCKER_PASSWORD: ${{secrets.DOCKER_PASSWORD}} | |
run: | | |
docker login -u $DOCKER_USERNAME -p $DOCKER_PASSWORD | |
- name: Build, tag, and push the image to DockerHub | |
id: build-image-dockerhub | |
env: | |
ECR_REGISTRY: aktosecurity | |
ECR_REPOSITORY: akto-api-security | |
IMAGE_TAG: ${{ steps.docker_tag.outputs.IMAGE_TAG }} | |
IMAGE_TAG_DASHBOARD: ${{ github.event.inputs.Deploy == 'true' && '-t aktosecurity/akto-api-security-dashboard:flash' || '' }} | |
IMAGE_TAG_TESTING: ${{ github.event.inputs.Deploy == 'true' && '-t aktosecurity/akto-api-testing:flash' || '' }} | |
IMAGE_TAG_TESTING_CLI: ${{ github.event.inputs.Deploy == 'true' && '-t aktosecurity/akto-api-testing-cli:flash' || '' }} | |
run: | | |
echo $IMAGE_TAG >> $GITHUB_STEP_SUMMARY | |
docker buildx create --use | |
# Build a docker container and push it to DockerHub | |
cd apps/dashboard | |
docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/$ECR_REPOSITORY-dashboard:$IMAGE_TAG $IMAGE_TAG_DASHBOARD . --push | |
cd ../testing | |
docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-api-testing:$IMAGE_TAG $IMAGE_TAG_TESTING . --push | |
cd ../testing-cli | |
docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-api-testing-cli:$IMAGE_TAG $IMAGE_TAG_TESTING_CLI . --push | |
cd ../billing | |
docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-billing:$IMAGE_TAG . --push | |
cd ../internal | |
docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-internal:$IMAGE_TAG . --push | |
cd ../api-threat-detection | |
docker buildx build --platform linux/arm64/v8,linux/amd64 -t $ECR_REGISTRY/akto-api-protection:$IMAGE_TAG . --push | |
- name: Set up JDK 11 | |
uses: actions/setup-java@v1 | |
with: | |
java-version: 11 | |
- name: Cache SonarCloud packages | |
uses: actions/cache@v1 | |
with: | |
path: ~/.sonar/cache | |
key: ${{ runner.os }}-sonar | |
restore-keys: ${{ runner.os }}-sonar | |
- name: Cache Maven packages | |
uses: actions/cache@v1 | |
with: | |
path: ~/.m2 | |
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} | |
restore-keys: ${{ runner.os }}-m2 |