Skip to content

Commit

Permalink
Merge pull request #166 from betterup/simplify
Browse files Browse the repository at this point in the history
use one variable declaration
cdowning-betterup authored Dec 15, 2023

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
2 parents 4a7b269 + 9f8d807 commit 6f0eba0
Showing 1 changed file with 13 additions and 13 deletions.
26 changes: 13 additions & 13 deletions .github/workflows/build-scan-push.yml
Original file line number Diff line number Diff line change
@@ -8,8 +8,8 @@ on:
env:
REGISTRY: ghcr.io
AGENT_VERSION: 7.49.1
CLUSTER_AGENT_IMAGE_NAME: "${{ github.repository }}/datadog-cluster-agent:${{env.AGENT_VERSION}}+GOV"
AGENT_IMAGE_NAME: "${{ github.repository }}/datadog-agent:${{env.AGENT_VERSION}}+GOV"
CLUSTER_AGENT_IMAGE_NAME: "${{ github.repository }}/datadog-cluster-agent"
AGENT_IMAGE_NAME: "${{ github.repository }}/datadog-agent"

jobs:
build-and-scan:
@@ -49,13 +49,13 @@ jobs:

- name: Build datadog agent
run: |
docker pull gcr.io/datadoghq/agent:$AGENT_VERSION
docker tag gcr.io/datadoghq/agent:$AGENT_VERSION $AGENT_IMAGE_NAME
docker pull gcr.io/datadoghq/agent:${{ env.AGENT_VERSION }}
docker tag gcr.io/datadoghq/agent:${{ env.AGENT_VERSION }} $AGENT_IMAGE_NAME:${{ env.AGENT_VERSION }}
- name: Build datadog cluster agent
run: |
docker pull gcr.io/datadoghq/cluster-agent:$AGENT_VERSION
docker tag gcr.io/datadoghq/cluster-agent:$AGENT_VERSION $CLUSTER_AGENT_IMAGE_NAME
docker pull gcr.io/datadoghq/cluster-agent:${{ env.AGENT_VERSION }}
docker tag gcr.io/datadoghq/cluster-agent:${{ env.AGENT_VERSION }} $CLUSTER_AGENT_IMAGE_NAME:${{ env.AGENT_VERSION }}+GOV
- name: Prisma Cloud image scan agent
@@ -65,7 +65,7 @@ jobs:
pcc_console_url: ${{ secrets.PCC_CONSOLE_URL }}
pcc_user: ${{ secrets.PCC_USER }}
pcc_pass: ${{ secrets.PCC_PASS }}
image_name: ${{ env.AGENT_IMAGE_NAME }}
image_name: ${{ env.AGENT_IMAGE_NAME }}:${{ env.AGENT_VERSION }}

- name: Prisma Cloud image scan cluster-agent
id: scan-cluster-agent
@@ -74,33 +74,33 @@ jobs:
pcc_console_url: ${{ secrets.PCC_CONSOLE_URL }}
pcc_user: ${{ secrets.PCC_USER }}
pcc_pass: ${{ secrets.PCC_PASS }}
image_name: ${{ env.CLUSTER_AGENT_IMAGE_NAME }}
image_name: ${{ env.CLUSTER_AGENT_IMAGE_NAME }}:${{ env.AGENT_VERSION }}

- name: Install Cosign
uses: sigstore/cosign-installer@main

- name: Push agent to ghcr.io
run: |
docker tag $AGENT_IMAGE_NAME ${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}
docker tag $AGENT_IMAGE_NAME:${{ env.AGENT_VERSION }} ${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}
docker push ${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}
- name: Push cluster-agent to ghcr.io
run: |
docker tag $CLUSTER_AGENT_IMAGE_NAME ${{ env.REGISTRY }}/${{ env.CLUSTER_AGENT_IMAGE_NAME }}
docker push ${{ env.REGISTRY }}/${{ env.CLUSTER_AGENT_IMAGE_NAME }}
docker tag $CLUSTER_AGENT_IMAGE_NAME:${{ env.AGENT_VERSION }} ${{ env.REGISTRY }}/${{ env.CLUSTER_AGENT_IMAGE_NAME }}:${{ env.AGENT_VERSION }}
docker push ${{ env.REGISTRY }}/${{ env.CLUSTER_AGENT_IMAGE_NAME }}:${{ env.AGENT_VERSION }}
- name: Sign agent image with a key
run: |
cosign sign --key env://COSIGN_PRIVATE_KEY ${TAGS}
env:
TAGS: ghcr.io/${{ env.AGENT_IMAGE_NAME }}
TAGS: ghcr.io/${{ env.AGENT_IMAGE_NAME }}:${{ env.AGENT_VERSION }}
COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}

- name: Sign cluster-agent image with a key
run: |
cosign sign --key env://COSIGN_PRIVATE_KEY ${TAGS}
env:
TAGS: ghcr.io/${{ env.CLUSTER_AGENT_IMAGE_NAME }}
TAGS: ghcr.io/${{ env.CLUSTER_AGENT_IMAGE_NAME }}:${{ env.AGENT_VERSION }}
COSIGN_PRIVATE_KEY: ${{secrets.COSIGN_PRIVATE_KEY}}
COSIGN_PASSWORD: ${{secrets.COSIGN_PASSWORD}}

0 comments on commit 6f0eba0

Please sign in to comment.