Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: migrate Codefresh pipelines to Github Actions #68

Merged
merged 2 commits into from
Feb 27, 2024
Merged

ci: migrate Codefresh pipelines to Github Actions #68

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
bfc23e5
ci: migrate Codefresh pipeline to Github Actions
PengyuanZhao Feb 26, 2024
4bf2352
ci: remove unused workflow_dispatch
PengyuanZhao Feb 27, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
49 changes: 49 additions & 0 deletions .github/workflows/prepare-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: Prepare Release

on:
workflow_dispatch:

jobs:
prepare-release:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: main
fetch-depth: 0

- name: Prepare release
env:
GPG_SECRET_KEY: ${{ secrets.GPG_SECRET_KEY }}
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
GITHUB_TOKEN: ${{ secrets.TOKEN }}
CI: true
run: |
echo "$GPG_SECRET_KEY" | base64 --decode | gpg --import --no-tty --batch --yes
scripts/release.sh prepare

- name: Notify Slack on Failure
uses: slackapi/slack-github-action@v1.25.0
if: failure()
with:
payload: |
{
"attachments": [
{
"color": "#E92020",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "@oncall-growth-eng! There has been a failure that needs your attention. :rotating_light:\n*GitHub Workflow Failure*\nlw-scanner-action/prepare-release\n*Workflow Run*\n https://github.com/lacework/go-sdk/actions/runs/${{ github.run_id }}"
}
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GROWTH_ENG_ALERTS }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
73 changes: 73 additions & 0 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,73 @@
name: Release

on:
push:
tags:
- 'v*'

jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Notify Slack on Release
uses: slackapi/slack-github-action@v1.25.0
with:
payload: |
{
"attachments": [
{
"color": "#E92020",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "Releasing the lw-scanner Github Action"
}
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GROWTH_ENG_ALERTS }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK

- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ github.ref }}

- name: Create Release
env:
GPG_SECRET_KEY: ${{ secrets.GPG_SECRET_KEY }}
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
GITHUB_TOKEN: ${{ secrets.TOKEN }}
run: |
echo "$GPG_SECRET_KEY" | base64 --decode | gpg --import --no-tty --batch --yes
scripts/release.sh publish

- name: Notify Slack on Failure
uses: slackapi/slack-github-action@v1.25.0
if: failure()
with:
payload: |
{
"attachments": [
{
"color": "#E92020",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "@oncall-growth-eng! There has been a failure that needs your attention. :rotating_light:\n*GitHub Workflow Failure*\nlw-scanner-action/release\n*Workflow Run*\n https://github.com/lacework/go-sdk/actions/runs/${{ github.run_id }}"
}
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GROWTH_ENG_ALERTS }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
50 changes: 50 additions & 0 deletions .github/workflows/trigger-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
name: Trigger Release

on:
push:
branches:
- main

jobs:
trigger-release:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: main
token: ${{ secrets.TOKEN }}

- name: Trigger release
env:
GPG_SECRET_KEY: ${{ secrets.GPG_SECRET_KEY }}
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
CI: true
run: |
echo "$GPG_SECRET_KEY" | base64 --decode | gpg --import --no-tty --batch --yes
scripts/release.sh trigger

- name: Notify Slack on Failure
uses: slackapi/slack-github-action@v1.25.0
if: failure()
with:
payload: |
{
"attachments": [
{
"color": "#E92020",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "@oncall-growth-eng! There has been a failure that needs your attention. :rotating_light:\n*GitHub Workflow Failure*\nlw-scanner-action/trigger-release\n*Workflow Run*\n https://github.com/lacework/go-sdk/actions/runs/${{ github.run_id }}"
}
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GROWTH_ENG_ALERTS }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
54 changes: 54 additions & 0 deletions .github/workflows/update-scanner-version.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
name: Update Docker Container Version

on:
workflow_dispatch:
inputs:
scanner_version:
description: New lw-scanner version
required: true
type: string

jobs:
release:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ github.ref }}

- name: Update Scanner Version
env:
GPG_SECRET_KEY: ${{ secrets.GPG_SECRET_KEY }}
GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
GITHUB_TOKEN: ${{ secrets.TOKEN }}
run: |
echo "$GPG_SECRET_KEY" | base64 --decode | gpg --import --no-tty --batch --yes
export SCANNER_VERSION=${{inputs.scanner_version}}
echo Version passed to script= $SCANNER_VERSION
scripts/version-bump.sh $SCANNER_VERSION

- name: Notify Slack on Failure
uses: slackapi/slack-github-action@v1.25.0
if: failure()
with:
payload: |
{
"attachments": [
{
"color": "#E92020",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "@oncall-growth-eng! There has been a failure that needs your attention. :rotating_light:\n*GitHub Workflow Failure*\nlw-scanner-action/release\n*Workflow Run*\n https://github.com/lacework/go-sdk/actions/runs/${{ github.run_id }}"
}
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GROWTH_ENG_ALERTS }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
49 changes: 49 additions & 0 deletions .github/workflows/verify-release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
name: Verify Release

on:
push:
branches:
- release

jobs:
verify-release:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
with:
ref: ${{ github.ref }}

- name: Setup Go
uses: actions/setup-go@v4
with:
go-version: 1.21.x

- name: Verify release
run: |
scripts/release.sh verify

- name: Notify Slack on Failure
uses: slackapi/slack-github-action@v1.25.0
if: failure()
with:
payload: |
{
"attachments": [
{
"color": "#E92020",
"blocks": [
{
"type": "section",
"text": {
"type": "mrkdwn",
"text": "@oncall-growth-eng! There has been a failure that needs your attention. :rotating_light:\n*GitHub Workflow Failure*\nlw-scanner-action/verify-release\n*Workflow Run*\n https://github.com/lacework/go-sdk/actions/runs/${{ github.run_id }}"
}
}
]
}
]
}
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL_GROWTH_ENG_ALERTS }}
SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
Loading