fix: take docker namespace into account during deploy (#698) #55
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release UDS-CLI on Tag | |
| permissions: | |
| contents: read | |
| on: | |
| push: | |
| tags: | |
| - "v*" | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| permissions: | |
| packages: write | |
| steps: | |
| # Checkout the repo and setup the tooling for this job | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup golang | |
| uses: ./.github/actions/golang | |
| - name: Install UDS CLI | |
| uses: ./.github/actions/install-uds-cli | |
| - name: Build CLI | |
| run: | | |
| uds run build-cli-linux-amd | |
| # Upload the contents of the build directory for later stages to use | |
| - name: Upload build artifacts | |
| uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 | |
| with: | |
| name: build-artifacts | |
| path: build/ | |
| retention-days: 1 | |
| test-bundle: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: setup-using-previous-job | |
| uses: ./.github/actions/setup-from-previous | |
| - name: Run e2e bundle tests | |
| run: | | |
| build/uds run test:bundle --no-progress | |
| - name: Save logs | |
| if: always() | |
| uses: ./.github/actions/save-logs | |
| with: | |
| name: build | |
| test-dev: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: setup-using-previous-job | |
| uses: ./.github/actions/setup-from-previous | |
| - name: Run e2e dev tests | |
| run: | | |
| build/uds run test:dev --no-progress | |
| - name: Save logs | |
| if: always() | |
| uses: ./.github/actions/save-logs | |
| with: | |
| name: test-dev | |
| test-variables: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: setup-using-previous-job | |
| uses: ./.github/actions/setup-from-previous | |
| - name: Run e2e variable tests | |
| run: | | |
| build/uds run test:variable --no-progress | |
| - name: Save logs | |
| if: always() | |
| uses: ./.github/actions/save-logs | |
| with: | |
| name: test-variables | |
| test-optional-bundle: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: setup-using-previous-job | |
| uses: ./.github/actions/setup-from-previous | |
| - name: Run e2e optional bundle tests | |
| run: | | |
| build/uds run test:optional-bundle --no-progress | |
| - name: Save logs | |
| if: always() | |
| uses: ./.github/actions/save-logs | |
| with: | |
| name: test-optional-bundle | |
| test-vendor: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: setup-using-previous-job | |
| uses: ./.github/actions/setup-from-previous | |
| - name: Install Trivy | |
| run: | | |
| sudo apt-get install wget apt-transport-https gnupg -y | |
| wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | gpg --dearmor | sudo tee /usr/share/keyrings/trivy.gpg > /dev/null | |
| echo "deb [signed-by=/usr/share/keyrings/trivy.gpg] https://aquasecurity.github.io/trivy-repo/deb generic main" | sudo tee /etc/apt/sources.list.d/trivy.list | |
| sudo apt-get update | |
| sudo apt-get install trivy -y | |
| - name: Run e2e vendor tests | |
| run: | | |
| build/uds run test:vendor --no-progress | |
| - name: Save logs | |
| if: always() | |
| uses: ./.github/actions/save-logs | |
| with: | |
| name: test-vendor | |
| test-ghcr: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| permissions: | |
| packages: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: build-artifacts | |
| path: build/ | |
| - name: setup-using-previous-job | |
| uses: ./.github/actions/setup-from-previous | |
| - name: Login to GHCR | |
| uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Run GHCR tests | |
| run: | | |
| build/uds run test:e2e-ghcr --no-progress | |
| env: | |
| GITHUB_TOKEN: secrets.GITHUB_TOKEN | |
| - name: Save logs | |
| if: always() | |
| uses: ./.github/actions/save-logs | |
| smoke-test: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| steps: | |
| # Checkout the repo and setup the tooling for this job | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: build-artifacts | |
| path: build/ | |
| - name: Setup golang | |
| uses: ./.github/actions/golang | |
| - name: Make UDS-CLI executable | |
| run: | | |
| chmod +x build/uds | |
| - name: Setup K3d | |
| uses: ./.github/actions/k3d | |
| - name: Login to GHCR | |
| uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Run UDS Core smoke test | |
| run: build/uds run test:ci-uds-core-smoke-test --no-progress | |
| shell: bash | |
| - name: Save logs | |
| if: always() | |
| uses: ./.github/actions/save-logs | |
| push: | |
| runs-on: ubuntu-latest | |
| environment: release | |
| needs: [test-bundle, test-dev, test-variables, test-optional-bundle, test-vendor, test-ghcr, smoke-test] | |
| permissions: | |
| contents: write | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup golang | |
| uses: ./.github/actions/golang | |
| - name: Install tools | |
| uses: ./.github/actions/install-tools | |
| - name: Download build artifacts | |
| uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 | |
| with: | |
| name: build-artifacts | |
| path: build/ | |
| - name: Get Brew tap repo token | |
| id: brew-tap-token | |
| uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1 | |
| with: | |
| app-id: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_ID }} | |
| private-key: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_SECRET }} | |
| owner: defenseunicorns | |
| repositories: homebrew-tap | |
| - name: Run GoReleaser | |
| uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 | |
| with: | |
| distribution: goreleaser | |
| version: latest | |
| args: release --clean --verbose | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN}} | |
| HOMEBREW_TAP_GITHUB_TOKEN: ${{ steps.brew-tap-token.outputs.token }} |